From fb0a64dd2f31e69d7bc911a9391de472d1242d28 Mon Sep 17 00:00:00 2001 From: Darshit Chanpura <35282393+DarshitChanpura@users.noreply.github.com> Date: Wed, 14 Feb 2024 23:18:06 -0500 Subject: [PATCH] Fixes base64 encoded hardcoded admin credentials (#1331) * Fixes base64 encoded hardcoded admin credentials Signed-off-by: Darshit Chanpura * Fixes broken integTest task Signed-off-by: Darshit Chanpura --------- Signed-off-by: Darshit Chanpura (cherry picked from commit 74dfcd169d202c1b3eab8e17f3b7bff9461b85d6) --- build.gradle | 1 + .../org/opensearch/replication/MultiClusterRestTestCase.kt | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 5c701433..888ec4db 100644 --- a/build.gradle +++ b/build.gradle @@ -451,6 +451,7 @@ int endJmxPort = startJmxPort integTest { useCluster testClusters.leaderCluster useCluster testClusters.followCluster + systemProperty "password", "admin" // setting it to `admin` explicitly since its a custom security setup if(knnEnabled){ nonInputProperties.systemProperty('tests.knn_plugin_enabled', "true") diff --git a/src/test/kotlin/org/opensearch/replication/MultiClusterRestTestCase.kt b/src/test/kotlin/org/opensearch/replication/MultiClusterRestTestCase.kt index af7e997e..c2d93091 100644 --- a/src/test/kotlin/org/opensearch/replication/MultiClusterRestTestCase.kt +++ b/src/test/kotlin/org/opensearch/replication/MultiClusterRestTestCase.kt @@ -56,12 +56,14 @@ import org.junit.After import org.junit.AfterClass import org.junit.Before import org.junit.BeforeClass +import java.nio.charset.StandardCharsets import java.nio.file.Files import java.security.KeyManagementException import java.security.KeyStore import java.security.KeyStoreException import java.security.NoSuchAlgorithmException import java.security.cert.CertificateException +import java.util.Base64 import java.util.concurrent.TimeUnit import java.util.concurrent.atomic.AtomicReference import java.util.Collections @@ -227,8 +229,10 @@ abstract class MultiClusterRestTestCase : OpenSearchTestCase() { for ((key, value) in headers) { defaultHeaders[i++] = BasicHeader(key, value) } + + val creds = System.getProperty("user", "admin") + ":" + System.getProperty("password", "myStrongPassword123!") if(securityEnabled) { - defaultHeaders[i++] = BasicHeader("Authorization", "Basic YWRtaW46YWRtaW4=") + defaultHeaders[i++] = BasicHeader("Authorization", "Basic " + Base64.getEncoder().encodeToString(creds.toByteArray(StandardCharsets.UTF_8))) } builder.setDefaultHeaders(defaultHeaders)