Escape/Unescape pipe UserInfo in ThreadContext #801
Conversation
shikharj05
requested review from
lezzago,
bowenlan-amzn,
rishabhmaurya,
getsaurabh02,
eirsep,
sbcd90,
AWSHurneyt,
engechas,
riysaxen-amzn and
jowg-amazon
as code owners
| @@ -143,13 +144,16 @@ public void injectUserInfo(final User user) { | |||
| ); | |||
| return; | |||
| } | |||
|
|
|||
| StringJoiner joiner = new StringJoiner("|"); | |||
There was a problem hiding this comment.
Curious to know where this serialization logic is used because I thought security was the only place where the user object would be serialized into the ThreadContext. Is this used for interplay between plugins in certain contexts?
There was a problem hiding this comment.
While it may make sense to centralize this logic to prevent duplication, long term I'd like to remove a lot of security logic from common-utils including this.
There was a problem hiding this comment.
Curious to know where this serialization logic is used because I thought security was the only place where the user object would be serialized into the ThreadContext. Is this used for interplay between plugins in certain contexts?
Yes, this is used for plugins to communicate with one another.
While it may make sense to centralize this logic to prevent duplication, long term I'd like to remove a lot of security logic from common-utils including this.
I agree, this is really needed, but that might require some security features in core.
There was a problem hiding this comment.
I have an RFC open in the security repo that outlines 4 security features that need to be built in order for plugins to migrate off of using common-utils: opensearch-project/security#5052
First, the security repo needs to support existing use cases in a model that's opt-in for plugins so that they can adopt the new mechanisms and create migration paths. Particularly, a lot of plugins store a copy of a user in their own system indices and eventually I think we should remove the copies but mechanisms need to be built to support it first.
Signed-off-by: Shikhar Jain <[email protected]>
Signed-off-by: Shikhar Jain <[email protected]>
Signed-off-by: Shikhar Jain <[email protected]>
* Escape pipe character for injected users Signed-off-by: Shikhar Jain <[email protected]> * test updates + Spotless apply Signed-off-by: Shikhar Jain <[email protected]> * adding a test case with multiple pipes in username Signed-off-by: Shikhar Jain <[email protected]> --------- Signed-off-by: Shikhar Jain <[email protected]> Co-authored-by: Shikhar Jain <[email protected]> (cherry picked from commit ef830db) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Escape pipe character for injected users Signed-off-by: Shikhar Jain <[email protected]> * test updates + Spotless apply Signed-off-by: Shikhar Jain <[email protected]> * adding a test case with multiple pipes in username Signed-off-by: Shikhar Jain <[email protected]> --------- Signed-off-by: Shikhar Jain <[email protected]> Co-authored-by: Shikhar Jain <[email protected]> (cherry picked from commit ef830db) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Signed-off-by: Shikhar Jain <[email protected]>
* Escape/Unescape pipe UserInfo in ThreadContext (#801) Signed-off-by: Shikhar Jain <[email protected]> * spotless Signed-off-by: Shikhar Jain <[email protected]> --------- Signed-off-by: Shikhar Jain <[email protected]>
* Escape/Unescape pipe UserInfo in ThreadContext (#801) Signed-off-by: Shikhar Jain <[email protected]> * spotless Signed-off-by: Shikhar Jain <[email protected]> --------- Signed-off-by: Shikhar Jain <[email protected]> (cherry picked from commit 12d4357) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Escape/Unescape pipe UserInfo in ThreadContext (#801) * spotless --------- (cherry picked from commit 12d4357) Signed-off-by: Shikhar Jain <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Description
Escape pipe while setting UserInfo in ThreadContext, Unescape pipe while reading UserInfo from ThreadContext
Related Issues
opensearch-project/security#2756
Check List
--signoff.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.