diff --git a/docs/changelog/128798.yaml b/docs/changelog/128798.yaml new file mode 100644 index 0000000000000..d763b4d726458 --- /dev/null +++ b/docs/changelog/128798.yaml @@ -0,0 +1,5 @@ +pr: 128798 +summary: Add transport version support for IDP_CUSTOM_SAML_ATTRIBUTES_ADDED_8_19 +area: IdentityProvider +type: enhancement +issues: [] diff --git a/server/src/main/java/org/elasticsearch/TransportVersions.java b/server/src/main/java/org/elasticsearch/TransportVersions.java index 440aa8cacc903..d1d9664547223 100644 --- a/server/src/main/java/org/elasticsearch/TransportVersions.java +++ b/server/src/main/java/org/elasticsearch/TransportVersions.java @@ -184,6 +184,7 @@ static TransportVersion def(int id) { public static final TransportVersion ML_INFERENCE_SAGEMAKER_CHAT_COMPLETION_8_19 = def(8_841_0_37); public static final TransportVersion ML_INFERENCE_VERTEXAI_CHATCOMPLETION_ADDED_8_19 = def(8_841_0_38); public static final TransportVersion INFERENCE_CUSTOM_SERVICE_ADDED_8_19 = def(8_841_0_39); + public static final TransportVersion IDP_CUSTOM_SAML_ATTRIBUTES_ADDED_8_19 = def(8_841_0_40); public static final TransportVersion V_9_0_0 = def(9_000_0_09); public static final TransportVersion INITIAL_ELASTICSEARCH_9_0_1 = def(9_000_0_10); public static final TransportVersion INITIAL_ELASTICSEARCH_9_0_2 = def(9_000_0_11); diff --git a/x-pack/plugin/identity-provider/src/main/java/org/elasticsearch/xpack/idp/action/SamlInitiateSingleSignOnRequest.java b/x-pack/plugin/identity-provider/src/main/java/org/elasticsearch/xpack/idp/action/SamlInitiateSingleSignOnRequest.java index b93616f54fb3a..87b314b4de6f4 100644 --- a/x-pack/plugin/identity-provider/src/main/java/org/elasticsearch/xpack/idp/action/SamlInitiateSingleSignOnRequest.java +++ b/x-pack/plugin/identity-provider/src/main/java/org/elasticsearch/xpack/idp/action/SamlInitiateSingleSignOnRequest.java @@ -31,7 +31,8 @@ public SamlInitiateSingleSignOnRequest(StreamInput in) throws IOException { spEntityId = in.readString(); assertionConsumerService = in.readString(); samlAuthenticationState = in.readOptionalWriteable(SamlAuthenticationState::new); - if (in.getTransportVersion().onOrAfter(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES)) { + if (in.getTransportVersion().isPatchFrom(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES_ADDED_8_19) + || in.getTransportVersion().onOrAfter(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES)) { attributes = in.readOptionalWriteable(SamlInitiateSingleSignOnAttributes::new); } } @@ -99,7 +100,8 @@ public void writeTo(StreamOutput out) throws IOException { out.writeString(spEntityId); out.writeString(assertionConsumerService); out.writeOptionalWriteable(samlAuthenticationState); - if (out.getTransportVersion().onOrAfter(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES)) { + if (out.getTransportVersion().isPatchFrom(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES_ADDED_8_19) + || out.getTransportVersion().onOrAfter(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES)) { out.writeOptionalWriteable(attributes); } } diff --git a/x-pack/plugin/identity-provider/src/test/java/org/elasticsearch/xpack/idp/action/SamlInitiateSingleSignOnRequestTests.java b/x-pack/plugin/identity-provider/src/test/java/org/elasticsearch/xpack/idp/action/SamlInitiateSingleSignOnRequestTests.java index 4a0ec674ab4c8..ee13dd28db4d2 100644 --- a/x-pack/plugin/identity-provider/src/test/java/org/elasticsearch/xpack/idp/action/SamlInitiateSingleSignOnRequestTests.java +++ b/x-pack/plugin/identity-provider/src/test/java/org/elasticsearch/xpack/idp/action/SamlInitiateSingleSignOnRequestTests.java @@ -63,6 +63,36 @@ public void testSerializationCurrentVersion() throws Exception { } } + public void testSerializationOldButCompatibleTransportVersion() throws Exception { + final SamlInitiateSingleSignOnRequest request = new SamlInitiateSingleSignOnRequest(); + request.setSpEntityId("https://kibana_url"); + request.setAssertionConsumerService("https://kibana_url/acs"); + if (randomBoolean()) { + request.setAttributes( + new SamlInitiateSingleSignOnAttributes( + Map.ofEntries( + Map.entry("http://idp.elastic.co/attribute/custom1", List.of("foo")), + Map.entry("http://idp.elastic.co/attribute/custom2", List.of("bar", "baz")) + ) + ) + ); + } + assertThat("An invalid request is not guaranteed to serialize correctly", request.validate(), nullValue()); + final BytesStreamOutput out = new BytesStreamOutput(); + out.setTransportVersion(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES_ADDED_8_19); + request.writeTo(out); + + try (StreamInput in = out.bytes().streamInput()) { + in.setTransportVersion(out.getTransportVersion()); + final SamlInitiateSingleSignOnRequest request1 = new SamlInitiateSingleSignOnRequest(in); + assertThat(request1.getSpEntityId(), equalTo(request.getSpEntityId())); + assertThat(request1.getAssertionConsumerService(), equalTo(request.getAssertionConsumerService())); + assertThat(request1.getAttributes(), equalTo(request.getAttributes())); + final ActionRequestValidationException validationException = request1.validate(); + assertNull(validationException); + } + } + public void testSerializationOldTransportVersion() throws Exception { final SamlInitiateSingleSignOnRequest request = new SamlInitiateSingleSignOnRequest(); request.setSpEntityId("https://kibana_url"); @@ -83,7 +113,7 @@ public void testSerializationOldTransportVersion() throws Exception { TransportVersionUtils.randomVersionBetween( random(), TransportVersions.MINIMUM_COMPATIBLE, - TransportVersionUtils.getPreviousVersion(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES) + TransportVersionUtils.getPreviousVersion(TransportVersions.IDP_CUSTOM_SAML_ATTRIBUTES_ADDED_8_19) ) ); request.writeTo(out);