- 
                Notifications
    You must be signed in to change notification settings 
- Fork 25.6k
Handling access tokens #133106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
          
     Merged
      
        
      
            ankit--sethi
  merged 33 commits into
  elastic:main
from
ankit--sethi:feature/session-tokens
  
      
      
   
  Sep 3, 2025 
      
    
  
     Merged
                    Handling access tokens #133106
Changes from 29 commits
      Commits
    
    
            Show all changes
          
          
            33 commits
          
        
        Select commit
          Hold shift + click to select a range
      
      2739f57
              
                initial commit - tests pending potentially
              
              
                ankit--sethi 832f469
              
                [CI] Auto commit changes from spotless
              
              
                 1bd116a
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi aa9b2fb
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi 6a8fbb2
              
                fix syntax
              
              
                ankit--sethi 767c34c
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi e4fa7d0
              
                Merge remote-tracking branch 'origin/feature/session-tokens' into fea…
              
              
                ankit--sethi 118705f
              
                correct javadoc
              
              
                ankit--sethi e466371
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi 239d510
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi b174e5a
              
                fix style issue
              
              
                ankit--sethi 7c3c8a3
              
                Merge remote-tracking branch 'origin/feature/session-tokens' into fea…
              
              
                ankit--sethi 0f28ac0
              
                fix tests
              
              
                ankit--sethi 2a03dc9
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi fac7f3b
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi 113b4ba
              
                [PoC] Pluggable authenticator chain
              
              
                slobodanadamovic 41f3714
              
                Merge branch 'main' of github.com:elastic/elasticsearch into poc-cust…
              
              
                slobodanadamovic 040a9aa
              
                [CI] Auto commit changes from spotless
              
              
                 b2b6404
              
                spotless + remove unused method
              
              
                slobodanadamovic c782a2c
              
                fix javadoc line lenght
              
              
                slobodanadamovic b2d3938
              
                Merge branch 'main' of github.com:elastic/elasticsearch into poc-cust…
              
              
                slobodanadamovic 692d8e3
              
                Merge branch 'main' of github.com:ankit--sethi/elasticsearch into fea…
              
              
                ankit--sethi 2c74a18
              
                Merge remote-tracking branch 'slobodan/poc-custom-authenticator-chain…
              
              
                ankit--sethi cf543eb
              
                refactor with code review feedback and new validation for cloud-saml-…
              
              
                ankit--sethi ebd4188
              
                [CI] Auto commit changes from spotless
              
              
                 f22bf54
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi 31b6b56
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi b7411f2
              
                Merge branch 'main' of github.com:ankit--sethi/elasticsearch into fea…
              
              
                ankit--sethi 49e4d66
              
                Merge branch 'main' of github.com:ankit--sethi/elasticsearch into fea…
              
              
                ankit--sethi 01a3f18
              
                Merge branch 'main' of github.com:ankit--sethi/elasticsearch into fea…
              
              
                ankit--sethi 4a32400
              
                code review stuff
              
              
                ankit--sethi 14ccac1
              
                Merge branch 'main' into feature/session-tokens
              
              
                ankit--sethi 2d716c6
              
                [CI] Auto commit changes from spotless
              
              
                 File filter
Filter by extension
Conversations
          Failed to load comments.   
        
        
          
      Loading
        
  Jump to
        
          Jump to file
        
      
      
          Failed to load files.   
        
        
          
      Loading
        
  Diff view
Diff view
There are no files selected for viewing
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
              
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
              
        
          
          
            51 changes: 0 additions & 51 deletions
          
          51 
        
  ...in/java/org/elasticsearch/xpack/core/security/authc/apikey/CustomApiKeyAuthenticator.java
  
  
      
      
   
        
      
      
    This file was deleted.
      
      Oops, something went wrong.
      
    
  
        
          
          
            31 changes: 31 additions & 0 deletions
          
          31 
        
  ...src/main/java/org/elasticsearch/xpack/core/security/authc/apikey/CustomAuthenticator.java
  
  
      
      
   
        
      
      
    
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
              | Original file line number | Diff line number | Diff line change | 
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|  | ||
| package org.elasticsearch.xpack.core.security.authc.apikey; | ||
|  | ||
| import org.elasticsearch.action.ActionListener; | ||
| import org.elasticsearch.common.util.concurrent.ThreadContext; | ||
| import org.elasticsearch.core.Nullable; | ||
| import org.elasticsearch.xpack.core.security.authc.Authentication; | ||
| import org.elasticsearch.xpack.core.security.authc.AuthenticationResult; | ||
| import org.elasticsearch.xpack.core.security.authc.AuthenticationToken; | ||
|  | ||
| /** | ||
| * An extension point to provide a custom authenticator implementation. For example, a custom API key or a custom OAuth2 | ||
| * token implementation. The implementation is wrapped by a core `Authenticator` class and included in the authenticator chain | ||
| * _before_ the respective "standard" authenticator(s). | ||
| */ | ||
| public interface CustomAuthenticator { | ||
|  | ||
| boolean supports(AuthenticationToken token); | ||
|  | ||
| @Nullable | ||
| AuthenticationToken extractToken(ThreadContext context); | ||
|  | ||
| void authenticate(@Nullable AuthenticationToken token, ActionListener<AuthenticationResult<Authentication>> listener); | ||
|  | ||
| } | 
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
              
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
              
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
              
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
              
        
          
          
            56 changes: 0 additions & 56 deletions
          
          56 
        
  ...ty/src/main/java/org/elasticsearch/xpack/security/authc/PluggableApiKeyAuthenticator.java
  
  
      
      
   
        
      
      
    This file was deleted.
      
      Oops, something went wrong.
      
    
  
      
      Oops, something went wrong.
        
    
  
  Add this suggestion to a batch that can be applied as a single commit.
  This suggestion is invalid because no changes were made to the code.
  Suggestions cannot be applied while the pull request is closed.
  Suggestions cannot be applied while viewing a subset of changes.
  Only one suggestion per line can be applied in a batch.
  Add this suggestion to a batch that can be applied as a single commit.
  Applying suggestions on deleted lines is not supported.
  You must change the existing code in this line in order to create a valid suggestion.
  Outdated suggestions cannot be applied.
  This suggestion has been applied or marked resolved.
  Suggestions cannot be applied from pending reviews.
  Suggestions cannot be applied on multi-line comments.
  Suggestions cannot be applied while the pull request is queued to merge.
  Suggestion cannot be applied right now. Please check back later.
  
    
  
    
Uh oh!
There was an error while loading. Please reload this page.