Skip to content

Commit

Permalink
Exposed separate from ProxySettings rejectUnauthorized configuration …
Browse files Browse the repository at this point in the history
…option. (#76061)

* Exposed separate from ProxySettings rejectUnauthorized configuration option.

* Fixed type checks

* fixed tests
  • Loading branch information
YulNaumenko authored Sep 1, 2020
1 parent 7b807b7 commit 630d2d5
Show file tree
Hide file tree
Showing 12 changed files with 35 additions and 21 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ describe('request', () => {
logger,
proxySettings: {
proxyUrl: 'http://localhost:1212',
rejectUnauthorizedCertificates: false,
proxyRejectUnauthorizedCertificates: false,
},
});

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,15 @@ const logger = loggingSystemMock.create().get() as jest.Mocked<Logger>;
describe('getProxyAgent', () => {
test('return HttpsProxyAgent for https proxy url', () => {
const agent = getProxyAgent(
{ proxyUrl: 'https://someproxyhost', rejectUnauthorizedCertificates: false },
{ proxyUrl: 'https://someproxyhost', proxyRejectUnauthorizedCertificates: false },
logger
);
expect(agent instanceof HttpsProxyAgent).toBeTruthy();
});

test('return HttpProxyAgent for http proxy url', () => {
const agent = getProxyAgent(
{ proxyUrl: 'http://someproxyhost', rejectUnauthorizedCertificates: false },
{ proxyUrl: 'http://someproxyhost', proxyRejectUnauthorizedCertificates: false },
logger
);
expect(agent instanceof HttpProxyAgent).toBeTruthy();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ export function getProxyAgent(
protocol: proxyUrl.protocol,
headers: proxySettings.proxyHeaders,
// do not fail on invalid certs if value is false
rejectUnauthorized: proxySettings.rejectUnauthorizedCertificates,
rejectUnauthorized: proxySettings.proxyRejectUnauthorizedCertificates,
});
} else {
return new HttpProxyAgent(proxySettings.proxyUrl);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ describe('send_email module', () => {
},
{
proxyUrl: 'https://example.com',
rejectUnauthorizedCertificates: false,
proxyRejectUnauthorizedCertificates: false,
}
);
// @ts-expect-error
Expand Down Expand Up @@ -140,6 +140,9 @@ describe('send_email module', () => {
"host": "example.com",
"port": 1025,
"secure": false,
"tls": Object {
"rejectUnauthorized": undefined,
},
},
]
`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ export interface SendEmailOptions {
routing: Routing;
content: Content;
proxySettings?: ProxySettings;
rejectUnauthorized?: boolean;
}

// config validation ensures either service is set or host/port are set
Expand All @@ -45,7 +46,7 @@ export interface Content {

// send an email
export async function sendEmail(logger: Logger, options: SendEmailOptions): Promise<unknown> {
const { transport, routing, content, proxySettings } = options;
const { transport, routing, content, proxySettings, rejectUnauthorized } = options;
const { service, host, port, secure, user, password } = transport;
const { from, to, cc, bcc } = routing;
const { subject, message } = content;
Expand All @@ -68,15 +69,18 @@ export async function sendEmail(logger: Logger, options: SendEmailOptions): Prom
transportConfig.host = host;
transportConfig.port = port;
transportConfig.secure = !!secure;
if (proxySettings && !transportConfig.secure) {

if (proxySettings) {
transportConfig.tls = {
// do not fail on invalid certs if value is false
rejectUnauthorized: proxySettings?.rejectUnauthorizedCertificates,
rejectUnauthorized: proxySettings?.proxyRejectUnauthorizedCertificates,
};
}
if (proxySettings) {
transportConfig.proxy = proxySettings.proxyUrl;
transportConfig.headers = proxySettings.proxyHeaders;
} else if (!transportConfig.secure) {
transportConfig.tls = {
rejectUnauthorized,
};
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,7 @@ describe('execute()', () => {
params: { message: 'this invocation should succeed' },
proxySettings: {
proxyUrl: 'https://someproxyhost',
rejectUnauthorizedCertificates: false,
proxyRejectUnauthorizedCertificates: false,
},
});
expect(response).toMatchInlineSnapshot(`
Expand Down Expand Up @@ -206,7 +206,7 @@ describe('execute()', () => {
params: { message: 'this invocation should succeed' },
proxySettings: {
proxyUrl: 'https://someproxyhost',
rejectUnauthorizedCertificates: false,
proxyRejectUnauthorizedCertificates: false,
},
});
expect(mockedLogger.debug).toHaveBeenCalledWith(
Expand Down
9 changes: 6 additions & 3 deletions x-pack/plugins/actions/server/config.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,8 @@ describe('config validation', () => {
"*",
],
"preconfigured": Object {},
"rejectUnauthorizedCertificates": true,
"proxyRejectUnauthorizedCertificates": true,
"rejectUnauthorized": true,
}
`);
});
Expand All @@ -34,7 +35,8 @@ describe('config validation', () => {
},
},
},
rejectUnauthorizedCertificates: false,
proxyRejectUnauthorizedCertificates: false,
rejectUnauthorized: false,
};
expect(configSchema.validate(config)).toMatchInlineSnapshot(`
Object {
Expand All @@ -55,7 +57,8 @@ describe('config validation', () => {
"secrets": Object {},
},
},
"rejectUnauthorizedCertificates": false,
"proxyRejectUnauthorizedCertificates": false,
"rejectUnauthorized": false,
}
`);
});
Expand Down
3 changes: 2 additions & 1 deletion x-pack/plugins/actions/server/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ export const configSchema = schema.object({
}),
proxyUrl: schema.maybe(schema.string()),
proxyHeaders: schema.maybe(schema.recordOf(schema.string(), schema.string())),
rejectUnauthorizedCertificates: schema.boolean({ defaultValue: true }),
proxyRejectUnauthorizedCertificates: schema.boolean({ defaultValue: true }),
rejectUnauthorized: schema.boolean({ defaultValue: true }),
});

export type ActionsConfig = TypeOf<typeof configSchema>;
Expand Down
6 changes: 4 additions & 2 deletions x-pack/plugins/actions/server/plugin.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ describe('Actions Plugin', () => {
enabledActionTypes: ['*'],
allowedHosts: ['*'],
preconfigured: {},
rejectUnauthorizedCertificates: true,
proxyRejectUnauthorizedCertificates: true,
rejectUnauthorized: true,
});
plugin = new ActionsPlugin(context);
coreSetup = coreMock.createSetup();
Expand Down Expand Up @@ -195,7 +196,8 @@ describe('Actions Plugin', () => {
secrets: {},
},
},
rejectUnauthorizedCertificates: true,
proxyRejectUnauthorizedCertificates: true,
rejectUnauthorized: true,
});
plugin = new ActionsPlugin(context);
coreSetup = coreMock.createSetup();
Expand Down
3 changes: 2 additions & 1 deletion x-pack/plugins/actions/server/plugin.ts
Original file line number Diff line number Diff line change
Expand Up @@ -323,7 +323,8 @@ export class ActionsPlugin implements Plugin<Promise<PluginSetupContract>, Plugi
? {
proxyUrl: this.actionsConfig.proxyUrl,
proxyHeaders: this.actionsConfig.proxyHeaders,
rejectUnauthorizedCertificates: this.actionsConfig.rejectUnauthorizedCertificates,
proxyRejectUnauthorizedCertificates: this.actionsConfig
.proxyRejectUnauthorizedCertificates,
}
: undefined,
});
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugins/actions/server/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -145,5 +145,5 @@ export interface ActionTaskExecutorParams {
export interface ProxySettings {
proxyUrl: string;
proxyHeaders?: Record<string, string>;
rejectUnauthorizedCertificates: boolean;
proxyRejectUnauthorizedCertificates: boolean;
}
2 changes: 1 addition & 1 deletion x-pack/test/alerting_api_integration/common/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions)
const actionsProxyUrl = options.enableActionsProxy
? [
`--xpack.actions.proxyUrl=http://localhost:${proxyPort}`,
'--xpack.actions.rejectUnauthorizedCertificates=false',
'--xpack.actions.proxyRejectUnauthorizedCertificates=false',
]
: [];

Expand Down

0 comments on commit 630d2d5

Please sign in to comment.