Revise data source saved object model

Signed-off-by: Louis Chu <clingzhi@amazon.com>

src/plugins/data_source/common/data_sources/types.ts

@@ -9,10 +9,9 @@ export interface DataSourceAttributes extends SavedObjectAttributes {
   title: string;
   description?: string;
   endpoint: string;
-  noAuth: boolean;
-  credentials?: {
-    type: CredentialsType;
-    credentialsContent: UsernamePasswordTypedContent;
+  auth: {
+    type: AuthType;
+    credentials: UsernamePasswordTypedContent | undefined;
   };
 }
 
@@ -21,6 +20,7 @@ export interface UsernamePasswordTypedContent extends SavedObjectAttributes {
   password: string;
 }
 
-export enum CredentialsType {
+export enum AuthType {
+  NoAuth = 'no_auth',
   UsernamePasswordType = 'username_password',
 }

src/plugins/data_source/server/client/configure_client.test.ts

@@ -6,7 +6,7 @@
 import { SavedObjectsClientContract } from '../../../../core/server';
 import { loggingSystemMock, savedObjectsClientMock } from '../../../../core/server/mocks';
 import { DATA_SOURCE_SAVED_OBJECT_TYPE } from '../../common';
-import { DataSourceAttributes, CredentialsType } from '../../common/data_sources/types';
+import { DataSourceAttributes, AuthType } from '../../common/data_sources/types';
 import { DataSourcePluginConfigType } from '../../config';
 import { ClientMock, parseClientOptionsMock } from './configure_client.test.mocks';
 import { OpenSearchClientPoolSetup } from './client_pool';
@@ -49,10 +49,9 @@ describe('configureClient', () => {
     dataSourceAttr = {
       title: 'title',
       endpoint: 'http://localhost',
-      noAuth: false,
-      credentials: {
-        type: CredentialsType.UsernamePasswordType,
-        credentialsContent: {
+      auth: {
+        type: AuthType.UsernamePasswordType,
+        credentials: {
           username: 'username',
           password: 'password',
         },

src/plugins/data_source/server/client/configure_client.ts

@@ -53,7 +53,7 @@ export const getCredential = async (
   cryptographyClient: CryptographyClient
 ): Promise<UsernamePasswordTypedContent> => {
   try {
-    const { username, password } = dataSource.attributes.credentials!.credentialsContent;
+    const { username, password } = dataSource.attributes.auth.credentials;
     const decodedPassword = await cryptographyClient.decodeAndDecrypt(password);
     const credential = {
       username,

src/plugins/data_source/server/saved_objects/data_source_saved_objects_client_wrapper.ts

@@ -20,7 +20,7 @@ import { SavedObjectsErrorHelpers } from '../../../../core/server';
 import { CryptographyClient } from '../cryptography';
 
 import { DATA_SOURCE_SAVED_OBJECT_TYPE } from '../../common';
-import { CredentialsType } from '../../common/data_sources';
+import { AuthType } from '../../common/data_sources';
 
 /**
  * Describes the Credential Saved Objects Client Wrapper class,
@@ -137,39 +137,37 @@ export class DataSourceSavedObjectsClientWrapper {
     }
   }
 
-  private dropCredentials<T = unknown>(attributes: Omit<T, 'credentials'>) {
+  private dropCredentials<T = unknown>(attributes: T) {
+    const { title, description, endpoint, noAuth } = attributes;
+    return {
+      ...attributes,
+    };
     return attributes;
   }
 
   private async validateAndEncryptAttributes<T = unknown>(attributes: T) {
     this.validateAttributes(attributes);
 
-    const { noAuth } = attributes;
-
-    // Drop credentials when no Auth
-    if (!noAuth) {
-      return this.dropCredentials(attributes);
-    }
-
-    const { type, credentialsContent } = attributes.credentials;
+    const { type, credentials } = attributes.auth;
 
     switch (type) {
-      case CredentialsType.UsernamePasswordType:
-        const { username, password } = credentialsContent;
+      case AuthType.NoAuth:
+        return {
+          ...attributes,
+          // Drop the credentials attribute for no_auth
+          credentials: undefined,
+        };
+      case AuthType.UsernamePasswordType:
+        const { username, password } = credentials;
         return {
           ...attributes,
           credentials: {
-            type,
-            credentialsContent: {
-              username,
-              password: await this.cryptographyClient.encryptAndEncode(password),
-            },
+            username,
+            password: await this.cryptographyClient.encryptAndEncode(password),
           },
         };
       default:
-        throw SavedObjectsErrorHelpers.createBadRequestError(
-          `Invalid credential materials type: '${type}'`
-        );
+        throw SavedObjectsErrorHelpers.createBadRequestError(`Invalid auth type: '${type}'`);
     }
   }
 
@@ -206,61 +204,64 @@ export class DataSourceSavedObjectsClientWrapper {
   }
 
   private validateAttributes<T = unknown>(attributes: T) {
-    const { title, endpoint, noAuth, credentials } = attributes;
+    const { title, endpoint, auth } = attributes;
     if (!title) {
-      throw SavedObjectsErrorHelpers.createBadRequestError('attribute "title" required');
+      throw SavedObjectsErrorHelpers.createBadRequestError(
+        'attribute "title" required for "data source" saved object'
+      );
     }
 
     if (!this.isValidUrl(endpoint)) {
-      throw SavedObjectsErrorHelpers.createBadRequestError('attribute "endpoint" is not valid');
+      throw SavedObjectsErrorHelpers.createBadRequestError(
+        'attribute "endpoint" is not valid for "data source" saved object'
+      );
     }
 
-    if (noAuth) {
-      this.validateCredentials(credentials);
+    if (auth === undefined) {
+      throw SavedObjectsErrorHelpers.createBadRequestError(
+        'attribute "auth" required for "data source" saved object'
+      );
     }
-  }
 
-  private validateCredentials<T = unknown>(credentials: T) {
-    if (credentials === undefined) {
-      throw SavedObjectsErrorHelpers.createBadRequestError('attribute "credentials" required');
-    }
+    this.validateAuth(auth);
+  }
 
-    const { type, credentialsContent } = credentials;
+  private validateAuth<T = unknown>(auth: T) {
+    const { type, credentials } = auth;
 
     if (!type) {
       throw SavedObjectsErrorHelpers.createBadRequestError(
-        'attribute "type" required for "credentials"'
-      );
-    }
-
-    if (credentialsContent === undefined) {
-      throw SavedObjectsErrorHelpers.createBadRequestError(
-        'attribute "credentialsContent" required for "credentials"'
+        'attribute "auth.type" required for "data source" saved object'
       );
     }
 
     switch (type) {
-      case CredentialsType.UsernamePasswordType:
-        const { username, password } = credentialsContent;
+      case AuthType.NoAuth:
+        break;
+      case AuthType.UsernamePasswordType:
+        if (credentials === undefined) {
+          throw SavedObjectsErrorHelpers.createBadRequestError(
+            'attribute "auth.credentials" required for "data source" saved object'
+          );
+        }
 
-        this.validateUsername(username);
-        this.validatePassword(password);
-      default:
-        throw SavedObjectsErrorHelpers.createBadRequestError(`Invalid credentials type: '${type}'`);
-    }
-  }
+        const { username, password } = credentials;
 
-  private validateUsername<T = unknown>(username: T) {
-    if (!username) {
-      throw SavedObjectsErrorHelpers.createBadRequestError('attribute "username" required');
-    }
-    return;
-  }
+        if (!username) {
+          throw SavedObjectsErrorHelpers.createBadRequestError(
+            'attribute "auth.credentials.username" required'
+          );
+        }
 
-  private validatePassword<T = unknown>(password: T) {
-    if (!password) {
-      throw SavedObjectsErrorHelpers.createBadRequestError('attribute "password" required');
+        if (!password) {
+          throw SavedObjectsErrorHelpers.createBadRequestError(
+            'attribute "auth.credentials.password" required'
+          );
+        }
+
+        break;
+      default:
+        throw SavedObjectsErrorHelpers.createBadRequestError(`Invalid auth type: '${type}'`);
     }
-    return;
   }
 }