[
https://issues.apache.org/jira/browse/BEAM-12012?focusedWorklogId=575886&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-575886
]
ASF GitHub Bot logged work on BEAM-12012:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 02/Apr/21 02:49
Start Date: 02/Apr/21 02:49
Worklog Time Spent: 10m
Work Description: ihji commented on a change in pull request #14345:
URL: https://github.com/apache/beam/pull/14345#discussion_r606039467
##########
File path:
sdks/java/io/elasticsearch/src/main/java/org/apache/beam/sdk/io/elasticsearch/ElasticsearchIO.java
##########
@@ -329,6 +339,32 @@ public ConnectionConfiguration withPassword(String
password) {
return builder().setPassword(password).build();
}
+ /**
+ * If Elasticsearch authentication is enabled, provide an API key.
+ *
+ * @param apiKey the API key used to authenticate to Elasticsearch
+ * @return a {@link ConnectionConfiguration} describes a connection
configuration to
+ * Elasticsearch.
+ */
+ public ConnectionConfiguration withApiKey(String apiKey) {
+ checkArgument(apiKey != null, "apiKey can not be null");
+ checkArgument(!apiKey.isEmpty(), "apiKey can not be empty");
Review comment:
You might use `Strings.isNullOrEmpty` instead of two checks.
##########
File path:
sdks/java/io/elasticsearch/src/main/java/org/apache/beam/sdk/io/elasticsearch/ElasticsearchIO.java
##########
@@ -329,6 +339,32 @@ public ConnectionConfiguration withPassword(String
password) {
return builder().setPassword(password).build();
}
+ /**
+ * If Elasticsearch authentication is enabled, provide an API key.
+ *
+ * @param apiKey the API key used to authenticate to Elasticsearch
+ * @return a {@link ConnectionConfiguration} describes a connection
configuration to
+ * Elasticsearch.
+ */
+ public ConnectionConfiguration withApiKey(String apiKey) {
+ checkArgument(apiKey != null, "apiKey can not be null");
+ checkArgument(!apiKey.isEmpty(), "apiKey can not be empty");
+ return builder().setApiKey(apiKey).build();
+ }
+
+ /**
+ * If Elasticsearch authentication is enabled, provide a bearer token.
+ *
+ * @param bearerToken the bearer token used to authenticate to
Elasticsearch
+ * @return a {@link ConnectionConfiguration} describes a connection
configuration to
+ * Elasticsearch.
+ */
+ public ConnectionConfiguration withBearerToken(String bearerToken) {
+ checkArgument(bearerToken != null, "bearerToken can not be null");
+ checkArgument(!bearerToken.isEmpty(), "bearerToken can not be empty");
Review comment:
ditto.
##########
File path:
sdks/java/io/elasticsearch/src/main/java/org/apache/beam/sdk/io/elasticsearch/ElasticsearchIO.java
##########
@@ -424,6 +460,14 @@ RestClient createClient() throws IOException {
httpAsyncClientBuilder ->
httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
}
+ if (getApiKey() != null) {
+ restClientBuilder.setDefaultHeaders(
+ new Header[] {new BasicHeader("Authorization", "ApiKey " +
getApiKey())});
Review comment:
Is there any way we can test this options easily? If not, never mind.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 575886)
Time Spent: 40m (was: 0.5h)
> ElasticsearchIO - Add API key & bearer token authentication
> -----------------------------------------------------------
>
> Key: BEAM-12012
> URL: https://issues.apache.org/jira/browse/BEAM-12012
> Project: Beam
> Issue Type: Improvement
> Components: io-java-elasticsearch
> Reporter: Fabien Caylus
> Assignee: Fabien Caylus
> Priority: P3
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Hello !
> Currently, only username/password authentication is supported in this IO.
> However, Elasticsearch also supports:
> * [API
> key|https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html],
> since version 6.7
> * [Bearer
> token|https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-token.html],
> since version 6.3
> Supporting them would allow the user to create specific keys or tokens (with
> specific permissions and validity period) and use them for its jobs.
> However, both features are not opensource themselves inside Elasticsearch
> (part of the X-Pack solution, under the Elastic license). But for the
> implementation in Beam, it's only a matter of setting the correct
> {{Authorization}} header. So I think it should be ok to implement them.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
