Merge branch 'main' into eui/60.1.0

.github/CODEOWNERS

@@ -349,7 +349,6 @@
 /x-pack/test/security_functional/ @elastic/kibana-security
 /x-pack/test/spaces_api_integration/ @elastic/kibana-security
 /x-pack/test/saved_object_api_integration/ @elastic/kibana-security
-/src/core/server/csp/ @elastic/kibana-security @elastic/kibana-core
 /examples/preboot_example/ @elastic/kibana-security @elastic/kibana-core
 #CC# /x-pack/plugins/security/ @elastic/kibana-security
 

docs/settings/apm-settings.asciidoc

@@ -43,8 +43,6 @@ If you'd like to change any of the default values,
 copy and paste the relevant settings into your `kibana.yml` configuration file.
 Changing these settings may disable features of the APM App.
 
-`xpack.apm.maxServiceEnvironments` {ess-icon}::
-Maximum number of unique service environments recognized by the UI. Defaults to `100`.
 
 `xpack.apm.maxSuggestions` {ess-icon}::
 Maximum number of suggestions fetched in autocomplete selection boxes. Defaults to `100`.

package.json

@@ -176,6 +176,7 @@
     "@kbn/core-fatal-errors-browser": "link:bazel-bin/packages/core/fatal-errors/core-fatal-errors-browser",
     "@kbn/core-fatal-errors-browser-internal": "link:bazel-bin/packages/core/fatal-errors/core-fatal-errors-browser-internal",
     "@kbn/core-fatal-errors-browser-mocks": "link:bazel-bin/packages/core/fatal-errors/core-fatal-errors-browser-mocks",
+    "@kbn/core-http-server": "link:bazel-bin/packages/core/http/core-http-server",
     "@kbn/core-i18n-browser": "link:bazel-bin/packages/core/i18n/core-i18n-browser",
     "@kbn/core-i18n-browser-internal": "link:bazel-bin/packages/core/i18n/core-i18n-browser-internal",
     "@kbn/core-i18n-browser-mocks": "link:bazel-bin/packages/core/i18n/core-i18n-browser-mocks",
@@ -204,6 +205,7 @@
     "@kbn/field-types": "link:bazel-bin/packages/kbn-field-types",
     "@kbn/flot-charts": "link:bazel-bin/packages/kbn-flot-charts",
     "@kbn/handlebars": "link:bazel-bin/packages/kbn-handlebars",
+    "@kbn/hapi-mocks": "link:bazel-bin/packages/kbn-hapi-mocks",
     "@kbn/home-sample-data-cards": "link:bazel-bin/packages/home/sample_data_cards",
     "@kbn/i18n": "link:bazel-bin/packages/kbn-i18n",
     "@kbn/i18n-react": "link:bazel-bin/packages/kbn-i18n-react",
@@ -734,6 +736,7 @@
     "@types/kbn__core-fatal-errors-browser": "link:bazel-bin/packages/core/fatal-errors/core-fatal-errors-browser/npm_module_types",
     "@types/kbn__core-fatal-errors-browser-internal": "link:bazel-bin/packages/core/fatal-errors/core-fatal-errors-browser-internal/npm_module_types",
     "@types/kbn__core-fatal-errors-browser-mocks": "link:bazel-bin/packages/core/fatal-errors/core-fatal-errors-browser-mocks/npm_module_types",
+    "@types/kbn__core-http-server": "link:bazel-bin/packages/core/http/core-http-server/npm_module_types",
     "@types/kbn__core-i18n-browser": "link:bazel-bin/packages/core/i18n/core-i18n-browser/npm_module_types",
     "@types/kbn__core-i18n-browser-internal": "link:bazel-bin/packages/core/i18n/core-i18n-browser-internal/npm_module_types",
     "@types/kbn__core-i18n-browser-mocks": "link:bazel-bin/packages/core/i18n/core-i18n-browser-mocks/npm_module_types",
@@ -771,6 +774,7 @@
     "@types/kbn__find-used-node-modules": "link:bazel-bin/packages/kbn-find-used-node-modules/npm_module_types",
     "@types/kbn__generate": "link:bazel-bin/packages/kbn-generate/npm_module_types",
     "@types/kbn__handlebars": "link:bazel-bin/packages/kbn-handlebars/npm_module_types",
+    "@types/kbn__hapi-mocks": "link:bazel-bin/packages/kbn-hapi-mocks/npm_module_types",
     "@types/kbn__home-sample-data-cards": "link:bazel-bin/packages/home/sample_data_cards/npm_module_types",
     "@types/kbn__i18n": "link:bazel-bin/packages/kbn-i18n/npm_module_types",
     "@types/kbn__i18n-react": "link:bazel-bin/packages/kbn-i18n-react/npm_module_types",

packages/BUILD.bazel

@@ -45,6 +45,7 @@ filegroup(
     "//packages/core/fatal-errors/core-fatal-errors-browser-internal:build",
     "//packages/core/fatal-errors/core-fatal-errors-browser-mocks:build",
     "//packages/core/fatal-errors/core-fatal-errors-browser:build",
+    "//packages/core/http/core-http-server:build",
     "//packages/core/i18n/core-i18n-browser-internal:build",
     "//packages/core/i18n/core-i18n-browser-mocks:build",
     "//packages/core/i18n/core-i18n-browser:build",
@@ -108,6 +109,7 @@ filegroup(
     "//packages/kbn-flot-charts:build",
     "//packages/kbn-generate:build",
     "//packages/kbn-handlebars:build",
+    "//packages/kbn-hapi-mocks:build",
     "//packages/kbn-i18n-react:build",
     "//packages/kbn-i18n:build",
     "//packages/kbn-import-resolver:build",
@@ -228,6 +230,7 @@ filegroup(
     "//packages/core/fatal-errors/core-fatal-errors-browser-internal:build_types",
     "//packages/core/fatal-errors/core-fatal-errors-browser-mocks:build_types",
     "//packages/core/fatal-errors/core-fatal-errors-browser:build_types",
+    "//packages/core/http/core-http-server:build_types",
     "//packages/core/i18n/core-i18n-browser-internal:build_types",
     "//packages/core/i18n/core-i18n-browser-mocks:build_types",
     "//packages/core/i18n/core-i18n-browser:build_types",
@@ -282,6 +285,7 @@ filegroup(
     "//packages/kbn-find-used-node-modules:build_types",
     "//packages/kbn-generate:build_types",
     "//packages/kbn-handlebars:build_types",
+    "//packages/kbn-hapi-mocks:build_types",
     "//packages/kbn-i18n-react:build_types",
     "//packages/kbn-i18n:build_types",
     "//packages/kbn-import-resolver:build_types",

packages/core/http/core-http-server/BUILD.bazel

@@ -0,0 +1,104 @@
+load("@npm//@bazel/typescript:index.bzl", "ts_config")
+load("@build_bazel_rules_nodejs//:index.bzl", "js_library")
+load("//src/dev/bazel:index.bzl", "jsts_transpiler", "pkg_npm", "pkg_npm_types", "ts_project")
+
+PKG_DIRNAME = "core-http-server"
+PKG_REQUIRE_NAME = "@kbn/core-http-server"
+
+SOURCE_FILES = glob(
+  [
+    "src/**/*.ts",
+  ],
+  exclude = [
+    "**/*.test.*",
+    "**/*.stories.*",
+  ],
+)
+
+SRCS = SOURCE_FILES
+
+filegroup(
+  name = "srcs",
+  srcs = SRCS,
+)
+
+NPM_MODULE_EXTRA_FILES = [
+  "package.json",
+]
+
+RUNTIME_DEPS = [
+  "//packages/kbn-config-schema",
+]
+
+TYPES_DEPS = [
+  "@npm//@types/node",
+  "@npm//@types/jest",
+  "@npm//rxjs",
+  "@npm//@hapi/hapi",
+  "@npm//@types/hapi__hapi",
+  "@npm//@hapi/boom",
+  "//packages/kbn-config-schema:npm_module_types",
+  "//packages/kbn-utility-types:npm_module_types",
+  "//packages/core/base/core-base-common:npm_module_types"
+]
+
+jsts_transpiler(
+  name = "target_node",
+  srcs = SRCS,
+  build_pkg_name = package_name(),
+)
+
+ts_config(
+  name = "tsconfig",
+  src = "tsconfig.json",
+  deps = [
+    "//:tsconfig.base.json",
+    "//:tsconfig.bazel.json",
+  ],
+)
+
+ts_project(
+  name = "tsc_types",
+  args = ['--pretty'],
+  srcs = SRCS,
+  deps = TYPES_DEPS,
+  declaration = True,
+  emit_declaration_only = True,
+  out_dir = "target_types",
+  root_dir = "src",
+  tsconfig = ":tsconfig",
+)
+
+js_library(
+  name = PKG_DIRNAME,
+  srcs = NPM_MODULE_EXTRA_FILES,
+  deps = RUNTIME_DEPS + [":target_node"],
+  package_name = PKG_REQUIRE_NAME,
+  visibility = ["//visibility:public"],
+)
+
+pkg_npm(
+  name = "npm_module",
+  deps = [":" + PKG_DIRNAME],
+)
+
+filegroup(
+  name = "build",
+  srcs = [":npm_module"],
+  visibility = ["//visibility:public"],
+)
+
+pkg_npm_types(
+  name = "npm_module_types",
+  srcs = SRCS,
+  deps = [":tsc_types"],
+  package_name = PKG_REQUIRE_NAME,
+  tsconfig = ":tsconfig",
+  visibility = ["//visibility:public"],
+)
+
+filegroup(
+  name = "build_types",
+  srcs = [":npm_module_types"],
+  visibility = ["//visibility:public"],
+)

packages/core/http/core-http-server/README.md

@@ -0,0 +1,3 @@
+# @kbn/core-http-server
+
+This package contains the public types for Core's server-side http service.

src/core/server/http/router/validator/index.ts → packages/core/http/core-http-server/jest.config.js

@@ -6,13 +6,8 @@
  * Side Public License, v 1.
  */
 
-export { RouteValidator } from './validator';
-export type {
-  RouteValidatorConfig,
-  RouteValidationSpec,
-  RouteValidationFunction,
-  RouteValidatorOptions,
-  RouteValidatorFullConfig,
-  RouteValidationResultFactory,
-} from './validator';
-export { RouteValidationError } from './validator_error';
+module.exports = {
+  preset: '@kbn/test/jest_node',
+  rootDir: '../../../..',
+  roots: ['<rootDir>/packages/core/http/core-http-server'],
+};

packages/core/http/core-http-server/package.json

@@ -0,0 +1,7 @@
+{
+  "name": "@kbn/core-http-server",
+  "private": true,
+  "version": "1.0.0",
+  "main": "./target_node/index.js",
+  "license": "SSPL-1.0 OR Elastic License 2.0"
+}

packages/core/http/core-http-server/src/auth_headers.ts

@@ -0,0 +1,27 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+
+import type { KibanaRequest } from './router';
+import type { AuthHeaders } from './lifecycle';
+
+/**
+ * Get headers to authenticate a user against Elasticsearch.
+ * @param request {@link KibanaRequest} - an incoming request.
+ * @return authentication headers {@link AuthHeaders} for - an incoming request.
+ * @public
+ * */
+export type GetAuthHeaders = (request: KibanaRequest) => AuthHeaders | undefined;
+
+/** @public */
+export type SetAuthHeaders = (request: KibanaRequest, headers: AuthHeaders) => void;
+
+/** @public */
+export interface IAuthHeadersStorage {
+  set: SetAuthHeaders;
+  get: GetAuthHeaders;
+}

packages/core/http/core-http-server/src/auth_state.ts

@@ -0,0 +1,44 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+
+import type { KibanaRequest } from './router';
+
+/**
+ * Status indicating an outcome of the authentication.
+ * @public
+ */
+export enum AuthStatus {
+  /**
+   * `auth` interceptor successfully authenticated a user
+   */
+  authenticated = 'authenticated',
+  /**
+   * `auth` interceptor failed user authentication
+   */
+  unauthenticated = 'unauthenticated',
+  /**
+   * `auth` interceptor has not been registered
+   */
+  unknown = 'unknown',
+}
+
+/**
+ * Gets authentication state for a request. Returned by `auth` interceptor.
+ * @param request {@link KibanaRequest} - an incoming request.
+ * @public
+ */
+export type GetAuthState = <T = unknown>(
+  request: KibanaRequest
+) => { status: AuthStatus; state: T };
+
+/**
+ * Returns authentication status for a request.
+ * @param request {@link KibanaRequest} - an incoming request.
+ * @public
+ */
+export type IsAuthenticated = (request: KibanaRequest) => boolean;

packages/core/http/core-http-server/src/base_path.ts

@@ -0,0 +1,52 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+
+import type { KibanaRequest } from './router';
+
+/**
+ * Access or manipulate the Kibana base path
+ *
+ * @public
+ */
+export interface IBasePath {
+  /**
+   * returns the server's basePath.
+   *
+   * See {@link IBasePath.get} for getting the basePath value for a specific request
+   */
+  readonly serverBasePath: string;
+
+  /**
+   * The server's publicly exposed base URL, if configured. Includes protocol, host, port (optional) and the
+   * {@link IBasePath.serverBasePath}.
+   *
+   * @remarks
+   * Should be used for generating external URL links back to this Kibana instance.
+   */
+  readonly publicBaseUrl?: string;
+
+  /**
+   * returns `basePath` value, specific for an incoming request.
+   */
+  get(request: KibanaRequest): string;
+
+  /**
+   * sets `basePath` value, specific for an incoming request.
+   */
+  set(request: KibanaRequest, requestSpecificBasePath: string): void;
+
+  /**
+   * Prepends `path` with the basePath.
+   */
+  prepend(path: string): string;
+
+  /**
+   * Removes the prepended basePath from the `path`.
+   */
+  remove(path: string): string;
+}

packages/core/http/core-http-server/src/csp.ts

@@ -0,0 +1,36 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+
+/**
+ * CSP configuration for use in Kibana.
+ * @public
+ */
+export interface ICspConfig {
+  /**
+   * Specify whether browsers that do not support CSP should be
+   * able to use Kibana. Use `true` to block and `false` to allow.
+   */
+  readonly strict: boolean;
+
+  /**
+   * Specify whether users with legacy browsers should be warned
+   * about their lack of Kibana security compliance.
+   */
+  readonly warnLegacyBrowsers: boolean;
+
+  /**
+   * Whether or not embedding (using iframes) should be allowed by the CSP. If embedding is disabled, a restrictive 'frame-ancestors' rule will be added to the default CSP rules.
+   */
+  readonly disableEmbedding: boolean;
+
+  /**
+   * The CSP rules in a formatted directives string for use
+   * in a `Content-Security-Policy` header.
+   */
+  readonly header: string;
+}