Fixes base64 encoded hardcoded admin credentials (#1331)

* Fixes base64 encoded hardcoded admin credentials Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes broken integTest task Signed-off-by: Darshit Chanpura <dchanp@amazon.com> --------- Signed-off-by: Darshit Chanpura <dchanp@amazon.com> (cherry picked from commit 74dfcd1)
opensearch-project · Feb 15, 2024 · cbe6e8d · cbe6e8d
1 parent a639ca9
commit cbe6e8d
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/build.gradle b/build.gradle
@@ -451,6 +451,7 @@ int endJmxPort = startJmxPort
 integTest {
     useCluster testClusters.leaderCluster
     useCluster testClusters.followCluster
+    systemProperty "password", "admin" // setting it to `admin` explicitly since its a custom security setup
 
     if(knnEnabled){
         nonInputProperties.systemProperty('tests.knn_plugin_enabled', "true")

diff --git a/src/test/kotlin/org/opensearch/replication/MultiClusterRestTestCase.kt b/src/test/kotlin/org/opensearch/replication/MultiClusterRestTestCase.kt
@@ -56,12 +56,14 @@ import org.junit.After
 import org.junit.AfterClass
 import org.junit.Before
 import org.junit.BeforeClass
+import java.nio.charset.StandardCharsets
 import java.nio.file.Files
 import java.security.KeyManagementException
 import java.security.KeyStore
 import java.security.KeyStoreException
 import java.security.NoSuchAlgorithmException
 import java.security.cert.CertificateException
+import java.util.Base64
 import java.util.concurrent.TimeUnit
 import java.util.concurrent.atomic.AtomicReference
 import java.util.Collections
@@ -227,8 +229,10 @@ abstract class MultiClusterRestTestCase : OpenSearchTestCase() {
             for ((key, value) in headers) {
                 defaultHeaders[i++] = BasicHeader(key, value)
             }
+
+            val creds = System.getProperty("user", "admin") + ":" + System.getProperty("password", "myStrongPassword123!")
             if(securityEnabled) {
-                defaultHeaders[i++] = BasicHeader("Authorization", "Basic YWRtaW46YWRtaW4=")
+                defaultHeaders[i++] = BasicHeader("Authorization", "Basic " + Base64.getEncoder().encodeToString(creds.toByteArray(StandardCharsets.UTF_8)))
             }
 
             builder.setDefaultHeaders(defaultHeaders)