Skip to content

[ResponseOps][Connectors] Support for encrypted headers (frontend) #233695

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
adcoelho merged 112 commits into from
Sep 30, 2025
Merged

[ResponseOps][Connectors] Support for encrypted headers (frontend) #233695

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
112 commits
Select commit Hold shift + click to select a range
30aa373
initial commit, wip
georgianaonoleata1904 Jul 31, 2025
b3ed489
added integration tests
georgianaonoleata1904 Aug 6, 2025
22a80f6
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Aug 6, 2025
0261747
fixes for type checks
georgianaonoleata1904 Aug 6, 2025
630f17a
Merge branch 'support-encrypted-headers-webhook' of https://github.co…
georgianaonoleata1904 Aug 6, 2025
fb233e4
fixes for type checks
georgianaonoleata1904 Aug 6, 2025
e739044
fixes for tests
georgianaonoleata1904 Aug 6, 2025
aed6eb8
updated the snapshot
georgianaonoleata1904 Aug 7, 2025
0cba267
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Aug 8, 2025
dd566b7
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Aug 18, 2025
81b65ec
wip, initial commit on frontend side
georgianaonoleata1904 Aug 18, 2025
10ba89b
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Aug 21, 2025
2a8d17e
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Aug 25, 2025
6494dab
solved conflicts
georgianaonoleata1904 Aug 25, 2025
2621d6a
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Aug 27, 2025
64d0c17
wip
georgianaonoleata1904 Aug 27, 2025
04cb461
moved merge function and added tests
georgianaonoleata1904 Aug 27, 2025
09edfb3
removed console.log
georgianaonoleata1904 Aug 27, 2025
4e1b255
Merge branch 'support-encrypted-headers-webhook' into test-encrypted-…
georgianaonoleata1904 Aug 28, 2025
e89f8d5
Merge branch 'support-encrypted-headers-webhook-frontend' into test-e…
georgianaonoleata1904 Aug 28, 2025
20a0ea4
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Sep 1, 2025
3481c4c
wip
georgianaonoleata1904 Sep 2, 2025
70a33a8
added api to fetch secretHeaders key from the encryptedSavedObjects
georgianaonoleata1904 Sep 2, 2025
826977d
Merge branch 'support-encrypted-headers-webhook-frontend' into test-e…
georgianaonoleata1904 Sep 2, 2025
fae755f
[CI] Auto-commit changed files from 'node scripts/notice'
kibanamachine Sep 2, 2025
0bf7952
fixed secret headers saving issue
georgianaonoleata1904 Sep 2, 2025
702155a
Merge branch 'support-encrypted-headers-webhook-frontend' into test-e…
georgianaonoleata1904 Sep 2, 2025
e9de311
wip
georgianaonoleata1904 Sep 3, 2025
37434a9
addressed part of the comments
georgianaonoleata1904 Sep 3, 2025
db1a24d
addressed comment
georgianaonoleata1904 Sep 3, 2025
37f19e2
addressed comments
georgianaonoleata1904 Sep 3, 2025
f809277
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Sep 3, 2025
0a698fc
merge
georgianaonoleata1904 Sep 4, 2025
49cc564
wip
georgianaonoleata1904 Sep 4, 2025
73b439c
added tests for get header api
georgianaonoleata1904 Sep 4, 2025
0717bb6
[CI] Auto-commit changed files from 'ts-node .buildkite/pipeline-reso…
kibanamachine Sep 4, 2025
bc2cd86
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Sep 5, 2025
38fc918
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Sep 5, 2025
a21deea
Update x-pack/platform/plugins/shared/actions/server/lib/merge_config…
georgianaonoleata1904 Sep 8, 2025
5c180ee
Update x-pack/platform/plugins/shared/actions/server/lib/merge_config…
georgianaonoleata1904 Sep 8, 2025
d66629f
Update x-pack/platform/plugins/shared/actions/server/lib/merge_config…
georgianaonoleata1904 Sep 8, 2025
bc895a7
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Sep 8, 2025
537a9e0
wip
georgianaonoleata1904 Sep 8, 2025
35b3e30
addressed comments
georgianaonoleata1904 Sep 9, 2025
3ca6e01
merge
georgianaonoleata1904 Sep 9, 2025
e6b47a5
changed use_secret_headers hook
georgianaonoleata1904 Sep 9, 2025
67968b7
fixed test
georgianaonoleata1904 Sep 10, 2025
9c5c7dc
Merge branch 'main' into support-encrypted-headers-webhook
georgianaonoleata1904 Sep 10, 2025
b1164c2
merge
georgianaonoleata1904 Sep 10, 2025
855150d
added spaceId as an options for getting the decrypted connector
georgianaonoleata1904 Sep 10, 2025
9c679e3
Merge branch 'support-encrypted-headers-webhook' into test-encrypted-…
georgianaonoleata1904 Sep 10, 2025
afa4f6f
fixes for type checks
georgianaonoleata1904 Sep 10, 2025
5ac55c9
Merge branch 'support-encrypted-headers-webhook' into test-encrypted-…
georgianaonoleata1904 Sep 10, 2025
2efa8bf
merge with latest main
georgianaonoleata1904 Sep 12, 2025
ddd5f87
Fix issue saving headers
adcoelho Sep 15, 2025
435479d
change header value field type based on the selected type
georgianaonoleata1904 Sep 15, 2025
ff933b7
small improvements
georgianaonoleata1904 Sep 18, 2025
2342712
fixed and added new tests in auth_config
georgianaonoleata1904 Sep 18, 2025
62aa0e3
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 18, 2025
01b5f4c
[CI] Auto-commit changed files from 'node scripts/notice'
kibanamachine Sep 18, 2025
2b9f155
added encrypted headers badge
georgianaonoleata1904 Sep 18, 2025
d978163
Merge branch 'test-encrypted-headers' of https://github.com/georgiana…
georgianaonoleata1904 Sep 18, 2025
38d5f23
updated tests
georgianaonoleata1904 Sep 18, 2025
ceca1da
added some func tests
georgianaonoleata1904 Sep 19, 2025
15c025e
solved conflict
georgianaonoleata1904 Sep 19, 2025
fa50537
added test and moved constant
georgianaonoleata1904 Sep 19, 2025
b4d6f32
addressed comments part1
georgianaonoleata1904 Sep 22, 2025
68108ca
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 22, 2025
475b429
[CI] Auto-commit changed files from 'node scripts/notice'
kibanamachine Sep 22, 2025
6a4786c
addressed comments part2
georgianaonoleata1904 Sep 22, 2025
9371307
increase stack_connectors plugin bundle size limit
georgianaonoleata1904 Sep 22, 2025
0f8822f
addressed comments part 3
georgianaonoleata1904 Sep 22, 2025
77ed49a
increased stack_connectors plugin bundle size limit
georgianaonoleata1904 Sep 23, 2025
45f9ce9
addressed comments part 4
georgianaonoleata1904 Sep 23, 2025
1bc1bc4
fixed tests
georgianaonoleata1904 Sep 23, 2025
163875d
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 23, 2025
f4db129
added tests for useSecretHeaders hook
georgianaonoleata1904 Sep 23, 2025
eb6561e
fixed some tests
georgianaonoleata1904 Sep 23, 2025
1665c1f
renders a header line by default when toggling on the add header switch
georgianaonoleata1904 Sep 23, 2025
499553a
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 24, 2025
44213e3
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Sep 24, 2025
55bc862
partial fix for the tests
georgianaonoleata1904 Sep 25, 2025
4856ed0
Merge branch 'test-encrypted-headers' of https://github.com/georgiana…
georgianaonoleata1904 Sep 25, 2025
23ab715
Update x-pack/platform/plugins/shared/stack_connectors/public/common/…
georgianaonoleata1904 Sep 25, 2025
ad321f5
addressed comments
georgianaonoleata1904 Sep 25, 2025
76c4386
fix mock
jcger Sep 25, 2025
4dbd0e1
fixed test
georgianaonoleata1904 Sep 26, 2025
7780520
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 26, 2025
a16740b
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 26, 2025
b275944
Fix issues with import
cnasikas Sep 26, 2025
5a79cea
Fix returned value of hook
cnasikas Sep 26, 2025
4832ac8
Merge branch 'test-encrypted-headers' of https://github.com/georgiana…
georgianaonoleata1904 Sep 26, 2025
be1b794
Fix types in serializers
cnasikas Sep 26, 2025
7913907
Merge branch 'test-encrypted-headers' of https://github.com/georgiana…
georgianaonoleata1904 Sep 26, 2025
8711464
cleaned up code
georgianaonoleata1904 Sep 26, 2025
c4e35f7
fixed linting issue
georgianaonoleata1904 Sep 26, 2025
93db7e3
[CI] Auto-commit changed files from 'node scripts/eslint_all_files --…
kibanamachine Sep 26, 2025
23b899d
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 26, 2025
851421a
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 29, 2025
3462f0a
Merge branch 'main' into test-encrypted-headers
georgianaonoleata1904 Sep 29, 2025
16674fc
fixed issue saving secret headers
georgianaonoleata1904 Sep 29, 2025
b75f92c
fix wip
georgianaonoleata1904 Sep 29, 2025
7c13aa2
fixed conflicts
georgianaonoleata1904 Sep 29, 2025
9ccafd1
removed commented code
georgianaonoleata1904 Sep 30, 2025
36b8cd7
Revert "fix wip"
adcoelho Sep 30, 2025
6542e9d
Fix toggle bug.
adcoelho Sep 30, 2025
7e855f9
[CI] Auto-commit changed files from 'node scripts/eslint_all_files --…
kibanamachine Sep 30, 2025
89b1697
Fix auth_config unit tests.
adcoelho Sep 30, 2025
3315325
updating functional tests
georgianaonoleata1904 Sep 30, 2025
fafe2b8
fix type check
adcoelho Sep 30, 2025
3ccd68f
fix tests
adcoelho Sep 30, 2025
db348db
Merge remote-tracking branch 'upstream/main' into test-encrypted-headers
adcoelho Sep 30, 2025
File filter

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion packages/kbn-optimizer/limits.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ pageLoadAssetSize:
snapshotRestore: 28452
spaces: 32135
stackAlerts: 31499
stackConnectors: 67975
stackConnectors: 68502
streams: 9000
streamsApp: 17000
synthetics: 31571
Expand Down
2 changes: 2 additions & 0 deletions x-pack/platform/plugins/shared/stack_connectors/common/auth/constants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,5 @@ export enum WebhookMethods {
PUT = 'put',
GET = 'get',
}

export const MAX_HEADERS: number = 20;
231 changes: 216 additions & 15 deletions x-pack/platform/plugins/shared/stack_connectors/public/common/auth/auth_config.test.tsx
View file
Open in desktop
Copy link
Member

@cnasikas cnasikas Sep 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we add a test where:

  • useSecretHeaders returns some secret keys.
  • There are some config headers.
  • We check that the UI renders the config keys and values
  • We check that the UI renders the secret keys

Also, another test we can add is:

  • No headers in the beginning.
  • We add some config and secret headers.
  • We submit and verify that all values are correct.

This can be done on another PR.
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,26 @@ import React from 'react';
import { AuthConfig } from './auth_config';
import { render, screen, waitFor, within } from '@testing-library/react';
import userEvent from '@testing-library/user-event';

import { AuthType, SSLCertType } from '../../../common/auth/constants';
import { AuthFormTestProvider } from '../../connector_types/lib/test_utils';
import { useSecretHeaders } from './use_secret_headers';

jest.mock('./use_secret_headers');

const useSecretHeadersMock = useSecretHeaders as jest.Mock;

describe('AuthConfig renders', () => {
const onSubmit = jest.fn();

beforeEach(() => {
useSecretHeadersMock.mockReturnValue({ isLoading: false, isFetching: false, data: [] });
});

afterEach(() => {
jest.clearAllMocks();
});

it('renders all fields for authType=None', async () => {
const testFormData = {
config: {
Expand Down Expand Up @@ -194,10 +208,125 @@ describe('AuthConfig renders', () => {
expect(await screen.findByTestId('sslCertFields')).toBeInTheDocument();
});

describe('secret headers', () => {
const defaultTestFormData = {
config: {
hasAuth: false,
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'config-key', value: 'text', type: 'config' }],
},
};

beforeEach(() =>
useSecretHeadersMock
.mockReturnValueOnce({
isLoading: true,
isFetching: true,
data: [],
})
.mockReturnValue({
isLoading: false,
isFetching: false,
data: ['secret-key'],
})
);

it('submits secret headers merged with config headers', async () => {
render(
<AuthFormTestProvider defaultValue={defaultTestFormData} onSubmit={onSubmit}>
<AuthConfig readOnly={false} />
</AuthFormTestProvider>
);

await userEvent.click(await screen.findByTestId('webhookHeadersSecretValueInput'));
await userEvent.paste('foobar');

await userEvent.click(await screen.findByTestId('form-test-provide-submit'));
await waitFor(() => {
expect(onSubmit).toHaveBeenCalledWith({
data: {
config: {
hasAuth: false,
authType: null,
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [
{ key: 'config-key', value: 'text', type: 'config' },
{ key: 'secret-key', value: 'foobar', type: 'secret' },
],
},
},
isValid: true,
});
});
});

it('submits properly when there are only secret headers', async () => {
const testFormData = {
...defaultTestFormData,
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [],
},
};

render(
<AuthFormTestProvider defaultValue={testFormData} onSubmit={onSubmit}>
<AuthConfig readOnly={false} />
</AuthFormTestProvider>
);

await userEvent.click(await screen.findByTestId('webhookHeadersSecretValueInput'));
await userEvent.paste('foobar');

await userEvent.click(await screen.findByTestId('form-test-provide-submit'));
await waitFor(() => {
expect(onSubmit).toHaveBeenCalledWith({
data: {
config: {
hasAuth: false,
authType: null,
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'secret-key', value: 'foobar', type: 'secret' }],
},
},
isValid: true,
});
});
});

it('validation fails if the secret header value is empty', async () => {
render(
<AuthFormTestProvider defaultValue={defaultTestFormData} onSubmit={onSubmit}>
<AuthConfig readOnly={false} />
</AuthFormTestProvider>
);

// We submit without populating the secret header value field
await userEvent.click(await screen.findByTestId('form-test-provide-submit'));

await waitFor(() => {
expect(onSubmit).toHaveBeenCalledWith({
data: {},
isValid: false,
});
});
});
});

describe('Validation', () => {
const defaultTestFormData = {
config: {
headers: [{ key: 'content-type', value: 'text' }],
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
hasAuth: true,
},
secrets: {
Expand All @@ -213,13 +342,17 @@ describe('AuthConfig renders', () => {
it('succeeds with hasAuth=True', async () => {
const testFormData = {
config: {
headers: [{ key: 'content-type', value: 'text' }],
hasAuth: true,
},
secrets: {
user: 'user',
password: 'pass',
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
};
render(
<AuthFormTestProvider defaultValue={testFormData} onSubmit={onSubmit}>
Expand All @@ -233,7 +366,6 @@ describe('AuthConfig renders', () => {
expect(onSubmit).toHaveBeenCalledWith({
data: {
config: {
headers: [{ key: 'content-type', value: 'text' }],
hasAuth: true,
authType: AuthType.Basic,
},
Expand All @@ -244,6 +376,7 @@ describe('AuthConfig renders', () => {
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
},
isValid: true,
Expand All @@ -257,6 +390,11 @@ describe('AuthConfig renders', () => {
...defaultTestFormData.config,
hasAuth: false,
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
};
render(
<AuthFormTestProvider defaultValue={testFormData} onSubmit={onSubmit}>
Expand All @@ -270,13 +408,13 @@ describe('AuthConfig renders', () => {
expect(onSubmit).toHaveBeenCalledWith({
data: {
config: {
headers: [{ key: 'content-type', value: 'text' }],
hasAuth: false,
authType: null,
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
},
isValid: true,
Expand Down Expand Up @@ -333,6 +471,11 @@ describe('AuthConfig renders', () => {
ca: Buffer.from('some binary string').toString('base64'),
verificationMode: 'full',
},
__internal__: {
hasHeaders: true,
hasCA: true,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
};

render(
Expand All @@ -351,7 +494,6 @@ describe('AuthConfig renders', () => {
authType: AuthType.Basic,
ca: Buffer.from('some binary string').toString('base64'),
verificationMode: 'full',
headers: [{ key: 'content-type', value: 'text' }],
},
secrets: {
user: 'user',
Expand All @@ -360,6 +502,7 @@ describe('AuthConfig renders', () => {
__internal__: {
hasHeaders: true,
hasCA: true,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
},
isValid: true,
Expand Down Expand Up @@ -407,6 +550,11 @@ describe('AuthConfig renders', () => {
crt: Buffer.from('some binary string').toString('base64'),
key: Buffer.from('some binary string').toString('base64'),
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
};

render(
Expand All @@ -424,7 +572,6 @@ describe('AuthConfig renders', () => {
hasAuth: true,
authType: AuthType.SSL,
certType: SSLCertType.CRT,
headers: [{ key: 'content-type', value: 'text' }],
},
secrets: {
crt: Buffer.from('some binary string').toString('base64'),
Expand All @@ -433,6 +580,7 @@ describe('AuthConfig renders', () => {
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
},
isValid: true,
Expand All @@ -450,6 +598,11 @@ describe('AuthConfig renders', () => {
secrets: {
pfx: Buffer.from('some binary string').toString('base64'),
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
};

render(
Expand All @@ -467,20 +620,75 @@ describe('AuthConfig renders', () => {
hasAuth: true,
authType: AuthType.SSL,
certType: SSLCertType.PFX,
headers: [{ key: 'content-type', value: 'text' }],
},
secrets: {
pfx: Buffer.from('some binary string').toString('base64'),
},
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: 'content-type', value: 'text', type: 'config' }],
},
},
isValid: true,
});
});
});

it('validation fails if there are 2 headers with the same key', async () => {
const testFormData = {
...defaultTestFormData,
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [
{ key: 'same-key', value: 'text 1', type: 'config' },
{ key: 'same-key', value: 'text 2', type: 'config' },
],
},
};

render(
<AuthFormTestProvider defaultValue={testFormData} onSubmit={onSubmit}>
<AuthConfig readOnly={false} />
</AuthFormTestProvider>
);

await userEvent.click(await screen.findByTestId('form-test-provide-submit'));

await waitFor(() => {
expect(onSubmit).toHaveBeenCalledWith({
data: {},
isValid: false,
});
});
});

it('validation fails if header key is empty', async () => {
const testFormData = {
...defaultTestFormData,
__internal__: {
hasHeaders: true,
hasCA: false,
headers: [{ key: '', value: 'text', type: 'config' }],
},
};

render(
<AuthFormTestProvider defaultValue={testFormData} onSubmit={onSubmit}>
<AuthConfig readOnly={false} />
</AuthFormTestProvider>
);

await userEvent.click(await screen.findByTestId('form-test-provide-submit'));

await waitFor(() => {
expect(onSubmit).toHaveBeenCalledWith({
data: {},
isValid: false,
});
});
});
});

describe('AuthConfig with showOAuth2Option on', () => {
Expand Down Expand Up @@ -616,7 +824,7 @@ describe('AuthConfig renders', () => {
});
});

it('validates additionalFields input for valid/invalid JSON', async () => {
it('validates additionalFields input for invalid JSON', async () => {
const testFormData = {
config: {
hasAuth: true,
Expand Down Expand Up @@ -647,13 +855,6 @@ describe('AuthConfig renders', () => {
await userEvent.type(additionalFieldsInput!, '{{key": "value');

expect(await screen.findByText('Invalid JSON')).toBeInTheDocument();

await userEvent.clear(additionalFieldsInput!);
await userEvent.type(additionalFieldsInput!, '{{"sdf": "value"}');

await waitFor(() => {
expect(screen.queryByText('Invalid JSON')).not.toBeInTheDocument();
});
});

it('renders OAuth2 fields as readOnly when readOnly prop is true', async () => {
Expand Down
Loading