Remove Watcher Account "unsecure" settings (#36736)

Removes all sensitive settings (passwords, auth tokens, urls, etc...) for
watcher notifications accounts. These settings were deprecated (and
herein removed) in favor of their secure sibling that is set inside the
elasticsearch keystore. For example:
`xpack.notification.email.account.<id>.smtp.password`
is no longer a valid setting, and it is replaced by
`xpack.notification.email.account.<id>.smtp.secure_password`

Author: albertzaharovits

docs/reference/migration/migrate_7_0/settings.asciidoc

@@ -131,3 +131,26 @@ The removal of these default settings also removes the ability for a component t
 fallback to a default configuration when using TLS. Each component (realm, transport, http,
 http client, etc) must now be configured with their own settings for TLS if it is being
 used.
+
+[float]
+[[watcher-notifications-account-settings]]
+==== Watcher notifications account settings
+
+The following settings have been removed in favor of the secure variants.
+The <<secure-settings, secure settings>> have to be defined inside each cluster
+node's keystore, i.e., they are not to be specified via the cluster settings API.
+
+- `xpack.notification.email.account.<id>.smtp.password`, instead use
+`xpack.notification.email.account.<id>.smtp.secure_password`
+- `xpack.notification.hipchat.account.<id>.auth_token`, instead use
+`xpack.notification.hipchat.account.<id>.secure_auth_token`
+- `xpack.notification.jira.account.<id>.url`, instead use
+`xpack.notification.jira.account.<id>.secure_url`
+- `xpack.notification.jira.account.<id>.user`, instead use
+`xpack.notification.jira.account.<id>.secure_user`
+- `xpack.notification.jira.account.<id>.password`, instead use
+`xpack.notification.jira.account.<id>.secure_password`
+- `xpack.notification.pagerduty.account.<id>.service_api_key`, instead use
+`xpack.notification.pagerduty.account.<id>.secure_service_api_key`
+- `xpack.notification.slack.account.<id>.url`, instead use
+`xpack.notification.slack.account.<id>.secure_url`

docs/reference/settings/notification-settings.asciidoc

@@ -115,7 +115,7 @@ can specify the following email account attributes:
   `smtp.user` (<<cluster-update-settings,Dynamic>>);;
   The user name for SMTP. Required.
 
-  `smtp.password` (<<cluster-update-settings,Dynamic>>);;
+  `smtp.secure_password` (<<secure-settings,Secure>>);;
   The password for the specified SMTP user.
 
   `smtp.starttls.enable` (<<cluster-update-settings,Dynamic>>);;
@@ -222,9 +222,8 @@ via HipChat. You can specify the following HipChat account attributes:
   The HipChat account profile to use: `integration`,
                       `user`, or `v1`. Required.
 
-  `auth_token`;;
-  The authentication token to use to access
-                      the HipChat API. Required.
+  `secure_auth_token` (<<secure-settings,Secure>>);;
+  The authentication token to use to access the HipChat API. Required.
 
   `host`;;
   The HipChat server hostname. Defaults to `api.hipchat.com`.
@@ -268,9 +267,8 @@ via Slack. You can specify the following Slack account attributes:
 
 [[slack-account-attributes]]
 
-  `url`;;
-  The Incoming Webhook URL to use to post
-                                    messages to Slack. Required.
+  `secure_url` (<<secure-settings,Secure>>);;
+  The Incoming Webhook URL to use to post messages to Slack. Required.
 
   `message_defaults.from`;;
   The sender name to display in the
@@ -309,13 +307,13 @@ issues in Jira. You can specify the following Jira account attributes:
 
 [[jira-account-attributes]]
 
-  `url`;;
+  `secure_url` (<<secure-settings,Secure>>);;
   The URL of the Jira Software server. Required.
 
-  `user`;;
+  `secure_user` (<<secure-settings,Secure>>);;
   The name of the user to connect to the Jira Software server. Required.
 
-  `password`;;
+  `secure_password` (<<secure-settings,Secure>>);;
   The password of the user to connect to the Jira Software server. Required.
 
   `issue_defaults`;;
@@ -341,7 +339,7 @@ via PagerDuty. You can specify the following PagerDuty account attributes:
   A name for the PagerDuty account associated with the API key you
   are using to access PagerDuty. Required.
 
-  `service_api_key`;;
+  `secure_service_api_key` (<<secure-settings,Secure>>);;
    The https://developer.pagerduty.com/documentation/rest/authentication[
    PagerDuty API key] to use to access PagerDuty. Required.
 

x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/email/Account.java

@@ -32,8 +32,7 @@
 public class Account {
 
     static final String SMTP_PROTOCOL = "smtp";
-    private static final String SMTP_PASSWORD = "password";
-    private static final Setting<SecureString> SECURE_PASSWORD_SETTING = SecureSetting.secureString("secure_" + SMTP_PASSWORD, null);
+    public static final Setting<SecureString> SECURE_PASSWORD_SETTING = SecureSetting.secureString("secure_password", null);
 
     static {
         SecurityManager sm = System.getSecurityManager();
@@ -213,7 +212,7 @@ static class Smtp {
 
                 port = settings.getAsInt("port", settings.getAsInt("localport", settings.getAsInt("local_port", 25)));
                 user = settings.get("user", settings.get("from", null));
-                password = getSecureSetting(SMTP_PASSWORD, settings, SECURE_PASSWORD_SETTING);
+                password = getSecureSetting(settings, SECURE_PASSWORD_SETTING);
                 //password = passStr != null ? passStr.toCharArray() : null;
                 properties = loadSmtpProperties(settings);
             }
@@ -225,17 +224,12 @@ static class Smtp {
              * Note: if your setting was not previously secure, than the string reference that is in the setting object is still
              * insecure. This is only constructing a new SecureString with the char[] of the insecure setting.
              */
-            private static SecureString getSecureSetting(String settingName, Settings settings, Setting<SecureString> secureSetting) {
-                String value = settings.get(settingName);
-                if (value == null) {
-                    SecureString secureString = secureSetting.get(settings);
-                    if (secureString != null && secureString.length() > 0) {
-                        return secureString;
-                    } else  {
-                        return null;
-                    }
+            private static SecureString getSecureSetting(Settings settings, Setting<SecureString> secureSetting) {
+                SecureString secureString = secureSetting.get(settings);
+                if (secureString != null && secureString.length() > 0) {
+                    return secureString;
                 } else {
-                    return new SecureString(value.toCharArray());
+                    return null;
                 }
             }
 

x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/email/EmailService.java

@@ -65,10 +65,6 @@ public class EmailService extends NotificationService<Account> {
             Setting.affixKeySetting("xpack.notification.email.account.", "smtp.user",
                     (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope));
 
-    private static final Setting.AffixSetting<String> SETTING_SMTP_PASSWORD =
-            Setting.affixKeySetting("xpack.notification.email.account.", "smtp.password",
-                    (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope, Property.Filtered));
-
     private static final Setting.AffixSetting<SecureString> SETTING_SECURE_PASSWORD =
         Setting.affixKeySetting("xpack.notification.email.account.", "smtp.secure_password",
             (key) -> SecureSetting.secureString(key, null));
@@ -122,7 +118,6 @@ public EmailService(Settings settings, @Nullable CryptoService cryptoService, Cl
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_HOST, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_PORT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_USER, (s, o) -> {}, (s, o) -> {});
-        clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_PASSWORD, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_TIMEOUT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_CONNECTION_TIMEOUT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_WRITE_TIMEOUT, (s, o) -> {}, (s, o) -> {});
@@ -182,7 +177,7 @@ public Email email() {
 
     private static List<Setting<?>> getDynamicSettings() {
         return Arrays.asList(SETTING_DEFAULT_ACCOUNT, SETTING_PROFILE, SETTING_EMAIL_DEFAULTS, SETTING_SMTP_AUTH, SETTING_SMTP_HOST,
-                SETTING_SMTP_PASSWORD, SETTING_SMTP_PORT, SETTING_SMTP_STARTTLS_ENABLE, SETTING_SMTP_USER, SETTING_SMTP_STARTTLS_REQUIRED,
+                SETTING_SMTP_PORT, SETTING_SMTP_STARTTLS_ENABLE, SETTING_SMTP_USER, SETTING_SMTP_STARTTLS_REQUIRED,
                 SETTING_SMTP_TIMEOUT, SETTING_SMTP_CONNECTION_TIMEOUT, SETTING_SMTP_WRITE_TIMEOUT, SETTING_SMTP_LOCAL_ADDRESS,
                 SETTING_SMTP_LOCAL_PORT, SETTING_SMTP_SEND_PARTIAL, SETTING_SMTP_WAIT_ON_QUIT, SETTING_SMTP_SSL_TRUST_ADDRESS);
     }

x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/hipchat/HipChatAccount.java

@@ -23,7 +23,6 @@
 
 public abstract class HipChatAccount  {
 
-    public static final String AUTH_TOKEN_SETTING = "auth_token";
     public static final String ROOM_SETTING = HipChatMessage.Field.ROOM.getPreferredName();
     public static final String DEFAULT_ROOM_SETTING = "message_defaults." + HipChatMessage.Field.ROOM.getPreferredName();
     public static final String DEFAULT_USER_SETTING = "message_defaults." + HipChatMessage.Field.USER.getPreferredName();
@@ -32,7 +31,7 @@ public abstract class HipChatAccount  {
     public static final String DEFAULT_COLOR_SETTING = "message_defaults." + HipChatMessage.Field.COLOR.getPreferredName();
     public static final String DEFAULT_NOTIFY_SETTING = "message_defaults." + HipChatMessage.Field.NOTIFY.getPreferredName();
 
-    private static final Setting<SecureString> SECURE_AUTH_TOKEN_SETTING = SecureSetting.secureString("secure_" + AUTH_TOKEN_SETTING, null);
+    static final Setting<SecureString> SECURE_AUTH_TOKEN_SETTING = SecureSetting.secureString("secure_auth_token", null);
 
     protected final Logger logger;
     protected final String name;
@@ -52,16 +51,12 @@ protected HipChatAccount(String name, Profile profile, Settings settings, HipCha
     }
 
     private static String getAuthToken(String name, Settings settings) {
-        String authToken = settings.get(AUTH_TOKEN_SETTING);
-        if (authToken == null || authToken.length() == 0) {
-            SecureString secureString = SECURE_AUTH_TOKEN_SETTING.get(settings);
-            if (secureString == null || secureString.length() < 1) {
-                throw new SettingsException("hipchat account [" + name + "] missing required [" + AUTH_TOKEN_SETTING + "] setting");
-            }
-            authToken = secureString.toString();
+        SecureString secureString = SECURE_AUTH_TOKEN_SETTING.get(settings);
+        if (secureString == null || secureString.length() < 1) {
+            throw new SettingsException(
+                    "hipchat account [" + name + "] missing required [" + SECURE_AUTH_TOKEN_SETTING.getKey() + "] secure setting");
         }
-
-        return authToken;
+        return secureString.toString();
     }
 
     public abstract String type();

x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/hipchat/HipChatService.java

@@ -34,11 +34,6 @@ public class HipChatService extends NotificationService<HipChatAccount> {
     static final Setting<Integer> SETTING_DEFAULT_PORT =
             Setting.intSetting("xpack.notification.hipchat.port", 443, Setting.Property.Dynamic, Setting.Property.NodeScope);
 
-    private static final Setting.AffixSetting<String> SETTING_AUTH_TOKEN =
-            Setting.affixKeySetting("xpack.notification.hipchat.account.", "auth_token",
-                    (key) -> Setting.simpleString(key, Setting.Property.Dynamic, Setting.Property.NodeScope, Setting.Property.Filtered,
-                            Setting.Property.Deprecated));
-
     private static final Setting.AffixSetting<SecureString> SETTING_AUTH_TOKEN_SECURE =
             Setting.affixKeySetting("xpack.notification.hipchat.account.", "secure_auth_token",
                     (key) -> SecureSetting.secureString(key, null));
@@ -75,7 +70,6 @@ public HipChatService(Settings settings, HttpClient httpClient, ClusterSettings
         clusterSettings.addSettingsUpdateConsumer(SETTING_DEFAULT_ACCOUNT, (s) -> {});
         clusterSettings.addSettingsUpdateConsumer(SETTING_DEFAULT_HOST, (s) -> {});
         clusterSettings.addSettingsUpdateConsumer(SETTING_DEFAULT_PORT, (s) -> {});
-        clusterSettings.addAffixUpdateConsumer(SETTING_AUTH_TOKEN, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_PROFILE, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_ROOM, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_HOST, (s, o) -> {}, (s, o) -> {});
@@ -101,7 +95,7 @@ protected HipChatAccount createAccount(String name, Settings accountSettings) {
     }
 
     private static List<Setting<?>> getDynamicSettings() {
-        return Arrays.asList(SETTING_DEFAULT_ACCOUNT, SETTING_AUTH_TOKEN, SETTING_PROFILE, SETTING_ROOM, SETTING_MESSAGE_DEFAULTS,
+        return Arrays.asList(SETTING_DEFAULT_ACCOUNT, SETTING_PROFILE, SETTING_ROOM, SETTING_MESSAGE_DEFAULTS,
                 SETTING_DEFAULT_HOST, SETTING_DEFAULT_PORT, SETTING_HOST, SETTING_PORT);
     }
 

x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccount.java

@@ -6,7 +6,6 @@
 package org.elasticsearch.xpack.watcher.notification.jira;
 
 import org.elasticsearch.common.Booleans;
-import org.elasticsearch.common.Strings;
 import org.elasticsearch.common.bytes.BytesReference;
 import org.elasticsearch.common.settings.SecureSetting;
 import org.elasticsearch.common.settings.SecureString;
@@ -42,15 +41,12 @@ public class JiraAccount {
      **/
     public static final String DEFAULT_PATH = "/rest/api/2/issue";
 
-    static final String USER_SETTING = "user";
-    static final String PASSWORD_SETTING = "password";
-    static final String URL_SETTING = "url";
     static final String ISSUE_DEFAULTS_SETTING = "issue_defaults";
     static final String ALLOW_HTTP_SETTING = "allow_http";
 
-    private static final Setting<SecureString> SECURE_USER_SETTING = SecureSetting.secureString("secure_" + USER_SETTING, null);
-    private static final Setting<SecureString> SECURE_PASSWORD_SETTING = SecureSetting.secureString("secure_" + PASSWORD_SETTING, null);
-    private static final Setting<SecureString> SECURE_URL_SETTING = SecureSetting.secureString("secure_" + URL_SETTING, null);
+    public static final Setting<SecureString> SECURE_USER_SETTING = SecureSetting.secureString("secure_user", null);
+    public static final Setting<SecureString> SECURE_PASSWORD_SETTING = SecureSetting.secureString("secure_password", null);
+    public static final Setting<SecureString> SECURE_URL_SETTING = SecureSetting.secureString("secure_url", null);
 
     private final HttpClient httpClient;
     private final String name;
@@ -62,7 +58,7 @@ public class JiraAccount {
     public JiraAccount(String name, Settings settings, HttpClient httpClient) {
         this.httpClient = httpClient;
         this.name = name;
-        String url = getSetting(name, URL_SETTING, settings, SECURE_URL_SETTING);
+        String url = getSetting(name, settings, SECURE_URL_SETTING);
         try {
             URI uri = new URI(url);
             Scheme protocol = Scheme.parse(uri.getScheme());
@@ -71,16 +67,11 @@ public JiraAccount(String name, Settings settings, HttpClient httpClient) {
             }
             this.url = uri;
         } catch (URISyntaxException | IllegalArgumentException e) {
-            throw new SettingsException("invalid jira [" + name + "] account settings. invalid [" + URL_SETTING + "] setting", e);
-        }
-        this.user = getSetting(name, USER_SETTING, settings, SECURE_USER_SETTING);
-        if (Strings.isEmpty(this.user)) {
-            throw requiredSettingException(name, USER_SETTING);
-        }
-        this.password = getSetting(name, PASSWORD_SETTING, settings, SECURE_PASSWORD_SETTING);
-        if (Strings.isEmpty(this.password)) {
-            throw requiredSettingException(name, PASSWORD_SETTING);
+            throw new SettingsException(
+                    "invalid jira [" + name + "] account settings. invalid [" + SECURE_URL_SETTING.getKey() + "] setting", e);
         }
+        this.user = getSetting(name, settings, SECURE_USER_SETTING);
+        this.password = getSetting(name, settings, SECURE_PASSWORD_SETTING);
         try (XContentBuilder builder = XContentBuilder.builder(XContentType.JSON.xContent())) {
             builder.startObject();
             settings.getAsSettings(ISSUE_DEFAULTS_SETTING).toXContent(builder, ToXContent.EMPTY_PARAMS);
@@ -95,17 +86,12 @@ public JiraAccount(String name, Settings settings, HttpClient httpClient) {
         }
     }
 
-    private static String getSetting(String accountName, String settingName, Settings settings, Setting<SecureString> secureSetting) {
-        String value = settings.get(settingName);
-        if (value == null) {
-            SecureString secureString = secureSetting.get(settings);
-            if (secureString == null || secureString.length() < 1) {
-                throw requiredSettingException(accountName, settingName);
-            }
-            value = secureString.toString();
+    private static String getSetting(String accountName, Settings settings, Setting<SecureString> secureSetting) {
+        SecureString secureString = secureSetting.get(settings);
+        if (secureString == null || secureString.length() < 1) {
+            throw requiredSettingException(accountName, secureSetting.getKey());
         }
-
-        return value;
+        return secureString.toString();
     }
 
     public String getName() {

x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/jira/JiraService.java

@@ -32,18 +32,6 @@ public class JiraService extends NotificationService<JiraAccount> {
             Setting.affixKeySetting("xpack.notification.jira.account.", "allow_http",
                     (key) -> Setting.boolSetting(key, false, Property.Dynamic, Property.NodeScope));
 
-    private static final Setting.AffixSetting<String> SETTING_URL =
-            Setting.affixKeySetting("xpack.notification.jira.account.", "url",
-                    (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope, Property.Filtered));
-
-    private static final Setting.AffixSetting<String> SETTING_USER =
-            Setting.affixKeySetting("xpack.notification.jira.account.", "user",
-                    (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope, Property.Filtered));
-
-    private static final Setting.AffixSetting<String> SETTING_PASSWORD =
-            Setting.affixKeySetting("xpack.notification.jira.account.", "password",
-                    (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope, Property.Filtered, Property.Deprecated));
-
     private static final Setting.AffixSetting<SecureString> SETTING_SECURE_USER =
             Setting.affixKeySetting("xpack.notification.jira.account.", "secure_user",
                     (key) -> SecureSetting.secureString(key, null));
@@ -68,9 +56,6 @@ public JiraService(Settings settings, HttpClient httpClient, ClusterSettings clu
         // ensure logging of setting changes
         clusterSettings.addSettingsUpdateConsumer(SETTING_DEFAULT_ACCOUNT, (s) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_ALLOW_HTTP, (s, o) -> {}, (s, o) -> {});
-        clusterSettings.addAffixUpdateConsumer(SETTING_URL, (s, o) -> {}, (s, o) -> {});
-        clusterSettings.addAffixUpdateConsumer(SETTING_USER, (s, o) -> {}, (s, o) -> {});
-        clusterSettings.addAffixUpdateConsumer(SETTING_PASSWORD, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_DEFAULTS, (s, o) -> {}, (s, o) -> {});
         // do an initial load
         reload(settings);
@@ -82,7 +67,7 @@ protected JiraAccount createAccount(String name, Settings settings) {
     }
 
     private static List<Setting<?>> getDynamicSettings() {
-        return Arrays.asList(SETTING_DEFAULT_ACCOUNT, SETTING_ALLOW_HTTP, SETTING_URL, SETTING_USER, SETTING_PASSWORD, SETTING_DEFAULTS);
+        return Arrays.asList(SETTING_DEFAULT_ACCOUNT, SETTING_ALLOW_HTTP, SETTING_DEFAULTS);
     }
 
     private static List<Setting<?>> getSecureSettings() {