Add api key metadata version check in ApiKeyService

ywangd · ywangd · commit f4ff07da75c9 · 2021-03-29T17:01:12.000+11:00
diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/CreateApiKeyRequest.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/CreateApiKeyRequest.java
@@ -154,7 +154,7 @@ public void writeTo(StreamOutput out) throws IOException {
         if (metadata != null && false == metadata.isEmpty()) {
             if (out.getVersion().before(Version.V_7_13_0)) {
                 throw new IllegalArgumentException(
-                    "api key metadata requires minimum node version to be [7.13.0], got: [" + out.getVersion() + "]");
+                    "api key metadata requires minimum node version to be [7.13], got: [" + out.getVersion() + "]");
             } else {
                 out.writeMap(metadata);
             }
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/ApiKeyService.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/ApiKeyService.java
@@ -285,7 +285,7 @@ private void createApiKeyAndIndexIt(Authentication authentication, CreateApiKeyR
                         indexResponse -> listener.onResponse(
                             new CreateApiKeyResponse(request.getName(), indexResponse.getId(), apiKey, expiration)),
                         listener::onFailure))));
-        } catch (IOException e) {
+        } catch (Exception e) {
             listener.onFailure(e);
         }
     }
@@ -334,8 +334,17 @@ XContentBuilder newDocument(SecureString apiKey, String name, Authentication aut
         builder.endObject();
 
         builder.field("name", name)
-            .field("version", version.id)
-            .field("metadata_flattened", metadata)
+            .field("version", version.id);
+        final Version masterNodeVersion = clusterService.state().nodes().getMasterNode().getVersion();
+        if (masterNodeVersion.onOrAfter(Version.V_7_13_0)) {
+            builder.field("metadata_flattened", metadata);
+        } else {
+            if (metadata != null && false == metadata.isEmpty()) {
+                throw new IllegalArgumentException(
+                    "api key metadata requires master node to be on version [7.13] or later, got [" + masterNodeVersion + "]");
+            }
+        }
+        builder
             .startObject("creator")
             .field("principal", authentication.getUser().principal())
             .field("full_name", authentication.getUser().fullName())

Original file line number	Diff line number	Diff line change
`@@ -154,7 +154,7 @@ public void writeTo(StreamOutput out) throws IOException {`
`154`	`154`	`if (metadata != null && false == metadata.isEmpty()) {`
`155`	`155`	`if (out.getVersion().before(Version.V_7_13_0)) {`
`156`	`156`	`throw new IllegalArgumentException(`
`157`		`- "api key metadata requires minimum node version to be [7.13.0], got: [" + out.getVersion() + "]");`
	`157`	`+ "api key metadata requires minimum node version to be [7.13], got: [" + out.getVersion() + "]");`
`158`	`158`	`} else {`
`159`	`159`	`out.writeMap(metadata);`
`160`	`160`	`}`