Reporting cookies 2 (#24752)

* Revert "Reporting cookies (#24177)"

This reverts commit 9f4ec18.

* Take 2

* Adding comment

* Better escaping and encoding for use in eval

* Checking for an empty string also

* Fixing session test

Author: kobelb

x-pack/package.json

@@ -31,7 +31,6 @@
     "@kbn/plugin-helpers": "link:../packages/kbn-plugin-helpers",
     "@kbn/test": "link:../packages/kbn-test",
     "@types/angular": "^1.6.50",
-    "@types/cookie": "^0.3.1",
     "@types/d3-array": "^1.2.1",
     "@types/d3-scale": "^2.0.0",
     "@types/d3-shape": "^1.2.2",
@@ -153,7 +152,6 @@
     "chroma-js": "^1.3.6",
     "classnames": "2.2.5",
     "concat-stream": "1.5.1",
-    "cookie": "^0.3.1",
     "copy-to-clipboard": "^3.0.8",
     "cronstrue": "^1.51.0",
     "d3": "3.5.6",
@@ -179,7 +177,6 @@
     "humps": "2.0.1",
     "icalendar": "0.7.1",
     "inline-style": "^2.0.0",
-    "iron": "4",
     "isomorphic-fetch": "2.2.1",
     "joi": "^13.5.2",
     "jquery": "^3.3.1",

x-pack/plugins/reporting/export_types/csv/server/create_job.js

@@ -10,7 +10,7 @@ import { cryptoFactory } from '../../../server/lib/crypto';
 function createJobFn(server) {
   const crypto = cryptoFactory(server);
 
-  return async function createJob(jobParams, headers, serializedSession, request) {
+  return async function createJob(jobParams, headers, request) {
     const serializedEncryptedHeaders = await crypto.encrypt(headers);
 
     const savedObjectsClient = request.getSavedObjectsClient();

x-pack/plugins/reporting/export_types/printable_pdf/server/create_job/__snapshots__/compatibility_shim.test.js.snap

@@ -61,7 +61,7 @@ export function compatibilityShimFactory(server) {
       queryString,
       browserTimezone,
       layout
-    }, headers, serializedSession, request) {
+    }, headers, request) {
 
       if (objectType && savedObjectId && relativeUrls) {
         throw new Error('objectType and savedObjectId should not be provided in addition to the relativeUrls');
@@ -75,7 +75,7 @@ export function compatibilityShimFactory(server) {
         layout
       };
 
-      return await createJob(transformedJobParams, headers, serializedSession, request);
+      return await createJob(transformedJobParams, headers, request);
     };
   };
-}
+}

x-pack/plugins/reporting/export_types/printable_pdf/server/create_job/compatibility_shim.js

@@ -29,7 +29,7 @@ test(`passes title through if provided`, async () => {
   const title = 'test title';
 
   const createJobMock = jest.fn();
-  await compatibilityShim(createJobMock)({ title, relativeUrl: '/something' }, null, null, createMockRequest());
+  await compatibilityShim(createJobMock)({ title, relativeUrl: '/something' }, null, createMockRequest());
 
   expect(createJobMock.mock.calls.length).toBe(1);
   expect(createJobMock.mock.calls[0][0].title).toBe(title);
@@ -48,7 +48,7 @@ test(`gets the title from the savedObject`, async () => {
     }
   });
 
-  await compatibilityShim(createJobMock)({ objectType: 'search', savedObjectId: 'abc' }, null, null, mockRequest);
+  await compatibilityShim(createJobMock)({ objectType: 'search', savedObjectId: 'abc' }, null, mockRequest);
 
   expect(createJobMock.mock.calls.length).toBe(1);
   expect(createJobMock.mock.calls[0][0].title).toBe(title);
@@ -67,7 +67,7 @@ test(`passes the objectType and savedObjectId to the savedObjectsClient`, async
 
   const objectType = 'search';
   const savedObjectId = 'abc';
-  await compatibilityShim(createJobMock)({ objectType, savedObjectId, }, null, null, mockRequest);
+  await compatibilityShim(createJobMock)({ objectType, savedObjectId, }, null, mockRequest);
 
   const getMock = mockRequest.getSavedObjectsClient().get.mock;
   expect(getMock.calls.length).toBe(1);
@@ -87,7 +87,7 @@ test(`logs deprecations when generating the title/relativeUrl using the savedObj
     }
   });
 
-  await compatibilityShim(createJobMock)({ objectType: 'search', savedObjectId: 'abc' }, null, null, mockRequest);
+  await compatibilityShim(createJobMock)({ objectType: 'search', savedObjectId: 'abc' }, null, mockRequest);
 
   expect(mockServer.log.mock.calls.length).toBe(2);
   expect(mockServer.log.mock.calls[0][0]).toEqual(['warning', 'reporting', 'deprecation']);
@@ -101,7 +101,7 @@ test(`passes objectType through`, async () => {
   const mockRequest = createMockRequest();
 
   const objectType = 'foo';
-  await compatibilityShim(createJobMock)({ title: 'test', relativeUrl: '/something', objectType }, null, null, mockRequest);
+  await compatibilityShim(createJobMock)({ title: 'test', relativeUrl: '/something', objectType }, null, mockRequest);
 
   expect(createJobMock.mock.calls.length).toBe(1);
   expect(createJobMock.mock.calls[0][0].objectType).toBe(objectType);
@@ -113,7 +113,7 @@ test(`passes the relativeUrls through`, async () => {
   const createJobMock = jest.fn();
 
   const relativeUrls = ['/app/kibana#something', '/app/kibana#something-else'];
-  await compatibilityShim(createJobMock)({ title: 'test', relativeUrls }, null, null, null);
+  await compatibilityShim(createJobMock)({ title: 'test', relativeUrls }, null, null);
   expect(createJobMock.mock.calls.length).toBe(1);
   expect(createJobMock.mock.calls[0][0].relativeUrls).toBe(relativeUrls);
 });
@@ -123,7 +123,7 @@ const testSavedObjectRelativeUrl = (objectType, expectedUrl) => {
     const compatibilityShim = compatibilityShimFactory(createMockServer());
     const createJobMock = jest.fn();
 
-    await compatibilityShim(createJobMock)({ title: 'test', objectType, savedObjectId: 'abc', }, null, null, null);
+    await compatibilityShim(createJobMock)({ title: 'test', objectType, savedObjectId: 'abc', }, null, null);
     expect(createJobMock.mock.calls.length).toBe(1);
     expect(createJobMock.mock.calls[0][0].relativeUrls).toEqual([expectedUrl]);
   });
@@ -137,10 +137,7 @@ test(`appends the queryString to the relativeUrl when generating from the savedO
   const compatibilityShim = compatibilityShimFactory(createMockServer());
   const createJobMock = jest.fn();
 
-  await compatibilityShim(createJobMock)(
-    { title: 'test', objectType: 'search', savedObjectId: 'abc', queryString: 'foo=bar' },
-    null, null, null
-  );
+  await compatibilityShim(createJobMock)({ title: 'test', objectType: 'search', savedObjectId: 'abc', queryString: 'foo=bar' }, null, null);
   expect(createJobMock.mock.calls.length).toBe(1);
   expect(createJobMock.mock.calls[0][0].relativeUrls).toEqual(['/app/kibana#/discover/abc?foo=bar']);
 });
@@ -154,24 +151,22 @@ test(`throw an Error if the objectType, savedObjectId and relativeUrls are provi
     objectType: 'something',
     relativeUrls: ['/something'],
     savedObjectId: 'abc',
-  }, null, null, null);
+  }, null, null);
 
-  await expect(promise).rejects.toThrowErrorMatchingSnapshot();
+  await expect(promise).rejects.toBeDefined();
 });
 
-test(`passes headers, serializedSession and request through`, async () => {
+test(`passes headers and request through`, async () => {
   const compatibilityShim = compatibilityShimFactory(createMockServer());
 
   const createJobMock = jest.fn();
 
   const headers = {};
-  const serializedSession = 'thisoldeserializedsession';
   const request = createMockRequest();
 
-  await compatibilityShim(createJobMock)({ title: 'test', relativeUrl: '/something' }, headers, serializedSession, request);
+  await compatibilityShim(createJobMock)({ title: 'test', relativeUrl: '/something' }, headers, request);
 
   expect(createJobMock.mock.calls.length).toBe(1);
   expect(createJobMock.mock.calls[0][1]).toBe(headers);
-  expect(createJobMock.mock.calls[0][2]).toBe(serializedSession);
-  expect(createJobMock.mock.calls[0][3]).toBe(request);
+  expect(createJobMock.mock.calls[0][2]).toBe(request);
 });

x-pack/plugins/reporting/export_types/printable_pdf/server/create_job/compatibility_shim.test.js

@@ -18,16 +18,14 @@ function createJobFn(server) {
     relativeUrls,
     browserTimezone,
     layout
-  }, headers, serializedSession, request) {
+  }, headers, request) {
     const serializedEncryptedHeaders = await crypto.encrypt(headers);
-    const encryptedSerializedSession = await crypto.encrypt(serializedSession);
 
     return {
       type: objectType,
       title: title,
       objects: relativeUrls.map(u => ({ relativeUrl: u })),
       headers: serializedEncryptedHeaders,
-      session: encryptedSerializedSession,
       browserTimezone,
       layout,
       basePath: request.getBasePath(),

x-pack/plugins/reporting/export_types/printable_pdf/server/create_job/index.js

@@ -5,22 +5,10 @@
  */
 
 import url from 'url';
-import cookie from 'cookie';
 import { getAbsoluteUrlFactory } from './get_absolute_url';
-import { cryptoFactory } from '../../../../server/lib/crypto';
 
 export function compatibilityShimFactory(server) {
   const getAbsoluteUrl = getAbsoluteUrlFactory(server);
-  const crypto = cryptoFactory(server);
-
-  const decryptJobHeaders = async (job) => {
-    try {
-      const decryptedHeaders = await crypto.decrypt(job.headers);
-      return decryptedHeaders;
-    } catch (err) {
-      throw new Error('Failed to decrypt report job data. Please re-generate this report.');
-    }
-  };
 
   const getSavedObjectAbsoluteUrl = (job, savedObject) => {
     if (savedObject.urlHash) {
@@ -39,49 +27,11 @@ export function compatibilityShimFactory(server) {
     throw new Error(`Unable to generate report for url ${savedObject.url}, it's not a Kibana URL`);
   };
 
-  const getSerializedSession = async (decryptedHeaders, jobSession) => {
-    if (!server.plugins.security) {
-      return null;
-    }
-
-    if (jobSession) {
-      try {
-        return await crypto.decrypt(jobSession);
-      } catch (err) {
-        throw new Error('Failed to decrypt report job data. Please re-generate this report.');
-      }
-    }
-
-    const cookies = decryptedHeaders.cookie ? cookie.parse(decryptedHeaders.cookie) : null;
-    if (cookies === null) {
-      return null;
-    }
-
-    const cookieName = server.plugins.security.getSessionCookieOptions().name;
-    if (!cookieName) {
-      throw new Error('Unable to determine the session cookie name');
-    }
-
-    return cookies[cookieName];
-  };
-
   return function (executeJob) {
     return async function (job, cancellationToken) {
       const urls = job.objects.map(savedObject => getSavedObjectAbsoluteUrl(job, savedObject));
-      const decryptedHeaders = await decryptJobHeaders(job);
-      const authorizationHeader = decryptedHeaders.authorization;
-      const serializedSession = await getSerializedSession(decryptedHeaders, job.session);
 
-      return await executeJob({
-        title: job.title,
-        browserTimezone: job.browserTimezone,
-        layout: job.layout,
-        basePath: job.basePath,
-        forceNow: job.forceNow,
-        urls,
-        authorizationHeader,
-        serializedSession,
-      }, cancellationToken);
+      return await executeJob({ ...job, urls }, cancellationToken);
     };
   };
 }