Provide aux transport to SecureAuxTransportSettingsProvider

CHANGELOG.md

@@ -17,6 +17,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ### Changed
 - Update Subject interface to use CheckedRunnable ([#18570](https://github.com/opensearch-project/OpenSearch/issues/18570))
+- Update SecureAuxTransportSettingsProvider to distinguish between aux transport types ([#18616](https://github.com/opensearch-project/OpenSearch/pull/18616))
 
 ### Dependencies
 - Bump `stefanzweifel/git-auto-commit-action` from 5 to 6 ([#18524](https://github.com/opensearch-project/OpenSearch/pull/18524))

plugins/transport-grpc/src/main/java/org/opensearch/plugin/transport/grpc/ssl/SecureNetty4GrpcServerTransport.java

@@ -106,15 +106,16 @@ public String settingKey() {
      * @param provider for SSLContext and SecureAuxTransportParameters (ClientAuth and enabled ciphers).
      */
     private JdkSslContext getSslContext(Settings settings, SecureAuxTransportSettingsProvider provider) throws SSLException {
-        Optional<SSLContext> sslContext = provider.buildSecureAuxServerTransportContext(settings, this);
+        Optional<SSLContext> sslContext = provider.buildSecureAuxServerTransportContext(settings, this.settingKey());
         if (sslContext.isEmpty()) {
             try {
                 sslContext = Optional.of(SSLContext.getDefault());
             } catch (NoSuchAlgorithmException e) {
                 throw new SSLException("Failed to build default SSLContext for " + SecureNetty4GrpcServerTransport.class.getName(), e);
             }
         }
-        SecureAuxTransportSettingsProvider.SecureAuxTransportParameters params = provider.parameters().orElseGet(DefaultParameters::new);
+        SecureAuxTransportSettingsProvider.SecureAuxTransportParameters params = provider.parameters(settings, this.settingKey())
+            .orElseGet(DefaultParameters::new);
         ClientAuth clientAuth = ClientAuth.valueOf(params.clientAuth().orElseThrow().toUpperCase(Locale.ROOT));
         return new JdkSslContext(
             sslContext.get(),

plugins/transport-grpc/src/test/java/org/opensearch/plugin/transport/grpc/ssl/SecureSettingsHelpers.java

@@ -10,7 +10,6 @@
 
 import org.opensearch.common.settings.Settings;
 import org.opensearch.plugins.SecureAuxTransportSettingsProvider;
-import org.opensearch.transport.AuxTransport;
 
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
@@ -110,7 +109,7 @@ static SecureAuxTransportSettingsProvider getSecureSettingsProvider(
     ) {
         return new SecureAuxTransportSettingsProvider() {
             @Override
-            public Optional<SSLContext> buildSecureAuxServerTransportContext(Settings settings, AuxTransport transport)
+            public Optional<SSLContext> buildSecureAuxServerTransportContext(Settings settings, String auxTransportType)
                 throws SSLException {
                 // Choose a random protocol from among supported test defaults
                 String protocol = randomFrom(DEFAULT_SSL_PROTOCOLS);
@@ -126,7 +125,7 @@ public Optional<SSLContext> buildSecureAuxServerTransportContext(Settings settin
             }
 
             @Override
-            public Optional<SecureAuxTransportParameters> parameters() {
+            public Optional<SecureAuxTransportParameters> parameters(Settings settings, String auxTransportType) {
                 return Optional.of(new SecureAuxTransportParameters() {
                     @Override
                     public Optional<String> clientAuth() {

server/src/main/java/org/opensearch/plugins/SecureAuxTransportSettingsProvider.java

@@ -10,7 +10,6 @@
 
 import org.opensearch.common.annotation.ExperimentalApi;
 import org.opensearch.common.settings.Settings;
-import org.opensearch.transport.AuxTransport;
 
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLException;
@@ -26,17 +25,22 @@
 public interface SecureAuxTransportSettingsProvider {
     /**
      * Fetch an SSLContext as managed by pluggable security provider.
+     * @param settings for providing additional configuration options when building the ssl context.
+     * @param auxTransportType key for enabling this transport with AUX_TRANSPORT_TYPES_SETTING.
      * @return an instance of SSLContext.
      */
-    default Optional<SSLContext> buildSecureAuxServerTransportContext(Settings settings, AuxTransport transport) throws SSLException {
+    default Optional<SSLContext> buildSecureAuxServerTransportContext(Settings settings, String auxTransportType) throws SSLException {
         return Optional.empty();
     }
 
     /**
      * Additional params required for configuring ALPN.
+     * @param settings for providing additional configuration options when building secure params.
+     * @param auxTransportType key for enabling this transport with AUX_TRANSPORT_TYPES_SETTING.
      * @return an instance of {@link SecureAuxTransportSettingsProvider.SecureAuxTransportParameters}
      */
-    default Optional<SecureAuxTransportSettingsProvider.SecureAuxTransportParameters> parameters() {
+    default Optional<SecureAuxTransportSettingsProvider.SecureAuxTransportParameters> parameters(Settings settings, String auxTransportType)
+        throws SSLException {
         return Optional.empty();
     }