Serialized FieldRule of PutRoleMappingRequest can't be parsed by Elasticsearch server

Question

Serialized FieldRule of PutRoleMappingRequest can't be parsed by Elasticsearch server

GeBeater opened this issue 10 months ago · 4 comments

GeBeater commented 10 months ago

Java API client version

8.9.1

Java version

17

Elasticsearch Version

8.9.2

Problem description

I am going to use the ElasticsearchSecurityAsyncClient for a PutRoleMappingRequest to create the following role mapping like described in the Elasticsearch's - Authorizing with the role mapping API - docu.

{
    "roles": [
        "tenant"
    ],
    "rules": {
        "all": [
            {
                "field": {
                    "realm.name": "jwt1"
                }
            },
            {
                "field": {
                    "username": "*"
                }
            }
        ]
    },
    "enabled": true
}

I am using a custom ElasticsearchTransport impl (that is based on Spring's WebClient) but with the JacksonJsonpMapper provided by the elasticsearch-java client library.

Unfortunately the Java client producing the following request which ends in a x_content_parse_exception (failed to parse rules expression. expected a field value but found [START_OBJECT] instead).

{
    "enabled": true,
    "roles": [
        "tenant"
    ],
    "rules": {
        "all": [
            {
                "field": {
                    "realm": {
                        "name": "jwt1"
                    }
                }
            },
            {
                "field": {
                    "username": "*"
                }
            }
        ]
    }
}

Expected behavior:

It is possible to create a FieldRule realm name that will be serialized to realm.name as property with a string value instead of a property "realm" with an object node.

Answer 1 · 2023-11-29T16:03:39.000Z

This is still broken in elasticsearch-java:8.11.1