Remove deprecated route and endpoint

 Removed:
 - `/_opendistro` route
 - `/_opendistro/kibanainfo` endpoint

Signed-off-by: Andrey Pleskach <[email protected]>

Author: willyborankin

config/opensearch.yml.example

@@ -18,7 +18,7 @@ plugins.security.nodes_dn:
 
 # The nodes_dn_dynamic_config_enabled settings is geared towards cross_cluster usecases where there is a need to
 # manage the whitelisted nodes_dn without having to restart the nodes everytime a new cross_cluster remote is configured
-# Setting nodes_dn_dynamic_config_enabled to true enables **super-admin callable** /_opendistro/_security/api/nodesdn APIs
+# Setting nodes_dn_dynamic_config_enabled to true enables **super-admin callable** /_security/api/nodesdn APIs
 # which provide means to update/retrieve nodesdn dynamically.
 #
 # NOTE: The overall whitelisted nodes_dn evaluated comes from both the plugins.security.nodes_dn and the ones stored

src/integrationTest/java/org/opensearch/security/TlsTests.java

@@ -53,7 +53,7 @@ public class TlsTests {
 
     public static final String SUPPORTED_CIPHER_SUIT = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
     public static final String NOT_SUPPORTED_CIPHER_SUITE = "TLS_RSA_WITH_AES_128_CBC_SHA";
-    public static final String AUTH_INFO_ENDPOINT = "/_opendistro/_security/authinfo?pretty";
+    public static final String AUTH_INFO_ENDPOINT = "/_plugins/_security/authinfo?pretty";
 
     @ClassRule
     public static final LocalCluster cluster = new LocalCluster.Builder().clusterManager(ClusterManager.THREE_CLUSTER_MANAGERS)

src/integrationTest/java/org/opensearch/security/api/AbstractApiIntegrationTest.java

@@ -55,7 +55,6 @@
 import static org.hamcrest.Matchers.equalToIgnoringCase;
 import static org.hamcrest.Matchers.notNullValue;
 import static org.opensearch.security.CrossClusterSearchTests.PLUGINS_SECURITY_RESTAPI_ROLES_ENABLED;
-import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
 import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
 import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.CERTS_INFO_ACTION;
 import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.ENDPOINTS_WITH_PERMISSIONS;
@@ -270,7 +269,7 @@ protected void withUser(
     }
 
     protected String apiPathPrefix() {
-        return randomFrom(List.of(LEGACY_OPENDISTRO_PREFIX, PLUGINS_PREFIX));
+        return PLUGINS_PREFIX;
     }
 
     protected String securityPath(String... path) {

src/integrationTest/java/org/opensearch/security/api/DashboardsInfoTest.java

@@ -11,16 +11,13 @@
 
 package org.opensearch.security.api;
 
-import java.util.List;
-
 import org.junit.Test;
 
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.TestSecurityConfig.Role;
 
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.equalTo;
-import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
 import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
 import static org.opensearch.security.rest.DashboardsInfoAction.DEFAULT_PASSWORD_MESSAGE;
 import static org.opensearch.security.rest.DashboardsInfoAction.DEFAULT_PASSWORD_REGEX;
@@ -36,7 +33,7 @@ public class DashboardsInfoTest extends AbstractApiIntegrationTest {
     }
 
     private String apiPath() {
-        return randomFrom(List.of(PLUGINS_PREFIX + "/dashboardsinfo", LEGACY_OPENDISTRO_PREFIX + "/kibanainfo"));
+        return PLUGINS_PREFIX + "/dashboardsinfo";
     }
 
     @Test

src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java

@@ -11,7 +11,6 @@
 
 package org.opensearch.security.api;
 
-import java.util.List;
 import java.util.Map;
 
 import org.junit.Test;
@@ -22,7 +21,6 @@
 
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.equalTo;
-import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
 import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
 
 public class DashboardsInfoWithSettingsTest extends AbstractApiIntegrationTest {
@@ -49,7 +47,7 @@ protected Map<String, Object> getClusterSettings() {
     }
 
     private String apiPath() {
-        return randomFrom(List.of(PLUGINS_PREFIX + "/dashboardsinfo", LEGACY_OPENDISTRO_PREFIX + "/kibanainfo"));
+        return PLUGINS_PREFIX + "/dashboardsinfo";
     }
 
     @Test

src/integrationTest/java/org/opensearch/security/http/CommonProxyAuthenticationTests.java

@@ -30,7 +30,7 @@
 */
 abstract class CommonProxyAuthenticationTests {
 
-    protected static final String RESOURCE_AUTH_INFO = "_opendistro/_security/authinfo";
+    protected static final String RESOURCE_AUTH_INFO = "_plugins/_security/authinfo";
     protected static final TestSecurityConfig.User USER_ADMIN = new TestSecurityConfig.User("admin").roles(ALL_ACCESS);
 
     protected static final String ATTRIBUTE_DEPARTMENT = "department";

src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationWithUrlParamTests.java

@@ -112,7 +112,7 @@ public void shouldAuthenticateWithJwtTokenInUrl_positive() {
             Map<String, String> expectedParams = Map.of("token", "REDACTED", "verbose", "true");
 
             auditLogsRule.assertExactlyOne(
-                userAuthenticated(ADMIN_USER).withRestRequest(GET, "/_opendistro/_security/authinfo").withRestParams(expectedParams)
+                userAuthenticated(ADMIN_USER).withRestRequest(GET, "/_plugins/_security/authinfo").withRestParams(expectedParams)
             );
         }
     }

src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java

@@ -117,7 +117,7 @@ public HttpResponse getWithoutLeadingSlash(String path, Header... headers) {
     }
 
     public HttpResponse getAuthInfo(Header... headers) {
-        return executeRequest(new HttpGet(getHttpServerUri() + "/_opendistro/_security/authinfo?pretty"), headers);
+        return executeRequest(new HttpGet(getHttpServerUri() + "/_plugins/_security/authinfo?pretty"), headers);
     }
 
     public HttpResponse securityHealth(Header... headers) {
@@ -127,7 +127,7 @@ public HttpResponse securityHealth(Header... headers) {
     public HttpResponse getAuthInfo(Map<String, String> urlParams, Header... headers) {
         String urlParamsString = "?"
             + urlParams.entrySet().stream().map(e -> e.getKey() + "=" + e.getValue()).collect(Collectors.joining("&"));
-        return executeRequest(new HttpGet(getHttpServerUri() + "/_opendistro/_security/authinfo" + urlParamsString), headers);
+        return executeRequest(new HttpGet(getHttpServerUri() + "/_plugins/_security/authinfo" + urlParamsString), headers);
     }
 
     public void confirmCorrectCredentials(String expectedUserName) {

src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java

@@ -139,7 +139,7 @@ private AuthTokenProcessorAction.Response handleImpl(
         String acsEndpoint,
         Saml2Settings saml2Settings,
         String requestPath // the parameter will be removed in the future as soon as we will read of legacy paths aka
-                           // /_opendistro/_security/...
+                           // /_security/...
     ) {
         if (token_log.isDebugEnabled()) {
             try {

src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java

@@ -73,7 +73,6 @@
 import org.w3c.dom.Element;
 import org.xml.sax.SAXException;
 
-import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
 import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
 
 public class HTTPSamlAuthenticator implements HTTPAuthenticator, Destroyable {
@@ -85,7 +84,7 @@ public class HTTPSamlAuthenticator implements HTTPAuthenticator, Destroyable {
 
     public static final String API_AUTHTOKEN_SUFFIX = "api/authtoken";
     private static final String AUTHINFO_SUFFIX = "authinfo";
-    private static final String REGEX_PATH_PREFIX = "/(" + LEGACY_OPENDISTRO_PREFIX + "|" + PLUGINS_PREFIX + ")/" + "(.*)";
+    private static final String REGEX_PATH_PREFIX = "/(" + PLUGINS_PREFIX + ")/" + "(.*)";
     private static final Pattern PATTERN_PATH_PREFIX = Pattern.compile(REGEX_PATH_PREFIX);
 
     private static boolean openSamlInitialized = false;