Deprecate /_xpack/security/* in favor of /_security/* (#36293)

* This commit is part of our plan to deprecate and ultimately remove the use of _xpack in the REST APIs.

- REST API docs
- HLRC docs and doc tests
- Handle REST actions with deprecation warnings
- Changed endpoints in rest-api-spec and relevant file names

client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java

@@ -56,7 +56,7 @@ private SecurityRequestConverters() {}
 
     static Request changePassword(ChangePasswordRequest changePasswordRequest) throws IOException {
         String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/user")
+            .addPathPartAsIs("_security/user")
             .addPathPart(changePasswordRequest.getUsername())
             .addPathPartAsIs("_password")
             .build();
@@ -69,7 +69,7 @@ static Request changePassword(ChangePasswordRequest changePasswordRequest) throw
 
     static Request putUser(PutUserRequest putUserRequest) throws IOException {
         String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/user")
+            .addPathPartAsIs("_security/user")
             .addPathPart(putUserRequest.getUser().getUsername())
             .build();
         Request request = new Request(HttpPut.METHOD_NAME, endpoint);
@@ -81,7 +81,7 @@ static Request putUser(PutUserRequest putUserRequest) throws IOException {
 
     static Request deleteUser(DeleteUserRequest deleteUserRequest) {
         String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack","security", "user")
+            .addPathPartAsIs("_security", "user")
             .addPathPart(deleteUserRequest.getName())
             .build();
         Request request = new Request(HttpDelete.METHOD_NAME, endpoint);
@@ -92,7 +92,7 @@ static Request deleteUser(DeleteUserRequest deleteUserRequest) {
 
     static Request putRoleMapping(final PutRoleMappingRequest putRoleMappingRequest) throws IOException {
         final String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/role_mapping")
+            .addPathPartAsIs("_security/role_mapping")
             .addPathPart(putRoleMappingRequest.getName())
             .build();
         final Request request = new Request(HttpPut.METHOD_NAME, endpoint);
@@ -104,7 +104,7 @@ static Request putRoleMapping(final PutRoleMappingRequest putRoleMappingRequest)
 
     static Request getRoleMappings(final GetRoleMappingsRequest getRoleMappingRequest) throws IOException {
         RequestConverters.EndpointBuilder builder = new RequestConverters.EndpointBuilder();
-        builder.addPathPartAsIs("_xpack/security/role_mapping");
+        builder.addPathPartAsIs("_security/role_mapping");
         if (getRoleMappingRequest.getRoleMappingNames().size() > 0) {
             builder.addPathPart(Strings.collectionToCommaDelimitedString(getRoleMappingRequest.getRoleMappingNames()));
         }
@@ -121,7 +121,7 @@ static Request disableUser(DisableUserRequest disableUserRequest) {
 
     private static Request setUserEnabled(SetUserEnabledRequest setUserEnabledRequest) {
         String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/user")
+            .addPathPartAsIs("_security/user")
             .addPathPart(setUserEnabledRequest.getUsername())
             .addPathPart(setUserEnabledRequest.isEnabled() ? "_enable" : "_disable")
             .build();
@@ -132,14 +132,14 @@ private static Request setUserEnabled(SetUserEnabledRequest setUserEnabledReques
     }
 
     static Request hasPrivileges(HasPrivilegesRequest hasPrivilegesRequest) throws IOException {
-        Request request = new Request(HttpGet.METHOD_NAME, "/_xpack/security/user/_has_privileges");
+        Request request = new Request(HttpGet.METHOD_NAME, "/_security/user/_has_privileges");
         request.setEntity(createEntity(hasPrivilegesRequest, REQUEST_BODY_CONTENT_TYPE));
         return request;
     }
 
     static Request clearRealmCache(ClearRealmCacheRequest clearRealmCacheRequest) {
         RequestConverters.EndpointBuilder builder = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/realm");
+            .addPathPartAsIs("_security/realm");
         if (clearRealmCacheRequest.getRealms().isEmpty() == false) {
             builder.addCommaSeparatedPathParts(clearRealmCacheRequest.getRealms().toArray(Strings.EMPTY_ARRAY));
         } else {
@@ -156,7 +156,7 @@ static Request clearRealmCache(ClearRealmCacheRequest clearRealmCacheRequest) {
 
     static Request clearRolesCache(ClearRolesCacheRequest disableCacheRequest) {
         String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/role")
+            .addPathPartAsIs("_security/role")
             .addCommaSeparatedPathParts(disableCacheRequest.names())
             .addPathPart("_clear_cache")
             .build();
@@ -165,7 +165,7 @@ static Request clearRolesCache(ClearRolesCacheRequest disableCacheRequest) {
 
     static Request deleteRoleMapping(DeleteRoleMappingRequest deleteRoleMappingRequest) {
         final String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/role_mapping")
+            .addPathPartAsIs("_security/role_mapping")
             .addPathPart(deleteRoleMappingRequest.getName())
             .build();
         final Request request = new Request(HttpDelete.METHOD_NAME, endpoint);
@@ -176,7 +176,7 @@ static Request deleteRoleMapping(DeleteRoleMappingRequest deleteRoleMappingReque
 
     static Request deleteRole(DeleteRoleRequest deleteRoleRequest) {
         String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/role")
+            .addPathPartAsIs("_security/role")
             .addPathPart(deleteRoleRequest.getName())
             .build();
         Request request = new Request(HttpDelete.METHOD_NAME, endpoint);
@@ -187,36 +187,36 @@ static Request deleteRole(DeleteRoleRequest deleteRoleRequest) {
 
     static Request getRoles(GetRolesRequest getRolesRequest) {
         RequestConverters.EndpointBuilder builder = new RequestConverters.EndpointBuilder();
-        builder.addPathPartAsIs("_xpack/security/role");
+        builder.addPathPartAsIs("_security/role");
         if (getRolesRequest.getRoleNames().size() > 0) {
             builder.addPathPart(Strings.collectionToCommaDelimitedString(getRolesRequest.getRoleNames()));
         }
         return new Request(HttpGet.METHOD_NAME, builder.build());
     }
 
     static Request createToken(CreateTokenRequest createTokenRequest) throws IOException {
-        Request request = new Request(HttpPost.METHOD_NAME, "/_xpack/security/oauth2/token");
+        Request request = new Request(HttpPost.METHOD_NAME, "/_security/oauth2/token");
         request.setEntity(createEntity(createTokenRequest, REQUEST_BODY_CONTENT_TYPE));
         return request;
     }
 
     static Request invalidateToken(InvalidateTokenRequest invalidateTokenRequest) throws IOException {
-        Request request = new Request(HttpDelete.METHOD_NAME, "/_xpack/security/oauth2/token");
+        Request request = new Request(HttpDelete.METHOD_NAME, "/_security/oauth2/token");
         request.setEntity(createEntity(invalidateTokenRequest, REQUEST_BODY_CONTENT_TYPE));
         return request;
     }
 
     static Request getPrivileges(GetPrivilegesRequest getPrivilegesRequest) {
         String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/privilege")
+            .addPathPartAsIs("_security/privilege")
             .addPathPart(getPrivilegesRequest.getApplicationName())
             .addCommaSeparatedPathParts(getPrivilegesRequest.getPrivilegeNames())
             .build();
         return new Request(HttpGet.METHOD_NAME, endpoint);
     }
 
     static Request putPrivileges(final PutPrivilegesRequest putPrivilegesRequest) throws IOException {
-        Request request = new Request(HttpPut.METHOD_NAME, "/_xpack/security/privilege");
+        Request request = new Request(HttpPut.METHOD_NAME, "/_security/privilege");
         request.setEntity(createEntity(putPrivilegesRequest, REQUEST_BODY_CONTENT_TYPE));
         RequestConverters.Params params = new RequestConverters.Params(request);
         params.withRefreshPolicy(putPrivilegesRequest.getRefreshPolicy());
@@ -225,7 +225,7 @@ static Request putPrivileges(final PutPrivilegesRequest putPrivilegesRequest) th
 
     static Request deletePrivileges(DeletePrivilegesRequest deletePrivilegeRequest) {
         String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/privilege")
+            .addPathPartAsIs("_security/privilege")
             .addPathPart(deletePrivilegeRequest.getApplication())
             .addCommaSeparatedPathParts(deletePrivilegeRequest.getPrivileges())
             .build();
@@ -237,7 +237,7 @@ static Request deletePrivileges(DeletePrivilegesRequest deletePrivilegeRequest)
 
     static Request putRole(final PutRoleRequest putRoleRequest) throws IOException {
         final String endpoint = new RequestConverters.EndpointBuilder()
-            .addPathPartAsIs("_xpack/security/role")
+            .addPathPartAsIs("_security/role")
             .addPathPart(putRoleRequest.getRole().getName())
             .build();
         final Request request = new Request(HttpPut.METHOD_NAME, endpoint);

client/rest-high-level/src/main/java/org/elasticsearch/client/security/AuthenticateRequest.java

@@ -35,7 +35,7 @@ private AuthenticateRequest() {
     }
 
     public Request getRequest() {
-        return new Request(HttpGet.METHOD_NAME, "/_xpack/security/_authenticate");
+        return new Request(HttpGet.METHOD_NAME, "/_security/_authenticate");
     }
 
 }

client/rest-high-level/src/main/java/org/elasticsearch/client/security/GetSslCertificatesRequest.java

@@ -26,15 +26,15 @@
 /**
  * Request object to retrieve the X.509 certificates that are used to encrypt communications in an Elasticsearch cluster.
  */
-public final class GetSslCertificatesRequest implements Validatable{
+public final class GetSslCertificatesRequest implements Validatable {
 
     public static final GetSslCertificatesRequest INSTANCE = new GetSslCertificatesRequest();
 
-    private GetSslCertificatesRequest(){
+    private GetSslCertificatesRequest() {
     }
 
     public Request getRequest() {
-        return new Request(HttpGet.METHOD_NAME, "/_xpack/ssl/certificates");
+        return new Request(HttpGet.METHOD_NAME, "/_ssl/certificates");
     }
 
 }

client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityIT.java

@@ -70,7 +70,7 @@ public void testPutUser() throws Exception {
         assertThat(updateUserResponse.isCreated(), is(false));
         // delete user
         final Request deleteUserRequest = new Request(HttpDelete.METHOD_NAME,
-                "/_xpack/security/user/" + putUserRequest.getUser().getUsername());
+            "/_security/user/" + putUserRequest.getUser().getUsername());
         highLevelClient().getLowLevelClient().performRequest(deleteUserRequest);
     }