The Authentication class is now final (#86544)

ywangd · web-flow · commit ac7fc117680b · 2022-05-17T11:31:19.000+10:00
This PR marks the Authentication class to be final which is the last step of locking down the Authentication class. The Authentication class is basically a record class and it has internal logics on what values can or cannot be used together. We don't expect it to be extended by any subclasses and a concrete object should always be created for tests instead of mocking. Relates: #86424 Relates: #86206
diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authc/Authentication.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authc/Authentication.java
@@ -67,7 +67,7 @@
 
 // TODO(hub-cap) Clean this up after moving User over - This class can re-inherit its field AUTHENTICATION_KEY in AuthenticationField.
 // That interface can be removed
-public class Authentication implements ToXContentObject {
+public final class Authentication implements ToXContentObject {
 
     private static final Logger logger = LogManager.getLogger(Authentication.class);
 
diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/user/TransportSetEnabledActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/user/TransportSetEnabledActionTests.java
@@ -44,7 +44,6 @@
 import static org.hamcrest.Matchers.nullValue;
 import static org.hamcrest.Matchers.sameInstance;
 import static org.mockito.ArgumentMatchers.eq;
-import static org.mockito.Mockito.RETURNS_DEEP_STUBS;
 import static org.mockito.Mockito.doAnswer;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.times;
@@ -122,10 +121,10 @@ public void testValidUserWithInternalUsername() throws Exception {
 
     public void testUserCanModifySameNameUserFromDifferentRealm() throws Exception {
         final User user = randomFrom(new ElasticUser(true), new KibanaUser(true), new User("joe"));
-        Authentication authentication = mock(Authentication.class, RETURNS_DEEP_STUBS);
-        when(authentication.getEffectiveSubject().getUser()).thenReturn(user);
-        when(authentication.getEffectiveSubject().getRealm().getType()).thenReturn("other_realm");
-        when(authentication.encode()).thenReturn(randomAlphaOfLength(24)); // just can't be null
+        Authentication authentication = AuthenticationTestHelper.builder()
+            .user(user)
+            .realmRef(new Authentication.RealmRef(randomAlphaOfLengthBetween(3, 8), "other_realm", randomAlphaOfLengthBetween(3, 8)))
+            .build(false);
         testValidUser(user, authentication);
     }
 
