diff --git a/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java b/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java
index 9fe3bb1ef8..1647dbb132 100644
--- a/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java
+++ b/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java
@@ -35,8 +35,6 @@
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Before;
-
-import org.opensearch.Version;
import org.opensearch.client.Response;
import org.opensearch.client.ResponseException;
import org.opensearch.client.RestClient;
@@ -47,11 +45,12 @@
import org.opensearch.common.util.io.IOUtils;
import org.opensearch.security.bwc.helper.RestHelper;
import org.opensearch.test.rest.OpenSearchRestTestCase;
+import org.opensearch.Version;
-import static org.hamcrest.Matchers.anyOf;
-import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.hasItem;
import static org.hamcrest.Matchers.hasKey;
+import static org.hamcrest.Matchers.anyOf;
+import static org.hamcrest.Matchers.equalTo;
public class SecurityBackwardsCompatibilityIT extends OpenSearchRestTestCase {
diff --git a/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java b/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java
index f60d5f0fcb..3cfd2c03e8 100644
--- a/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java
+++ b/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java
@@ -9,15 +9,14 @@
*/
package org.opensearch.security.bwc;
-import java.util.Map;
-import java.util.Objects;
-import java.util.UUID;
-
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
-
import org.opensearch.common.Randomness;
+import java.util.Map;
+import java.util.Objects;
+import java.util.UUID;
+
public class Song {
public static final String FIELD_TITLE = "title";
diff --git a/bwc-test/src/test/java/org/opensearch/security/bwc/helper/RestHelper.java b/bwc-test/src/test/java/org/opensearch/security/bwc/helper/RestHelper.java
index 08e1417082..3272ac736a 100644
--- a/bwc-test/src/test/java/org/opensearch/security/bwc/helper/RestHelper.java
+++ b/bwc-test/src/test/java/org/opensearch/security/bwc/helper/RestHelper.java
@@ -18,7 +18,6 @@
import org.apache.hc.core5.http.message.BasicHeader;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.client.Request;
import org.opensearch.client.RequestOptions;
import org.opensearch.client.Response;
diff --git a/checkstyle/checkstyle.xml b/checkstyle/checkstyle.xml
index b679ce24ce..04a36c49c1 100644
--- a/checkstyle/checkstyle.xml
+++ b/checkstyle/checkstyle.xml
@@ -121,6 +121,7 @@
+
diff --git a/gradle/formatting.gradle b/gradle/formatting.gradle
index 2248c1d9a0..b0a76596f9 100644
--- a/gradle/formatting.gradle
+++ b/gradle/formatting.gradle
@@ -6,17 +6,18 @@ allprojects {
// non-standard places
target '**/*.java'
- importOrder(
- 'java|javax',
- 'com.carrotsearch|com.google|com.fasterxml|org.apache|org.awaitility|org.hamcrest|org.junit|org.bouncycastle',
- 'org.opensearch',
- '',
- '\\#java|\\#org.apache|\\#org.hamcrest|\\#org.opensearch|\\#'
- )
removeUnusedImports()
eclipse().configFile rootProject.file('formatter/formatterConfig.xml')
trimTrailingWhitespace()
endWithNewline();
+ custom 'Replace illegal HttpStatus import w/ correct one', {
+ // e.g., replace org.apache.hc.core5.http.HttpStatus with org.apache.http.HttpStatus
+ it.replaceAll('org.apache.hc.core5.http.HttpStatus', 'org.apache.http.HttpStatus')
+ }
+ custom 'Replace illegal Header import w/ correct one', {
+ // e.g., replace org.apache.hc.core5.http.Header with org.apache.http.Header
+ it.replaceAll('org.apache.hc.core5.http.Header', 'org.apache.http.Header')
+ }
// See DEVELOPER_GUIDE.md for details of when to enable this.
if (System.getProperty('spotless.paddedcell') != null) {
diff --git a/plugin-security.policy b/plugin-security.policy
index 65b6b22fee..a4e4a66c73 100644
--- a/plugin-security.policy
+++ b/plugin-security.policy
@@ -76,6 +76,7 @@ grant {
//SAML policy
permission java.util.PropertyPermission "*", "read,write";
+ permission org.opensearch.secure_sm.ThreadPermission "modifyArbitraryThread";
};
grant codeBase "${codebase.netty-common}" {
diff --git a/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java b/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java
index 207564daaa..afbb9f38ae 100644
--- a/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java
+++ b/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java
@@ -44,13 +44,13 @@
import org.opensearch.test.framework.cluster.LocalCluster;
import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.aMapWithSize;
import static org.hamcrest.Matchers.allOf;
+import static org.hamcrest.Matchers.aMapWithSize;
import static org.hamcrest.Matchers.arrayContainingInAnyOrder;
import static org.hamcrest.Matchers.arrayWithSize;
import static org.hamcrest.Matchers.containsString;
-import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.hasKey;
+import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.nullValue;
import static org.opensearch.action.admin.indices.alias.IndicesAliasesRequest.AliasActions.Type.ADD;
import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE;
diff --git a/src/integrationTest/java/org/opensearch/security/IpBruteForceAttacksPreventionWithDomainChallengeTests.java b/src/integrationTest/java/org/opensearch/security/IpBruteForceAttacksPreventionWithDomainChallengeTests.java
index cd2c577d17..6159599119 100644
--- a/src/integrationTest/java/org/opensearch/security/IpBruteForceAttacksPreventionWithDomainChallengeTests.java
+++ b/src/integrationTest/java/org/opensearch/security/IpBruteForceAttacksPreventionWithDomainChallengeTests.java
@@ -12,7 +12,6 @@
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
import org.junit.runner.RunWith;
-
import org.opensearch.test.framework.cluster.ClusterManager;
import org.opensearch.test.framework.cluster.LocalCluster;
diff --git a/src/integrationTest/java/org/opensearch/security/ResourceFocusedTests.java b/src/integrationTest/java/org/opensearch/security/ResourceFocusedTests.java
index 61a1e32023..5d441d0063 100644
--- a/src/integrationTest/java/org/opensearch/security/ResourceFocusedTests.java
+++ b/src/integrationTest/java/org/opensearch/security/ResourceFocusedTests.java
@@ -10,6 +10,10 @@
package org.opensearch.security;
+import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE;
+import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL;
+import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS;
+
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
@@ -19,7 +23,6 @@
import java.util.stream.IntStream;
import java.util.zip.GZIPOutputStream;
-import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.core5.http.ContentType;
import org.apache.hc.core5.http.io.entity.ByteArrayEntity;
@@ -31,7 +34,6 @@
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.runner.RunWith;
-
import org.opensearch.action.index.IndexRequest;
import org.opensearch.client.Client;
import org.opensearch.test.framework.AsyncActions;
@@ -41,9 +43,7 @@
import org.opensearch.test.framework.cluster.LocalCluster;
import org.opensearch.test.framework.cluster.TestRestClient;
-import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE;
-import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL;
-import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS;
+import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
@RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class)
@ThreadLeakScope(ThreadLeakScope.Scope.NONE)
diff --git a/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java b/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java
index e39eeeca61..a38d26800a 100644
--- a/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java
+++ b/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java
@@ -86,13 +86,13 @@
import org.opensearch.cluster.metadata.IndexMetadata;
import org.opensearch.cluster.metadata.IndexTemplateMetadata;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.index.query.BoolQueryBuilder;
import org.opensearch.index.query.MatchQueryBuilder;
import org.opensearch.index.query.QueryBuilders;
import org.opensearch.index.reindex.BulkByScrollResponse;
import org.opensearch.index.reindex.ReindexRequest;
import org.opensearch.repositories.RepositoryMissingException;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.search.builder.SearchSourceBuilder;
import org.opensearch.test.framework.AuditCompliance;
import org.opensearch.test.framework.AuditConfiguration;
@@ -118,13 +118,13 @@
import static org.opensearch.action.admin.indices.alias.IndicesAliasesRequest.AliasActions.Type.REMOVE_INDEX;
import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE;
import static org.opensearch.client.RequestOptions.DEFAULT;
-import static org.opensearch.core.rest.RestStatus.ACCEPTED;
-import static org.opensearch.core.rest.RestStatus.FORBIDDEN;
-import static org.opensearch.core.rest.RestStatus.INTERNAL_SERVER_ERROR;
import static org.opensearch.rest.RestRequest.Method.DELETE;
import static org.opensearch.rest.RestRequest.Method.GET;
import static org.opensearch.rest.RestRequest.Method.POST;
import static org.opensearch.rest.RestRequest.Method.PUT;
+import static org.opensearch.core.rest.RestStatus.ACCEPTED;
+import static org.opensearch.core.rest.RestStatus.FORBIDDEN;
+import static org.opensearch.core.rest.RestStatus.INTERNAL_SERVER_ERROR;
import static org.opensearch.security.Song.FIELD_ARTIST;
import static org.opensearch.security.Song.FIELD_STARS;
import static org.opensearch.security.Song.FIELD_TITLE;
diff --git a/src/integrationTest/java/org/opensearch/security/TlsTests.java b/src/integrationTest/java/org/opensearch/security/TlsTests.java
index 515d448728..de362a544e 100644
--- a/src/integrationTest/java/org/opensearch/security/TlsTests.java
+++ b/src/integrationTest/java/org/opensearch/security/TlsTests.java
@@ -12,6 +12,7 @@
import java.io.IOException;
import java.util.List;
import java.util.Map;
+
import javax.net.ssl.SSLHandshakeException;
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
diff --git a/src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java b/src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java
index 6e4444d049..7807798210 100644
--- a/src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java
+++ b/src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java
@@ -11,14 +11,16 @@
package org.opensearch.security.api;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.equalTo;
+import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL;
+
import java.util.Map;
-import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
import org.apache.http.HttpStatus;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.runner.RunWith;
-
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.test.framework.TestSecurityConfig;
import org.opensearch.test.framework.TestSecurityConfig.Role;
@@ -26,9 +28,7 @@
import org.opensearch.test.framework.cluster.LocalCluster;
import org.opensearch.test.framework.cluster.TestRestClient;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.equalTo;
-import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL;
+import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
@RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class)
@ThreadLeakScope(ThreadLeakScope.Scope.NONE)
diff --git a/src/integrationTest/java/org/opensearch/security/http/AsyncTests.java b/src/integrationTest/java/org/opensearch/security/http/AsyncTests.java
index 16ebd29885..e7d41cf157 100644
--- a/src/integrationTest/java/org/opensearch/security/http/AsyncTests.java
+++ b/src/integrationTest/java/org/opensearch/security/http/AsyncTests.java
@@ -10,19 +10,11 @@
package org.opensearch.security.http;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.CompletableFuture;
-import java.util.concurrent.CountDownLatch;
-import java.util.concurrent.TimeUnit;
-
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.runner.RunWith;
-
import org.opensearch.security.IndexOperationsHelper;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.test.framework.AsyncActions;
@@ -32,6 +24,13 @@
import org.opensearch.test.framework.cluster.TestRestClient;
import org.opensearch.test.framework.cluster.TestRestClient.HttpResponse;
+import java.util.Map;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.CompletableFuture;
+
import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL;
import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS;
diff --git a/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java b/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java
index 659d7c178e..9df611e207 100644
--- a/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java
+++ b/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java
@@ -16,6 +16,8 @@
import java.util.Map;
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
import org.apache.hc.core5.http.Header;
import org.apache.hc.core5.http.message.BasicHeader;
import org.junit.BeforeClass;
@@ -37,9 +39,6 @@
import org.opensearch.test.framework.cluster.TestRestClient.HttpResponse;
import org.opensearch.test.framework.log.LogsRule;
-import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.security.Keys;
-
import static java.nio.charset.StandardCharsets.US_ASCII;
import static org.apache.http.HttpHeaders.AUTHORIZATION;
import static org.hamcrest.MatcherAssert.assertThat;
diff --git a/src/integrationTest/java/org/opensearch/security/http/JwtAuthorizationHeaderFactory.java b/src/integrationTest/java/org/opensearch/security/http/JwtAuthorizationHeaderFactory.java
index b19900186c..65d4e7df6f 100644
--- a/src/integrationTest/java/org/opensearch/security/http/JwtAuthorizationHeaderFactory.java
+++ b/src/integrationTest/java/org/opensearch/security/http/JwtAuthorizationHeaderFactory.java
@@ -17,14 +17,13 @@
import java.util.stream.Collectors;
import com.google.common.collect.ImmutableMap;
+import io.jsonwebtoken.Jwts;
import org.apache.commons.lang3.StringUtils;
import org.apache.hc.core5.http.Header;
import org.apache.hc.core5.http.message.BasicHeader;
-import io.jsonwebtoken.Jwts;
-
-import static java.util.Objects.requireNonNull;
import static io.jsonwebtoken.SignatureAlgorithm.RS256;
+import static java.util.Objects.requireNonNull;
class JwtAuthorizationHeaderFactory {
public static final String AUDIENCE = "OpenSearch";
diff --git a/src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java b/src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java
index 2b56573dfe..db45cd8cde 100644
--- a/src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java
+++ b/src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java
@@ -18,17 +18,21 @@
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
+
import javax.crypto.SecretKey;
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
+
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.runner.RunWith;
-
import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.security.authtoken.jwt.EncryptionDecryptionUtil;
@@ -39,15 +43,11 @@
import org.opensearch.test.framework.cluster.LocalCluster;
import org.opensearch.test.framework.cluster.TestRestClient;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.security.Keys;
-
import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.contains;
import static org.hamcrest.Matchers.equalTo;
-import static org.hamcrest.Matchers.not;
import static org.hamcrest.Matchers.notNullValue;
+import static org.hamcrest.Matchers.not;
+import static org.hamcrest.Matchers.contains;
import static org.opensearch.security.support.ConfigConstants.SECURITY_ALLOW_DEFAULT_INIT_SECURITYINDEX;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ROLES_ENABLED;
diff --git a/src/integrationTest/java/org/opensearch/security/http/ServiceAccountAuthenticationTest.java b/src/integrationTest/java/org/opensearch/security/http/ServiceAccountAuthenticationTest.java
index 762feed686..f10971f22c 100644
--- a/src/integrationTest/java/org/opensearch/security/http/ServiceAccountAuthenticationTest.java
+++ b/src/integrationTest/java/org/opensearch/security/http/ServiceAccountAuthenticationTest.java
@@ -11,29 +11,28 @@
package org.opensearch.security.http;
-import java.util.List;
-import java.util.Map;
-
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.runner.RunWith;
-
import org.opensearch.test.framework.TestIndex;
import org.opensearch.test.framework.TestSecurityConfig;
import org.opensearch.test.framework.cluster.ClusterManager;
import org.opensearch.test.framework.cluster.LocalCluster;
import org.opensearch.test.framework.cluster.TestRestClient;
-import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ROLES_ENABLED;
+import java.util.List;
+import java.util.Map;
+
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertNotNull;
import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_ENABLED_KEY;
-import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_KEY;
import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_PERMISSIONS_ENABLED_KEY;
+import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ROLES_ENABLED;
+import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_KEY;
import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL;
import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
@RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class)
@ThreadLeakScope(ThreadLeakScope.Scope.NONE)
diff --git a/src/integrationTest/java/org/opensearch/security/rest/AuthZinRestLayerTests.java b/src/integrationTest/java/org/opensearch/security/rest/AuthZinRestLayerTests.java
index ad13d69db7..f7aa1e1b78 100644
--- a/src/integrationTest/java/org/opensearch/security/rest/AuthZinRestLayerTests.java
+++ b/src/integrationTest/java/org/opensearch/security/rest/AuthZinRestLayerTests.java
@@ -12,12 +12,11 @@
package org.opensearch.security.rest;
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
-
import org.opensearch.test.framework.AuditCompliance;
import org.opensearch.test.framework.AuditConfiguration;
import org.opensearch.test.framework.AuditFilters;
diff --git a/src/integrationTest/java/org/opensearch/security/rest/CompressionTests.java b/src/integrationTest/java/org/opensearch/security/rest/CompressionTests.java
index 40c90764d9..e688d71cd7 100644
--- a/src/integrationTest/java/org/opensearch/security/rest/CompressionTests.java
+++ b/src/integrationTest/java/org/opensearch/security/rest/CompressionTests.java
@@ -10,19 +10,13 @@
package org.opensearch.security.rest;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import java.util.concurrent.CountDownLatch;
-import java.util.concurrent.TimeUnit;
-import java.util.zip.GZIPOutputStream;
-
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
+
import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.core5.http.ContentType;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.io.entity.ByteArrayEntity;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -33,6 +27,13 @@
import org.opensearch.test.framework.cluster.LocalCluster;
import org.opensearch.test.framework.cluster.TestRestClient;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import java.util.zip.GZIPOutputStream;
+
import static org.hamcrest.CoreMatchers.containsString;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.not;
diff --git a/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java b/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java
index 0324cd449d..4f8df02308 100644
--- a/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java
+++ b/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java
@@ -11,23 +11,12 @@
package org.opensearch.security.rest;
-import java.time.Duration;
-import java.time.LocalDateTime;
-import java.time.format.DateTimeFormatter;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.stream.Collectors;
-
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
-
import org.opensearch.security.auditlog.impl.AuditMessage;
import org.opensearch.test.framework.AuditCompliance;
import org.opensearch.test.framework.AuditConfiguration;
@@ -39,12 +28,21 @@
import org.opensearch.test.framework.cluster.LocalCluster;
import org.opensearch.test.framework.cluster.TestRestClient;
-import joptsimple.internal.Strings;
+import java.time.Duration;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.greaterThan;
import static org.hamcrest.Matchers.lessThan;
+import static org.junit.Assert.assertTrue;
import static org.opensearch.rest.RestRequest.Method.GET;
import static org.opensearch.security.auditlog.impl.AuditCategory.GRANTED_PRIVILEGES;
import static org.opensearch.security.auditlog.impl.AuditCategory.MISSING_PRIVILEGES;
@@ -52,7 +50,6 @@
import static org.opensearch.test.framework.audit.AuditMessagePredicate.grantedPrivilege;
import static org.opensearch.test.framework.audit.AuditMessagePredicate.privilegePredicateRESTLayer;
import static org.opensearch.test.framework.audit.AuditMessagePredicate.userAuthenticatedPredicate;
-import static org.junit.Assert.assertTrue;
@RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class)
@ThreadLeakScope(ThreadLeakScope.Scope.NONE)
diff --git a/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java b/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java
index 7957d1cfa4..71a8aad545 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java
@@ -52,8 +52,8 @@
import org.opensearch.action.index.IndexRequest;
import org.opensearch.action.update.UpdateRequest;
import org.opensearch.client.Client;
-import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.core.common.bytes.BytesReference;
+import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.core.xcontent.ToXContentObject;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.security.securityconf.impl.CType;
diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/CloseableHttpClientFactory.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/CloseableHttpClientFactory.java
index 0fd75b08a1..ee2f3227e3 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/cluster/CloseableHttpClientFactory.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/CloseableHttpClientFactory.java
@@ -11,6 +11,7 @@
import java.util.Objects;
import java.util.concurrent.TimeUnit;
+
import javax.net.ssl.SSLContext;
import org.apache.hc.client5.http.config.RequestConfig;
diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java
index fed2bfe904..c6ddf3281a 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java
@@ -12,15 +12,15 @@
import java.util.Collections;
import java.util.Map;
+import org.opensearch.core.action.ActionListener;
import org.opensearch.action.ActionRequest;
+import org.opensearch.core.action.ActionResponse;
import org.opensearch.action.ActionType;
import org.opensearch.action.support.ContextPreservingActionListener;
import org.opensearch.client.Client;
import org.opensearch.client.FilterClient;
import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.common.util.concurrent.ThreadContext.StoredContext;
-import org.opensearch.core.action.ActionListener;
-import org.opensearch.core.action.ActionResponse;
/**
* The class adds provided headers into context before sending request via wrapped {@link Client}
diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/LocalOpenSearchCluster.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/LocalOpenSearchCluster.java
index b228fed388..189ef79f7c 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/cluster/LocalOpenSearchCluster.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/LocalOpenSearchCluster.java
@@ -69,11 +69,11 @@
import org.opensearch.transport.BindTransportException;
import static java.util.Objects.requireNonNull;
+import static org.junit.Assert.assertEquals;
import static org.opensearch.test.framework.cluster.NodeType.CLIENT;
import static org.opensearch.test.framework.cluster.NodeType.CLUSTER_MANAGER;
import static org.opensearch.test.framework.cluster.NodeType.DATA;
import static org.opensearch.test.framework.cluster.PortAllocator.TCP;
-import static org.junit.Assert.assertEquals;
/**
* Encapsulates all the logic to start a local OpenSearch cluster - without any configuration of the security plugin.
diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/OpenSearchClientProvider.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/OpenSearchClientProvider.java
index b797646763..ddc68f74df 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/cluster/OpenSearchClientProvider.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/OpenSearchClientProvider.java
@@ -40,6 +40,7 @@
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
+
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
@@ -59,7 +60,6 @@
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
import org.apache.hc.core5.reactor.ssl.TlsDetails;
-
import org.opensearch.client.RestClient;
import org.opensearch.client.RestClientBuilder;
import org.opensearch.client.RestHighLevelClient;
diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtils.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtils.java
index 3e165b16a3..5895829243 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtils.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtils.java
@@ -33,6 +33,7 @@
import java.util.Random;
import java.util.SortedSet;
import java.util.TreeSet;
+
import javax.net.ServerSocketFactory;
/**
diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtilsTests.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtilsTests.java
index 0cffec4c93..fb298c5283 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtilsTests.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtilsTests.java
@@ -31,6 +31,7 @@
import java.net.InetAddress;
import java.net.ServerSocket;
import java.util.SortedSet;
+
import javax.net.ServerSocketFactory;
import org.junit.Test;
@@ -42,9 +43,9 @@
import static org.hamcrest.Matchers.lessThanOrEqualTo;
import static org.hamcrest.Matchers.notNullValue;
import static org.hamcrest.Matchers.startsWith;
+import static org.junit.Assert.assertThrows;
import static org.opensearch.test.framework.cluster.SocketUtils.PORT_RANGE_MAX;
import static org.opensearch.test.framework.cluster.SocketUtils.PORT_RANGE_MIN;
-import static org.junit.Assert.assertThrows;
/**
* Unit tests for {@link SocketUtils}.
diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java
index e38ef949cb..55919d814c 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java
@@ -28,6 +28,12 @@
package org.opensearch.test.framework.cluster;
+import static java.lang.String.format;
+import static java.util.Objects.requireNonNull;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.notNullValue;
+
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
@@ -42,10 +48,9 @@
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
+
import javax.net.ssl.SSLContext;
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.JsonNode;
import org.apache.commons.io.IOUtils;
import org.apache.hc.client5.http.classic.methods.HttpDelete;
import org.apache.hc.client5.http.classic.methods.HttpGet;
@@ -67,17 +72,13 @@
import org.apache.hc.core5.net.URIBuilder;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.core.common.Strings;
import org.opensearch.core.xcontent.ToXContentObject;
import org.opensearch.security.DefaultObjectMapper;
-import static java.lang.String.format;
-import static java.util.Objects.requireNonNull;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.equalTo;
-import static org.hamcrest.Matchers.notNullValue;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
/**
* A OpenSearch REST client, which is tailored towards use in integration tests. Instances of this class can be
diff --git a/src/integrationTest/java/org/opensearch/test/framework/ldap/LdapServer.java b/src/integrationTest/java/org/opensearch/test/framework/ldap/LdapServer.java
index dece74f1e5..18a14242cc 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/ldap/LdapServer.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/ldap/LdapServer.java
@@ -27,17 +27,12 @@
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.locks.ReentrantLock;
+
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-
-import org.opensearch.test.framework.certificate.CertificateData;
-import org.opensearch.test.framework.cluster.SocketUtils;
-
import com.unboundid.ldap.listener.InMemoryDirectoryServer;
import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
import com.unboundid.ldap.listener.InMemoryListenerConfig;
@@ -47,6 +42,11 @@
import com.unboundid.ldap.sdk.schema.Schema;
import com.unboundid.ldif.LDIFReader;
import com.unboundid.util.ssl.SSLUtil;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import org.opensearch.test.framework.certificate.CertificateData;
+import org.opensearch.test.framework.cluster.SocketUtils;
/**
* Based on class com.amazon.dlic.auth.ldap.srv.LdapServer from older tests
diff --git a/src/integrationTest/java/org/opensearch/test/framework/log/LogCapturingAppender.java b/src/integrationTest/java/org/opensearch/test/framework/log/LogCapturingAppender.java
index 2151c7bcc5..5673f1bd3e 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/log/LogCapturingAppender.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/log/LogCapturingAppender.java
@@ -9,15 +9,6 @@
*/
package org.opensearch.test.framework.log;
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Queue;
-import java.util.Set;
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.stream.Collectors;
-
import com.google.common.collect.EvictingQueue;
import com.google.common.collect.Queues;
import org.apache.logging.log4j.core.Appender;
@@ -31,6 +22,15 @@
import org.apache.logging.log4j.core.config.plugins.PluginAttribute;
import org.apache.logging.log4j.core.config.plugins.PluginFactory;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Queue;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.stream.Collectors;
+
import static org.opensearch.test.framework.log.LogCapturingAppender.PLUGIN_NAME;
/**
diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/AbstractRestHandler.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/AbstractRestHandler.java
index a068d80e76..2f88585b22 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/AbstractRestHandler.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/AbstractRestHandler.java
@@ -9,8 +9,6 @@
*/
package org.opensearch.test.framework.testplugins;
-import java.io.IOException;
-
import org.opensearch.ExceptionsHelper;
import org.opensearch.client.node.NodeClient;
import org.opensearch.core.rest.RestStatus;
@@ -20,6 +18,8 @@
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestRequest;
+import java.io.IOException;
+
public class AbstractRestHandler extends BaseRestHandler {
@Override
diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/CustomLegacyTestPlugin.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/CustomLegacyTestPlugin.java
index afd70f0ba3..648abef704 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/CustomLegacyTestPlugin.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/CustomLegacyTestPlugin.java
@@ -11,10 +11,6 @@
package org.opensearch.test.framework.testplugins.dummy;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.function.Supplier;
-
import org.opensearch.action.ActionRequest;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.node.DiscoveryNodes;
@@ -32,6 +28,10 @@
import org.opensearch.test.framework.testplugins.dummy.dummyaction.DummyAction;
import org.opensearch.test.framework.testplugins.dummy.dummyaction.TransportDummyAction;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.function.Supplier;
+
/**
* Registers a plugin with legacy routes using {@link org.opensearch.rest.RestHandler.Route}
*/
diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/LegacyRestHandler.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/LegacyRestHandler.java
index 3bfbca6272..e001628596 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/LegacyRestHandler.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/LegacyRestHandler.java
@@ -11,10 +11,7 @@
package org.opensearch.test.framework.testplugins.dummy;
-import java.util.List;
-
import com.google.common.collect.ImmutableList;
-
import org.opensearch.client.node.NodeClient;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestRequest;
@@ -23,6 +20,8 @@
import org.opensearch.test.framework.testplugins.dummy.dummyaction.DummyAction;
import org.opensearch.test.framework.testplugins.dummy.dummyaction.DummyRequest;
+import java.util.List;
+
import static org.opensearch.rest.RestRequest.Method.GET;
import static org.opensearch.rest.RestRequest.Method.POST;
import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix;
diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyRequest.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyRequest.java
index 4bd94ae3c4..5928b4892f 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyRequest.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyRequest.java
@@ -11,14 +11,14 @@
package org.opensearch.test.framework.testplugins.dummy.dummyaction;
-import java.io.IOException;
-
import org.opensearch.action.ActionRequest;
import org.opensearch.action.ActionRequestValidationException;
import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.xcontent.ToXContent;
import org.opensearch.core.xcontent.XContentBuilder;
+import java.io.IOException;
+
public class DummyRequest extends ActionRequest implements ToXContent {
private final String message;
diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyResponse.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyResponse.java
index c2ac8009fa..e2ee6c9344 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyResponse.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyResponse.java
@@ -11,8 +11,6 @@
package org.opensearch.test.framework.testplugins.dummy.dummyaction;
-import java.io.IOException;
-
import org.opensearch.common.xcontent.StatusToXContentObject;
import org.opensearch.core.action.ActionResponse;
import org.opensearch.core.common.Strings;
@@ -22,6 +20,8 @@
import org.opensearch.core.xcontent.MediaTypeRegistry;
import org.opensearch.core.xcontent.XContentBuilder;
+import java.io.IOException;
+
public class DummyResponse extends ActionResponse implements StatusToXContentObject {
private final String responseString;
diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/CustomRestProtectedTestPlugin.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/CustomRestProtectedTestPlugin.java
index d312a351df..780bee4ac6 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/CustomRestProtectedTestPlugin.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/CustomRestProtectedTestPlugin.java
@@ -11,10 +11,6 @@
package org.opensearch.test.framework.testplugins.dummyprotected;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.function.Supplier;
-
import org.opensearch.action.ActionRequest;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.node.DiscoveryNodes;
@@ -32,6 +28,10 @@
import org.opensearch.test.framework.testplugins.dummyprotected.dummyaction.DummyAction;
import org.opensearch.test.framework.testplugins.dummyprotected.dummyaction.TransportDummyAction;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.function.Supplier;
+
/**
* Registers a plugin with protected routes using {@linkplain org.opensearch.rest.NamedRoute}
* This allows authorization against REST layer
diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyRequest.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyRequest.java
index 9cc8034dd5..025d2e1c55 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyRequest.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyRequest.java
@@ -11,14 +11,14 @@
package org.opensearch.test.framework.testplugins.dummyprotected.dummyaction;
-import java.io.IOException;
-
import org.opensearch.action.ActionRequest;
import org.opensearch.action.ActionRequestValidationException;
import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.xcontent.ToXContent;
import org.opensearch.core.xcontent.XContentBuilder;
+import java.io.IOException;
+
public class DummyRequest extends ActionRequest implements ToXContent {
private final String message;
diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyResponse.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyResponse.java
index 20465f21dc..efd7be49b4 100644
--- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyResponse.java
+++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyResponse.java
@@ -11,8 +11,6 @@
package org.opensearch.test.framework.testplugins.dummyprotected.dummyaction;
-import java.io.IOException;
-
import org.opensearch.common.xcontent.StatusToXContentObject;
import org.opensearch.core.action.ActionResponse;
import org.opensearch.core.common.Strings;
@@ -22,6 +20,8 @@
import org.opensearch.core.xcontent.MediaTypeRegistry;
import org.opensearch.core.xcontent.XContentBuilder;
+import java.io.IOException;
+
public class DummyResponse extends ActionResponse implements StatusToXContentObject {
private final String responseString;
diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java
index 8c6af4279b..da19a808a3 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java
@@ -11,21 +11,30 @@
package com.amazon.dlic.auth.http.jwt;
+import static org.apache.http.HttpHeaders.AUTHORIZATION;
+
import java.nio.file.Path;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.text.ParseException;
import java.util.Collection;
import java.util.Map;
-import java.util.Map.Entry;
import java.util.Optional;
+import java.util.Map.Entry;
import java.util.regex.Pattern;
import com.google.common.annotations.VisibleForTesting;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
import org.apache.http.HttpStatus;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException;
+import com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException;
+import com.amazon.dlic.auth.http.jwt.keybyoidc.JwtVerifier;
+import com.amazon.dlic.auth.http.jwt.keybyoidc.KeyProvider;
+
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
import org.opensearch.common.settings.Settings;
@@ -37,15 +46,6 @@
import org.opensearch.security.filter.SecurityResponse;
import org.opensearch.security.user.AuthCredentials;
-import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException;
-import com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException;
-import com.amazon.dlic.auth.http.jwt.keybyoidc.JwtVerifier;
-import com.amazon.dlic.auth.http.jwt.keybyoidc.KeyProvider;
-import com.nimbusds.jwt.JWTClaimsSet;
-import com.nimbusds.jwt.SignedJWT;
-
-import static org.apache.http.HttpHeaders.AUTHORIZATION;
-
public abstract class AbstractHTTPJwtAuthenticator implements HTTPAuthenticator {
private final static Logger log = LogManager.getLogger(AbstractHTTPJwtAuthenticator.class);
diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
index c5c3e0ddc5..1266bc8b04 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
@@ -11,15 +11,22 @@
package com.amazon.dlic.auth.http.jwt;
+import static org.apache.http.HttpHeaders.AUTHORIZATION;
+
import java.nio.file.Path;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Collection;
import java.util.Map;
-import java.util.Map.Entry;
import java.util.Optional;
+import java.util.Map.Entry;
import java.util.regex.Pattern;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwtParser;
+import io.jsonwebtoken.JwtParserBuilder;
+import io.jsonwebtoken.security.WeakKeyException;
+
import org.apache.http.HttpStatus;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
@@ -34,13 +41,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.util.KeyUtils;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.JwtParser;
-import io.jsonwebtoken.JwtParserBuilder;
-import io.jsonwebtoken.security.WeakKeyException;
-
-import static org.apache.http.HttpHeaders.AUTHORIZATION;
-
public class HTTPJwtAuthenticator implements HTTPAuthenticator {
protected final Logger log = LogManager.getLogger(this.getClass());
diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java
index bf2f82e178..808abfc5ea 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java
@@ -13,11 +13,11 @@
import java.nio.file.Path;
-import org.opensearch.common.settings.Settings;
-
import com.amazon.dlic.auth.http.jwt.AbstractHTTPJwtAuthenticator;
import com.amazon.dlic.util.SettingsBasedSSLConfigurator;
+import org.opensearch.common.settings.Settings;
+
public class HTTPJwtKeyByOpenIdConnectAuthenticator extends AbstractHTTPJwtAuthenticator {
// private final static Logger log = LogManager.getLogger(HTTPJwtKeyByOpenIdConnectAuthenticator.class);
diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java
index da1b8393fb..3716eb7997 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java
@@ -11,25 +11,24 @@
package com.amazon.dlic.auth.http.jwt.keybyoidc;
-import java.text.ParseException;
-import java.util.Collections;
-
import com.google.common.base.Strings;
-import org.apache.commons.lang3.StringEscapeUtils;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-
import com.nimbusds.jose.Algorithm;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSVerifier;
-import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.OctetSequenceKey;
+import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory;
import com.nimbusds.jose.proc.SimpleSecurityContext;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.jwt.proc.BadJWTException;
import com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier;
+import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import java.text.ParseException;
+import java.util.Collections;
public class JwtVerifier {
diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java
index 58eff89341..05f0d88768 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java
@@ -15,6 +15,8 @@
import java.text.ParseException;
import java.util.concurrent.TimeUnit;
+import com.nimbusds.jose.jwk.JWKSet;
+import joptsimple.internal.Strings;
import org.apache.hc.client5.http.cache.HttpCacheContext;
import org.apache.hc.client5.http.cache.HttpCacheStorage;
import org.apache.hc.client5.http.classic.methods.HttpGet;
@@ -32,12 +34,10 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-import org.opensearch.security.DefaultObjectMapper;
-
import com.amazon.dlic.auth.http.jwt.oidc.json.OpenIdProviderConfiguration;
import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfig;
-import com.nimbusds.jose.jwk.JWKSet;
-import joptsimple.internal.Strings;
+
+import org.opensearch.security.DefaultObjectMapper;
public class KeySetRetriever implements KeySetProvider {
private final static Logger log = LogManager.getLogger(KeySetRetriever.class);
diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java
index 35b2b079c6..d1d823e3a8 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java
@@ -19,11 +19,10 @@
import java.util.concurrent.TimeUnit;
import com.google.common.base.Strings;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.JWKSet;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
public class SelfRefreshingKeySet implements KeyProvider {
private static final Logger log = LogManager.getLogger(SelfRefreshingKeySet.class);
diff --git a/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java
index 44bff5c73e..ad24b8db95 100644
--- a/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java
@@ -11,6 +11,8 @@
package com.amazon.dlic.auth.http.kerberos;
+import static org.apache.http.HttpStatus.SC_UNAUTHORIZED;
+
import java.io.Serializable;
import java.nio.file.Files;
import java.nio.file.Path;
@@ -27,12 +29,23 @@
import java.util.Map;
import java.util.Optional;
import java.util.Set;
+
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import com.google.common.base.Strings;
+
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.GSSManager;
+import org.ietf.jgss.GSSName;
+import org.ietf.jgss.Oid;
+
+import com.amazon.dlic.auth.http.kerberos.util.JaasKrbUtil;
+import com.amazon.dlic.auth.http.kerberos.util.KrbConstants;
import org.opensearch.ExceptionsHelper;
import org.opensearch.SpecialPermission;
@@ -46,17 +59,6 @@
import org.opensearch.security.filter.SecurityResponse;
import org.opensearch.security.user.AuthCredentials;
-import com.amazon.dlic.auth.http.kerberos.util.JaasKrbUtil;
-import com.amazon.dlic.auth.http.kerberos.util.KrbConstants;
-import org.ietf.jgss.GSSContext;
-import org.ietf.jgss.GSSCredential;
-import org.ietf.jgss.GSSException;
-import org.ietf.jgss.GSSManager;
-import org.ietf.jgss.GSSName;
-import org.ietf.jgss.Oid;
-
-import static org.apache.http.HttpStatus.SC_UNAUTHORIZED;
-
public class HTTPSpnegoAuthenticator implements HTTPAuthenticator {
private static final Oid[] KRB_OIDS = new Oid[] { KrbConstants.SPNEGO, KrbConstants.KRB5MECH };
diff --git a/src/main/java/com/amazon/dlic/auth/http/kerberos/util/JaasKrbUtil.java b/src/main/java/com/amazon/dlic/auth/http/kerberos/util/JaasKrbUtil.java
index 80894f622b..619c780027 100644
--- a/src/main/java/com/amazon/dlic/auth/http/kerberos/util/JaasKrbUtil.java
+++ b/src/main/java/com/amazon/dlic/auth/http/kerberos/util/JaasKrbUtil.java
@@ -21,6 +21,7 @@
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
+
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java b/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java
index 41e9305ba6..393cedc3b5 100644
--- a/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java
+++ b/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java
@@ -25,44 +25,45 @@
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
+
import javax.xml.xpath.XPathExpressionException;
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.nimbusds.jose.JWSAlgorithm;
+import com.nimbusds.jose.JWSHeader;
+import com.nimbusds.jose.crypto.factories.DefaultJWSSignerFactory;
+import com.nimbusds.jose.jwk.JWK;
+import com.nimbusds.jose.jwk.KeyUse;
+import com.nimbusds.jose.jwk.OctetSequenceKey;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+import com.onelogin.saml2.authn.SamlResponse;
+import com.onelogin.saml2.exception.ValidationError;
+import com.onelogin.saml2.settings.Saml2Settings;
+import com.onelogin.saml2.util.Util;
+
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpStatus;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.joda.time.DateTime;
+import org.opensearch.core.common.Strings;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.common.Strings;
-import org.opensearch.core.common.bytes.BytesReference;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.rest.RestRequest;
import org.opensearch.rest.RestRequest.Method;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.DefaultObjectMapper;
import org.opensearch.security.dlic.rest.api.AuthTokenProcessorAction;
import org.opensearch.security.filter.SecurityResponse;
-import com.nimbusds.jose.JWSAlgorithm;
-import com.nimbusds.jose.JWSHeader;
-import com.nimbusds.jose.crypto.factories.DefaultJWSSignerFactory;
-import com.nimbusds.jose.jwk.JWK;
-import com.nimbusds.jose.jwk.KeyUse;
-import com.nimbusds.jose.jwk.OctetSequenceKey;
-import com.nimbusds.jwt.JWTClaimsSet;
-import com.nimbusds.jwt.SignedJWT;
-import com.onelogin.saml2.authn.SamlResponse;
-import com.onelogin.saml2.exception.ValidationError;
-import com.onelogin.saml2.settings.Saml2Settings;
-import com.onelogin.saml2.util.Util;
-import org.joda.time.DateTime;
-
import static org.opensearch.security.authtoken.jwt.KeyPaddingUtil.padSecret;
class AuthTokenProcessorHandler {
diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
index ae3d1c9128..918e3be5ab 100644
--- a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
@@ -20,17 +20,39 @@
import java.security.PrivilegedExceptionAction;
import java.util.Map;
import java.util.Optional;
-import java.util.ServiceLoader;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+
import javax.xml.parsers.ParserConfigurationException;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Strings;
+import com.nimbusds.jose.jwk.JWK;
+import com.onelogin.saml2.authn.AuthnRequest;
+import com.onelogin.saml2.logout.LogoutRequest;
+import com.onelogin.saml2.settings.Saml2Settings;
+import com.onelogin.saml2.util.Constants;
+import com.onelogin.saml2.util.Util;
+import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+import net.shibboleth.utilities.java.support.component.DestructableComponent;
+import net.shibboleth.utilities.java.support.xml.BasicParserPool;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.http.HttpStatus;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.opensaml.core.config.InitializationException;
+import org.opensaml.core.config.InitializationService;
+import org.opensaml.saml.metadata.resolver.MetadataResolver;
+import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver;
+import org.opensaml.saml.metadata.resolver.impl.DOMMetadataResolver;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
+
+import com.amazon.dlic.auth.http.jwt.AbstractHTTPJwtAuthenticator;
+import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException;
+import com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException;
+import com.amazon.dlic.auth.http.jwt.keybyoidc.KeyProvider;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
@@ -39,39 +61,14 @@
import org.opensearch.rest.RestRequest;
import org.opensearch.security.auth.Destroyable;
import org.opensearch.security.auth.HTTPAuthenticator;
-import org.opensearch.security.filter.OpenSearchRequest;
import org.opensearch.security.filter.SecurityRequest;
import org.opensearch.security.filter.SecurityRequestChannelUnsupported;
import org.opensearch.security.filter.SecurityResponse;
-import org.opensearch.security.opensaml.integration.SecurityXMLObjectProviderInitializer;
+import org.opensearch.security.filter.OpenSearchRequest;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.support.PemKeyReader;
import org.opensearch.security.user.AuthCredentials;
-import com.amazon.dlic.auth.http.jwt.AbstractHTTPJwtAuthenticator;
-import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException;
-import com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException;
-import com.amazon.dlic.auth.http.jwt.keybyoidc.KeyProvider;
-import com.nimbusds.jose.jwk.JWK;
-import com.onelogin.saml2.authn.AuthnRequest;
-import com.onelogin.saml2.logout.LogoutRequest;
-import com.onelogin.saml2.settings.Saml2Settings;
-import com.onelogin.saml2.util.Constants;
-import com.onelogin.saml2.util.Util;
-import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
-import net.shibboleth.utilities.java.support.component.DestructableComponent;
-import net.shibboleth.utilities.java.support.xml.BasicParserPool;
-import org.opensaml.core.config.InitializationException;
-import org.opensaml.core.config.InitializationService;
-import org.opensaml.core.config.Initializer;
-import org.opensaml.saml.metadata.resolver.MetadataResolver;
-import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver;
-import org.opensaml.saml.metadata.resolver.impl.DOMMetadataResolver;
-import org.opensaml.xmlsec.config.impl.XMLObjectProviderInitializer;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
-
import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
@@ -115,12 +112,12 @@ public HTTPSamlAuthenticator(final Settings settings, final Path configPath) {
spSignaturePrivateKey = getSpSignaturePrivateKey(settings, configPath);
useForceAuthn = settings.getAsBoolean("sp.forceAuthn", null);
- if (rolesKey == null || rolesKey.isEmpty()) {
+ if (rolesKey == null || rolesKey.length() == 0) {
log.warn("roles_key is not configured, will only extract subject from SAML");
rolesKey = null;
}
- if (subjectKey == null || subjectKey.isEmpty()) {
+ if (subjectKey == null || subjectKey.length() == 0) {
// If subjectKey == null, get subject from the NameID element.
// Thus, this is a valid configuration.
subjectKey = null;
@@ -291,40 +288,35 @@ static void ensureOpenSamlInitialization() {
}
try {
- AccessController.doPrivileged((PrivilegedExceptionAction) () -> {
- Thread thread = Thread.currentThread();
- ClassLoader originalClassLoader = thread.getContextClassLoader();
- try {
- thread.setContextClassLoader(InitializationService.class.getClassLoader());
- initializeOpenSAMLConfiguration();
- } catch (InitializationException e) {
- throw new RuntimeException(e.getCause());
- } finally {
- thread.setContextClassLoader(originalClassLoader);
- }
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ @Override
+ public Void run() throws InitializationException {
- openSamlInitialized = true;
- return null;
+ Thread thread = Thread.currentThread();
+ ClassLoader originalClassLoader = thread.getContextClassLoader();
+
+ try {
+
+ thread.setContextClassLoader(InitializationService.class.getClassLoader());
+
+ InitializationService.initialize();
+
+ new org.opensaml.saml.config.impl.XMLObjectProviderInitializer().init();
+ new org.opensaml.saml.config.impl.SAMLConfigurationInitializer().init();
+ new org.opensaml.xmlsec.config.impl.XMLObjectProviderInitializer().init();
+ } finally {
+ thread.setContextClassLoader(originalClassLoader);
+ }
+
+ openSamlInitialized = true;
+ return null;
+ }
});
} catch (PrivilegedActionException e) {
throw new RuntimeException(e.getCause());
}
}
- private static void initializeOpenSAMLConfiguration() throws InitializationException {
- log.info("Initializing OpenSAML using the Java Services API");
-
- final ServiceLoader serviceLoader = ServiceLoader.load(Initializer.class);
- for (Initializer initializer : serviceLoader) {
- if (initializer instanceof XMLObjectProviderInitializer) {
- // replace initialization of X509 builders which support Cleaner with our own solution
- new SecurityXMLObjectProviderInitializer().init();
- } else {
- initializer.init();
- }
- }
- }
-
@SuppressWarnings("removal")
private MetadataResolver createMetadataResolver(final Settings settings, final Path configPath) throws Exception {
final AbstractMetadataResolver metadataResolver;
@@ -358,9 +350,12 @@ private MetadataResolver createMetadataResolver(final Settings settings, final P
}
try {
- AccessController.doPrivileged((PrivilegedExceptionAction) () -> {
- metadataResolver.initialize();
- return null;
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ @Override
+ public Void run() throws ComponentInitializationException {
+ metadataResolver.initialize();
+ return null;
+ }
});
} catch (PrivilegedActionException e) {
if (e.getCause() instanceof ComponentInitializationException) {
diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java b/src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java
index 0c7f56282e..1b97242762 100644
--- a/src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java
+++ b/src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java
@@ -23,17 +23,12 @@
import java.util.Set;
import java.util.stream.Collectors;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-
-import org.opensearch.SpecialPermission;
-import org.opensearch.common.settings.Settings;
-
-import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException;
import com.onelogin.saml2.settings.Saml2Settings;
import com.onelogin.saml2.settings.SettingsBuilder;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import net.shibboleth.utilities.java.support.resolver.ResolverException;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
import org.opensaml.core.criterion.EntityIdCriterion;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.opensaml.saml.metadata.resolver.RefreshableMetadataResolver;
@@ -46,6 +41,11 @@
import org.opensaml.xmlsec.signature.X509Certificate;
import org.opensaml.xmlsec.signature.X509Data;
+import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException;
+
+import org.opensearch.SpecialPermission;
+import org.opensearch.common.settings.Settings;
+
public class Saml2SettingsProvider {
protected final static Logger log = LogManager.getLogger(Saml2SettingsProvider.class);
diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/SamlFilesystemMetadataResolver.java b/src/main/java/com/amazon/dlic/auth/http/saml/SamlFilesystemMetadataResolver.java
index 93d3b020ce..302b1f41ea 100644
--- a/src/main/java/com/amazon/dlic/auth/http/saml/SamlFilesystemMetadataResolver.java
+++ b/src/main/java/com/amazon/dlic/auth/http/saml/SamlFilesystemMetadataResolver.java
@@ -17,12 +17,12 @@
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
-import org.opensearch.common.settings.Settings;
-import org.opensearch.env.Environment;
-
import net.shibboleth.utilities.java.support.resolver.ResolverException;
import org.opensaml.saml.metadata.resolver.impl.FilesystemMetadataResolver;
+import org.opensearch.common.settings.Settings;
+import org.opensearch.env.Environment;
+
public class SamlFilesystemMetadataResolver extends FilesystemMetadataResolver {
SamlFilesystemMetadataResolver(String filePath, Settings opensearchSettings, Path configPath) throws Exception {
diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/SamlHTTPMetadataResolver.java b/src/main/java/com/amazon/dlic/auth/http/saml/SamlHTTPMetadataResolver.java
index d3e5571ece..2a380539e6 100644
--- a/src/main/java/com/amazon/dlic/auth/http/saml/SamlHTTPMetadataResolver.java
+++ b/src/main/java/com/amazon/dlic/auth/http/saml/SamlHTTPMetadataResolver.java
@@ -17,17 +17,17 @@
import java.security.PrivilegedExceptionAction;
import java.time.Duration;
+import net.shibboleth.utilities.java.support.resolver.ResolverException;
import org.apache.http.client.HttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
+import org.opensaml.saml.metadata.resolver.impl.HTTPMetadataResolver;
+
+import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4;
import org.opensearch.SpecialPermission;
import org.opensearch.common.settings.Settings;
-import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4;
-import net.shibboleth.utilities.java.support.resolver.ResolverException;
-import org.opensaml.saml.metadata.resolver.impl.HTTPMetadataResolver;
-
public class SamlHTTPMetadataResolver extends HTTPMetadataResolver {
SamlHTTPMetadataResolver(String idpMetadataUrl, Settings opensearchSettings, Path configPath) throws Exception {
@@ -41,7 +41,12 @@ public class SamlHTTPMetadataResolver extends HTTPMetadataResolver {
@SuppressWarnings("removal")
protected byte[] fetchMetadata() throws ResolverException {
try {
- return AccessController.doPrivileged((PrivilegedExceptionAction) () -> SamlHTTPMetadataResolver.super.fetchMetadata());
+ return AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ @Override
+ public byte[] run() throws ResolverException {
+ return SamlHTTPMetadataResolver.super.fetchMetadata();
+ }
+ });
} catch (PrivilegedActionException e) {
if (e.getCause() instanceof ResolverException) {
diff --git a/src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java b/src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java
index c2f634709e..f752ce4a49 100755
--- a/src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java
@@ -16,16 +16,17 @@
import java.util.HashMap;
import java.util.Map;
+import org.ldaptive.LdapAttribute;
+import org.ldaptive.LdapEntry;
+
+import com.amazon.dlic.auth.ldap.util.Utils;
+
import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.common.io.stream.StreamOutput;
import org.opensearch.security.support.WildcardMatcher;
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.util.Utils;
-import org.ldaptive.LdapAttribute;
-import org.ldaptive.LdapEntry;
-
public class LdapUser extends User {
private static final long serialVersionUID = 1L;
diff --git a/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java b/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java
index 3145352013..96cd7a40c9 100755
--- a/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java
@@ -25,6 +25,17 @@
import org.apache.commons.lang3.tuple.Pair;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.ldaptive.Connection;
+import org.ldaptive.ConnectionConfig;
+import org.ldaptive.LdapEntry;
+import org.ldaptive.ReturnAttributes;
+import org.ldaptive.SearchFilter;
+import org.ldaptive.SearchScope;
+
+import com.amazon.dlic.auth.ldap.LdapUser;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.LdapHelper;
+import com.amazon.dlic.auth.ldap.util.Utils;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.common.settings.Settings;
@@ -33,17 +44,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.LdapUser;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.LdapHelper;
-import com.amazon.dlic.auth.ldap.util.Utils;
-import org.ldaptive.Connection;
-import org.ldaptive.ConnectionConfig;
-import org.ldaptive.LdapEntry;
-import org.ldaptive.ReturnAttributes;
-import org.ldaptive.SearchFilter;
-import org.ldaptive.SearchScope;
-
import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting;
public class LDAPAuthenticationBackend implements AuthenticationBackend {
diff --git a/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java b/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java
index d8b33b2a7e..ac3fd8b32f 100755
--- a/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java
@@ -35,29 +35,14 @@
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicInteger;
+
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import com.google.common.collect.HashMultimap;
+import io.netty.util.internal.PlatformDependent;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
-import org.opensearch.OpenSearchSecurityException;
-import org.opensearch.SpecialPermission;
-import org.opensearch.common.settings.Settings;
-import org.opensearch.core.common.Strings;
-import org.opensearch.security.auth.AuthorizationBackend;
-import org.opensearch.security.ssl.util.SSLConfigConstants;
-import org.opensearch.security.support.PemKeyReader;
-import org.opensearch.security.support.WildcardMatcher;
-import org.opensearch.security.user.AuthCredentials;
-import org.opensearch.security.user.User;
-
-import com.amazon.dlic.auth.ldap.LdapUser;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.LdapHelper;
-import com.amazon.dlic.auth.ldap.util.Utils;
-import io.netty.util.internal.PlatformDependent;
import org.ldaptive.BindConnectionInitializer;
import org.ldaptive.BindRequest;
import org.ldaptive.Connection;
@@ -82,6 +67,22 @@
import org.ldaptive.ssl.SslConfig;
import org.ldaptive.ssl.ThreadLocalTLSSocketFactory;
+import com.amazon.dlic.auth.ldap.LdapUser;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.LdapHelper;
+import com.amazon.dlic.auth.ldap.util.Utils;
+
+import org.opensearch.OpenSearchSecurityException;
+import org.opensearch.SpecialPermission;
+import org.opensearch.common.settings.Settings;
+import org.opensearch.core.common.Strings;
+import org.opensearch.security.auth.AuthorizationBackend;
+import org.opensearch.security.ssl.util.SSLConfigConstants;
+import org.opensearch.security.support.PemKeyReader;
+import org.opensearch.security.support.WildcardMatcher;
+import org.opensearch.security.user.AuthCredentials;
+import org.opensearch.security.user.User;
+
import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD;
import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
diff --git a/src/main/java/com/amazon/dlic/auth/ldap/util/LdapHelper.java b/src/main/java/com/amazon/dlic/auth/ldap/util/LdapHelper.java
index f2dffa62fd..f06c7d59d7 100644
--- a/src/main/java/com/amazon/dlic/auth/ldap/util/LdapHelper.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap/util/LdapHelper.java
@@ -16,12 +16,11 @@
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
+
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
-import org.opensearch.SpecialPermission;
-
import org.ldaptive.Connection;
import org.ldaptive.DerefAliases;
import org.ldaptive.LdapEntry;
@@ -34,6 +33,8 @@
import org.ldaptive.SearchScope;
import org.ldaptive.referral.SearchReferralHandler;
+import org.opensearch.SpecialPermission;
+
public class LdapHelper {
private static SearchFilter ALL = new SearchFilter("(objectClass=*)");
diff --git a/src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java b/src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java
index 58ab1574b3..743705eee5 100644
--- a/src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java
@@ -23,13 +23,12 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.ldaptive.Connection;
+import org.ldaptive.LdapAttribute;
import org.opensearch.SpecialPermission;
import org.opensearch.common.settings.Settings;
-import org.ldaptive.Connection;
-import org.ldaptive.LdapAttribute;
-
public final class Utils {
private static final Logger log = LogManager.getLogger(Utils.class);
diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java
index 70311e5fe3..74184de0eb 100755
--- a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java
@@ -23,20 +23,6 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
-import org.opensearch.OpenSearchSecurityException;
-import org.opensearch.SpecialPermission;
-import org.opensearch.common.settings.Settings;
-import org.opensearch.security.auth.AuthenticationBackend;
-import org.opensearch.security.auth.Destroyable;
-import org.opensearch.security.support.WildcardMatcher;
-import org.opensearch.security.user.AuthCredentials;
-import org.opensearch.security.user.User;
-
-import com.amazon.dlic.auth.ldap.LdapUser;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.Utils;
-import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException;
import org.ldaptive.BindRequest;
import org.ldaptive.Connection;
import org.ldaptive.ConnectionFactory;
@@ -47,6 +33,20 @@
import org.ldaptive.ReturnAttributes;
import org.ldaptive.pool.ConnectionPool;
+import com.amazon.dlic.auth.ldap.LdapUser;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.Utils;
+import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException;
+
+import org.opensearch.OpenSearchSecurityException;
+import org.opensearch.SpecialPermission;
+import org.opensearch.common.settings.Settings;
+import org.opensearch.security.auth.AuthenticationBackend;
+import org.opensearch.security.auth.Destroyable;
+import org.opensearch.security.support.WildcardMatcher;
+import org.opensearch.security.user.AuthCredentials;
+import org.opensearch.security.user.User;
+
public class LDAPAuthenticationBackend2 implements AuthenticationBackend, Destroyable {
protected static final Logger log = LogManager.getLogger(LDAPAuthenticationBackend2.class);
diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java
index e05b2e1e64..d8d27de7da 100755
--- a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java
@@ -24,12 +24,28 @@
import java.util.List;
import java.util.Map;
import java.util.Set;
+
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import com.google.common.collect.HashMultimap;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.ldaptive.Connection;
+import org.ldaptive.ConnectionFactory;
+import org.ldaptive.LdapAttribute;
+import org.ldaptive.LdapEntry;
+import org.ldaptive.LdapException;
+import org.ldaptive.ReturnAttributes;
+import org.ldaptive.SearchFilter;
+import org.ldaptive.SearchScope;
+import org.ldaptive.pool.ConnectionPool;
+
+import com.amazon.dlic.auth.ldap.LdapUser;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.LdapHelper;
+import com.amazon.dlic.auth.ldap.util.Utils;
+import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
@@ -41,21 +57,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.LdapUser;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.LdapHelper;
-import com.amazon.dlic.auth.ldap.util.Utils;
-import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException;
-import org.ldaptive.Connection;
-import org.ldaptive.ConnectionFactory;
-import org.ldaptive.LdapAttribute;
-import org.ldaptive.LdapEntry;
-import org.ldaptive.LdapException;
-import org.ldaptive.ReturnAttributes;
-import org.ldaptive.SearchFilter;
-import org.ldaptive.SearchScope;
-import org.ldaptive.pool.ConnectionPool;
-
public class LDAPAuthorizationBackend2 implements AuthorizationBackend, Destroyable {
static final int ZERO_PLACEHOLDER = 0;
diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java
index 308178d651..877c4160da 100644
--- a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java
@@ -20,12 +20,6 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
-import org.opensearch.common.settings.Settings;
-
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.util.SettingsBasedSSLConfigurator;
-import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException;
import org.ldaptive.ActivePassiveConnectionStrategy;
import org.ldaptive.BindConnectionInitializer;
import org.ldaptive.CompareRequest;
@@ -62,6 +56,12 @@
import org.ldaptive.ssl.CredentialConfigFactory;
import org.ldaptive.ssl.SslConfig;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.util.SettingsBasedSSLConfigurator;
+import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException;
+
+import org.opensearch.common.settings.Settings;
+
import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting;
public class LDAPConnectionFactoryFactory {
diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPUserSearcher.java b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPUserSearcher.java
index 6013d0379e..966555daff 100644
--- a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPUserSearcher.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPUserSearcher.java
@@ -21,17 +21,17 @@
import org.apache.commons.lang3.tuple.Pair;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
-import org.opensearch.common.settings.Settings;
-
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.LdapHelper;
-import com.amazon.dlic.auth.ldap.util.Utils;
import org.ldaptive.Connection;
import org.ldaptive.LdapEntry;
import org.ldaptive.SearchFilter;
import org.ldaptive.SearchScope;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.LdapHelper;
+import com.amazon.dlic.auth.ldap.util.Utils;
+
+import org.opensearch.common.settings.Settings;
+
public class LDAPUserSearcher {
protected static final Logger log = LogManager.getLogger(LDAPUserSearcher.class);
diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/MakeJava9Happy.java b/src/main/java/com/amazon/dlic/auth/ldap2/MakeJava9Happy.java
index 67bf49cfd7..63e88fd2d4 100644
--- a/src/main/java/com/amazon/dlic/auth/ldap2/MakeJava9Happy.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap2/MakeJava9Happy.java
@@ -15,11 +15,11 @@
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
-import org.opensearch.SpecialPermission;
-
import io.netty.util.internal.PlatformDependent;
import org.ldaptive.ssl.ThreadLocalTLSSocketFactory;
+import org.opensearch.SpecialPermission;
+
public class MakeJava9Happy {
private static ClassLoader classLoader;
diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/PrivilegedProvider.java b/src/main/java/com/amazon/dlic/auth/ldap2/PrivilegedProvider.java
index 8f9a18c758..7ca4a4ff2e 100644
--- a/src/main/java/com/amazon/dlic/auth/ldap2/PrivilegedProvider.java
+++ b/src/main/java/com/amazon/dlic/auth/ldap2/PrivilegedProvider.java
@@ -15,8 +15,6 @@
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
-import org.opensearch.SpecialPermission;
-
import org.ldaptive.AddRequest;
import org.ldaptive.BindRequest;
import org.ldaptive.CompareRequest;
@@ -37,6 +35,8 @@
import org.ldaptive.provider.SearchListener;
import org.ldaptive.provider.jndi.JndiProviderConfig;
+import org.opensearch.SpecialPermission;
+
public class PrivilegedProvider implements Provider {
private final Provider delegate;
diff --git a/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java b/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java
index a60167a1bc..ed42117a04 100644
--- a/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java
+++ b/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java
@@ -25,6 +25,7 @@
import java.util.Collection;
import java.util.List;
import java.util.Map;
+
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
diff --git a/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java b/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java
index 9c273a14a4..c2de5d95a2 100644
--- a/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java
+++ b/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java
@@ -26,6 +26,7 @@
import java.util.Collection;
import java.util.List;
import java.util.Map;
+
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
diff --git a/src/main/java/org/opensearch/security/DefaultObjectMapper.java b/src/main/java/org/opensearch/security/DefaultObjectMapper.java
index 48aa09541a..f8564cb21b 100644
--- a/src/main/java/org/opensearch/security/DefaultObjectMapper.java
+++ b/src/main/java/org/opensearch/security/DefaultObjectMapper.java
@@ -33,7 +33,6 @@
import java.util.Map;
import java.util.Set;
-import com.google.common.collect.ImmutableSet;
import com.fasterxml.jackson.annotation.JsonInclude.Include;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
@@ -47,6 +46,7 @@
import com.fasterxml.jackson.databind.introspect.BeanPropertyDefinition;
import com.fasterxml.jackson.databind.type.TypeFactory;
import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
+import com.google.common.collect.ImmutableSet;
import org.opensearch.SpecialPermission;
diff --git a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java
index 3c04816c32..de7693e393 100644
--- a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java
+++ b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java
@@ -28,41 +28,13 @@
// CS-SUPPRESS-SINGLE: RegexpSingleline Extensions manager used to allow/disallow TLS connections to extensions
-import java.io.IOException;
-import java.nio.file.Files;
-import java.nio.file.LinkOption;
-import java.nio.file.Path;
-import java.nio.file.attribute.PosixFilePermission;
-import java.security.AccessController;
-import java.security.MessageDigest;
-import java.security.PrivilegedAction;
-import java.security.Security;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Objects;
-import java.util.Set;
-import java.util.concurrent.atomic.AtomicReference;
-import java.util.function.BiFunction;
-import java.util.function.Function;
-import java.util.function.Predicate;
-import java.util.function.Supplier;
-import java.util.function.UnaryOperator;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
import com.google.common.collect.Lists;
+
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.lucene.search.QueryCachingPolicy;
import org.apache.lucene.search.Weight;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
import org.opensearch.OpenSearchException;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
@@ -201,6 +173,34 @@
import org.opensearch.transport.TransportService;
import org.opensearch.watcher.ResourceWatcherService;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.LinkOption;
+import java.nio.file.Path;
+import java.nio.file.attribute.PosixFilePermission;
+import java.security.AccessController;
+import java.security.MessageDigest;
+import java.security.PrivilegedAction;
+import java.security.Security;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.concurrent.atomic.AtomicReference;
+import java.util.function.BiFunction;
+import java.util.function.Function;
+import java.util.function.Predicate;
+import java.util.function.Supplier;
+import java.util.function.UnaryOperator;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.ENDPOINTS_WITH_PERMISSIONS;
import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.SECURITY_CONFIG_UPDATE;
import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting;
diff --git a/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java b/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java
index 64149a7c97..1e5b5e4056 100644
--- a/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java
+++ b/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java
@@ -38,9 +38,9 @@
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.inject.Provider;
-import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.common.settings.Settings;
import org.opensearch.security.auth.BackendRegistry;
import org.opensearch.security.configuration.ConfigurationRepository;
import org.opensearch.security.securityconf.DynamicConfigFactory;
diff --git a/src/main/java/org/opensearch/security/action/onbehalf/CreateOnBehalfOfTokenAction.java b/src/main/java/org/opensearch/security/action/onbehalf/CreateOnBehalfOfTokenAction.java
index 02b88bbd5c..0863fee552 100644
--- a/src/main/java/org/opensearch/security/action/onbehalf/CreateOnBehalfOfTokenAction.java
+++ b/src/main/java/org/opensearch/security/action/onbehalf/CreateOnBehalfOfTokenAction.java
@@ -21,7 +21,6 @@
import org.apache.logging.log4j.Logger;
import org.opensearch.client.node.NodeClient;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.identity.tokens.OnBehalfOfClaims;
import org.opensearch.rest.BaseRestHandler;
@@ -29,6 +28,7 @@
import org.opensearch.rest.NamedRoute;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.identity.SecurityTokenManager;
import static org.opensearch.rest.RestRequest.Method.POST;
diff --git a/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java b/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java
index 4bc6238765..f7e741b868 100644
--- a/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java
+++ b/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java
@@ -26,12 +26,12 @@
package org.opensearch.security.action.whoami;
+import org.opensearch.core.action.ActionListener;
import org.opensearch.action.support.ActionFilters;
import org.opensearch.action.support.HandledTransportAction;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.action.ActionListener;
import org.opensearch.security.configuration.AdminDNs;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.support.HeaderHelper;
diff --git a/src/main/java/org/opensearch/security/auditlog/AuditLog.java b/src/main/java/org/opensearch/security/auditlog/AuditLog.java
index 45eb8cd1e6..997b9e4b87 100644
--- a/src/main/java/org/opensearch/security/auditlog/AuditLog.java
+++ b/src/main/java/org/opensearch/security/auditlog/AuditLog.java
@@ -29,12 +29,12 @@
import java.io.Closeable;
import java.util.Map;
-import org.opensearch.core.index.shard.ShardId;
import org.opensearch.index.engine.Engine.Delete;
import org.opensearch.index.engine.Engine.DeleteResult;
import org.opensearch.index.engine.Engine.Index;
import org.opensearch.index.engine.Engine.IndexResult;
import org.opensearch.index.get.GetResult;
+import org.opensearch.core.index.shard.ShardId;
import org.opensearch.security.auditlog.config.AuditConfig;
import org.opensearch.security.compliance.ComplianceConfig;
import org.opensearch.security.filter.SecurityRequest;
diff --git a/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java b/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java
index cff4157250..1ac4492a94 100644
--- a/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java
+++ b/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java
@@ -29,12 +29,12 @@
import java.io.IOException;
import java.util.Map;
-import org.opensearch.core.index.shard.ShardId;
import org.opensearch.index.engine.Engine.Delete;
import org.opensearch.index.engine.Engine.DeleteResult;
import org.opensearch.index.engine.Engine.Index;
import org.opensearch.index.engine.Engine.IndexResult;
import org.opensearch.index.get.GetResult;
+import org.opensearch.core.index.shard.ShardId;
import org.opensearch.security.auditlog.config.AuditConfig;
import org.opensearch.security.compliance.ComplianceConfig;
import org.opensearch.security.filter.SecurityRequest;
diff --git a/src/main/java/org/opensearch/security/auditlog/config/AuditConfig.java b/src/main/java/org/opensearch/security/auditlog/config/AuditConfig.java
index 2cffd93dfa..f6f9a42e87 100644
--- a/src/main/java/org/opensearch/security/auditlog/config/AuditConfig.java
+++ b/src/main/java/org/opensearch/security/auditlog/config/AuditConfig.java
@@ -17,15 +17,15 @@
import java.util.Set;
import java.util.stream.Collectors;
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Sets;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException;
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Sets;
import org.apache.logging.log4j.Logger;
import org.opensearch.common.settings.Settings;
diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java b/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java
index d97adc358b..a395327f42 100644
--- a/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java
+++ b/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java
@@ -26,9 +26,10 @@
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.stream.Collectors;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.flipkart.zjsonpatch.JsonDiff;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.io.BaseEncoding;
-import com.fasterxml.jackson.databind.JsonNode;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
@@ -41,15 +42,14 @@
import org.opensearch.action.update.UpdateRequest;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.service.ClusterService;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.settings.Settings;
+import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.common.xcontent.XContentHelper;
+import org.opensearch.core.xcontent.MediaType;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.common.xcontent.json.JsonXContent;
-import org.opensearch.core.common.bytes.BytesReference;
-import org.opensearch.core.common.transport.TransportAddress;
-import org.opensearch.core.index.shard.ShardId;
-import org.opensearch.core.xcontent.MediaType;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.core.xcontent.XContentParser;
@@ -59,6 +59,7 @@
import org.opensearch.index.engine.Engine.Index;
import org.opensearch.index.engine.Engine.IndexResult;
import org.opensearch.index.get.GetResult;
+import org.opensearch.core.index.shard.ShardId;
import org.opensearch.security.DefaultObjectMapper;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.auditlog.config.AuditConfig;
@@ -72,8 +73,6 @@
import org.opensearch.threadpool.ThreadPool;
import org.opensearch.transport.TransportRequest;
-import com.flipkart.zjsonpatch.JsonDiff;
-
import static org.opensearch.core.xcontent.DeprecationHandler.THROW_UNSUPPORTED_OPERATION;
public abstract class AbstractAuditLog implements AuditLog {
diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java b/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java
index e860ec0d5e..8da4b13d4c 100644
--- a/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java
+++ b/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java
@@ -17,18 +17,20 @@
import java.security.PrivilegedAction;
import java.util.Map;
+import org.greenrobot.eventbus.Subscribe;
+
import org.opensearch.SpecialPermission;
import org.opensearch.client.Client;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.index.shard.ShardId;
import org.opensearch.env.Environment;
import org.opensearch.index.engine.Engine.Delete;
import org.opensearch.index.engine.Engine.DeleteResult;
import org.opensearch.index.engine.Engine.Index;
import org.opensearch.index.engine.Engine.IndexResult;
import org.opensearch.index.get.GetResult;
+import org.opensearch.core.index.shard.ShardId;
import org.opensearch.security.auditlog.config.AuditConfig;
import org.opensearch.security.auditlog.routing.AuditMessageRouter;
import org.opensearch.security.filter.SecurityRequest;
@@ -36,8 +38,6 @@
import org.opensearch.threadpool.ThreadPool;
import org.opensearch.transport.TransportRequest;
-import org.greenrobot.eventbus.Subscribe;
-
public final class AuditLogImpl extends AbstractAuditLog {
private final AuditMessageRouter messageRouter;
diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java b/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java
index 8b24a554d1..a41b4625c2 100644
--- a/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java
+++ b/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java
@@ -27,33 +27,32 @@
import com.google.common.annotations.VisibleForTesting;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.hc.core5.net.URIBuilder;
+import org.joda.time.DateTime;
+import org.joda.time.DateTimeZone;
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
import org.opensearch.ExceptionsHelper;
import org.opensearch.cluster.service.ClusterService;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.collect.Tuple;
+import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.common.xcontent.XContentHelper;
+import org.opensearch.core.xcontent.MediaType;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.common.xcontent.json.JsonXContent;
import org.opensearch.core.common.Strings;
-import org.opensearch.core.common.bytes.BytesReference;
-import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.core.index.shard.ShardId;
-import org.opensearch.core.xcontent.MediaType;
import org.opensearch.rest.RestRequest;
import org.opensearch.security.auditlog.AuditLog.Operation;
import org.opensearch.security.auditlog.AuditLog.Origin;
import org.opensearch.security.auditlog.config.AuditConfig;
import org.opensearch.security.dlic.rest.support.Utils;
-import org.opensearch.security.filter.OpenSearchRequest;
import org.opensearch.security.filter.SecurityRequest;
+import org.opensearch.security.filter.OpenSearchRequest;
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.security.support.WildcardMatcher;
-import org.joda.time.DateTime;
-import org.joda.time.DateTimeZone;
-import org.joda.time.format.DateTimeFormat;
-import org.joda.time.format.DateTimeFormatter;
-
import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
diff --git a/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java b/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java
index ea4289150e..8a1177ec60 100644
--- a/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java
+++ b/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java
@@ -41,15 +41,15 @@
import org.opensearch.action.update.UpdateRequest;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.service.ClusterService;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.settings.Settings;
-import org.opensearch.common.xcontent.XContentFactory;
-import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.core.common.transport.TransportAddress;
-import org.opensearch.core.index.Index;
+import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.core.xcontent.MediaType;
+import org.opensearch.common.xcontent.XContentType;
import org.opensearch.core.xcontent.XContentBuilder;
+import org.opensearch.core.index.Index;
import org.opensearch.index.reindex.DeleteByQueryRequest;
import org.opensearch.index.reindex.ReindexRequest;
import org.opensearch.index.reindex.UpdateByQueryRequest;
diff --git a/src/main/java/org/opensearch/security/auditlog/sink/AuditLogSink.java b/src/main/java/org/opensearch/security/auditlog/sink/AuditLogSink.java
index d034014612..a482b81c29 100644
--- a/src/main/java/org/opensearch/security/auditlog/sink/AuditLogSink.java
+++ b/src/main/java/org/opensearch/security/auditlog/sink/AuditLogSink.java
@@ -18,15 +18,14 @@
import com.google.common.util.concurrent.Uninterruptibles;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.joda.time.DateTime;
+import org.joda.time.DateTimeZone;
+import org.joda.time.format.DateTimeFormatter;
import org.opensearch.common.settings.Settings;
import org.opensearch.security.auditlog.impl.AuditMessage;
import org.opensearch.security.support.ConfigConstants;
-import org.joda.time.DateTime;
-import org.joda.time.DateTimeZone;
-import org.joda.time.format.DateTimeFormatter;
-
public abstract class AuditLogSink {
protected final Logger log = LogManager.getLogger(this.getClass());
diff --git a/src/main/java/org/opensearch/security/auditlog/sink/DebugSink.java b/src/main/java/org/opensearch/security/auditlog/sink/DebugSink.java
index daf84b979d..f53d4c2af3 100644
--- a/src/main/java/org/opensearch/security/auditlog/sink/DebugSink.java
+++ b/src/main/java/org/opensearch/security/auditlog/sink/DebugSink.java
@@ -13,7 +13,6 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.security.auditlog.impl.AuditMessage;
diff --git a/src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java b/src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java
index 7bde676399..f3a8d288f8 100644
--- a/src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java
+++ b/src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java
@@ -20,6 +20,9 @@
import java.util.Collections;
import java.util.List;
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
+
import org.opensearch.common.settings.Settings;
import org.opensearch.security.auditlog.impl.AuditMessage;
import org.opensearch.security.httpclient.HttpClient;
@@ -28,9 +31,6 @@
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.support.PemKeyReader;
-import org.joda.time.format.DateTimeFormat;
-import org.joda.time.format.DateTimeFormatter;
-
import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD;
import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
diff --git a/src/main/java/org/opensearch/security/auditlog/sink/InternalOpenSearchSink.java b/src/main/java/org/opensearch/security/auditlog/sink/InternalOpenSearchSink.java
index dd1db488da..f01051c70f 100644
--- a/src/main/java/org/opensearch/security/auditlog/sink/InternalOpenSearchSink.java
+++ b/src/main/java/org/opensearch/security/auditlog/sink/InternalOpenSearchSink.java
@@ -14,6 +14,9 @@
import java.io.IOException;
import java.nio.file.Path;
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
+
import org.opensearch.action.index.IndexRequestBuilder;
import org.opensearch.action.support.WriteRequest.RefreshPolicy;
import org.opensearch.client.Client;
@@ -25,9 +28,6 @@
import org.opensearch.security.support.HeaderHelper;
import org.opensearch.threadpool.ThreadPool;
-import org.joda.time.format.DateTimeFormat;
-import org.joda.time.format.DateTimeFormatter;
-
public final class InternalOpenSearchSink extends AuditLogSink {
private final Client clientProvider;
diff --git a/src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java b/src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java
index 219a7d05ac..8616fa9df5 100644
--- a/src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java
+++ b/src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java
@@ -21,6 +21,7 @@
import java.security.PrivilegedAction;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
+
import javax.net.ssl.SSLContext;
import org.apache.hc.client5.http.classic.methods.HttpGet;
@@ -41,7 +42,6 @@
import org.apache.hc.core5.ssl.SSLContextBuilder;
import org.apache.hc.core5.ssl.TrustStrategy;
import org.apache.http.HttpStatus;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.Strings;
import org.opensearch.security.auditlog.impl.AuditMessage;
diff --git a/src/main/java/org/opensearch/security/auth/BackendRegistry.java b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
index 3f6aae0720..a064207964 100644
--- a/src/main/java/org/opensearch/security/auth/BackendRegistry.java
+++ b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
@@ -44,8 +44,10 @@
import com.google.common.cache.RemovalListener;
import com.google.common.cache.RemovalNotification;
import com.google.common.collect.Multimap;
+
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.common.settings.Settings;
@@ -66,8 +68,6 @@
import org.opensearch.security.user.User;
import org.opensearch.threadpool.ThreadPool;
-import org.greenrobot.eventbus.Subscribe;
-
import static org.apache.http.HttpStatus.SC_FORBIDDEN;
import static org.apache.http.HttpStatus.SC_SERVICE_UNAVAILABLE;
import static org.apache.http.HttpStatus.SC_UNAUTHORIZED;
diff --git a/src/main/java/org/opensearch/security/auth/UserInjector.java b/src/main/java/org/opensearch/security/auth/UserInjector.java
index 456dd9a1c2..351afde0f1 100644
--- a/src/main/java/org/opensearch/security/auth/UserInjector.java
+++ b/src/main/java/org/opensearch/security/auth/UserInjector.java
@@ -38,9 +38,9 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.filter.SecurityRequestChannel;
diff --git a/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java b/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java
index d3dba7409e..98443a2902 100644
--- a/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java
+++ b/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java
@@ -36,6 +36,7 @@
import java.util.Map.Entry;
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.security.auth.AuthenticationBackend;
@@ -44,8 +45,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import org.greenrobot.eventbus.Subscribe;
-
public class InternalAuthenticationBackend implements AuthenticationBackend, AuthorizationBackend {
private InternalUsersModel internalUsersModel;
diff --git a/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java b/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java
index 4cd2ddab2a..2e11fed64a 100644
--- a/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java
+++ b/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java
@@ -14,6 +14,7 @@
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Base64;
+
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
diff --git a/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java b/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java
index e21d9257ff..6340688607 100644
--- a/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java
+++ b/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java
@@ -18,14 +18,10 @@
import java.util.Optional;
import java.util.function.LongSupplier;
+import com.nimbusds.jose.JOSEException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-import org.opensearch.OpenSearchException;
-import org.opensearch.common.collect.Tuple;
-import org.opensearch.common.settings.Settings;
-
-import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSSigner;
@@ -37,6 +33,10 @@
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
+import org.opensearch.OpenSearchException;
+import org.opensearch.common.collect.Tuple;
+import org.opensearch.common.settings.Settings;
+
import static org.opensearch.security.util.AuthTokenUtils.isKeyNull;
public class JwtVendor {
diff --git a/src/main/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtil.java b/src/main/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtil.java
index 7c041a5c2f..41bf2955f2 100644
--- a/src/main/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtil.java
+++ b/src/main/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtil.java
@@ -11,11 +11,10 @@
package org.opensearch.security.authtoken.jwt;
-import org.apache.commons.lang3.StringUtils;
-
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.util.ByteUtils;
+import org.apache.commons.lang3.StringUtils;
import static com.nimbusds.jose.crypto.MACSigner.getMinRequiredSecretLength;
diff --git a/src/main/java/org/opensearch/security/compliance/ComplianceConfig.java b/src/main/java/org/opensearch/security/compliance/ComplianceConfig.java
index edc5248781..1d81479f37 100644
--- a/src/main/java/org/opensearch/security/compliance/ComplianceConfig.java
+++ b/src/main/java/org/opensearch/security/compliance/ComplianceConfig.java
@@ -33,13 +33,6 @@
import java.util.Set;
import java.util.concurrent.ExecutionException;
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.cache.CacheBuilder;
-import com.google.common.cache.CacheLoader;
-import com.google.common.cache.LoadingCache;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
import com.fasterxml.jackson.annotation.JacksonInject;
import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.JsonCreator;
@@ -47,8 +40,19 @@
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException;
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.cache.CacheBuilder;
+import com.google.common.cache.CacheLoader;
+import com.google.common.cache.LoadingCache;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.joda.time.DateTime;
+import org.joda.time.DateTimeZone;
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.Strings;
@@ -57,11 +61,6 @@
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.support.WildcardMatcher;
-import org.joda.time.DateTime;
-import org.joda.time.DateTimeZone;
-import org.joda.time.format.DateTimeFormat;
-import org.joda.time.format.DateTimeFormatter;
-
import static org.opensearch.security.DefaultObjectMapper.getOrDefault;
/**
diff --git a/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java b/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java
index 4c97cdc730..c1ac1271bb 100644
--- a/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java
+++ b/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java
@@ -17,7 +17,6 @@
import org.apache.logging.log4j.Logger;
import org.opensearch.OpenSearchException;
-import org.opensearch.core.index.shard.ShardId;
import org.opensearch.index.IndexService;
import org.opensearch.index.engine.Engine.Delete;
import org.opensearch.index.engine.Engine.DeleteResult;
@@ -25,6 +24,7 @@
import org.opensearch.index.engine.Engine.IndexResult;
import org.opensearch.index.get.GetResult;
import org.opensearch.index.shard.IndexShard;
+import org.opensearch.core.index.shard.ShardId;
import org.opensearch.security.auditlog.AuditLog;
public final class ComplianceIndexingOperationListenerImpl extends ComplianceIndexingOperationListener {
diff --git a/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java b/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java
index 210a198e2e..3f2d764f1d 100644
--- a/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java
+++ b/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java
@@ -19,6 +19,7 @@
import java.util.Objects;
import java.util.function.Function;
+import com.github.wnameless.json.flattener.JsonFlattener;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.lucene.index.FieldInfo;
@@ -27,17 +28,15 @@
import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.common.xcontent.support.XContentMapValues;
import org.opensearch.core.index.Index;
-import org.opensearch.core.index.shard.ShardId;
import org.opensearch.index.IndexService;
import org.opensearch.index.mapper.Uid;
+import org.opensearch.core.index.shard.ShardId;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.dlic.rest.support.Utils;
import org.opensearch.security.support.HeaderHelper;
import org.opensearch.security.support.SourceFieldsContext;
import org.opensearch.security.support.WildcardMatcher;
-import com.github.wnameless.json.flattener.JsonFlattener;
-
//TODO We need to deal with caching!!
//Currently we disable caching (and realtime requests) when FLS or DLS is applied
//Check if we can hook in into the caches
diff --git a/src/main/java/org/opensearch/security/configuration/AdminDNs.java b/src/main/java/org/opensearch/security/configuration/AdminDNs.java
index cdbbf8545b..204f277808 100644
--- a/src/main/java/org/opensearch/security/configuration/AdminDNs.java
+++ b/src/main/java/org/opensearch/security/configuration/AdminDNs.java
@@ -33,6 +33,7 @@
import java.util.Objects;
import java.util.Set;
import java.util.function.Function;
+
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
diff --git a/src/main/java/org/opensearch/security/configuration/CompatConfig.java b/src/main/java/org/opensearch/security/configuration/CompatConfig.java
index a8de00f64e..ec2a521afe 100644
--- a/src/main/java/org/opensearch/security/configuration/CompatConfig.java
+++ b/src/main/java/org/opensearch/security/configuration/CompatConfig.java
@@ -28,6 +28,7 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.common.settings.Settings;
import org.opensearch.env.Environment;
@@ -35,8 +36,6 @@
import org.opensearch.security.setting.OpensearchDynamicSetting;
import org.opensearch.security.support.ConfigConstants;
-import org.greenrobot.eventbus.Subscribe;
-
import static org.opensearch.security.support.ConfigConstants.SECURITY_UNSUPPORTED_PASSIVE_INTERTRANSPORT_AUTH_INITIALLY;
public class CompatConfig {
diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java b/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java
index 8a3047385b..ac53895310 100644
--- a/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java
+++ b/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java
@@ -40,6 +40,7 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.opensearch.core.action.ActionListener;
import org.opensearch.action.get.GetResponse;
import org.opensearch.action.get.MultiGetItemResponse;
import org.opensearch.action.get.MultiGetRequest;
@@ -47,11 +48,10 @@
import org.opensearch.action.get.MultiGetResponse.Failure;
import org.opensearch.client.Client;
import org.opensearch.cluster.service.ClusterService;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.xcontent.XContentHelper;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.action.ActionListener;
-import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.core.xcontent.XContentParser;
import org.opensearch.security.DefaultObjectMapper;
diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java
index 81e9f47370..04ad8f7420 100644
--- a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java
+++ b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java
@@ -63,9 +63,9 @@
import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.common.util.concurrent.ThreadContext.StoredContext;
import org.opensearch.core.common.Strings;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.MediaTypeRegistry;
import org.opensearch.env.Environment;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.auditlog.config.AuditConfig;
import org.opensearch.security.securityconf.DynamicConfigFactory;
diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java
index ac769e37dd..84dc7f8c19 100644
--- a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java
+++ b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java
@@ -65,17 +65,17 @@
import org.opensearch.ExceptionsHelper;
import org.opensearch.cluster.service.ClusterService;
+import org.opensearch.core.common.bytes.BytesArray;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.lucene.index.SequentialStoredFieldsLeafReader;
import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.common.xcontent.XContentHelper;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.common.xcontent.support.XContentMapValues;
-import org.opensearch.core.common.bytes.BytesArray;
-import org.opensearch.core.common.bytes.BytesReference;
-import org.opensearch.core.index.shard.ShardId;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.index.IndexService;
+import org.opensearch.core.index.shard.ShardId;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.compliance.ComplianceConfig;
import org.opensearch.security.compliance.FieldReadCallback;
diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java b/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java
index 1152799bd5..954461b43d 100644
--- a/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java
+++ b/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java
@@ -26,8 +26,8 @@
package org.opensearch.security.configuration;
-import org.opensearch.action.ActionRequest;
import org.opensearch.core.action.ActionListener;
+import org.opensearch.action.ActionRequest;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.search.internal.SearchContext;
import org.opensearch.search.query.QuerySearchResult;
diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java b/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java
index 855db9e896..06c94c26b5 100644
--- a/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java
+++ b/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java
@@ -34,6 +34,7 @@
import org.opensearch.OpenSearchException;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
+import org.opensearch.core.action.ActionListener;
import org.opensearch.action.ActionRequest;
import org.opensearch.action.DocWriteRequest;
import org.opensearch.action.RealtimeRequest;
@@ -49,12 +50,11 @@
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.core.action.ActionListener;
import org.opensearch.core.common.Strings;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.MediaTypeRegistry;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.index.query.ParsedQuery;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.search.DocValueFormat;
import org.opensearch.search.aggregations.AggregationBuilder;
import org.opensearch.search.aggregations.AggregatorFactories;
diff --git a/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java b/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java
index 1f1e3f1e48..b6df13c9d9 100644
--- a/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java
+++ b/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java
@@ -24,10 +24,10 @@
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.index.shard.ShardId;
import org.opensearch.index.IndexService;
import org.opensearch.index.mapper.IgnoredFieldMapper;
import org.opensearch.index.query.QueryShardContext;
+import org.opensearch.core.index.shard.ShardId;
import org.opensearch.index.shard.ShardUtils;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.compliance.ComplianceIndexingOperationListener;
diff --git a/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java b/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java
index b2008861aa..15a20db98d 100644
--- a/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java
+++ b/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java
@@ -32,11 +32,12 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.lucene.index.DirectoryReader;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.common.CheckedFunction;
import org.opensearch.common.settings.Settings;
-import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.common.transport.TransportAddress;
+import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.index.Index;
import org.opensearch.index.IndexService;
import org.opensearch.security.privileges.PrivilegesEvaluator;
@@ -46,8 +47,6 @@
import org.opensearch.security.support.WildcardMatcher;
import org.opensearch.security.user.User;
-import org.greenrobot.eventbus.Subscribe;
-
public class SecurityIndexSearcherWrapper implements CheckedFunction {
protected final Logger log = LogManager.getLogger(this.getClass());
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java
index 04148e8b99..6cbd7eaf78 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java
@@ -11,22 +11,16 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-import java.util.Objects;
-import java.util.Optional;
-import java.util.Set;
-
-import com.google.common.collect.ImmutableSet;
import com.fasterxml.jackson.core.JsonPointer;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.flipkart.zjsonpatch.JsonPatch;
+import com.flipkart.zjsonpatch.JsonPatchApplicationException;
+import com.google.common.collect.ImmutableSet;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.ExceptionsHelper;
import org.opensearch.action.index.IndexRequest;
import org.opensearch.action.index.IndexResponse;
@@ -63,8 +57,12 @@
import org.opensearch.security.user.User;
import org.opensearch.threadpool.ThreadPool;
-import com.flipkart.zjsonpatch.JsonPatch;
-import com.flipkart.zjsonpatch.JsonPatchApplicationException;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Optional;
+import java.util.Set;
import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler;
import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java
index 5d81dfa85d..e4a1c0d05a 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java
@@ -11,16 +11,11 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import org.apache.commons.lang3.tuple.Triple;
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.Strings;
@@ -40,6 +35,10 @@
import org.opensearch.security.user.User;
import org.opensearch.threadpool.ThreadPool;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage;
import static org.opensearch.security.dlic.rest.api.Responses.ok;
import static org.opensearch.security.dlic.rest.api.Responses.response;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java
index 172d4a537b..5eb4f202bf 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java
@@ -11,15 +11,9 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
@@ -35,6 +29,11 @@
import org.opensearch.security.securityconf.impl.v7.ActionGroupsV7;
import org.opensearch.threadpool.ThreadPool;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler;
import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage;
import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java
index b7d4761993..349247ee01 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java
@@ -11,12 +11,8 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.List;
-import java.util.Map;
-
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
@@ -29,6 +25,9 @@
import org.opensearch.security.tools.SecurityAdmin;
import org.opensearch.threadpool.ThreadPool;
+import java.util.List;
+import java.util.Map;
+
import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler;
/**
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java
index 47bc1f184e..20e424e959 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java
@@ -11,17 +11,11 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.JsonNode;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
import org.opensearch.core.rest.RestStatus;
@@ -38,6 +32,11 @@
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.threadpool.ThreadPool;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler;
import static org.opensearch.security.dlic.rest.api.Responses.conflictMessage;
import static org.opensearch.security.dlic.rest.api.Responses.methodNotImplementedMessage;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java
index bc37f41d6e..e124abb5f7 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java
@@ -11,15 +11,15 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.Collections;
-import java.util.List;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.rest.RestRequest.Method;
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.threadpool.ThreadPool;
+import java.util.Collections;
+import java.util.List;
+
import static org.opensearch.security.dlic.rest.api.Responses.ok;
import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java
index d6f5e24d7d..640e52df6e 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java
@@ -11,12 +11,9 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.List;
-
import com.google.common.collect.ImmutableList;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.core.action.ActionListener;
@@ -28,6 +25,8 @@
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.threadpool.ThreadPool;
+import java.util.List;
+
import static org.opensearch.security.dlic.rest.api.Responses.internalSeverError;
import static org.opensearch.security.dlic.rest.api.Responses.ok;
import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java
index 70994504bf..449762c8ff 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java
@@ -11,14 +11,9 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-
+import com.fasterxml.jackson.databind.node.ObjectNode;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
-import com.fasterxml.jackson.databind.node.ObjectNode;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
@@ -40,6 +35,10 @@
import org.opensearch.security.user.UserServiceException;
import org.opensearch.threadpool.ThreadPool;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+
import static org.opensearch.security.dlic.rest.api.Responses.badRequest;
import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage;
import static org.opensearch.security.dlic.rest.api.Responses.methodNotImplementedMessage;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java
index 7f1adecd3e..7f72a92640 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java
@@ -13,14 +13,9 @@
// CS-SUPPRESS-SINGLE: RegexpSingleline https://github.com/opensearch-project/OpenSearch/issues/3663
-import java.io.IOException;
-import java.util.Collections;
-import java.util.List;
-
import com.google.common.collect.ImmutableList;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.action.admin.indices.create.CreateIndexResponse;
import org.opensearch.action.bulk.BulkRequestBuilder;
import org.opensearch.action.bulk.BulkResponse;
@@ -60,6 +55,10 @@
import org.opensearch.security.securityconf.impl.v7.TenantV7;
import org.opensearch.threadpool.ThreadPool;
+import java.io.IOException;
+import java.util.Collections;
+import java.util.List;
+
import static org.opensearch.security.dlic.rest.api.Responses.badRequest;
import static org.opensearch.security.dlic.rest.api.Responses.internalSeverError;
import static org.opensearch.security.dlic.rest.api.Responses.ok;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java
index d56025aec1..9928c7897a 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java
@@ -11,6 +11,12 @@
package org.opensearch.security.dlic.rest.api;
+import static org.opensearch.rest.RestRequest.Method.GET;
+import static org.opensearch.rest.RestRequest.Method.PUT;
+import static org.opensearch.security.dlic.rest.api.Responses.ok;
+import static org.opensearch.security.dlic.rest.api.Responses.response;
+import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix;
+
import java.io.IOException;
import java.util.List;
import java.util.Map;
@@ -19,10 +25,6 @@
import java.util.Set;
import java.util.stream.Collectors;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableMap;
-import com.fasterxml.jackson.databind.JsonNode;
-
import org.opensearch.action.index.IndexResponse;
import org.opensearch.client.Client;
import org.opensearch.cluster.service.ClusterService;
@@ -38,11 +40,9 @@
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.threadpool.ThreadPool;
-import static org.opensearch.rest.RestRequest.Method.GET;
-import static org.opensearch.rest.RestRequest.Method.PUT;
-import static org.opensearch.security.dlic.rest.api.Responses.ok;
-import static org.opensearch.security.dlic.rest.api.Responses.response;
-import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
public class MultiTenancyConfigApiAction extends AbstractApiAction {
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java
index 05c533b1d9..ed1f3e0fbb 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java
@@ -18,9 +18,9 @@
import java.util.Set;
import com.google.common.collect.ImmutableList;
+
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java
index e374ba4cf2..56d2d24337 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java
@@ -26,7 +26,6 @@
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.transport.TransportAddress;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.rest.BaseRestHandler;
import org.opensearch.rest.BytesRestResponse;
@@ -34,6 +33,7 @@
import org.opensearch.rest.RestController;
import org.opensearch.rest.RestRequest;
import org.opensearch.rest.RestRequest.Method;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.configuration.AdminDNs;
import org.opensearch.security.configuration.ConfigurationRepository;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RequestHandler.java b/src/main/java/org/opensearch/security/dlic/rest/api/RequestHandler.java
index 9ab073ace4..d9b26c262b 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/RequestHandler.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/RequestHandler.java
@@ -11,14 +11,6 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Objects;
-import java.util.Set;
-import java.util.function.Consumer;
-import java.util.function.Predicate;
-
import org.opensearch.action.index.IndexResponse;
import org.opensearch.client.Client;
import org.opensearch.common.CheckedFunction;
@@ -28,6 +20,14 @@
import org.opensearch.security.dlic.rest.validation.ValidationResult;
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.function.Consumer;
+import java.util.function.Predicate;
+
import static org.opensearch.security.dlic.rest.api.Responses.created;
import static org.opensearch.security.dlic.rest.api.Responses.forbidden;
import static org.opensearch.security.dlic.rest.api.Responses.methodNotImplemented;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/Responses.java b/src/main/java/org/opensearch/security/dlic/rest/api/Responses.java
index 4f895d1a91..6af8f0e936 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/Responses.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/Responses.java
@@ -11,8 +11,6 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-
import org.opensearch.ExceptionsHelper;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.ToXContent;
@@ -20,6 +18,8 @@
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestRequest;
+import java.io.IOException;
+
public class Responses {
public static void ok(final RestChannel channel, final String message) {
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RestApiAdminPrivilegesEvaluator.java b/src/main/java/org/opensearch/security/dlic/rest/api/RestApiAdminPrivilegesEvaluator.java
index a80d029f13..a63c496e38 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/RestApiAdminPrivilegesEvaluator.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/RestApiAdminPrivilegesEvaluator.java
@@ -19,8 +19,8 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.common.transport.TransportAddress;
+import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.security.configuration.AdminDNs;
import org.opensearch.security.dlic.rest.support.Utils;
import org.opensearch.security.privileges.PrivilegesEvaluator;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java
index 9af04d17ec..76ff702455 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java
@@ -11,18 +11,11 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-import java.util.Objects;
-import java.util.stream.StreamSupport;
-
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableMap;
import com.fasterxml.jackson.core.JsonPointer;
import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
import org.apache.commons.lang3.tuple.Pair;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
@@ -38,6 +31,12 @@
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.threadpool.ThreadPool;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.stream.StreamSupport;
+
import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler;
import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java
index 230ce0e1a1..15fef92a5f 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java
@@ -17,9 +17,9 @@
import java.util.Set;
import com.google.common.collect.ImmutableList;
+
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiAction.java
index 2141a35460..f71135ce50 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiAction.java
@@ -11,11 +11,7 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.List;
-import java.util.Map;
-
import com.google.common.collect.ImmutableMap;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
@@ -28,6 +24,9 @@
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.threadpool.ThreadPool;
+import java.util.List;
+import java.util.Map;
+
import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler;
import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.SECURITY_CONFIG_UPDATE;
import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfiguration.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfiguration.java
index 4d33e42fad..68f17ac5f5 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfiguration.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfiguration.java
@@ -11,13 +11,12 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.Objects;
-import java.util.Optional;
-
import com.fasterxml.jackson.databind.JsonNode;
-
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
+import java.util.Objects;
+import java.util.Optional;
+
public class SecurityConfiguration {
private final String entityName;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityRestApiActions.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityRestApiActions.java
index b0d46f8774..78f9ce91df 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityRestApiActions.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityRestApiActions.java
@@ -11,10 +11,6 @@
package org.opensearch.security.dlic.rest.api;
-import java.nio.file.Path;
-import java.util.Collection;
-import java.util.List;
-
import org.opensearch.client.Client;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
@@ -29,6 +25,10 @@
import org.opensearch.security.user.UserService;
import org.opensearch.threadpool.ThreadPool;
+import java.nio.file.Path;
+import java.util.Collection;
+import java.util.List;
+
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED;
public class SecurityRestApiActions {
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiAction.java
index 48e1c9b704..1dee3d8c84 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiAction.java
@@ -11,16 +11,8 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
-
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
-
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.core.rest.RestStatus;
@@ -34,6 +26,13 @@
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.threadpool.ThreadPool;
+import java.io.IOException;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+
import static org.opensearch.security.dlic.rest.api.Responses.badRequest;
import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage;
import static org.opensearch.security.dlic.rest.api.Responses.ok;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java
index 28fd6dcdcb..ee716f70b5 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java
@@ -31,8 +31,8 @@
import java.util.Map;
import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableMap;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
import org.opensearch.common.settings.Settings;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java
index 93f1cd35c3..8f764e94c3 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java
@@ -11,10 +11,6 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.Collections;
-import java.util.List;
-
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.inject.Inject;
@@ -39,6 +35,10 @@
import org.opensearch.security.securityconf.impl.v7.TenantV7;
import org.opensearch.threadpool.ThreadPool;
+import java.io.IOException;
+import java.util.Collections;
+import java.util.List;
+
import static org.opensearch.security.dlic.rest.api.Responses.badRequest;
import static org.opensearch.security.dlic.rest.api.Responses.internalSeverError;
import static org.opensearch.security.dlic.rest.api.Responses.ok;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java b/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java
index 74b7cd415a..3853ee5f46 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java
@@ -24,12 +24,12 @@
import java.util.Objects;
import java.util.Set;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
import org.apache.commons.lang3.tuple.Pair;
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
@@ -37,12 +37,12 @@
import org.opensearch.OpenSearchParseException;
import org.opensearch.SpecialPermission;
import org.opensearch.common.CheckedSupplier;
+import org.opensearch.core.common.bytes.BytesReference;
+import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.common.xcontent.XContentHelper;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.common.xcontent.json.JsonXContent;
-import org.opensearch.core.common.bytes.BytesReference;
-import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.core.xcontent.MediaTypeRegistry;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.core.xcontent.ToXContent;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/EndpointValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/EndpointValidator.java
index 5879272b30..e4b08b8c3f 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/validation/EndpointValidator.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/validation/EndpointValidator.java
@@ -9,10 +9,6 @@
*/
package org.opensearch.security.dlic.rest.validation;
-import java.io.IOException;
-import java.util.List;
-import java.util.Objects;
-
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.dlic.rest.api.Endpoint;
import org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator;
@@ -20,6 +16,10 @@
import org.opensearch.security.dlic.rest.support.Utils;
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
+import java.io.IOException;
+import java.util.List;
+import java.util.Objects;
+
import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage;
import static org.opensearch.security.dlic.rest.api.Responses.forbiddenMessage;
import static org.opensearch.security.dlic.rest.api.Responses.notFoundMessage;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/PasswordValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/PasswordValidator.java
index ecad2951ab..d45be33e6a 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/validation/PasswordValidator.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/validation/PasswordValidator.java
@@ -11,23 +11,21 @@
package org.opensearch.security.dlic.rest.validation;
-import java.util.List;
-import java.util.Locale;
-import java.util.Objects;
-import java.util.StringJoiner;
-import java.util.function.Predicate;
-import java.util.regex.Pattern;
-
import com.google.common.collect.ImmutableList;
+import com.nulabinc.zxcvbn.Strength;
+import com.nulabinc.zxcvbn.Zxcvbn;
+import com.nulabinc.zxcvbn.matchers.Match;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.Strings;
-import com.nulabinc.zxcvbn.Strength;
-import com.nulabinc.zxcvbn.Zxcvbn;
-import com.nulabinc.zxcvbn.matchers.Match;
+import java.util.List;
+import java.util.Locale;
+import java.util.Objects;
+import java.util.StringJoiner;
+import java.util.function.Predicate;
+import java.util.regex.Pattern;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_MIN_LENGTH;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_SCORE_BASED_VALIDATION_STRENGTH;
diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/RequestContentValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/RequestContentValidator.java
index 452bdd72e4..5889bf5504 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/validation/RequestContentValidator.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/validation/RequestContentValidator.java
@@ -11,20 +11,11 @@
package org.opensearch.security.dlic.rest.validation;
-import java.io.IOException;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Optional;
-import java.util.Set;
-
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonToken;
import com.fasterxml.jackson.databind.JsonNode;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.Strings;
import org.opensearch.core.rest.RestStatus;
@@ -33,6 +24,14 @@
import org.opensearch.rest.RestRequest;
import org.opensearch.security.DefaultObjectMapper;
+import java.io.IOException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Optional;
+import java.util.Set;
+
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_ERROR_MESSAGE;
public class RequestContentValidator implements ToXContent {
diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/ValidationResult.java b/src/main/java/org/opensearch/security/dlic/rest/validation/ValidationResult.java
index ea782ea504..7fb91d8913 100644
--- a/src/main/java/org/opensearch/security/dlic/rest/validation/ValidationResult.java
+++ b/src/main/java/org/opensearch/security/dlic/rest/validation/ValidationResult.java
@@ -11,14 +11,14 @@
package org.opensearch.security.dlic.rest.validation;
-import java.io.IOException;
-import java.util.Objects;
-
import org.opensearch.common.CheckedBiConsumer;
import org.opensearch.common.CheckedConsumer;
import org.opensearch.common.CheckedFunction;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.ToXContent;
+import org.opensearch.core.rest.RestStatus;
+
+import java.io.IOException;
+import java.util.Objects;
public class ValidationResult {
diff --git a/src/main/java/org/opensearch/security/filter/DelegatingRestHandler.java b/src/main/java/org/opensearch/security/filter/DelegatingRestHandler.java
index 8e9a9f5037..3ad111c6fb 100644
--- a/src/main/java/org/opensearch/security/filter/DelegatingRestHandler.java
+++ b/src/main/java/org/opensearch/security/filter/DelegatingRestHandler.java
@@ -8,14 +8,14 @@
package org.opensearch.security.filter;
-import java.util.List;
-import java.util.Objects;
-
import org.opensearch.client.node.NodeClient;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestHandler;
import org.opensearch.rest.RestRequest;
+import java.util.List;
+import java.util.Objects;
+
/**
* Delegating RestHandler that delegates all implementations to original handler
*
diff --git a/src/main/java/org/opensearch/security/filter/NettyRequest.java b/src/main/java/org/opensearch/security/filter/NettyRequest.java
index 7b65e4e0de..f3f2827367 100644
--- a/src/main/java/org/opensearch/security/filter/NettyRequest.java
+++ b/src/main/java/org/opensearch/security/filter/NettyRequest.java
@@ -18,14 +18,15 @@
import java.util.Map;
import java.util.Optional;
import java.util.TreeMap;
+
import javax.net.ssl.SSLEngine;
+import io.netty.handler.ssl.SslHandler;
import org.opensearch.http.netty4.Netty4HttpChannel;
import org.opensearch.rest.RestRequest.Method;
-import org.opensearch.rest.RestUtils;
import io.netty.handler.codec.http.HttpRequest;
-import io.netty.handler.ssl.SslHandler;
+import org.opensearch.rest.RestUtils;
/**
* Wraps the functionality of HttpRequest for use in the security plugin
diff --git a/src/main/java/org/opensearch/security/filter/NettyRequestChannel.java b/src/main/java/org/opensearch/security/filter/NettyRequestChannel.java
index f994226407..a83ecdea8a 100644
--- a/src/main/java/org/opensearch/security/filter/NettyRequestChannel.java
+++ b/src/main/java/org/opensearch/security/filter/NettyRequestChannel.java
@@ -15,13 +15,11 @@
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicReference;
+import io.netty.handler.codec.http.HttpRequest;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.http.netty4.Netty4HttpChannel;
-import io.netty.handler.codec.http.HttpRequest;
-
public class NettyRequestChannel extends NettyRequest implements SecurityRequestChannel {
private final Logger log = LogManager.getLogger(NettyRequestChannel.class);
diff --git a/src/main/java/org/opensearch/security/filter/OpenSearchRequest.java b/src/main/java/org/opensearch/security/filter/OpenSearchRequest.java
index 80ede8b2c1..85c70b8f7a 100644
--- a/src/main/java/org/opensearch/security/filter/OpenSearchRequest.java
+++ b/src/main/java/org/opensearch/security/filter/OpenSearchRequest.java
@@ -15,6 +15,7 @@
import java.util.List;
import java.util.Map;
import java.util.Optional;
+
import javax.net.ssl.SSLEngine;
import org.opensearch.http.netty4.Netty4HttpChannel;
diff --git a/src/main/java/org/opensearch/security/filter/SecurityFilter.java b/src/main/java/org/opensearch/security/filter/SecurityFilter.java
index b9d4a73967..00b117ebb8 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityFilter.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityFilter.java
@@ -40,7 +40,9 @@
import org.opensearch.OpenSearchException;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.ResourceAlreadyExistsException;
+import org.opensearch.core.action.ActionListener;
import org.opensearch.action.ActionRequest;
+import org.opensearch.core.action.ActionResponse;
import org.opensearch.action.DocWriteRequest.OpType;
import org.opensearch.action.admin.cluster.snapshots.restore.RestoreSnapshotRequest;
import org.opensearch.action.admin.indices.alias.Alias;
@@ -66,12 +68,10 @@
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.common.util.concurrent.ThreadContext.StoredContext;
-import org.opensearch.core.action.ActionListener;
-import org.opensearch.core.action.ActionResponse;
import org.opensearch.core.common.logging.LoggerMessageFormat;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.index.reindex.DeleteByQueryRequest;
import org.opensearch.index.reindex.UpdateByQueryRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.action.whoami.WhoAmIAction;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.auditlog.AuditLog.Origin;
diff --git a/src/main/java/org/opensearch/security/filter/SecurityRequest.java b/src/main/java/org/opensearch/security/filter/SecurityRequest.java
index 4c7ea27a87..ab6f41b354 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityRequest.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityRequest.java
@@ -16,6 +16,7 @@
import java.util.Map;
import java.util.Optional;
import java.util.stream.Stream;
+
import javax.net.ssl.SSLEngine;
import org.opensearch.rest.RestRequest.Method;
diff --git a/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java b/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java
index 31fe78b87d..0b64d0220d 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java
@@ -11,12 +11,11 @@
package org.opensearch.security.filter;
+import io.netty.handler.codec.http.HttpRequest;
import org.opensearch.http.netty4.Netty4HttpChannel;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestRequest;
-import io.netty.handler.codec.http.HttpRequest;
-
/**
* Generates wrapped versions of requests for use in the security plugin
*/
diff --git a/src/main/java/org/opensearch/security/filter/SecurityResponse.java b/src/main/java/org/opensearch/security/filter/SecurityResponse.java
index 0dc833a440..14c21a9385 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityResponse.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityResponse.java
@@ -15,7 +15,6 @@
import java.util.Map;
import org.apache.http.HttpHeaders;
-
import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.rest.BytesRestResponse;
diff --git a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java
index e4d087cfe3..c492656bca 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java
@@ -31,11 +31,13 @@
import java.util.Optional;
import java.util.Set;
import java.util.regex.Pattern;
+
import javax.net.ssl.SSLPeerUnverifiedException;
import org.apache.http.HttpStatus;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.OpenSearchException;
import org.opensearch.client.node.NodeClient;
@@ -65,8 +67,6 @@
import org.opensearch.tasks.Task;
import org.opensearch.threadpool.ThreadPool;
-import org.greenrobot.eventbus.Subscribe;
-
import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
import static org.opensearch.security.http.SecurityHttpServerTransport.CONTEXT_TO_RESTORE;
diff --git a/src/main/java/org/opensearch/security/filter/SecurityRestUtils.java b/src/main/java/org/opensearch/security/filter/SecurityRestUtils.java
index 0fd112b444..705fe31ee0 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityRestUtils.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityRestUtils.java
@@ -11,14 +11,14 @@
package org.opensearch.security.filter;
-import java.util.regex.Matcher;
-
-import org.opensearch.rest.RestRequest.Method;
-
import static org.opensearch.security.filter.SecurityRestFilter.HEALTH_SUFFIX;
import static org.opensearch.security.filter.SecurityRestFilter.PATTERN_PATH_PREFIX;
import static org.opensearch.security.filter.SecurityRestFilter.WHO_AM_I_SUFFIX;
+import java.util.regex.Matcher;
+
+import org.opensearch.rest.RestRequest.Method;
+
public class SecurityRestUtils {
public static String path(final String uri) {
final int index = uri.indexOf('?');
diff --git a/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java b/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java
index 684131b3e5..433ec01458 100644
--- a/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java
+++ b/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java
@@ -31,6 +31,7 @@
import java.util.Collections;
import java.util.List;
import java.util.Optional;
+
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
diff --git a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java
index 23db7accda..f493b7c919 100644
--- a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java
+++ b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java
@@ -11,6 +11,10 @@
package org.opensearch.security.http;
+import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
+import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
+import static org.opensearch.security.util.AuthTokenUtils.isAccessToRestrictedEndpoints;
+
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Arrays;
@@ -25,7 +29,6 @@
import org.apache.hc.core5.http.HttpHeaders;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.OpenSearchException;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
@@ -44,10 +47,6 @@
import io.jsonwebtoken.JwtParserBuilder;
import io.jsonwebtoken.security.WeakKeyException;
-import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX;
-import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
-import static org.opensearch.security.util.AuthTokenUtils.isAccessToRestrictedEndpoints;
-
public class OnBehalfOfAuthenticator implements HTTPAuthenticator {
private static final int MINIMUM_SIGNING_KEY_BIT_LENGTH = 512;
diff --git a/src/main/java/org/opensearch/security/http/SecurityHttpServerTransport.java b/src/main/java/org/opensearch/security/http/SecurityHttpServerTransport.java
index c5fbbfbbc6..3b70a5ebda 100644
--- a/src/main/java/org/opensearch/security/http/SecurityHttpServerTransport.java
+++ b/src/main/java/org/opensearch/security/http/SecurityHttpServerTransport.java
@@ -26,6 +26,7 @@
package org.opensearch.security.http;
+import io.netty.util.AttributeKey;
import org.opensearch.common.network.NetworkService;
import org.opensearch.common.settings.ClusterSettings;
import org.opensearch.common.settings.Settings;
@@ -42,8 +43,6 @@
import org.opensearch.threadpool.ThreadPool;
import org.opensearch.transport.SharedGroupFactory;
-import io.netty.util.AttributeKey;
-
public class SecurityHttpServerTransport extends SecuritySSLNettyHttpServerTransport {
public static final AttributeKey EARLY_RESPONSE = AttributeKey.newInstance("opensearch-http-early-response");
diff --git a/src/main/java/org/opensearch/security/http/SecurityNonSslHttpServerTransport.java b/src/main/java/org/opensearch/security/http/SecurityNonSslHttpServerTransport.java
index f37ebb48e8..cca1df9b46 100644
--- a/src/main/java/org/opensearch/security/http/SecurityNonSslHttpServerTransport.java
+++ b/src/main/java/org/opensearch/security/http/SecurityNonSslHttpServerTransport.java
@@ -26,6 +26,10 @@
package org.opensearch.security.http;
+import io.netty.channel.Channel;
+import io.netty.channel.ChannelHandler;
+
+import io.netty.channel.ChannelInboundHandlerAdapter;
import org.opensearch.common.network.NetworkService;
import org.opensearch.common.settings.ClusterSettings;
import org.opensearch.common.settings.Settings;
@@ -40,10 +44,6 @@
import org.opensearch.threadpool.ThreadPool;
import org.opensearch.transport.SharedGroupFactory;
-import io.netty.channel.Channel;
-import io.netty.channel.ChannelHandler;
-import io.netty.channel.ChannelInboundHandlerAdapter;
-
public class SecurityNonSslHttpServerTransport extends Netty4HttpServerTransport {
private final ChannelInboundHandlerAdapter headerVerifier;
diff --git a/src/main/java/org/opensearch/security/http/XFFResolver.java b/src/main/java/org/opensearch/security/http/XFFResolver.java
index 0a3d183341..7fcbfad888 100644
--- a/src/main/java/org/opensearch/security/http/XFFResolver.java
+++ b/src/main/java/org/opensearch/security/http/XFFResolver.java
@@ -30,17 +30,16 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.OpenSearchSecurityException;
-import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.common.transport.TransportAddress;
+import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.security.filter.SecurityRequest;
import org.opensearch.security.securityconf.DynamicConfigModel;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.threadpool.ThreadPool;
-import org.greenrobot.eventbus.Subscribe;
-
public class XFFResolver {
protected final Logger log = LogManager.getLogger(this.getClass());
diff --git a/src/main/java/org/opensearch/security/httpclient/HttpClient.java b/src/main/java/org/opensearch/security/httpclient/HttpClient.java
index 466dac2a82..ba788a2c13 100644
--- a/src/main/java/org/opensearch/security/httpclient/HttpClient.java
+++ b/src/main/java/org/opensearch/security/httpclient/HttpClient.java
@@ -26,6 +26,7 @@
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
+
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
diff --git a/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java b/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java
index 8a0c3e85f1..9f4ffecf57 100644
--- a/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java
+++ b/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java
@@ -15,9 +15,10 @@
import java.util.Set;
import java.util.stream.Collectors;
+import joptsimple.internal.Strings;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
@@ -36,9 +37,6 @@
import org.opensearch.security.user.UserService;
import org.opensearch.threadpool.ThreadPool;
-import joptsimple.internal.Strings;
-import org.greenrobot.eventbus.Subscribe;
-
/**
* This class is the Security Plugin's implementation of the TokenManager used by all Identity Plugins.
* It handles the issuance of both Service Account Tokens and On Behalf Of tokens.
diff --git a/src/main/java/org/opensearch/security/opensaml/integration/CleanerFactory.java b/src/main/java/org/opensearch/security/opensaml/integration/CleanerFactory.java
deleted file mode 100644
index 7b6d1575f7..0000000000
--- a/src/main/java/org/opensearch/security/opensaml/integration/CleanerFactory.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * SPDX-License-Identifier: Apache-2.0
- *
- * The OpenSearch Contributors require contributions made to
- * this file be licensed under the Apache-2.0 license or a
- * compatible open source license.
- *
- * Modifications Copyright OpenSearch Contributors. See
- * GitHub history for details.
- */
-
-package org.opensearch.security.opensaml.integration;
-
-import java.lang.ref.Cleaner;
-import java.util.concurrent.ThreadFactory;
-
-import org.opensearch.common.util.concurrent.OpenSearchExecutors;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The class was adapted from {@link net.shibboleth.utilities.java.support.primitive.CleanerSupport}.
- * The main reason is that it is only one way to set Cleaner.create()
- * together with cleaners daemon thread factory which is required for OpenSearch
- */
-public class CleanerFactory {
-
- private static final Logger LOG = LoggerFactory.getLogger(CleanerFactory.class);
-
- private static final ThreadFactory cleanersThreadFactory = OpenSearchExecutors.daemonThreadFactory("cleaners");
-
- /** Constructor. */
- private CleanerFactory() {}
-
- public static Cleaner create(final Class requester) {
- // Current approach here is to create a new Cleaner on each call. A given class requester/owner
- // is assumed to call only once and store in static storage.
- LOG.debug("Creating new java.lang.ref.Cleaner instance requested by class: {}", requester.getName());
- return Cleaner.create(cleanersThreadFactory);
- }
-
-}
diff --git a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLBuilder.java b/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLBuilder.java
deleted file mode 100644
index 6df3ea8969..0000000000
--- a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLBuilder.java
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * SPDX-License-Identifier: Apache-2.0
- *
- * The OpenSearch Contributors require contributions made to
- * this file be licensed under the Apache-2.0 license or a
- * compatible open source license.
- *
- * Modifications Copyright OpenSearch Contributors. See
- * GitHub history for details.
- */
-
-package org.opensearch.security.opensaml.integration;
-
-import org.opensaml.xmlsec.signature.X509CRL;
-import org.opensaml.xmlsec.signature.impl.X509CRLBuilder;
-
-public class SecurityX509CRLBuilder extends X509CRLBuilder {
-
- public X509CRL buildObject(final String namespaceURI, final String localName, final String namespacePrefix) {
- return new SecurityX509CRLImpl(namespaceURI, localName, namespacePrefix);
- }
-
-}
diff --git a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLImpl.java b/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLImpl.java
deleted file mode 100644
index 036b777e27..0000000000
--- a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLImpl.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * SPDX-License-Identifier: Apache-2.0
- *
- * The OpenSearch Contributors require contributions made to
- * this file be licensed under the Apache-2.0 license or a
- * compatible open source license.
- *
- * Modifications Copyright OpenSearch Contributors. See
- * GitHub history for details.
- */
-
-package org.opensearch.security.opensaml.integration;
-
-import java.lang.ref.Cleaner;
-import java.util.Collections;
-import java.util.List;
-import java.util.Objects;
-import javax.annotation.Nonnull;
-
-import net.shibboleth.utilities.java.support.collection.IndexingObjectStore;
-import org.opensaml.core.xml.AbstractXMLObject;
-import org.opensaml.core.xml.XMLObject;
-import org.opensaml.xmlsec.signature.X509CRL;
-
-/**
- * The class was adapted from {@link org.opensaml.xmlsec.signature.impl.X509CRLImpl}.
- * The main reason is that it is only one way to set up {@link CleanerFactory}
- * together with cleaners daemon thread factory which is required for OpenSearch
- */
-public class SecurityX509CRLImpl extends AbstractXMLObject implements X509CRL {
-
- private static final IndexingObjectStore B64_CRL_STORE = new IndexingObjectStore<>();
-
- private static final Cleaner CLEANER = CleanerFactory.create(SecurityX509CRLImpl.class);
-
- private Cleaner.Cleanable cleanable;
-
- private String b64CRLIndex;
-
- protected SecurityX509CRLImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- public String getValue() {
- return B64_CRL_STORE.get(b64CRLIndex);
- }
-
- public void setValue(final String newValue) {
- // Dump our cached DOM if the new value really is new
- final String currentCRL = B64_CRL_STORE.get(b64CRLIndex);
- final String newCRL = prepareForAssignment(currentCRL, newValue);
-
- // This is a new value, remove the old one, add the new one
- if (!Objects.equals(currentCRL, newCRL)) {
- if (cleanable != null) {
- cleanable.clean();
- cleanable = null;
- }
- b64CRLIndex = B64_CRL_STORE.put(newCRL);
- if (b64CRLIndex != null) {
- cleanable = CLEANER.register(this, new SecurityX509CRLImpl.CleanerState(b64CRLIndex));
- }
- }
- }
-
- @Override
- public List getOrderedChildren() {
- return Collections.emptyList();
- }
-
- static class CleanerState implements Runnable {
-
- /** The index to remove from the store. */
- private String index;
-
- public CleanerState(@Nonnull final String idx) {
- index = idx;
- }
-
- /** {@inheritDoc} */
- public void run() {
- SecurityX509CRLImpl.B64_CRL_STORE.remove(index);
- }
-
- }
-}
diff --git a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateBuilder.java b/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateBuilder.java
deleted file mode 100644
index f8fd664830..0000000000
--- a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateBuilder.java
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * SPDX-License-Identifier: Apache-2.0
- *
- * The OpenSearch Contributors require contributions made to
- * this file be licensed under the Apache-2.0 license or a
- * compatible open source license.
- *
- * Modifications Copyright OpenSearch Contributors. See
- * GitHub history for details.
- */
-
-package org.opensearch.security.opensaml.integration;
-
-import org.opensaml.xmlsec.signature.X509Certificate;
-import org.opensaml.xmlsec.signature.impl.X509CertificateBuilder;
-
-public class SecurityX509CertificateBuilder extends X509CertificateBuilder {
-
- @Override
- public X509Certificate buildObject(final String namespaceURI, final String localName, final String namespacePrefix) {
- return new SecurityX509CertificateImpl(namespaceURI, localName, namespacePrefix);
- }
-
-}
diff --git a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateImpl.java b/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateImpl.java
deleted file mode 100644
index 59fbc021d8..0000000000
--- a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateImpl.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * SPDX-License-Identifier: Apache-2.0
- *
- * The OpenSearch Contributors require contributions made to
- * this file be licensed under the Apache-2.0 license or a
- * compatible open source license.
- *
- * Modifications Copyright OpenSearch Contributors. See
- * GitHub history for details.
- */
-
-package org.opensearch.security.opensaml.integration;
-
-import java.lang.ref.Cleaner;
-import java.util.Collections;
-import java.util.List;
-import java.util.Objects;
-import javax.annotation.Nonnull;
-
-import net.shibboleth.utilities.java.support.collection.IndexingObjectStore;
-import org.opensaml.core.xml.AbstractXMLObject;
-import org.opensaml.core.xml.XMLObject;
-import org.opensaml.xmlsec.signature.X509Certificate;
-
-/**
- * The class was adapted from {@link org.opensaml.xmlsec.signature.impl.X509CertificateBuilder}.
- * The main reason is that it is only one way to set up {@link CleanerFactory}
- * together with cleaners daemon thread factory which is required for OpenSearch
- */
-public class SecurityX509CertificateImpl extends AbstractXMLObject implements X509Certificate {
-
- private static final IndexingObjectStore B64_CERT_STORE = new IndexingObjectStore<>();
-
- private static final Cleaner CLEANER = CleanerFactory.create(SecurityX509CertificateImpl.class);
-
- private Cleaner.Cleanable cleanable;
-
- private String b64CertIndex;
-
- protected SecurityX509CertificateImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) {
- super(namespaceURI, elementLocalName, namespacePrefix);
- }
-
- @Override
- public String getValue() {
- return B64_CERT_STORE.get(b64CertIndex);
- }
-
- @Override
- public void setValue(final String newValue) {
- // Dump our cached DOM if the new value really is new
- final String currentCert = B64_CERT_STORE.get(b64CertIndex);
- final String newCert = prepareForAssignment(currentCert, newValue);
-
- // This is a new value, remove the old one, add the new one
- if (!Objects.equals(currentCert, newCert)) {
- if (cleanable != null) {
- cleanable.clean();
- cleanable = null;
- }
- b64CertIndex = B64_CERT_STORE.put(newCert);
- if (b64CertIndex != null) {
- cleanable = CLEANER.register(this, new SecurityX509CertificateImpl.CleanerState(b64CertIndex));
- }
- }
- }
-
- @Override
- public List getOrderedChildren() {
- return Collections.emptyList();
- }
-
- static class CleanerState implements Runnable {
-
- private String index;
-
- public CleanerState(@Nonnull final String idx) {
- index = idx;
- }
-
- public void run() {
- SecurityX509CertificateImpl.B64_CERT_STORE.remove(index);
- }
-
- }
-}
diff --git a/src/main/java/org/opensearch/security/opensaml/integration/SecurityXMLObjectProviderInitializer.java b/src/main/java/org/opensearch/security/opensaml/integration/SecurityXMLObjectProviderInitializer.java
deleted file mode 100644
index 6cf6d0e6aa..0000000000
--- a/src/main/java/org/opensearch/security/opensaml/integration/SecurityXMLObjectProviderInitializer.java
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * SPDX-License-Identifier: Apache-2.0
- *
- * The OpenSearch Contributors require contributions made to
- * this file be licensed under the Apache-2.0 license or a
- * compatible open source license.
- *
- * Modifications Copyright OpenSearch Contributors. See
- * GitHub history for details.
- */
-
-package org.opensearch.security.opensaml.integration;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-
-import net.shibboleth.utilities.java.support.primitive.StringSupport;
-import org.opensaml.core.config.InitializationException;
-import org.opensaml.core.xml.config.XMLConfigurationException;
-import org.opensaml.core.xml.config.XMLConfigurator;
-import org.opensaml.xmlsec.config.impl.XMLObjectProviderInitializer;
-import org.opensaml.xmlsec.signature.impl.X509CRLBuilder;
-import org.opensaml.xmlsec.signature.impl.X509CertificateBuilder;
-import org.w3c.dom.Element;
-
-/**
- * The class extends {@link org.opensaml.xmlsec.config.impl.XMLObjectProviderInitializer}
- * which is responsible to map signature configuration from SAML
- * .well-known XML to the OpenSAML object model
- */
-public class SecurityXMLObjectProviderInitializer extends XMLObjectProviderInitializer {
-
- protected final static Logger log = LogManager.getLogger(SecurityXMLObjectProviderInitializer.class);
-
- static final class SecurityObjectProviderXMLConfigurator extends XMLConfigurator {
-
- public static final String X509_CERTIFICATE_BUILDER_CLASS_NAME = X509CertificateBuilder.class.getCanonicalName();
-
- public static final String X509_CRL_BUILDER_CLASS_NAME = X509CRLBuilder.class.getCanonicalName();
-
- public SecurityObjectProviderXMLConfigurator() throws XMLConfigurationException {
- super();
- }
-
- @Override
- protected Object createClassInstance(Element configuration) throws XMLConfigurationException {
- final String className = StringSupport.trimOrNull(configuration.getAttributeNS(null, "className"));
- if (X509_CERTIFICATE_BUILDER_CLASS_NAME.equals(className)) {
- log.trace("Replace instance of {} with {}", className, SecurityX509CertificateBuilder.class.getCanonicalName());
- return new SecurityX509CertificateBuilder();
- } else if (X509_CRL_BUILDER_CLASS_NAME.equals(className)) {
- log.trace("Replace instance of {} with {}", className, SecurityX509CRLBuilder.class.getCanonicalName());
- return new SecurityX509CRLBuilder();
- } else {
- return super.createClassInstance(configuration);
- }
- }
-
- }
-
- @Override
- public void init() throws InitializationException {
- try {
- final XMLConfigurator configurator = new SecurityObjectProviderXMLConfigurator();
- for (String resource : getConfigResources()) {
- if (resource.startsWith("/")) {
- resource = resource.substring(1);
- }
- log.debug("Loading XMLObject provider configuration from resource '{}'", resource);
- try (final InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(resource)) {
- if (is != null) {
- configurator.load(is);
- } else {
- throw new XMLConfigurationException("Resource not found: " + resource);
- }
- } catch (final IOException e) {
- throw new XMLConfigurationException("Error loading resource: " + resource, e);
- }
- }
- } catch (final XMLConfigurationException e) {
- log.error("Problem loading configuration resource: {}", e.getMessage());
- throw new InitializationException("Problem loading configuration resource", e);
- }
- }
-}
diff --git a/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java b/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java
index 1d09932131..538b541754 100644
--- a/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java
+++ b/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java
@@ -40,6 +40,7 @@
import com.google.common.collect.ImmutableSet;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.action.ActionRequest;
@@ -76,9 +77,9 @@
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
+import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.common.Strings;
-import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.index.reindex.ReindexAction;
import org.opensearch.security.auditlog.AuditLog;
@@ -95,8 +96,6 @@
import org.opensearch.tasks.Task;
import org.opensearch.threadpool.ThreadPool;
-import org.greenrobot.eventbus.Subscribe;
-
import static org.opensearch.security.OpenSearchSecurityPlugin.traceAction;
import static org.opensearch.security.support.ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT;
diff --git a/src/main/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluator.java b/src/main/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluator.java
index d1ccb84fc8..dc95e98d11 100644
--- a/src/main/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluator.java
+++ b/src/main/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluator.java
@@ -15,19 +15,18 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.cluster.service.ClusterService;
-import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.common.transport.TransportAddress;
+import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.security.securityconf.ConfigModel;
import org.opensearch.security.securityconf.SecurityRoles;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.user.User;
import org.opensearch.threadpool.ThreadPool;
-import org.greenrobot.eventbus.Subscribe;
-
public class RestLayerPrivilegesEvaluator {
protected final Logger log = LogManager.getLogger(this.getClass());
private final ClusterService clusterService;
diff --git a/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java b/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java
index b984ee93b8..4d5fb26050 100644
--- a/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java
+++ b/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java
@@ -26,15 +26,8 @@
package org.opensearch.security.privileges;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-import java.util.stream.Collectors;
-
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.action.ActionRequest;
import org.opensearch.action.RealtimeRequest;
import org.opensearch.action.search.SearchRequest;
@@ -50,6 +43,12 @@
import org.opensearch.security.user.User;
import org.opensearch.tasks.Task;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import java.util.stream.Collectors;
+
/**
* This class performs authorization on requests targeting system indices
* NOTE:
diff --git a/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java b/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java
index 3ebfbce29b..ea8985ee69 100644
--- a/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java
+++ b/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java
@@ -43,6 +43,7 @@
import com.google.common.collect.ImmutableSet;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.action.ActionRequest;
import org.opensearch.action.DocWriteRequest;
@@ -94,8 +95,6 @@
import org.opensearch.transport.RemoteClusterService;
import org.opensearch.transport.TransportRequest;
-import org.greenrobot.eventbus.Subscribe;
-
import static org.opensearch.cluster.metadata.IndexAbstraction.Type.ALIAS;
public class IndexResolverReplacer {
diff --git a/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java b/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java
index 2b286d0c3d..6a14541896 100644
--- a/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java
+++ b/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java
@@ -36,13 +36,13 @@
import org.opensearch.client.node.NodeClient;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.rest.BaseRestHandler;
import org.opensearch.rest.BytesRestResponse;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestController;
import org.opensearch.rest.RestRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.privileges.PrivilegesEvaluator;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.user.User;
diff --git a/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java b/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java
index cb678b533b..bfbc16f98d 100644
--- a/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java
+++ b/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java
@@ -20,11 +20,11 @@
import org.opensearch.client.node.NodeClient;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.rest.BaseRestHandler;
import org.opensearch.rest.BytesRestResponse;
import org.opensearch.rest.RestController;
import org.opensearch.rest.RestRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.rest.action.RestActions.NodesResponseRestListener;
import org.opensearch.security.action.configupdate.ConfigUpdateAction;
import org.opensearch.security.action.configupdate.ConfigUpdateRequest;
diff --git a/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java b/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java
index 1b7e788dae..579d42e7a6 100644
--- a/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java
+++ b/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java
@@ -33,13 +33,13 @@
import org.opensearch.client.node.NodeClient;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.rest.BaseRestHandler;
import org.opensearch.rest.BytesRestResponse;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestController;
import org.opensearch.rest.RestRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.auth.BackendRegistry;
import static org.opensearch.rest.RestRequest.Method.GET;
diff --git a/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java b/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java
index 9300cf72f2..a10c58f058 100644
--- a/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java
+++ b/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java
@@ -40,15 +40,15 @@
import org.opensearch.client.node.NodeClient;
import org.opensearch.common.settings.Settings;
-import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.common.transport.TransportAddress;
-import org.opensearch.core.rest.RestStatus;
+import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.rest.BaseRestHandler;
import org.opensearch.rest.BytesRestResponse;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestController;
import org.opensearch.rest.RestRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.privileges.PrivilegesEvaluator;
import org.opensearch.security.support.Base64Helper;
import org.opensearch.security.support.ConfigConstants;
diff --git a/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java b/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java
index d4865b373d..4f560f40b6 100644
--- a/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java
+++ b/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java
@@ -23,7 +23,6 @@
import org.opensearch.client.node.NodeClient;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.rest.BaseRestHandler;
import org.opensearch.rest.BytesRestResponse;
@@ -31,6 +30,7 @@
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestController;
import org.opensearch.rest.RestRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.configuration.AdminDNs;
import org.opensearch.security.filter.SecurityRequestFactory;
import org.opensearch.security.ssl.transport.PrincipalExtractor;
diff --git a/src/main/java/org/opensearch/security/rest/TenantInfoAction.java b/src/main/java/org/opensearch/security/rest/TenantInfoAction.java
index 1b0bdd7f8e..f3afc0f006 100644
--- a/src/main/java/org/opensearch/security/rest/TenantInfoAction.java
+++ b/src/main/java/org/opensearch/security/rest/TenantInfoAction.java
@@ -41,13 +41,13 @@
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.rest.BaseRestHandler;
import org.opensearch.rest.BytesRestResponse;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestController;
import org.opensearch.rest.RestRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.configuration.AdminDNs;
import org.opensearch.security.configuration.ConfigurationRepository;
import org.opensearch.security.privileges.PrivilegesEvaluator;
diff --git a/src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java b/src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java
index 3650057d63..545d383ced 100644
--- a/src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java
+++ b/src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java
@@ -51,8 +51,8 @@
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.settings.Settings;
-import org.opensearch.common.util.set.Sets;
import org.opensearch.core.common.transport.TransportAddress;
+import org.opensearch.common.util.set.Sets;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.security.resolver.IndexResolverReplacer.Resolved;
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
diff --git a/src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java b/src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java
index 473e224538..0528590db9 100644
--- a/src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java
+++ b/src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java
@@ -55,8 +55,8 @@
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.settings.Settings;
-import org.opensearch.common.util.set.Sets;
import org.opensearch.core.common.transport.TransportAddress;
+import org.opensearch.common.util.set.Sets;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.security.resolver.IndexResolverReplacer.Resolved;
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
diff --git a/src/main/java/org/opensearch/security/securityconf/DynamicConfigFactory.java b/src/main/java/org/opensearch/security/securityconf/DynamicConfigFactory.java
index ed61481885..7265699e7c 100644
--- a/src/main/java/org/opensearch/security/securityconf/DynamicConfigFactory.java
+++ b/src/main/java/org/opensearch/security/securityconf/DynamicConfigFactory.java
@@ -35,11 +35,14 @@
import java.util.Map.Entry;
import java.util.concurrent.atomic.AtomicBoolean;
+import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
-import com.fasterxml.jackson.databind.JsonNode;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.EventBus;
+import org.greenrobot.eventbus.EventBusBuilder;
+import org.greenrobot.eventbus.Logger.JavaLogger;
import org.opensearch.client.Client;
import org.opensearch.common.settings.Settings;
@@ -70,10 +73,6 @@
import org.opensearch.security.support.WildcardMatcher;
import org.opensearch.threadpool.ThreadPool;
-import org.greenrobot.eventbus.EventBus;
-import org.greenrobot.eventbus.EventBusBuilder;
-import org.greenrobot.eventbus.Logger.JavaLogger;
-
public class DynamicConfigFactory implements Initializable, ConfigurationChangeListener {
public static final EventBusBuilder EVENT_BUS_BUILDER = EventBus.builder();
diff --git a/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java b/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java
index 63d9186e1f..ba249e8c63 100644
--- a/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java
+++ b/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java
@@ -18,7 +18,6 @@
import java.util.Optional;
import org.apache.http.HttpStatus;
-
import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.filter.SecurityRequest;
diff --git a/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java b/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java
index ce643477c2..2e1ab791d2 100644
--- a/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java
+++ b/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java
@@ -17,7 +17,6 @@
import java.util.Optional;
import org.apache.http.HttpStatus;
-
import org.opensearch.security.filter.SecurityRequest;
import org.opensearch.security.filter.SecurityResponse;
diff --git a/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java b/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java
index 7ff90c1a66..a3d18fba61 100644
--- a/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java
+++ b/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java
@@ -17,6 +17,19 @@
package org.opensearch.security.ssl;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_KEYPASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_PEMKEY_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_TRUSTSTORE_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_CLIENT_KEYSTORE_KEYPASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_CLIENT_PEMKEY_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_KEYPASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_PEMKEY_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_SERVER_KEYSTORE_KEYPASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_SERVER_PEMKEY_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
+
import java.io.File;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
@@ -43,14 +56,13 @@
import java.util.stream.Collectors;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
+
import javax.crypto.Cipher;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLParameters;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.ASN1InputStream;
@@ -60,7 +72,6 @@
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1String;
import org.bouncycastle.asn1.ASN1TaggedObject;
-
import org.opensearch.OpenSearchException;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
@@ -75,6 +86,9 @@
import org.opensearch.security.ssl.util.SSLConfigConstants;
import org.opensearch.transport.NettyAllocator;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
+
import io.netty.handler.codec.http2.Http2SecurityUtil;
import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.ApplicationProtocolConfig.Protocol;
@@ -89,19 +103,6 @@
import io.netty.handler.ssl.SupportedCipherSuiteFilter;
import io.netty.util.internal.PlatformDependent;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_KEYPASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_PASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_PEMKEY_PASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_TRUSTSTORE_PASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_CLIENT_KEYSTORE_KEYPASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_CLIENT_PEMKEY_PASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_KEYPASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_PEMKEY_PASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_SERVER_KEYSTORE_KEYPASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_SERVER_PEMKEY_PASSWORD;
-import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
-
public class DefaultSecurityKeyStore implements SecurityKeyStore {
private static final String DEFAULT_STORE_TYPE = "JKS";
diff --git a/src/main/java/org/opensearch/security/ssl/ExternalSecurityKeyStore.java b/src/main/java/org/opensearch/security/ssl/ExternalSecurityKeyStore.java
index 25d0599c58..9ea0276912 100644
--- a/src/main/java/org/opensearch/security/ssl/ExternalSecurityKeyStore.java
+++ b/src/main/java/org/opensearch/security/ssl/ExternalSecurityKeyStore.java
@@ -24,6 +24,7 @@
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
diff --git a/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java b/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java
index e6e4e85b33..722e55370e 100644
--- a/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java
+++ b/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java
@@ -31,6 +31,8 @@
import java.util.function.Supplier;
import com.fasterxml.jackson.databind.InjectableValues;
+import io.netty.handler.ssl.OpenSsl;
+import io.netty.util.internal.PlatformDependent;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
@@ -42,6 +44,7 @@
import org.opensearch.cluster.node.DiscoveryNodes;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.Booleans;
+import org.opensearch.core.common.io.stream.NamedWriteableRegistry;
import org.opensearch.common.network.NetworkModule;
import org.opensearch.common.network.NetworkService;
import org.opensearch.common.settings.ClusterSettings;
@@ -53,7 +56,6 @@
import org.opensearch.common.util.BigArrays;
import org.opensearch.common.util.PageCacheRecycler;
import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.core.common.io.stream.NamedWriteableRegistry;
import org.opensearch.core.indices.breaker.CircuitBreakerService;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.env.Environment;
@@ -86,9 +88,6 @@
import org.opensearch.transport.TransportInterceptor;
import org.opensearch.watcher.ResourceWatcherService;
-import io.netty.handler.ssl.OpenSsl;
-import io.netty.util.internal.PlatformDependent;
-
//For ES5 this class has only effect when SSL only plugin is installed
public class OpenSearchSecuritySSLPlugin extends Plugin implements SystemIndexPlugin, NetworkPlugin {
diff --git a/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java b/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java
index 171bb18bb5..1581deba20 100644
--- a/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java
+++ b/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java
@@ -24,9 +24,9 @@
import org.apache.logging.log4j.Logger;
import org.opensearch.common.settings.SecureSetting;
+import org.opensearch.core.common.settings.SecureString;
import org.opensearch.common.settings.Setting;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.common.settings.SecureString;
import static org.opensearch.security.ssl.util.SSLConfigConstants.DEFAULT_STORE_PASSWORD;
diff --git a/src/main/java/org/opensearch/security/ssl/SecurityKeyStore.java b/src/main/java/org/opensearch/security/ssl/SecurityKeyStore.java
index 03b5df2100..835ac92a23 100644
--- a/src/main/java/org/opensearch/security/ssl/SecurityKeyStore.java
+++ b/src/main/java/org/opensearch/security/ssl/SecurityKeyStore.java
@@ -18,6 +18,7 @@
package org.opensearch.security.ssl;
import java.security.cert.X509Certificate;
+
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/Netty4ConditionalDecompressor.java b/src/main/java/org/opensearch/security/ssl/http/netty/Netty4ConditionalDecompressor.java
index f133d997f9..1eec49add0 100644
--- a/src/main/java/org/opensearch/security/ssl/http/netty/Netty4ConditionalDecompressor.java
+++ b/src/main/java/org/opensearch/security/ssl/http/netty/Netty4ConditionalDecompressor.java
@@ -8,14 +8,14 @@
package org.opensearch.security.ssl.http.netty;
-import org.opensearch.security.filter.NettyAttribute;
-
import io.netty.channel.embedded.EmbeddedChannel;
import io.netty.handler.codec.http.HttpContentDecompressor;
import static org.opensearch.security.http.SecurityHttpServerTransport.EARLY_RESPONSE;
import static org.opensearch.security.http.SecurityHttpServerTransport.SHOULD_DECOMPRESS;
+import org.opensearch.security.filter.NettyAttribute;
+
public class Netty4ConditionalDecompressor extends HttpContentDecompressor {
@Override
diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java b/src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java
index 9adca0f377..51825e977b 100644
--- a/src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java
+++ b/src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java
@@ -8,10 +8,15 @@
package org.opensearch.security.ssl.http.netty;
+import io.netty.channel.SimpleChannelInboundHandler;
+import io.netty.handler.codec.http.DefaultHttpRequest;
+import io.netty.handler.codec.http.HttpRequest;
+import io.netty.util.ReferenceCountUtil;
import org.opensearch.ExceptionsHelper;
-import org.opensearch.OpenSearchSecurityException;
-import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
+
+import io.netty.channel.ChannelHandler.Sharable;
+import io.netty.channel.ChannelHandlerContext;
import org.opensearch.http.netty4.Netty4HttpChannel;
import org.opensearch.http.netty4.Netty4HttpServerTransport;
import org.opensearch.security.filter.SecurityRequestChannel;
@@ -20,22 +25,17 @@
import org.opensearch.security.filter.SecurityResponse;
import org.opensearch.security.filter.SecurityRestFilter;
import org.opensearch.security.filter.SecurityRestUtils;
-import org.opensearch.security.ssl.OpenSearchSecuritySSLPlugin;
import org.opensearch.security.ssl.transport.SSLConfig;
-import org.opensearch.security.support.ConfigConstants;
import org.opensearch.threadpool.ThreadPool;
-
-import io.netty.channel.ChannelHandler.Sharable;
-import io.netty.channel.ChannelHandlerContext;
-import io.netty.channel.SimpleChannelInboundHandler;
-import io.netty.handler.codec.http.DefaultHttpRequest;
-import io.netty.handler.codec.http.HttpRequest;
-import io.netty.util.ReferenceCountUtil;
+import org.opensearch.security.support.ConfigConstants;
+import org.opensearch.security.ssl.OpenSearchSecuritySSLPlugin;
+import org.opensearch.common.settings.Settings;
+import org.opensearch.OpenSearchSecurityException;
import static org.opensearch.security.http.SecurityHttpServerTransport.CONTEXT_TO_RESTORE;
import static org.opensearch.security.http.SecurityHttpServerTransport.EARLY_RESPONSE;
-import static org.opensearch.security.http.SecurityHttpServerTransport.IS_AUTHENTICATED;
import static org.opensearch.security.http.SecurityHttpServerTransport.SHOULD_DECOMPRESS;
+import static org.opensearch.security.http.SecurityHttpServerTransport.IS_AUTHENTICATED;
@Sharable
public class Netty4HttpRequestHeaderVerifier extends SimpleChannelInboundHandler {
diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/SecuritySSLNettyHttpServerTransport.java b/src/main/java/org/opensearch/security/ssl/http/netty/SecuritySSLNettyHttpServerTransport.java
index fc2f31b2b0..eb2acdce49 100644
--- a/src/main/java/org/opensearch/security/ssl/http/netty/SecuritySSLNettyHttpServerTransport.java
+++ b/src/main/java/org/opensearch/security/ssl/http/netty/SecuritySSLNettyHttpServerTransport.java
@@ -17,6 +17,14 @@
package org.opensearch.security.ssl.http.netty;
+import io.netty.channel.Channel;
+import io.netty.channel.ChannelHandler;
+import io.netty.channel.ChannelHandlerContext;
+import io.netty.channel.ChannelInboundHandlerAdapter;
+import io.netty.handler.codec.DecoderException;
+import io.netty.handler.ssl.ApplicationProtocolNames;
+import io.netty.handler.ssl.ApplicationProtocolNegotiationHandler;
+import io.netty.handler.ssl.SslHandler;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
@@ -36,15 +44,6 @@
import org.opensearch.threadpool.ThreadPool;
import org.opensearch.transport.SharedGroupFactory;
-import io.netty.channel.Channel;
-import io.netty.channel.ChannelHandler;
-import io.netty.channel.ChannelHandlerContext;
-import io.netty.channel.ChannelInboundHandlerAdapter;
-import io.netty.handler.codec.DecoderException;
-import io.netty.handler.ssl.ApplicationProtocolNames;
-import io.netty.handler.ssl.ApplicationProtocolNegotiationHandler;
-import io.netty.handler.ssl.SslHandler;
-
public class SecuritySSLNettyHttpServerTransport extends Netty4HttpServerTransport {
private static final Logger logger = LogManager.getLogger(SecuritySSLNettyHttpServerTransport.class);
private final SecurityKeyStore sks;
diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java b/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java
index 32c6cd9aa3..dcd25c2837 100644
--- a/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java
+++ b/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java
@@ -18,6 +18,7 @@
package org.opensearch.security.ssl.http.netty;
import java.nio.file.Path;
+
import javax.net.ssl.SSLPeerUnverifiedException;
import org.apache.logging.log4j.LogManager;
@@ -28,10 +29,10 @@
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.http.HttpServerTransport.Dispatcher;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestRequest;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.filter.SecurityRequestChannel;
import org.opensearch.security.filter.SecurityRequestFactory;
import org.opensearch.security.ssl.SslExceptionHandler;
diff --git a/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java b/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java
index b9f9e949ec..8e32893eab 100644
--- a/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java
+++ b/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java
@@ -25,12 +25,12 @@
import java.util.List;
import java.util.stream.Collectors;
+import io.netty.handler.ssl.OpenSsl;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.opensearch.client.node.NodeClient;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.rest.BaseRestHandler;
import org.opensearch.rest.BytesRestResponse;
@@ -38,14 +38,13 @@
import org.opensearch.rest.RestController;
import org.opensearch.rest.RestRequest;
import org.opensearch.rest.RestRequest.Method;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.filter.SecurityRequestFactory;
import org.opensearch.security.ssl.SecurityKeyStore;
import org.opensearch.security.ssl.transport.PrincipalExtractor;
import org.opensearch.security.ssl.util.SSLRequestHelper;
import org.opensearch.security.ssl.util.SSLRequestHelper.SSLInfo;
-import io.netty.handler.ssl.OpenSsl;
-
public class SecuritySSLInfoAction extends BaseRestHandler {
private static final List routes = Collections.singletonList(new Route(Method.GET, "/_opendistro/_security/sslinfo"));
diff --git a/src/main/java/org/opensearch/security/ssl/transport/DefaultPrincipalExtractor.java b/src/main/java/org/opensearch/security/ssl/transport/DefaultPrincipalExtractor.java
index 015b29969b..8878a2b0f5 100644
--- a/src/main/java/org/opensearch/security/ssl/transport/DefaultPrincipalExtractor.java
+++ b/src/main/java/org/opensearch/security/ssl/transport/DefaultPrincipalExtractor.java
@@ -24,6 +24,7 @@
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
+
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
diff --git a/src/main/java/org/opensearch/security/ssl/transport/DualModeSSLHandler.java b/src/main/java/org/opensearch/security/ssl/transport/DualModeSSLHandler.java
index a7961f864b..5e85638dd1 100644
--- a/src/main/java/org/opensearch/security/ssl/transport/DualModeSSLHandler.java
+++ b/src/main/java/org/opensearch/security/ssl/transport/DualModeSSLHandler.java
@@ -12,16 +12,10 @@
import java.nio.charset.StandardCharsets;
import java.util.List;
+
import javax.net.ssl.SSLException;
import com.google.common.annotations.VisibleForTesting;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-
-import org.opensearch.security.ssl.SecurityKeyStore;
-import org.opensearch.security.ssl.util.SSLConnectionTestUtil;
-import org.opensearch.security.ssl.util.TLSUtil;
-
import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled;
import io.netty.channel.ChannelFutureListener;
@@ -29,6 +23,12 @@
import io.netty.channel.ChannelPipeline;
import io.netty.handler.codec.ByteToMessageDecoder;
import io.netty.handler.ssl.SslHandler;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import org.opensearch.security.ssl.SecurityKeyStore;
+import org.opensearch.security.ssl.util.SSLConnectionTestUtil;
+import org.opensearch.security.ssl.util.TLSUtil;
/**
* Modifies the current pipeline dynamically to enable TLS
diff --git a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java
index 242c7c56ed..7aeebdaf9f 100644
--- a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java
+++ b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java
@@ -32,19 +32,27 @@
import java.net.SocketAddress;
import java.security.AccessController;
import java.security.PrivilegedAction;
+
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
+import io.netty.channel.Channel;
+import io.netty.channel.ChannelHandler;
+import io.netty.channel.ChannelHandlerContext;
+import io.netty.channel.ChannelOutboundHandlerAdapter;
+import io.netty.channel.ChannelPromise;
+import io.netty.handler.codec.DecoderException;
+import io.netty.handler.ssl.SslHandler;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.opensearch.ExceptionsHelper;
import org.opensearch.Version;
import org.opensearch.cluster.node.DiscoveryNode;
+import org.opensearch.core.common.io.stream.NamedWriteableRegistry;
import org.opensearch.common.network.NetworkService;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.PageCacheRecycler;
-import org.opensearch.core.common.io.stream.NamedWriteableRegistry;
import org.opensearch.core.indices.breaker.CircuitBreakerService;
import org.opensearch.security.ssl.SecurityKeyStore;
import org.opensearch.security.ssl.SslExceptionHandler;
@@ -57,14 +65,6 @@
import org.opensearch.transport.TcpChannel;
import org.opensearch.transport.netty4.Netty4Transport;
-import io.netty.channel.Channel;
-import io.netty.channel.ChannelHandler;
-import io.netty.channel.ChannelHandlerContext;
-import io.netty.channel.ChannelOutboundHandlerAdapter;
-import io.netty.channel.ChannelPromise;
-import io.netty.handler.codec.DecoderException;
-import io.netty.handler.ssl.SslHandler;
-
public class SecuritySSLNettyTransport extends Netty4Transport {
private static final Logger logger = LogManager.getLogger(SecuritySSLNettyTransport.class);
diff --git a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java
index 78c98dd99f..63148d4ce6 100644
--- a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java
+++ b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java
@@ -21,8 +21,10 @@
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
+
import javax.net.ssl.SSLPeerUnverifiedException;
+import io.netty.handler.ssl.SslHandler;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
@@ -43,8 +45,6 @@
import org.opensearch.transport.TransportRequestHandler;
import org.opensearch.transport.netty4.Netty4TcpChannel;
-import io.netty.handler.ssl.SslHandler;
-
public class SecuritySSLRequestHandler implements TransportRequestHandler {
private final String action;
diff --git a/src/main/java/org/opensearch/security/ssl/util/SSLRequestHelper.java b/src/main/java/org/opensearch/security/ssl/util/SSLRequestHelper.java
index 5ca83da23a..df92bfc703 100644
--- a/src/main/java/org/opensearch/security/ssl/util/SSLRequestHelper.java
+++ b/src/main/java/org/opensearch/security/ssl/util/SSLRequestHelper.java
@@ -31,6 +31,7 @@
import java.util.Collection;
import java.util.Date;
import java.util.Map.Entry;
+
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
diff --git a/src/main/java/org/opensearch/security/support/Base64CustomHelper.java b/src/main/java/org/opensearch/security/support/Base64CustomHelper.java
index 30fab31907..dc66268fcd 100644
--- a/src/main/java/org/opensearch/security/support/Base64CustomHelper.java
+++ b/src/main/java/org/opensearch/security/support/Base64CustomHelper.java
@@ -11,25 +11,23 @@
package org.opensearch.security.support;
-import java.io.IOException;
-import java.io.Serializable;
-
+import com.amazon.dlic.auth.ldap.LdapUser;
import com.google.common.base.Preconditions;
import com.google.common.collect.BiMap;
import com.google.common.collect.HashBiMap;
import com.google.common.io.BaseEncoding;
-
import org.opensearch.OpenSearchException;
import org.opensearch.common.Nullable;
-import org.opensearch.common.io.stream.BytesStreamOutput;
-import org.opensearch.core.common.Strings;
import org.opensearch.core.common.io.stream.BytesStreamInput;
+import org.opensearch.common.io.stream.BytesStreamOutput;
import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.common.io.stream.Writeable;
+import org.opensearch.core.common.Strings;
import org.opensearch.security.auth.UserInjector;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.LdapUser;
+import java.io.IOException;
+import java.io.Serializable;
import static org.opensearch.security.support.SafeSerializationUtils.prohibitUnsafeClasses;
diff --git a/src/main/java/org/opensearch/security/support/ConfigHelper.java b/src/main/java/org/opensearch/security/support/ConfigHelper.java
index 4f310f6af7..434a8a02fa 100644
--- a/src/main/java/org/opensearch/security/support/ConfigHelper.java
+++ b/src/main/java/org/opensearch/security/support/ConfigHelper.java
@@ -42,9 +42,9 @@
import org.opensearch.action.index.IndexRequest;
import org.opensearch.action.support.WriteRequest.RefreshPolicy;
import org.opensearch.client.Client;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.core.xcontent.MediaType;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.core.xcontent.XContentBuilder;
diff --git a/src/main/java/org/opensearch/security/support/HTTPHelper.java b/src/main/java/org/opensearch/security/support/HTTPHelper.java
index 10763ce35b..fe590f0d34 100644
--- a/src/main/java/org/opensearch/security/support/HTTPHelper.java
+++ b/src/main/java/org/opensearch/security/support/HTTPHelper.java
@@ -32,7 +32,6 @@
import java.util.Map;
import org.apache.logging.log4j.Logger;
-
import org.opensearch.security.filter.SecurityRequest;
import org.opensearch.security.user.AuthCredentials;
diff --git a/src/main/java/org/opensearch/security/support/ModuleInfo.java b/src/main/java/org/opensearch/security/support/ModuleInfo.java
index e8c3e101ab..a225aee3be 100644
--- a/src/main/java/org/opensearch/security/support/ModuleInfo.java
+++ b/src/main/java/org/opensearch/security/support/ModuleInfo.java
@@ -26,15 +26,15 @@
package org.opensearch.security.support;
+import org.opensearch.core.common.io.stream.StreamInput;
+import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.core.common.io.stream.Writeable;
+
import java.io.IOException;
import java.io.Serializable;
import java.util.HashMap;
import java.util.Map;
-import org.opensearch.core.common.io.stream.StreamInput;
-import org.opensearch.core.common.io.stream.StreamOutput;
-import org.opensearch.core.common.io.stream.Writeable;
-
public class ModuleInfo implements Serializable, Writeable {
private static final long serialVersionUID = -1077651823194285138L;
diff --git a/src/main/java/org/opensearch/security/support/PemKeyReader.java b/src/main/java/org/opensearch/security/support/PemKeyReader.java
index 230fb29a4a..4227c2129b 100644
--- a/src/main/java/org/opensearch/security/support/PemKeyReader.java
+++ b/src/main/java/org/opensearch/security/support/PemKeyReader.java
@@ -51,6 +51,7 @@
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Collection;
+
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
@@ -60,9 +61,9 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
-
import org.opensearch.OpenSearchException;
import org.opensearch.common.settings.Settings;
import org.opensearch.env.Environment;
diff --git a/src/main/java/org/opensearch/security/support/SafeSerializationUtils.java b/src/main/java/org/opensearch/security/support/SafeSerializationUtils.java
index b58e4afd35..c980959f68 100644
--- a/src/main/java/org/opensearch/security/support/SafeSerializationUtils.java
+++ b/src/main/java/org/opensearch/security/support/SafeSerializationUtils.java
@@ -11,6 +11,16 @@
package org.opensearch.security.support;
+import com.amazon.dlic.auth.ldap.LdapUser;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
+import org.ldaptive.AbstractLdapBean;
+import org.ldaptive.LdapAttribute;
+import org.ldaptive.LdapEntry;
+import org.ldaptive.SearchEntry;
+import org.opensearch.security.auth.UserInjector;
+import org.opensearch.security.user.User;
+
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
@@ -22,18 +32,6 @@
import java.util.Set;
import java.util.regex.Pattern;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
-
-import org.opensearch.security.auth.UserInjector;
-import org.opensearch.security.user.User;
-
-import com.amazon.dlic.auth.ldap.LdapUser;
-import org.ldaptive.AbstractLdapBean;
-import org.ldaptive.LdapAttribute;
-import org.ldaptive.LdapEntry;
-import org.ldaptive.SearchEntry;
-
/**
* Provides functionality to verify if a class is categorised to be safe for serialization or
* deserialization by the security plugin.
diff --git a/src/main/java/org/opensearch/security/tools/SecurityAdmin.java b/src/main/java/org/opensearch/security/tools/SecurityAdmin.java
index 580b0ed586..ec877bb2cb 100644
--- a/src/main/java/org/opensearch/security/tools/SecurityAdmin.java
+++ b/src/main/java/org/opensearch/security/tools/SecurityAdmin.java
@@ -51,18 +51,19 @@
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
+
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
+import com.fasterxml.jackson.databind.InjectableValues;
+import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.base.Charsets;
import com.google.common.base.Joiner;
import com.google.common.collect.Iterators;
import com.google.common.io.ByteSource;
import com.google.common.io.CharStreams;
import com.google.common.io.Files;
-import com.fasterxml.jackson.databind.InjectableValues;
-import com.fasterxml.jackson.databind.JsonNode;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.CommandLineParser;
import org.apache.commons.cli.DefaultParser;
@@ -108,21 +109,21 @@
import org.opensearch.client.indices.GetIndexResponse;
import org.opensearch.client.transport.NoNodeAvailableException;
import org.opensearch.cluster.health.ClusterHealthStatus;
+import org.opensearch.core.common.Strings;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.unit.TimeValue;
import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.common.xcontent.json.JsonXContent;
-import org.opensearch.core.common.Strings;
-import org.opensearch.core.common.bytes.BytesReference;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.MediaType;
import org.opensearch.core.xcontent.MediaTypeRegistry;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.core.xcontent.XContentParser;
import org.opensearch.index.IndexNotFoundException;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.DefaultObjectMapper;
import org.opensearch.security.NonValidatingObjectMapper;
import org.opensearch.security.auditlog.config.AuditConfig;
diff --git a/src/main/java/org/opensearch/security/transport/DefaultInterClusterRequestEvaluator.java b/src/main/java/org/opensearch/security/transport/DefaultInterClusterRequestEvaluator.java
index 02e11ae51b..8b3bb0a85e 100644
--- a/src/main/java/org/opensearch/security/transport/DefaultInterClusterRequestEvaluator.java
+++ b/src/main/java/org/opensearch/security/transport/DefaultInterClusterRequestEvaluator.java
@@ -37,6 +37,7 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.greenrobot.eventbus.Subscribe;
import org.opensearch.OpenSearchException;
import org.opensearch.common.settings.Settings;
@@ -46,8 +47,6 @@
import org.opensearch.security.support.WildcardMatcher;
import org.opensearch.transport.TransportRequest;
-import org.greenrobot.eventbus.Subscribe;
-
public final class DefaultInterClusterRequestEvaluator implements InterClusterRequestEvaluator {
private final Logger log = LogManager.getLogger(this.getClass());
diff --git a/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java b/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java
index fe1094c411..f064f0af04 100644
--- a/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java
+++ b/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java
@@ -45,11 +45,10 @@
import org.opensearch.action.search.SearchRequest;
import org.opensearch.cluster.node.DiscoveryNode;
import org.opensearch.cluster.service.ClusterService;
-import org.opensearch.common.settings.Settings;
-import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.common.io.stream.StreamInput;
+import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.transport.TransportAddress;
-import org.opensearch.core.transport.TransportResponse;
+import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.security.OpenSearchSecurityPlugin;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.auditlog.AuditLog.Origin;
@@ -69,6 +68,7 @@
import org.opensearch.transport.TransportRequest;
import org.opensearch.transport.TransportRequestHandler;
import org.opensearch.transport.TransportRequestOptions;
+import org.opensearch.core.transport.TransportResponse;
import org.opensearch.transport.TransportResponseHandler;
import static org.opensearch.security.OpenSearchSecurityPlugin.isActionTraceEnabled;
diff --git a/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java b/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java
index 5845c63672..3ba379dd67 100644
--- a/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java
+++ b/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java
@@ -40,8 +40,8 @@
import org.opensearch.action.bulk.BulkShardRequest;
import org.opensearch.action.support.replication.TransportReplicationAction.ConcreteShardRequest;
import org.opensearch.cluster.service.ClusterService;
-import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.common.transport.TransportAddress;
+import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.extensions.ExtensionsManager;
import org.opensearch.search.internal.ShardSearchRequest;
import org.opensearch.security.OpenSearchSecurityPlugin;
diff --git a/src/main/java/org/opensearch/security/user/UserService.java b/src/main/java/org/opensearch/security/user/UserService.java
index 937a5331a8..e7c30b97b0 100644
--- a/src/main/java/org/opensearch/security/user/UserService.java
+++ b/src/main/java/org/opensearch/security/user/UserService.java
@@ -23,11 +23,11 @@
import java.util.Random;
import java.util.stream.Collectors;
-import com.google.common.collect.ImmutableList;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.google.common.collect.ImmutableList;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
@@ -52,7 +52,6 @@
import org.opensearch.security.securityconf.impl.v7.InternalUserV7;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.support.SecurityJsonNode;
-
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.PasswordGenerator;
diff --git a/src/main/java/org/opensearch/security/util/KeyUtils.java b/src/main/java/org/opensearch/security/util/KeyUtils.java
index 4f03c08cd5..c232dda3a2 100644
--- a/src/main/java/org/opensearch/security/util/KeyUtils.java
+++ b/src/main/java/org/opensearch/security/util/KeyUtils.java
@@ -11,6 +11,14 @@
package org.opensearch.security.util;
+import io.jsonwebtoken.JwtParserBuilder;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
+import org.apache.logging.log4j.Logger;
+import org.opensearch.OpenSearchSecurityException;
+import org.opensearch.SpecialPermission;
+import org.opensearch.core.common.Strings;
+
import java.security.AccessController;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
@@ -21,16 +29,6 @@
import java.util.Base64;
import java.util.Objects;
-import org.apache.logging.log4j.Logger;
-
-import org.opensearch.OpenSearchSecurityException;
-import org.opensearch.SpecialPermission;
-import org.opensearch.core.common.Strings;
-
-import io.jsonwebtoken.JwtParserBuilder;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.security.Keys;
-
public class KeyUtils {
public static JwtParserBuilder createJwtParserBuilderFromSigningKey(final String signingKey, final Logger log) {
diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticatorTest.java b/src/test/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticatorTest.java
index 3c9f2c158a..4f141994e3 100644
--- a/src/test/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticatorTest.java
+++ b/src/test/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticatorTest.java
@@ -21,9 +21,14 @@
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
+
import javax.crypto.SecretKey;
import com.google.common.io.BaseEncoding;
+import io.jsonwebtoken.JwtBuilder;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
import org.apache.hc.core5.http.HttpHeaders;
import org.junit.Assert;
import org.junit.Test;
@@ -33,11 +38,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.util.FakeRestRequest;
-import io.jsonwebtoken.JwtBuilder;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.security.Keys;
-
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetrieverTest.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetrieverTest.java
index 3030d1775e..273cadca08 100644
--- a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetrieverTest.java
+++ b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetrieverTest.java
@@ -18,6 +18,7 @@
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Map;
+
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
@@ -36,11 +37,11 @@
import org.junit.BeforeClass;
import org.junit.Test;
+import com.amazon.dlic.util.SettingsBasedSSLConfigurator;
+
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.network.SocketUtils;
-import com.amazon.dlic.util.SettingsBasedSSLConfigurator;
-
public class KeySetRetrieverTest {
protected static MockIpdServer mockIdpServer;
diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java
index 703eca4550..20c71b0340 100644
--- a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java
+++ b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java
@@ -18,11 +18,13 @@
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
+
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManagerFactory;
+import com.nimbusds.jose.jwk.JWKSet;
import org.apache.hc.core5.function.Callback;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.ClassicHttpResponse;
@@ -40,8 +42,6 @@
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.network.SocketUtils;
-import com.nimbusds.jose.jwk.JWKSet;
-
class MockIpdServer implements Closeable {
final static String CTX_DISCOVER = "/discover";
final static String CTX_KEYS = "/api/oauth/keys";
diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySetTest.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySetTest.java
index bab23c5fc4..ba7f65b7ee 100644
--- a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySetTest.java
+++ b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySetTest.java
@@ -15,12 +15,11 @@
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
-import org.junit.Assert;
-import org.junit.Test;
-
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.OctetSequenceKey;
+import org.junit.Assert;
+import org.junit.Test;
public class SelfRefreshingKeySetTest {
diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/TestJwts.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/TestJwts.java
index 4a6d5f97e9..9d49596e73 100644
--- a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/TestJwts.java
+++ b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/TestJwts.java
@@ -14,8 +14,6 @@
import java.util.Set;
import com.google.common.collect.ImmutableSet;
-import org.apache.logging.log4j.util.Strings;
-
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
@@ -24,6 +22,7 @@
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
+import org.apache.logging.log4j.util.Strings;
import static com.nimbusds.jwt.JWTClaimNames.EXPIRATION_TIME;
import static com.nimbusds.jwt.JWTClaimNames.NOT_BEFORE;
diff --git a/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java b/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java
index c76a1b546d..bbb0850392 100644
--- a/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java
+++ b/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java
@@ -29,41 +29,41 @@
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+
import javax.net.ssl.KeyManagerFactory;
-import com.google.common.collect.ImmutableMap;
import com.fasterxml.jackson.core.type.TypeReference;
+import com.google.common.collect.ImmutableMap;
+import com.nimbusds.jwt.SignedJWT;
import org.hamcrest.Matchers;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
+import org.opensaml.saml.saml2.core.NameIDType;
+import org.opensearch.core.common.bytes.BytesArray;
import org.opensearch.common.io.stream.BytesStreamOutput;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.common.bytes.BytesArray;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.MediaType;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.rest.RestChannel;
import org.opensearch.rest.RestRequest;
import org.opensearch.rest.RestRequest.Method;
import org.opensearch.rest.RestResponse;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.DefaultObjectMapper;
-import org.opensearch.security.filter.SecurityRequest;
import org.opensearch.security.filter.SecurityRequestFactory;
import org.opensearch.security.filter.SecurityResponse;
+import org.opensearch.security.filter.SecurityRequest;
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.util.FakeRestRequest;
-import com.nimbusds.jwt.SignedJWT;
-import org.opensaml.saml.saml2.core.NameIDType;
-
-import static org.hamcrest.MatcherAssert.assertThat;
import static com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator.IDP_METADATA_CONTENT;
import static com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator.IDP_METADATA_URL;
+import static org.hamcrest.MatcherAssert.assertThat;
public class HTTPSamlAuthenticatorTest {
protected MockSamlIdpServer mockSamlIdpServer;
diff --git a/src/test/java/com/amazon/dlic/auth/http/saml/MockSamlIdpServer.java b/src/test/java/com/amazon/dlic/auth/http/saml/MockSamlIdpServer.java
index 1cf9205a67..c984b4f670 100644
--- a/src/test/java/com/amazon/dlic/auth/http/saml/MockSamlIdpServer.java
+++ b/src/test/java/com/amazon/dlic/auth/http/saml/MockSamlIdpServer.java
@@ -42,6 +42,7 @@
import java.util.Locale;
import java.util.Map;
import java.util.stream.Collectors;
+
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
@@ -61,6 +62,9 @@
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
+import net.shibboleth.utilities.java.support.codec.Base64Support;
+import net.shibboleth.utilities.java.support.codec.EncodingException;
+import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.apache.hc.core5.function.Callback;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.ClassicHttpResponse;
@@ -82,13 +86,6 @@
import org.apache.hc.core5.http.message.BasicHttpRequest;
import org.apache.hc.core5.http.protocol.HttpContext;
import org.apache.hc.core5.net.URIBuilder;
-
-import org.opensearch.security.test.helper.file.FileHelper;
-import org.opensearch.security.test.helper.network.SocketUtils;
-
-import net.shibboleth.utilities.java.support.codec.Base64Support;
-import net.shibboleth.utilities.java.support.codec.EncodingException;
-import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.XMLObjectBuilderFactory;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
@@ -153,6 +150,9 @@
import org.opensaml.xmlsec.signature.support.impl.ExplicitKeySignatureTrustEngine;
import org.w3c.dom.Document;
+import org.opensearch.security.test.helper.file.FileHelper;
+import org.opensearch.security.test.helper.network.SocketUtils;
+
class MockSamlIdpServer implements Closeable {
final static String ENTITY_ID = "http://test.entity";
diff --git a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendIntegTest.java b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendIntegTest.java
index 6fda346a93..61792c1eed 100644
--- a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendIntegTest.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendIntegTest.java
@@ -11,13 +11,15 @@
package com.amazon.dlic.auth.ldap;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
+import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
+
import org.opensearch.common.settings.Settings;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.test.DynamicSecurityConfig;
@@ -26,8 +28,6 @@
import org.opensearch.security.test.helper.rest.RestHelper;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
-import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
-
public class LdapBackendIntegTest extends SingleClusterTest {
private static EmbeddedLDAPServer ldapServer = null;
diff --git a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTest.java b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTest.java
index 4fe7ad0514..4bbf94f729 100755
--- a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTest.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTest.java
@@ -20,6 +20,16 @@
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
+import org.ldaptive.Connection;
+import org.ldaptive.LdapAttribute;
+import org.ldaptive.LdapEntry;
+import org.ldaptive.ReturnAttributes;
+
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend;
+import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.LdapHelper;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.common.settings.Settings;
@@ -28,16 +38,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend;
-import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.LdapHelper;
-import org.ldaptive.Connection;
-import org.ldaptive.LdapAttribute;
-import org.ldaptive.LdapEntry;
-import org.ldaptive.ReturnAttributes;
-
import static org.hamcrest.Matchers.hasItem;
public class LdapBackendTest {
diff --git a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestClientCert.java b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestClientCert.java
index b5cc56f84b..1765b5fd26 100644
--- a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestClientCert.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestClientCert.java
@@ -21,14 +21,14 @@
import org.junit.Ignore;
import org.junit.Test;
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+
import org.opensearch.common.settings.Settings;
import org.opensearch.security.ssl.util.ExceptionUtils;
import org.opensearch.security.ssl.util.SSLConfigConstants;
import org.opensearch.security.user.AuthCredentials;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-
@Ignore
public class LdapBackendTestClientCert {
diff --git a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestNewStyleConfig.java b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestNewStyleConfig.java
index a6ae9eb79d..3026ffcd61 100644
--- a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestNewStyleConfig.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestNewStyleConfig.java
@@ -21,6 +21,15 @@
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
+import org.ldaptive.Connection;
+import org.ldaptive.LdapEntry;
+import org.ldaptive.ReturnAttributes;
+
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend;
+import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.LdapHelper;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.common.settings.Settings;
@@ -29,15 +38,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend;
-import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.LdapHelper;
-import org.ldaptive.Connection;
-import org.ldaptive.LdapEntry;
-import org.ldaptive.ReturnAttributes;
-
import static org.hamcrest.Matchers.hasItem;
public class LdapBackendTestNewStyleConfig {
diff --git a/src/test/java/com/amazon/dlic/auth/ldap/srv/LdapServer.java b/src/test/java/com/amazon/dlic/auth/ldap/srv/LdapServer.java
index 36bb37494d..bb7738d3fd 100644
--- a/src/test/java/com/amazon/dlic/auth/ldap/srv/LdapServer.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap/srv/LdapServer.java
@@ -25,13 +25,6 @@
import java.util.concurrent.locks.ReentrantLock;
import com.google.common.io.CharStreams;
-import org.apache.commons.lang3.exception.ExceptionUtils;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-
-import org.opensearch.security.test.helper.file.FileHelper;
-import org.opensearch.security.test.helper.network.SocketUtils;
-
import com.unboundid.ldap.listener.InMemoryDirectoryServer;
import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
import com.unboundid.ldap.listener.InMemoryListenerConfig;
@@ -43,6 +36,12 @@
import com.unboundid.util.ssl.KeyStoreKeyManager;
import com.unboundid.util.ssl.SSLUtil;
import com.unboundid.util.ssl.TrustStoreTrustManager;
+import org.apache.commons.lang3.exception.ExceptionUtils;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import org.opensearch.security.test.helper.file.FileHelper;
+import org.opensearch.security.test.helper.network.SocketUtils;
final class LdapServer {
private final static Logger LOG = LogManager.getLogger(LdapServer.class);
diff --git a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendIntegTest2.java b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendIntegTest2.java
index 6f0958790a..31dc6be012 100644
--- a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendIntegTest2.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendIntegTest2.java
@@ -11,13 +11,15 @@
package com.amazon.dlic.auth.ldap2;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
+import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
+
import org.opensearch.common.settings.Settings;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.test.DynamicSecurityConfig;
@@ -26,8 +28,6 @@
import org.opensearch.security.test.helper.rest.RestHelper;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
-import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
-
public class LdapBackendIntegTest2 extends SingleClusterTest {
private static EmbeddedLDAPServer ldapServer = null;
diff --git a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestClientCert2.java b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestClientCert2.java
index 64e9521155..6ba7a84b4a 100644
--- a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestClientCert2.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestClientCert2.java
@@ -21,14 +21,14 @@
import org.junit.Ignore;
import org.junit.Test;
+import com.amazon.dlic.auth.ldap.LdapUser;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+
import org.opensearch.common.settings.Settings;
import org.opensearch.security.ssl.util.ExceptionUtils;
import org.opensearch.security.ssl.util.SSLConfigConstants;
import org.opensearch.security.user.AuthCredentials;
-import com.amazon.dlic.auth.ldap.LdapUser;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-
@Ignore
public class LdapBackendTestClientCert2 {
diff --git a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestNewStyleConfig2.java b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestNewStyleConfig2.java
index 634584c167..4bd9f92083 100644
--- a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestNewStyleConfig2.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestNewStyleConfig2.java
@@ -27,6 +27,17 @@
import org.junit.runners.Parameterized;
import org.junit.runners.Parameterized.Parameter;
import org.junit.runners.Parameterized.Parameters;
+import org.ldaptive.Connection;
+import org.ldaptive.LdapAttribute;
+import org.ldaptive.LdapEntry;
+import org.ldaptive.ReturnAttributes;
+
+import com.amazon.dlic.auth.ldap.LdapUser;
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend;
+import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.LdapHelper;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.common.settings.Settings;
@@ -36,17 +47,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.LdapUser;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend;
-import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.LdapHelper;
-import org.ldaptive.Connection;
-import org.ldaptive.LdapAttribute;
-import org.ldaptive.LdapEntry;
-import org.ldaptive.ReturnAttributes;
-
import static org.hamcrest.Matchers.hasItem;
@RunWith(Parameterized.class)
diff --git a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestOldStyleConfig2.java b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestOldStyleConfig2.java
index 5c4a85d6cc..7f7d6646b2 100755
--- a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestOldStyleConfig2.java
+++ b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestOldStyleConfig2.java
@@ -27,6 +27,17 @@
import org.junit.runners.Parameterized;
import org.junit.runners.Parameterized.Parameter;
import org.junit.runners.Parameterized.Parameters;
+import org.ldaptive.Connection;
+import org.ldaptive.LdapAttribute;
+import org.ldaptive.LdapEntry;
+import org.ldaptive.ReturnAttributes;
+
+import com.amazon.dlic.auth.ldap.LdapUser;
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
+import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend;
+import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
+import com.amazon.dlic.auth.ldap.util.ConfigConstants;
+import com.amazon.dlic.auth.ldap.util.LdapHelper;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.common.settings.Settings;
@@ -36,17 +47,6 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.LdapUser;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend;
-import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend;
-import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer;
-import com.amazon.dlic.auth.ldap.util.ConfigConstants;
-import com.amazon.dlic.auth.ldap.util.LdapHelper;
-import org.ldaptive.Connection;
-import org.ldaptive.LdapAttribute;
-import org.ldaptive.LdapEntry;
-import org.ldaptive.ReturnAttributes;
-
import static org.hamcrest.Matchers.hasItem;
@RunWith(Parameterized.class)
diff --git a/src/test/java/org/opensearch/node/PluginAwareNode.java b/src/test/java/org/opensearch/node/PluginAwareNode.java
index d992017c27..19cda27e81 100644
--- a/src/test/java/org/opensearch/node/PluginAwareNode.java
+++ b/src/test/java/org/opensearch/node/PluginAwareNode.java
@@ -26,12 +26,12 @@
package org.opensearch.node;
-import java.util.Collection;
-import java.util.Collections;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.plugins.Plugin;
+import java.util.Collection;
+import java.util.Collections;
+
public class PluginAwareNode extends Node {
private final boolean clusterManagerEligible;
diff --git a/src/test/java/org/opensearch/security/AdvancedSecurityMigrationTests.java b/src/test/java/org/opensearch/security/AdvancedSecurityMigrationTests.java
index e8ac049385..5cf9485892 100644
--- a/src/test/java/org/opensearch/security/AdvancedSecurityMigrationTests.java
+++ b/src/test/java/org/opensearch/security/AdvancedSecurityMigrationTests.java
@@ -15,7 +15,7 @@
import java.util.Arrays;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
diff --git a/src/test/java/org/opensearch/security/AggregationTests.java b/src/test/java/org/opensearch/security/AggregationTests.java
index a61d5d169d..c6591125d5 100644
--- a/src/test/java/org/opensearch/security/AggregationTests.java
+++ b/src/test/java/org/opensearch/security/AggregationTests.java
@@ -26,7 +26,7 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/DataStreamIntegrationTests.java b/src/test/java/org/opensearch/security/DataStreamIntegrationTests.java
index 773244c7ea..2f4e665001 100644
--- a/src/test/java/org/opensearch/security/DataStreamIntegrationTests.java
+++ b/src/test/java/org/opensearch/security/DataStreamIntegrationTests.java
@@ -11,7 +11,7 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/EncryptionInTransitMigrationTests.java b/src/test/java/org/opensearch/security/EncryptionInTransitMigrationTests.java
index 462cd591e6..a028f2d43d 100644
--- a/src/test/java/org/opensearch/security/EncryptionInTransitMigrationTests.java
+++ b/src/test/java/org/opensearch/security/EncryptionInTransitMigrationTests.java
@@ -10,7 +10,7 @@
*/
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/HealthTests.java b/src/test/java/org/opensearch/security/HealthTests.java
index c36440f1a2..385757ea53 100644
--- a/src/test/java/org/opensearch/security/HealthTests.java
+++ b/src/test/java/org/opensearch/security/HealthTests.java
@@ -26,7 +26,7 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/HttpIntegrationTests.java b/src/test/java/org/opensearch/security/HttpIntegrationTests.java
index 60abaf8efe..41b19121de 100644
--- a/src/test/java/org/opensearch/security/HttpIntegrationTests.java
+++ b/src/test/java/org/opensearch/security/HttpIntegrationTests.java
@@ -26,18 +26,13 @@
package org.opensearch.security;
-import java.io.File;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.Files;
-
import com.fasterxml.jackson.databind.JsonNode;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.NoHttpResponseException;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;
-
import org.opensearch.action.admin.indices.alias.IndicesAliasesRequest;
import org.opensearch.action.admin.indices.alias.IndicesAliasesRequest.AliasActions;
import org.opensearch.action.admin.indices.create.CreateIndexRequest;
@@ -57,6 +52,10 @@
import org.opensearch.security.test.helper.rest.RestHelper;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
+import java.io.File;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+
import static org.opensearch.security.DefaultObjectMapper.readTree;
public class HttpIntegrationTests extends SingleClusterTest {
diff --git a/src/test/java/org/opensearch/security/IndexIntegrationTests.java b/src/test/java/org/opensearch/security/IndexIntegrationTests.java
index 3d024f28f7..a5c137d61e 100644
--- a/src/test/java/org/opensearch/security/IndexIntegrationTests.java
+++ b/src/test/java/org/opensearch/security/IndexIntegrationTests.java
@@ -31,7 +31,7 @@
import java.util.Date;
import java.util.TimeZone;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/IndexTemplateClusterPermissionsCheckTest.java b/src/test/java/org/opensearch/security/IndexTemplateClusterPermissionsCheckTest.java
index 03d26e2062..e08367d2b2 100644
--- a/src/test/java/org/opensearch/security/IndexTemplateClusterPermissionsCheckTest.java
+++ b/src/test/java/org/opensearch/security/IndexTemplateClusterPermissionsCheckTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/InitializationIntegrationTests.java b/src/test/java/org/opensearch/security/InitializationIntegrationTests.java
index 78b03a5fab..79ab0c020b 100644
--- a/src/test/java/org/opensearch/security/InitializationIntegrationTests.java
+++ b/src/test/java/org/opensearch/security/InitializationIntegrationTests.java
@@ -32,9 +32,9 @@
import com.fasterxml.jackson.databind.JsonNode;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.HttpVersion;
import org.apache.hc.core5.http2.HttpVersionPolicy;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/IntegrationTests.java b/src/test/java/org/opensearch/security/IntegrationTests.java
index 31a46be331..1bf046c40a 100644
--- a/src/test/java/org/opensearch/security/IntegrationTests.java
+++ b/src/test/java/org/opensearch/security/IntegrationTests.java
@@ -29,8 +29,8 @@
import java.util.TreeSet;
import com.fasterxml.jackson.databind.JsonNode;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Test;
@@ -56,8 +56,6 @@
import org.opensearch.security.test.helper.rest.RestHelper;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
-import io.netty.handler.ssl.OpenSsl;
-
import static org.opensearch.security.DefaultObjectMapper.readTree;
public class IntegrationTests extends SingleClusterTest {
diff --git a/src/test/java/org/opensearch/security/PitIntegrationTests.java b/src/test/java/org/opensearch/security/PitIntegrationTests.java
index 035cc2ce3e..c1c25fcf9c 100644
--- a/src/test/java/org/opensearch/security/PitIntegrationTests.java
+++ b/src/test/java/org/opensearch/security/PitIntegrationTests.java
@@ -13,7 +13,7 @@
import java.util.ArrayList;
import java.util.List;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/ResolveAPITests.java b/src/test/java/org/opensearch/security/ResolveAPITests.java
index 088702acd9..765d933432 100644
--- a/src/test/java/org/opensearch/security/ResolveAPITests.java
+++ b/src/test/java/org/opensearch/security/ResolveAPITests.java
@@ -15,7 +15,7 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.junit.Assert;
diff --git a/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java b/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java
index 3137eab640..c4abf42904 100644
--- a/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java
+++ b/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java
@@ -34,8 +34,8 @@
import org.opensearch.cluster.health.ClusterHealthStatus;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.service.ClusterService;
-import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.io.stream.NamedWriteableRegistry;
+import org.opensearch.common.settings.Settings;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.env.Environment;
import org.opensearch.env.NodeEnvironment;
diff --git a/src/test/java/org/opensearch/security/RolesValidationIntegTest.java b/src/test/java/org/opensearch/security/RolesValidationIntegTest.java
index 6d62d407b1..9c8f52fa3e 100644
--- a/src/test/java/org/opensearch/security/RolesValidationIntegTest.java
+++ b/src/test/java/org/opensearch/security/RolesValidationIntegTest.java
@@ -28,8 +28,8 @@
import org.opensearch.client.Client;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.service.ClusterService;
-import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.io.stream.NamedWriteableRegistry;
+import org.opensearch.common.settings.Settings;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.env.Environment;
import org.opensearch.env.NodeEnvironment;
diff --git a/src/test/java/org/opensearch/security/SecurityAdminIEndpointsTests.java b/src/test/java/org/opensearch/security/SecurityAdminIEndpointsTests.java
index b8da89e2dc..99cf3b82fe 100644
--- a/src/test/java/org/opensearch/security/SecurityAdminIEndpointsTests.java
+++ b/src/test/java/org/opensearch/security/SecurityAdminIEndpointsTests.java
@@ -11,7 +11,7 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/SecurityAdminInvalidConfigsTests.java b/src/test/java/org/opensearch/security/SecurityAdminInvalidConfigsTests.java
index 6cb89dc18f..1586878b9f 100644
--- a/src/test/java/org/opensearch/security/SecurityAdminInvalidConfigsTests.java
+++ b/src/test/java/org/opensearch/security/SecurityAdminInvalidConfigsTests.java
@@ -30,7 +30,7 @@
import java.util.ArrayList;
import java.util.List;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/SecurityAdminTests.java b/src/test/java/org/opensearch/security/SecurityAdminTests.java
index 760f2a33d7..d2b7dab37d 100644
--- a/src/test/java/org/opensearch/security/SecurityAdminTests.java
+++ b/src/test/java/org/opensearch/security/SecurityAdminTests.java
@@ -25,7 +25,7 @@
import java.util.List;
import java.util.Objects;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/SecurityRolesTests.java b/src/test/java/org/opensearch/security/SecurityRolesTests.java
index 24a6bafbb8..0b4dd0b95b 100644
--- a/src/test/java/org/opensearch/security/SecurityRolesTests.java
+++ b/src/test/java/org/opensearch/security/SecurityRolesTests.java
@@ -26,8 +26,8 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/SlowIntegrationTests.java b/src/test/java/org/opensearch/security/SlowIntegrationTests.java
index 28ec9f8d88..76a162ab9f 100644
--- a/src/test/java/org/opensearch/security/SlowIntegrationTests.java
+++ b/src/test/java/org/opensearch/security/SlowIntegrationTests.java
@@ -29,7 +29,7 @@
import java.io.IOException;
import com.google.common.collect.Lists;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/SnapshotRestoreTests.java b/src/test/java/org/opensearch/security/SnapshotRestoreTests.java
index 1c884a8e5d..1e9c26d898 100644
--- a/src/test/java/org/opensearch/security/SnapshotRestoreTests.java
+++ b/src/test/java/org/opensearch/security/SnapshotRestoreTests.java
@@ -29,7 +29,7 @@
import java.util.Arrays;
import java.util.List;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/SystemIntegratorsTests.java b/src/test/java/org/opensearch/security/SystemIntegratorsTests.java
index 27e44b1ce5..b927ceaba2 100644
--- a/src/test/java/org/opensearch/security/SystemIntegratorsTests.java
+++ b/src/test/java/org/opensearch/security/SystemIntegratorsTests.java
@@ -27,8 +27,8 @@
package org.opensearch.security;
import com.google.common.collect.Lists;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/TaskTests.java b/src/test/java/org/opensearch/security/TaskTests.java
index 39bb21f164..e58fa5c6a9 100644
--- a/src/test/java/org/opensearch/security/TaskTests.java
+++ b/src/test/java/org/opensearch/security/TaskTests.java
@@ -17,8 +17,8 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/TracingTests.java b/src/test/java/org/opensearch/security/TracingTests.java
index 55dccdee35..7ae663a41f 100644
--- a/src/test/java/org/opensearch/security/TracingTests.java
+++ b/src/test/java/org/opensearch/security/TracingTests.java
@@ -26,7 +26,7 @@
package org.opensearch.security;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java b/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java
index b13e5fbb20..f97919b2f7 100644
--- a/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java
+++ b/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java
@@ -26,8 +26,8 @@
import org.opensearch.client.Client;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.service.ClusterService;
-import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.io.stream.NamedWriteableRegistry;
+import org.opensearch.common.settings.Settings;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.env.Environment;
import org.opensearch.env.NodeEnvironment;
diff --git a/src/test/java/org/opensearch/security/UserServiceUnitTests.java b/src/test/java/org/opensearch/security/UserServiceUnitTests.java
index 48c37748fc..6bdef8d167 100644
--- a/src/test/java/org/opensearch/security/UserServiceUnitTests.java
+++ b/src/test/java/org/opensearch/security/UserServiceUnitTests.java
@@ -11,17 +11,12 @@
package org.opensearch.security;
-import java.io.File;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.Files;
-
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
-
+import org.mockito.Mock;
import org.opensearch.client.Client;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
@@ -31,7 +26,11 @@
import org.opensearch.security.user.UserFilterType;
import org.opensearch.security.user.UserService;
-import org.mockito.Mock;
+import java.io.File;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
public class UserServiceUnitTests {
SecurityDynamicConfiguration config;
diff --git a/src/test/java/org/opensearch/security/UtilTests.java b/src/test/java/org/opensearch/security/UtilTests.java
index 3b6ed2edc9..f64c905667 100644
--- a/src/test/java/org/opensearch/security/UtilTests.java
+++ b/src/test/java/org/opensearch/security/UtilTests.java
@@ -28,8 +28,8 @@
import java.util.Map;
-import org.junit.Test;
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
+import org.junit.Test;
import org.opensearch.common.settings.Settings;
import org.opensearch.security.support.ConfigConstants;
diff --git a/src/test/java/org/opensearch/security/auditlog/AbstractAuditlogiUnitTest.java b/src/test/java/org/opensearch/security/auditlog/AbstractAuditlogiUnitTest.java
index 3d814231cf..bad71c75f4 100644
--- a/src/test/java/org/opensearch/security/auditlog/AbstractAuditlogiUnitTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/AbstractAuditlogiUnitTest.java
@@ -11,11 +11,7 @@
package org.opensearch.security.auditlog;
-import java.util.Arrays;
-import java.util.Collection;
-
import com.fasterxml.jackson.databind.JsonNode;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.security.DefaultObjectMapper;
import org.opensearch.security.auditlog.config.AuditConfig;
@@ -26,6 +22,9 @@
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.rest.RestHelper;
+import java.util.Arrays;
+import java.util.Collection;
+
import static org.opensearch.security.auditlog.config.AuditConfig.DEPRECATED_KEYS;
public abstract class AbstractAuditlogiUnitTest extends SingleClusterTest {
diff --git a/src/test/java/org/opensearch/security/auditlog/AuditTestUtils.java b/src/test/java/org/opensearch/security/auditlog/AuditTestUtils.java
index 98f5fab88e..ad3f6afbce 100644
--- a/src/test/java/org/opensearch/security/auditlog/AuditTestUtils.java
+++ b/src/test/java/org/opensearch/security/auditlog/AuditTestUtils.java
@@ -15,7 +15,7 @@
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.opensearch.client.Client;
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
diff --git a/src/test/java/org/opensearch/security/auditlog/compliance/ComplianceAuditlogTest.java b/src/test/java/org/opensearch/security/auditlog/compliance/ComplianceAuditlogTest.java
index 773180bd1b..b4c0b55bfb 100644
--- a/src/test/java/org/opensearch/security/auditlog/compliance/ComplianceAuditlogTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/compliance/ComplianceAuditlogTest.java
@@ -18,7 +18,7 @@
import com.google.common.collect.ImmutableMap;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/auditlog/compliance/RestApiComplianceAuditlogTest.java b/src/test/java/org/opensearch/security/auditlog/compliance/RestApiComplianceAuditlogTest.java
index cf06726ea1..db69333550 100644
--- a/src/test/java/org/opensearch/security/auditlog/compliance/RestApiComplianceAuditlogTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/compliance/RestApiComplianceAuditlogTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.auditlog.compliance;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/auditlog/config/AuditConfigFilterTest.java b/src/test/java/org/opensearch/security/auditlog/config/AuditConfigFilterTest.java
index e40e65549f..fad4cabbc5 100644
--- a/src/test/java/org/opensearch/security/auditlog/config/AuditConfigFilterTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/config/AuditConfigFilterTest.java
@@ -28,16 +28,16 @@
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
import static org.opensearch.security.auditlog.impl.AuditCategory.AUTHENTICATED;
import static org.opensearch.security.auditlog.impl.AuditCategory.BAD_HEADERS;
import static org.opensearch.security.auditlog.impl.AuditCategory.FAILED_LOGIN;
import static org.opensearch.security.auditlog.impl.AuditCategory.GRANTED_PRIVILEGES;
import static org.opensearch.security.auditlog.impl.AuditCategory.MISSING_PRIVILEGES;
import static org.opensearch.security.auditlog.impl.AuditCategory.SSL_EXCEPTION;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertSame;
-import static org.junit.Assert.assertTrue;
public class AuditConfigFilterTest {
diff --git a/src/test/java/org/opensearch/security/auditlog/config/AuditConfigSerializeTest.java b/src/test/java/org/opensearch/security/auditlog/config/AuditConfigSerializeTest.java
index 0b50c2ac20..33dad63e5f 100644
--- a/src/test/java/org/opensearch/security/auditlog/config/AuditConfigSerializeTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/config/AuditConfigSerializeTest.java
@@ -15,12 +15,12 @@
import java.util.Collections;
import java.util.EnumSet;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.InjectableValues;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
import org.junit.Before;
import org.junit.Test;
@@ -32,12 +32,12 @@
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.support.WildcardMatcher;
-import static org.opensearch.security.auditlog.impl.AuditCategory.AUTHENTICATED;
-import static org.opensearch.security.auditlog.impl.AuditCategory.GRANTED_PRIVILEGES;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
+import static org.opensearch.security.auditlog.impl.AuditCategory.AUTHENTICATED;
+import static org.opensearch.security.auditlog.impl.AuditCategory.GRANTED_PRIVILEGES;
public class AuditConfigSerializeTest {
diff --git a/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java b/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java
index d915c02e55..f53872bb3a 100644
--- a/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java
@@ -24,9 +24,9 @@
import org.opensearch.cluster.ClusterName;
import org.opensearch.cluster.node.DiscoveryNode;
import org.opensearch.cluster.service.ClusterService;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.securityconf.impl.CType;
diff --git a/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java b/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java
index 15728537e2..796c73b811 100644
--- a/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java
+++ b/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java
@@ -11,7 +11,7 @@
package org.opensearch.security.auditlog.impl;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/auditlog/integration/BasicAuditlogTest.java b/src/test/java/org/opensearch/security/auditlog/integration/BasicAuditlogTest.java
index 6c1812c32b..142ff3231f 100644
--- a/src/test/java/org/opensearch/security/auditlog/integration/BasicAuditlogTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/integration/BasicAuditlogTest.java
@@ -16,8 +16,8 @@
import com.google.common.collect.ImmutableMap;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/auditlog/integration/SSLAuditlogTest.java b/src/test/java/org/opensearch/security/auditlog/integration/SSLAuditlogTest.java
index 82c56d4b23..0b92c952f6 100644
--- a/src/test/java/org/opensearch/security/auditlog/integration/SSLAuditlogTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/integration/SSLAuditlogTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.auditlog.integration;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/auditlog/sink/KafkaSinkTest.java b/src/test/java/org/opensearch/security/auditlog/sink/KafkaSinkTest.java
index af856e2e90..bf567c6ebe 100644
--- a/src/test/java/org/opensearch/security/auditlog/sink/KafkaSinkTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/sink/KafkaSinkTest.java
@@ -22,6 +22,7 @@
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.Test;
+import org.springframework.kafka.test.rule.EmbeddedKafkaRule;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.xcontent.yaml.YamlXContent;
@@ -30,8 +31,6 @@
import org.opensearch.security.auditlog.impl.AuditCategory;
import org.opensearch.security.test.helper.file.FileHelper;
-import org.springframework.kafka.test.rule.EmbeddedKafkaRule;
-
public class KafkaSinkTest extends AbstractAuditlogiUnitTest {
@ClassRule
diff --git a/src/test/java/org/opensearch/security/auditlog/sink/SinkProviderTLSTest.java b/src/test/java/org/opensearch/security/auditlog/sink/SinkProviderTLSTest.java
index b7ebc12fb0..49853a05fa 100644
--- a/src/test/java/org/opensearch/security/auditlog/sink/SinkProviderTLSTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/sink/SinkProviderTLSTest.java
@@ -16,6 +16,7 @@
import java.io.InputStream;
import java.net.ServerSocket;
import java.security.KeyStore;
+
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
diff --git a/src/test/java/org/opensearch/security/auditlog/sink/WebhookAuditLogTest.java b/src/test/java/org/opensearch/security/auditlog/sink/WebhookAuditLogTest.java
index a7d6919e0f..28469d1a9b 100644
--- a/src/test/java/org/opensearch/security/auditlog/sink/WebhookAuditLogTest.java
+++ b/src/test/java/org/opensearch/security/auditlog/sink/WebhookAuditLogTest.java
@@ -19,6 +19,7 @@
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.util.Objects;
+
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
diff --git a/src/test/java/org/opensearch/security/auth/InternalAuthBackendTests.java b/src/test/java/org/opensearch/security/auth/InternalAuthBackendTests.java
index b9503e79f1..c059c890ab 100644
--- a/src/test/java/org/opensearch/security/auth/InternalAuthBackendTests.java
+++ b/src/test/java/org/opensearch/security/auth/InternalAuthBackendTests.java
@@ -19,14 +19,13 @@
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.security.auth.internal.InternalAuthenticationBackend;
import org.opensearch.security.securityconf.InternalUsersModel;
import org.opensearch.security.user.AuthCredentials;
-import org.mockito.Mockito;
-
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
diff --git a/src/test/java/org/opensearch/security/auth/RolesInjectorTest.java b/src/test/java/org/opensearch/security/auth/RolesInjectorTest.java
index 4e893547d2..63eb32f862 100644
--- a/src/test/java/org/opensearch/security/auth/RolesInjectorTest.java
+++ b/src/test/java/org/opensearch/security/auth/RolesInjectorTest.java
@@ -30,9 +30,9 @@
import org.opensearch.tasks.Task;
import org.opensearch.transport.TransportRequest;
-import static org.opensearch.security.support.ConfigConstants.OPENDISTRO_SECURITY_INJECTED_ROLES;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.mock;
+import static org.opensearch.security.support.ConfigConstants.OPENDISTRO_SECURITY_INJECTED_ROLES;
public class RolesInjectorTest {
diff --git a/src/test/java/org/opensearch/security/auth/UserInjectorTest.java b/src/test/java/org/opensearch/security/auth/UserInjectorTest.java
index ca64967ba7..df89b09981 100644
--- a/src/test/java/org/opensearch/security/auth/UserInjectorTest.java
+++ b/src/test/java/org/opensearch/security/auth/UserInjectorTest.java
@@ -17,6 +17,7 @@
import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
@@ -28,8 +29,6 @@
import org.opensearch.threadpool.ThreadPool;
import org.opensearch.transport.TransportRequest;
-import org.mockito.Mockito;
-
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
diff --git a/src/test/java/org/opensearch/security/auth/limiting/AddressBasedRateLimiterTest.java b/src/test/java/org/opensearch/security/auth/limiting/AddressBasedRateLimiterTest.java
index 70c7ce0435..69ddc5c03a 100644
--- a/src/test/java/org/opensearch/security/auth/limiting/AddressBasedRateLimiterTest.java
+++ b/src/test/java/org/opensearch/security/auth/limiting/AddressBasedRateLimiterTest.java
@@ -17,12 +17,12 @@
package org.opensearch.security.auth.limiting;
-import java.net.InetAddress;
-
import org.junit.Test;
import org.opensearch.common.settings.Settings;
+import java.net.InetAddress;
+
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/authtoken/jwt/AuthTokenUtilsTest.java b/src/test/java/org/opensearch/security/authtoken/jwt/AuthTokenUtilsTest.java
index e0026155de..4072d94436 100644
--- a/src/test/java/org/opensearch/security/authtoken/jwt/AuthTokenUtilsTest.java
+++ b/src/test/java/org/opensearch/security/authtoken/jwt/AuthTokenUtilsTest.java
@@ -11,16 +11,15 @@
package org.opensearch.security.authtoken.jwt;
-import java.util.Collections;
-
-import org.junit.Test;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.rest.RestRequest;
import org.opensearch.security.filter.SecurityRequestFactory;
import org.opensearch.security.util.AuthTokenUtils;
import org.opensearch.test.rest.FakeRestRequest;
+import org.junit.Test;
+
+import java.util.Collections;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtilsTest.java b/src/test/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtilsTest.java
index df6456303a..4890f380f9 100644
--- a/src/test/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtilsTest.java
+++ b/src/test/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtilsTest.java
@@ -11,10 +11,9 @@
package org.opensearch.security.authtoken.jwt;
-import java.util.Base64;
-
import org.junit.Assert;
import org.junit.Test;
+import java.util.Base64;
public class EncryptionDecryptionUtilsTest {
diff --git a/src/test/java/org/opensearch/security/authtoken/jwt/JwtVendorTest.java b/src/test/java/org/opensearch/security/authtoken/jwt/JwtVendorTest.java
index 76a3847084..9c51dd714b 100644
--- a/src/test/java/org/opensearch/security/authtoken/jwt/JwtVendorTest.java
+++ b/src/test/java/org/opensearch/security/authtoken/jwt/JwtVendorTest.java
@@ -18,6 +18,7 @@
import java.util.function.LongSupplier;
import com.google.common.io.BaseEncoding;
+import com.nimbusds.jwt.SignedJWT;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
@@ -26,7 +27,7 @@
import org.apache.logging.log4j.core.Logger;
import org.junit.Assert;
import org.junit.Test;
-
+import org.mockito.ArgumentCaptor;
import org.opensearch.OpenSearchException;
import org.opensearch.common.collect.Tuple;
import org.opensearch.common.settings.Settings;
@@ -34,8 +35,6 @@
import com.nimbusds.jose.JWSSigner;
import com.nimbusds.jose.jwk.JWK;
-import com.nimbusds.jwt.SignedJWT;
-import org.mockito.ArgumentCaptor;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsString;
@@ -43,7 +42,9 @@
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.not;
import static org.hamcrest.Matchers.nullValue;
+
import static org.hamcrest.core.IsNull.notNullValue;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtilTest.java b/src/test/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtilTest.java
index 2633c75c2f..78bd950964 100644
--- a/src/test/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtilTest.java
+++ b/src/test/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtilTest.java
@@ -11,9 +11,8 @@
package org.opensearch.security.authtoken.jwt;
-import org.junit.Test;
-
import com.nimbusds.jose.JWSAlgorithm;
+import org.junit.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
diff --git a/src/test/java/org/opensearch/security/cache/CachingTest.java b/src/test/java/org/opensearch/security/cache/CachingTest.java
index 39f0e1315d..cb71be78e1 100644
--- a/src/test/java/org/opensearch/security/cache/CachingTest.java
+++ b/src/test/java/org/opensearch/security/cache/CachingTest.java
@@ -11,8 +11,8 @@
package org.opensearch.security.cache;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/ccstest/CrossClusterSearchTests.java b/src/test/java/org/opensearch/security/ccstest/CrossClusterSearchTests.java
index e2dd28b563..0bf9e0e9df 100644
--- a/src/test/java/org/opensearch/security/ccstest/CrossClusterSearchTests.java
+++ b/src/test/java/org/opensearch/security/ccstest/CrossClusterSearchTests.java
@@ -27,7 +27,7 @@
package org.opensearch.security.ccstest;
import com.google.common.collect.Lists;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/ccstest/RemoteReindexTests.java b/src/test/java/org/opensearch/security/ccstest/RemoteReindexTests.java
index ea329b7b2c..15fe91d822 100644
--- a/src/test/java/org/opensearch/security/ccstest/RemoteReindexTests.java
+++ b/src/test/java/org/opensearch/security/ccstest/RemoteReindexTests.java
@@ -26,7 +26,7 @@
package org.opensearch.security.ccstest;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/configuration/SaltTest.java b/src/test/java/org/opensearch/security/configuration/SaltTest.java
index 918a27e8c5..8af7501810 100644
--- a/src/test/java/org/opensearch/security/configuration/SaltTest.java
+++ b/src/test/java/org/opensearch/security/configuration/SaltTest.java
@@ -21,9 +21,9 @@
import org.opensearch.common.settings.Settings;
import org.opensearch.security.support.ConfigConstants;
-import static org.opensearch.security.configuration.Salt.SALT_SIZE;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
+import static org.opensearch.security.configuration.Salt.SALT_SIZE;
public class SaltTest {
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java
index b5a9e61d76..d1b514a2e6 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java
@@ -24,8 +24,10 @@
import org.junit.Test;
import org.opensearch.OpenSearchSecurityException;
+import org.opensearch.core.action.ActionListener;
import org.opensearch.action.ActionRequest;
import org.opensearch.action.ActionRequestValidationException;
+import org.opensearch.core.action.ActionResponse;
import org.opensearch.action.ActionType;
import org.opensearch.action.IndicesRequest;
import org.opensearch.action.IndicesRequest.Replaceable;
@@ -42,14 +44,11 @@
import org.opensearch.cluster.metadata.IndexNameExpressionResolver;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.inject.Inject;
-import org.opensearch.common.settings.Settings;
-import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.action.ActionListener;
-import org.opensearch.core.action.ActionResponse;
import org.opensearch.core.common.io.stream.NamedWriteableRegistry;
import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.common.io.stream.StreamOutput;
-import org.opensearch.core.rest.RestStatus;
+import org.opensearch.common.settings.Settings;
+import org.opensearch.common.xcontent.XContentType;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.env.Environment;
import org.opensearch.env.NodeEnvironment;
@@ -58,6 +57,7 @@
import org.opensearch.plugins.ActionPlugin;
import org.opensearch.plugins.Plugin;
import org.opensearch.repositories.RepositoriesService;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.script.ScriptService;
import org.opensearch.security.OpenSearchSecurityPlugin;
import org.opensearch.security.support.ConfigConstants;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java
index 3a03e8add4..8490b42f12 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java
@@ -13,7 +13,7 @@
import java.nio.charset.StandardCharsets;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedTest.java
index 672eb2abb0..226574c588 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DateMathTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DateMathTest.java
index 43b78e9803..db15602867 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/DateMathTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DateMathTest.java
@@ -15,7 +15,7 @@
import java.util.Date;
import java.util.TimeZone;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsDateMathTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsDateMathTest.java
index bc349ace37..87d2ea6b52 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsDateMathTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsDateMathTest.java
@@ -15,7 +15,7 @@
import java.time.ZoneId;
import java.time.format.DateTimeFormatter;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java
index 6ac4690a70..ad2b2433cf 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java
index 67abf5f61b..36e7ec0905 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsPropsReplaceTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsPropsReplaceTest.java
index 5fe6419a02..88ebdbe36c 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsPropsReplaceTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsPropsReplaceTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsScrollTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsScrollTest.java
index cc7b9e305d..0662c65109 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsScrollTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsScrollTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java
index 587f759315..e4dffcc31f 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FieldMaskedTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FieldMaskedTest.java
index 2628bebbc0..e18eae5780 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FieldMaskedTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FieldMaskedTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/Fls983Test.java b/src/test/java/org/opensearch/security/dlic/dlsfls/Fls983Test.java
index c486599ea4..c17b5c9f0c 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/Fls983Test.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/Fls983Test.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestAB.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestAB.java
index 5e7584a1bc..33b8296814 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestAB.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestAB.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestForbiddenField.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestForbiddenField.java
index a3776e567c..fd164802d3 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestForbiddenField.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestForbiddenField.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestMulti.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestMulti.java
index e9d32f18ea..5cc9f7423a 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestMulti.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsDlsTestMulti.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java
index bc3d306627..b58b80368a 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java
index a910cf5663..5681479085 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java
@@ -13,7 +13,7 @@
import java.io.IOException;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java
index f6cfd036fd..2c3235cf27 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java
@@ -13,7 +13,7 @@
import java.io.IOException;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFlatTests.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFlatTests.java
index 7899d3c2e5..7a68fcb749 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFlatTests.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFlatTests.java
@@ -11,22 +11,20 @@
package org.opensearch.security.dlic.dlsfls;
-import java.util.function.BiFunction;
-import java.util.function.Consumer;
-
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Test;
-
import org.opensearch.action.admin.indices.create.CreateIndexRequest;
import org.opensearch.action.index.IndexRequest;
import org.opensearch.action.support.WriteRequest.RefreshPolicy;
import org.opensearch.client.Client;
-import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.xcontent.XContentBuilder;
+import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.security.test.DynamicSecurityConfig;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
+import org.opensearch.core.xcontent.XContentBuilder;
+import java.util.function.BiFunction;
+import java.util.function.Consumer;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.core.IsEqual.equalTo;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsIndexingTests.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsIndexingTests.java
index 2d7ed0efcf..2552fcdbc3 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsIndexingTests.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsIndexingTests.java
@@ -12,7 +12,7 @@
package org.opensearch.security.dlic.dlsfls;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Test;
import org.opensearch.action.index.IndexRequest;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsKeywordTests.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsKeywordTests.java
index 1c51ec99b7..8117b7e0ba 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsKeywordTests.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsKeywordTests.java
@@ -14,7 +14,7 @@
import java.util.Arrays;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Test;
import org.opensearch.action.index.IndexRequest;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsPerfTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsPerfTest.java
index 32092cc8ed..81553662fd 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsPerfTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsPerfTest.java
@@ -15,7 +15,7 @@
import java.util.HashMap;
import java.util.Map;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsTest.java
index 66c962051f..a2787af61c 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/IndexPatternTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/IndexPatternTest.java
index 75eb428ee8..29b1a44bcb 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/IndexPatternTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/IndexPatternTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/MFlsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/MFlsTest.java
index 6267aeb9c0..f5408113b6 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/MFlsTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/MFlsTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.dlsfls;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/RenameFieldResponseProcessorTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/RenameFieldResponseProcessorTest.java
index c22d167b6d..f80ac88ea2 100644
--- a/src/test/java/org/opensearch/security/dlic/dlsfls/RenameFieldResponseProcessorTest.java
+++ b/src/test/java/org/opensearch/security/dlic/dlsfls/RenameFieldResponseProcessorTest.java
@@ -12,14 +12,13 @@
package org.opensearch.security.dlic.dlsfls;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Test;
import org.opensearch.action.index.IndexRequest;
+import org.opensearch.security.test.DynamicSecurityConfig;
import org.opensearch.action.support.WriteRequest.RefreshPolicy;
-import org.opensearch.client.Client;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.security.test.DynamicSecurityConfig;
import org.opensearch.security.test.helper.cluster.ClusterConfiguration;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AbstractApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AbstractApiActionValidationTest.java
index f2df09549f..b3d3dc0571 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/AbstractApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/AbstractApiActionValidationTest.java
@@ -11,16 +11,13 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.xcontent.XContentFactory;
@@ -32,8 +29,9 @@
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
import org.opensearch.threadpool.ThreadPool;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AbstractRestApiUnitTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AbstractRestApiUnitTest.java
index f9c4428bc1..c3c2106b05 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/AbstractRestApiUnitTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/AbstractRestApiUnitTest.java
@@ -19,7 +19,7 @@
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.opensearch.common.settings.Settings;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiActionConfigValidationsTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiActionConfigValidationsTest.java
index 8af780e01a..99c6359b45 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiActionConfigValidationsTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiActionConfigValidationsTest.java
@@ -10,15 +10,13 @@
package org.opensearch.security.dlic.rest.api;
import com.fasterxml.jackson.databind.node.ObjectNode;
-import org.junit.Test;
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
-
+import org.junit.Test;
+import org.mockito.Mockito;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.dlic.rest.support.Utils;
import org.opensearch.security.securityconf.impl.v7.InternalUserV7;
-import org.mockito.Mockito;
-
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiTest.java
index f84e28e755..368ef40061 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiTest.java
@@ -12,7 +12,7 @@
package org.opensearch.security.dlic.rest.api;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
@@ -21,12 +21,12 @@
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
-import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
+import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
public class AccountApiTest extends AbstractRestApiUnitTest {
private final String BASE_ENDPOINT;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiActionValidationTest.java
index 8fb8099783..82692b5fa3 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiActionValidationTest.java
@@ -11,13 +11,11 @@
import org.junit.Before;
import org.junit.Test;
-
+import org.mockito.Mockito;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.security.securityconf.impl.v7.ActionGroupsV7;
-import org.mockito.Mockito;
-
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.mockito.ArgumentMatchers.any;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiTest.java
index 46b730abac..fb166779ac 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiTest.java
@@ -17,7 +17,7 @@
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AllowlistApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AllowlistApiTest.java
index ccce614c07..78f0486003 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/AllowlistApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/AllowlistApiTest.java
@@ -14,10 +14,10 @@
import java.util.Map;
import java.util.stream.Collectors;
-import com.google.common.collect.ImmutableMap;
import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.collect.ImmutableMap;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
@@ -34,9 +34,9 @@
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
-import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
+import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED;
/**
* Testing class to verify that {@link AllowlistApiAction} works correctly.
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionRequestContentValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionRequestContentValidatorTest.java
index bc43b3a56a..2629e41a8a 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionRequestContentValidatorTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionRequestContentValidatorTest.java
@@ -11,14 +11,8 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.Map;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
import com.fasterxml.jackson.databind.InjectableValues;
import org.junit.Test;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.bytes.BytesArray;
import org.opensearch.core.rest.RestStatus;
@@ -28,6 +22,11 @@
import org.opensearch.security.compliance.ComplianceConfig;
import org.opensearch.security.util.FakeRestRequest;
+import java.io.IOException;
+import java.util.Map;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionTest.java
index ce72fe2cef..743ae90e77 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionTest.java
@@ -17,15 +17,15 @@
import java.util.Map;
import java.util.stream.Collectors;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.Streams;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.Streams;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.After;
import org.junit.Rule;
import org.junit.Test;
@@ -39,11 +39,11 @@
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.rest.RestHelper;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
import static org.opensearch.security.DefaultObjectMapper.readTree;
import static org.opensearch.security.DefaultObjectMapper.writeValueAsString;
import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
public class AuditApiActionTest extends AbstractRestApiUnitTest {
// admin cred with roles in test yml files
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionValidationTest.java
index 20a450285c..7ffbda2fce 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionValidationTest.java
@@ -11,10 +11,7 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.List;
-
import org.junit.Test;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.auditlog.config.AuditConfig;
@@ -22,6 +19,8 @@
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
import org.opensearch.security.util.FakeRestRequest;
+import java.util.List;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/DashboardsInfoActionTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/DashboardsInfoActionTest.java
index 46128f5a71..647e7a2a33 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/DashboardsInfoActionTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/DashboardsInfoActionTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.rest.api;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/FlushCacheApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/FlushCacheApiTest.java
index 120596f046..ee75ccc984 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/FlushCacheApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/FlushCacheApiTest.java
@@ -12,7 +12,7 @@
package org.opensearch.security.dlic.rest.api;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/GetConfigurationApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/GetConfigurationApiTest.java
index 09c4a762b5..8defebc6d1 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/GetConfigurationApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/GetConfigurationApiTest.java
@@ -12,7 +12,7 @@
package org.opensearch.security.dlic.rest.api;
import com.fasterxml.jackson.databind.JsonNode;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/IndexMissingTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/IndexMissingTest.java
index aefb0f2550..4632a3920f 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/IndexMissingTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/IndexMissingTest.java
@@ -12,7 +12,7 @@
package org.opensearch.security.dlic.rest.api;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/InternalUsersApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/InternalUsersApiActionValidationTest.java
index 773d356246..853117b8b4 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/InternalUsersApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/InternalUsersApiActionValidationTest.java
@@ -11,14 +11,11 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-
+import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
import org.junit.Before;
import org.junit.Test;
-import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
-
+import org.mockito.Mock;
+import org.mockito.Mockito;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.rest.RestRequest;
import org.opensearch.security.DefaultObjectMapper;
@@ -29,8 +26,9 @@
import org.opensearch.security.user.UserService;
import org.opensearch.security.util.FakeRestRequest;
-import org.mockito.Mock;
-import org.mockito.Mockito;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiTest.java
index 7132dcc491..8438338869 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiTest.java
@@ -12,7 +12,7 @@
package org.opensearch.security.dlic.rest.api;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Test;
import org.opensearch.security.support.ConfigConstants;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiActionValidationTest.java
index 822e29f976..99d2e55188 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiActionValidationTest.java
@@ -12,7 +12,6 @@
package org.opensearch.security.dlic.rest.api;
import org.junit.Test;
-
import org.opensearch.core.rest.RestStatus;
import static org.junit.Assert.assertEquals;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiTest.java
index 44c43863f9..c9b48241f3 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiTest.java
@@ -16,11 +16,11 @@
import java.util.Map;
import java.util.stream.Collectors;
-import com.google.common.collect.ImmutableMap;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.ImmutableMap;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RequestHandlersBuilderTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RequestHandlersBuilderTest.java
index d49bfbd25c..80a6c0115a 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/RequestHandlersBuilderTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/RequestHandlersBuilderTest.java
@@ -11,12 +11,12 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-import java.util.stream.Collectors;
-
import org.junit.Test;
import org.junit.runner.RunWith;
-
+import org.mockito.ArgumentCaptor;
+import org.mockito.Captor;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
import org.opensearch.client.Client;
import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.core.rest.RestStatus;
@@ -26,10 +26,8 @@
import org.opensearch.security.DefaultObjectMapper;
import org.opensearch.security.dlic.rest.validation.ValidationResult;
-import org.mockito.ArgumentCaptor;
-import org.mockito.Captor;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
+import java.io.IOException;
+import java.util.stream.Collectors;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotEquals;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RoleBasedAccessTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RoleBasedAccessTest.java
index cbd751e00c..7529176165 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/RoleBasedAccessTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/RoleBasedAccessTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.rest.api;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
@@ -22,10 +22,11 @@
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
+import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
+
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.allOf;
import static org.hamcrest.Matchers.hasItem;
-import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
public class RoleBasedAccessTest extends AbstractRestApiUnitTest {
private final String ENDPOINT;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionRequestContentValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionRequestContentValidatorTest.java
index b5a438c3f2..cab192093c 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionRequestContentValidatorTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionRequestContentValidatorTest.java
@@ -11,14 +11,13 @@
package org.opensearch.security.dlic.rest.api;
-import java.io.IOException;
-
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.junit.Test;
-
import org.opensearch.core.common.bytes.BytesArray;
import org.opensearch.security.util.FakeRestRequest;
+import java.io.IOException;
+
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionValidationTest.java
index 88a358dcb2..bff2056fa4 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionValidationTest.java
@@ -12,12 +12,10 @@
package org.opensearch.security.dlic.rest.api;
import org.junit.Test;
-
+import org.mockito.Mockito;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.securityconf.impl.v7.RoleV7;
-import org.mockito.Mockito;
-
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiTest.java
index 8b475ec776..8550b85979 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiTest.java
@@ -11,17 +11,14 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.List;
-
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.security.DefaultObjectMapper;
@@ -30,6 +27,8 @@
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
+import java.util.List;
+
import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiActionValidationTest.java
index 5c041989a6..8c1b6b9285 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiActionValidationTest.java
@@ -11,15 +11,14 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.List;
-import java.util.Map;
-
import org.junit.Before;
import org.junit.Test;
-
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.securityconf.impl.CType;
+import java.util.List;
+import java.util.Map;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiTest.java
index 8d9b76274c..077c852466 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiTest.java
@@ -17,7 +17,7 @@
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityApiAccessTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityApiAccessTest.java
index 81fad7d4ff..1580d07524 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityApiAccessTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityApiAccessTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.rest.api;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionTest.java
index 7b98494e1b..c4066d11a2 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionTest.java
@@ -12,7 +12,7 @@
package org.opensearch.security.dlic.rest.api;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionValidationTest.java
index a6832457b3..af80ad3a4d 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionValidationTest.java
@@ -12,16 +12,15 @@
package org.opensearch.security.dlic.rest.api;
import org.junit.Test;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.rest.RestRequest;
import org.opensearch.security.util.FakeRestRequest;
-import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED;
-import static org.opensearch.security.support.ConfigConstants.SECURITY_UNSUPPORTED_RESTAPI_ALLOW_SECURITYCONFIG_MODIFICATION;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.when;
+import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED;
+import static org.opensearch.security.support.ConfigConstants.SECURITY_UNSUPPORTED_RESTAPI_ALLOW_SECURITYCONFIG_MODIFICATION;
public class SecurityConfigApiActionValidationTest extends AbstractApiActionValidationTest {
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigurationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigurationTest.java
index a0f9cca833..67858261a4 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigurationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigurationTest.java
@@ -11,17 +11,16 @@
package org.opensearch.security.dlic.rest.api;
-import java.util.List;
-
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.Before;
import org.junit.Test;
-
import org.opensearch.security.DefaultObjectMapper;
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
import org.opensearch.security.securityconf.impl.v7.RoleV7;
+import java.util.List;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertThrows;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityHealthActionTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityHealthActionTest.java
index d7a6edfea9..e239050612 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityHealthActionTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityHealthActionTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.rest.api;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityInfoActionTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityInfoActionTest.java
index db27be85ee..0799525eb8 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityInfoActionTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityInfoActionTest.java
@@ -11,7 +11,7 @@
package org.opensearch.security.dlic.rest.api;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiActionValidationTest.java
index d59ccf116c..59fa37274b 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiActionValidationTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiActionValidationTest.java
@@ -12,17 +12,16 @@
package org.opensearch.security.dlic.rest.api;
import org.junit.Test;
-
import org.opensearch.core.rest.RestStatus;
import org.opensearch.rest.RestRequest;
import org.opensearch.security.util.FakeRestRequest;
-import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.CERTS_INFO_ACTION;
-import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.RELOAD_CERTS_ACTION;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.when;
+import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.CERTS_INFO_ACTION;
+import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.RELOAD_CERTS_ACTION;
public class SecuritySSLCertsApiActionValidationTest extends AbstractApiActionValidationTest {
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SslCertsApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SslCertsApiTest.java
index 75e1e59b0a..b821f98dfb 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/SslCertsApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/SslCertsApiTest.java
@@ -14,11 +14,11 @@
import java.util.List;
import java.util.Map;
+import com.fasterxml.jackson.core.JsonProcessingException;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
-import com.fasterxml.jackson.core.JsonProcessingException;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/TenantInfoActionTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/TenantInfoActionTest.java
index 2c6a45faf7..2e47aae556 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/TenantInfoActionTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/TenantInfoActionTest.java
@@ -12,7 +12,7 @@
package org.opensearch.security.dlic.rest.api;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/UserApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/UserApiTest.java
index ca467801f0..8491e71019 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/UserApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/UserApiTest.java
@@ -21,8 +21,8 @@
import com.fasterxml.jackson.databind.JsonNode;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Test;
@@ -37,7 +37,6 @@
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse;
import org.opensearch.security.user.UserService;
-
import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
@@ -47,10 +46,10 @@
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.equalTo;
+import static org.junit.Assert.assertNotEquals;
import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
import static org.opensearch.security.dlic.rest.api.InternalUsersApiAction.RESTRICTED_FROM_USERNAME;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED;
-import static org.junit.Assert.assertNotEquals;
public class UserApiTest extends AbstractRestApiUnitTest {
private final String ENDPOINT;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/WhitelistApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/WhitelistApiTest.java
index b9b3cf50b8..13ba0394e8 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/api/WhitelistApiTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/api/WhitelistApiTest.java
@@ -14,10 +14,10 @@
import java.util.Map;
import java.util.stream.Collectors;
-import com.google.common.collect.ImmutableMap;
import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.collect.ImmutableMap;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
@@ -34,9 +34,9 @@
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
-import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
+import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;
/**
* Testing class to verify that {@link WhitelistApiAction} works correctly.
diff --git a/src/test/java/org/opensearch/security/dlic/rest/validation/EndpointValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/validation/EndpointValidatorTest.java
index 389c2b6ff4..8e3d6f5e70 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/validation/EndpointValidatorTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/validation/EndpointValidatorTest.java
@@ -11,14 +11,13 @@
package org.opensearch.security.dlic.rest.validation;
-import java.io.IOException;
-import java.util.List;
-
import org.apache.commons.lang3.tuple.Triple;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.junit.MockitoJUnitRunner;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.DefaultObjectMapper;
import org.opensearch.security.dlic.rest.api.Endpoint;
@@ -29,9 +28,8 @@
import org.opensearch.security.securityconf.impl.v7.ActionGroupsV7;
import org.opensearch.security.securityconf.impl.v7.RoleV7;
-import org.mockito.Mock;
-import org.mockito.Mockito;
-import org.mockito.junit.MockitoJUnitRunner;
+import java.io.IOException;
+import java.util.List;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
diff --git a/src/test/java/org/opensearch/security/dlic/rest/validation/PasswordValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/validation/PasswordValidatorTest.java
index c623140c3f..22bdea982f 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/validation/PasswordValidatorTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/validation/PasswordValidatorTest.java
@@ -18,10 +18,10 @@
import org.opensearch.common.settings.Settings;
+import static org.junit.Assert.assertEquals;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_MIN_LENGTH;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_SCORE_BASED_VALIDATION_STRENGTH;
import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_REGEX;
-import static org.junit.Assert.assertEquals;
public class PasswordValidatorTest {
diff --git a/src/test/java/org/opensearch/security/dlic/rest/validation/RequestContentValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/validation/RequestContentValidatorTest.java
index 429bd67b3f..7f12dc2e72 100644
--- a/src/test/java/org/opensearch/security/dlic/rest/validation/RequestContentValidatorTest.java
+++ b/src/test/java/org/opensearch/security/dlic/rest/validation/RequestContentValidatorTest.java
@@ -11,20 +11,16 @@
package org.opensearch.security.dlic.rest.validation;
-import java.io.IOException;
-import java.util.Collections;
-import java.util.Map;
-import java.util.Set;
-
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.NullNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.core.common.bytes.BytesArray;
@@ -35,8 +31,10 @@
import org.opensearch.rest.RestRequest;
import org.opensearch.security.DefaultObjectMapper;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
+import java.io.IOException;
+import java.util.Collections;
+import java.util.Map;
+import java.util.Set;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
diff --git a/src/test/java/org/opensearch/security/filter/DelegatingRestHandlerTests.java b/src/test/java/org/opensearch/security/filter/DelegatingRestHandlerTests.java
index 236ac99ca6..2afb285874 100644
--- a/src/test/java/org/opensearch/security/filter/DelegatingRestHandlerTests.java
+++ b/src/test/java/org/opensearch/security/filter/DelegatingRestHandlerTests.java
@@ -8,14 +8,7 @@
package org.opensearch.security.filter;
-import java.lang.reflect.Method;
-import java.lang.reflect.Modifier;
-import java.util.Arrays;
-import java.util.List;
-import java.util.stream.Collectors;
-
import org.junit.Test;
-
import org.opensearch.client.node.NodeClient;
import org.opensearch.core.common.bytes.BytesArray;
import org.opensearch.core.rest.RestStatus;
@@ -24,6 +17,12 @@
import org.opensearch.rest.RestHandler;
import org.opensearch.rest.RestRequest;
+import java.lang.reflect.Method;
+import java.lang.reflect.Modifier;
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Collectors;
+
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.times;
diff --git a/src/test/java/org/opensearch/security/filter/RestPathMatchesTests.java b/src/test/java/org/opensearch/security/filter/RestPathMatchesTests.java
index fd686bf857..eed095c9b6 100644
--- a/src/test/java/org/opensearch/security/filter/RestPathMatchesTests.java
+++ b/src/test/java/org/opensearch/security/filter/RestPathMatchesTests.java
@@ -8,12 +8,12 @@
package org.opensearch.security.filter;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-
import org.junit.Before;
import org.junit.Test;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.mockito.Mockito.mock;
diff --git a/src/test/java/org/opensearch/security/filter/SecurityFilterTests.java b/src/test/java/org/opensearch/security/filter/SecurityFilterTests.java
index 4f90a0865a..58a12a84a8 100644
--- a/src/test/java/org/opensearch/security/filter/SecurityFilterTests.java
+++ b/src/test/java/org/opensearch/security/filter/SecurityFilterTests.java
@@ -18,12 +18,13 @@
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
+import org.mockito.ArgumentCaptor;
import org.opensearch.OpenSearchSecurityException;
-import org.opensearch.cluster.service.ClusterService;
-import org.opensearch.common.settings.Settings;
import org.opensearch.core.action.ActionListener;
import org.opensearch.core.action.ActionResponse;
+import org.opensearch.cluster.service.ClusterService;
+import org.opensearch.common.settings.Settings;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.configuration.AdminDNs;
import org.opensearch.security.configuration.CompatConfig;
@@ -35,8 +36,6 @@
import org.opensearch.security.support.WildcardMatcher;
import org.opensearch.threadpool.ThreadPool;
-import org.mockito.ArgumentCaptor;
-
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.equalTo;
diff --git a/src/test/java/org/opensearch/security/filter/SecurityRestFilterTests.java b/src/test/java/org/opensearch/security/filter/SecurityRestFilterTests.java
index 5adcadb1f2..b46c5a6e32 100644
--- a/src/test/java/org/opensearch/security/filter/SecurityRestFilterTests.java
+++ b/src/test/java/org/opensearch/security/filter/SecurityRestFilterTests.java
@@ -12,7 +12,7 @@
package org.opensearch.security.filter;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Test;
import org.opensearch.security.dlic.rest.api.AbstractRestApiUnitTest;
diff --git a/src/test/java/org/opensearch/security/filter/SecurityRestFilterUnitTests.java b/src/test/java/org/opensearch/security/filter/SecurityRestFilterUnitTests.java
index 1727fddcc3..1f3bca4705 100644
--- a/src/test/java/org/opensearch/security/filter/SecurityRestFilterUnitTests.java
+++ b/src/test/java/org/opensearch/security/filter/SecurityRestFilterUnitTests.java
@@ -11,11 +11,8 @@
package org.opensearch.security.filter;
-import java.nio.file.Path;
-
import org.junit.Before;
import org.junit.Test;
-
import org.opensearch.client.node.NodeClient;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
@@ -33,6 +30,8 @@
import org.opensearch.security.ssl.transport.PrincipalExtractor;
import org.opensearch.threadpool.ThreadPool;
+import java.nio.file.Path;
+
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.mockito.ArgumentMatchers.any;
diff --git a/src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java b/src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java
index 46b0e82f2a..0424d780ef 100644
--- a/src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java
+++ b/src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java
@@ -1,13 +1,11 @@
package org.opensearch.security.filter;
-import org.junit.Test;
-
-import org.opensearch.http.netty4.Netty4HttpChannel;
-
import io.netty.handler.codec.http.DefaultFullHttpRequest;
import io.netty.handler.codec.http.FullHttpRequest;
import io.netty.handler.codec.http.HttpMethod;
import io.netty.handler.codec.http.HttpVersion;
+import org.junit.Test;
+import org.opensearch.http.netty4.Netty4HttpChannel;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java b/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java
index 672738326d..9f2c5ad48a 100644
--- a/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java
+++ b/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java
@@ -12,19 +12,24 @@
package org.opensearch.security.http;
import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
import java.util.Base64;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
import java.util.Map;
-import java.util.Optional;
import java.util.Set;
+import java.util.List;
+import java.util.HashSet;
+import java.util.Arrays;
+import java.util.Optional;
+
import javax.crypto.SecretKey;
import com.google.common.io.BaseEncoding;
+import io.jsonwebtoken.JwtBuilder;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.hc.core5.http.HttpHeaders;
import org.apache.logging.log4j.Level;
@@ -34,6 +39,7 @@
import org.apache.logging.log4j.core.Logger;
import org.junit.Test;
+import org.mockito.ArgumentCaptor;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.SpecialPermission;
import org.opensearch.common.settings.Settings;
@@ -43,15 +49,7 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.util.FakeRestRequest;
-import io.jsonwebtoken.JwtBuilder;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.security.Keys;
-import org.mockito.ArgumentCaptor;
-
import static org.hamcrest.Matchers.equalTo;
-import static org.opensearch.rest.RestRequest.Method.POST;
-import static org.opensearch.rest.RestRequest.Method.PUT;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
@@ -66,6 +64,8 @@
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.opensearch.rest.RestRequest.Method.POST;
+import static org.opensearch.rest.RestRequest.Method.PUT;
public class OnBehalfOfAuthenticatorTest {
final static String clusterName = "cluster_0";
diff --git a/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java b/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java
index 6644f8ce73..f7a2011a68 100644
--- a/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java
+++ b/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java
@@ -36,17 +36,17 @@
import org.junit.Test;
import org.opensearch.OpenSearchSecurityException;
-import org.opensearch.common.settings.Settings;
-import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.action.ActionListener;
import org.opensearch.core.common.bytes.BytesReference;
-import org.opensearch.core.rest.RestStatus;
+import org.opensearch.common.settings.Settings;
+import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.http.HttpChannel;
import org.opensearch.http.HttpRequest;
import org.opensearch.http.HttpResponse;
import org.opensearch.rest.RestRequest;
import org.opensearch.rest.RestRequest.Method;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.filter.SecurityRequestChannel;
import org.opensearch.security.filter.SecurityRequestFactory;
import org.opensearch.security.support.ConfigConstants;
diff --git a/src/test/java/org/opensearch/security/identity/SecurityTokenManagerTest.java b/src/test/java/org/opensearch/security/identity/SecurityTokenManagerTest.java
index d686b145b2..bc3f3f9732 100644
--- a/src/test/java/org/opensearch/security/identity/SecurityTokenManagerTest.java
+++ b/src/test/java/org/opensearch/security/identity/SecurityTokenManagerTest.java
@@ -19,7 +19,8 @@
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.cluster.ClusterName;
import org.opensearch.cluster.service.ClusterService;
@@ -37,18 +38,16 @@
import org.opensearch.security.user.UserService;
import org.opensearch.threadpool.ThreadPool;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
-
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
+
import static org.junit.Assert.assertThrows;
+import static org.mockito.Mockito.doAnswer;
+import static org.mockito.Mockito.mock;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyBoolean;
import static org.mockito.ArgumentMatchers.anyLong;
import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.Mockito.doAnswer;
-import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
diff --git a/src/test/java/org/opensearch/security/multitenancy/test/MultitenancyTests.java b/src/test/java/org/opensearch/security/multitenancy/test/MultitenancyTests.java
index b66902f4b9..0a785d7b80 100644
--- a/src/test/java/org/opensearch/security/multitenancy/test/MultitenancyTests.java
+++ b/src/test/java/org/opensearch/security/multitenancy/test/MultitenancyTests.java
@@ -14,8 +14,8 @@
import java.util.Map;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/multitenancy/test/TenancyMultitenancyEnabledTests.java b/src/test/java/org/opensearch/security/multitenancy/test/TenancyMultitenancyEnabledTests.java
index b25a50d934..32b9bb2156 100644
--- a/src/test/java/org/opensearch/security/multitenancy/test/TenancyMultitenancyEnabledTests.java
+++ b/src/test/java/org/opensearch/security/multitenancy/test/TenancyMultitenancyEnabledTests.java
@@ -12,8 +12,8 @@
package org.opensearch.security.multitenancy.test;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Test;
import org.opensearch.common.settings.Settings;
diff --git a/src/test/java/org/opensearch/security/multitenancy/test/TenancyPrivateTenantEnabledTests.java b/src/test/java/org/opensearch/security/multitenancy/test/TenancyPrivateTenantEnabledTests.java
index 1af102802f..4f2d2c3505 100644
--- a/src/test/java/org/opensearch/security/multitenancy/test/TenancyPrivateTenantEnabledTests.java
+++ b/src/test/java/org/opensearch/security/multitenancy/test/TenancyPrivateTenantEnabledTests.java
@@ -12,8 +12,8 @@
package org.opensearch.security.multitenancy.test;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.message.BasicHeader;
+import org.apache.http.HttpStatus;
import org.junit.Test;
import org.opensearch.common.settings.Settings;
diff --git a/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorTest.java b/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorTest.java
index 4f25c71d66..d5a26024a9 100644
--- a/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorTest.java
+++ b/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorTest.java
@@ -12,7 +12,7 @@
package org.opensearch.security.privileges;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
diff --git a/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorUnitTest.java b/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorUnitTest.java
index 03ea9fc264..811c817b65 100644
--- a/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorUnitTest.java
+++ b/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorUnitTest.java
@@ -8,17 +8,17 @@
package org.opensearch.security.privileges;
-import java.util.List;
-
import com.google.common.collect.ImmutableList;
import org.junit.Test;
+import java.util.List;
+
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
-import static org.opensearch.security.privileges.PrivilegesEvaluator.DNFOF_MATCHER;
-import static org.opensearch.security.privileges.PrivilegesEvaluator.isClusterPerm;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
+import static org.opensearch.security.privileges.PrivilegesEvaluator.DNFOF_MATCHER;
+import static org.opensearch.security.privileges.PrivilegesEvaluator.isClusterPerm;
public class PrivilegesEvaluatorUnitTest {
diff --git a/src/test/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluatorTest.java b/src/test/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluatorTest.java
index c374a10c24..2f6189bab2 100644
--- a/src/test/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluatorTest.java
+++ b/src/test/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluatorTest.java
@@ -23,7 +23,9 @@
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.quality.Strictness;
import org.opensearch.OpenSearchSecurityException;
import org.opensearch.cluster.node.DiscoveryNode;
import org.opensearch.cluster.service.ClusterService;
@@ -34,12 +36,8 @@
import org.opensearch.security.user.User;
import org.opensearch.threadpool.ThreadPool;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
-import org.mockito.quality.Strictness;
-
-import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.MatcherAssert.assertThat;
import static org.junit.Assert.assertThrows;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
diff --git a/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java b/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java
index 6def646981..dc95a0dbe0 100644
--- a/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java
+++ b/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java
@@ -11,17 +11,13 @@
package org.opensearch.security.privileges;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.List;
-import java.util.Set;
-
import com.google.common.collect.ImmutableSet;
import org.apache.logging.log4j.Logger;
import org.junit.After;
import org.junit.Test;
import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
import org.opensearch.action.ActionRequest;
import org.opensearch.action.get.MultiGetRequest;
@@ -40,12 +36,14 @@
import org.opensearch.security.user.User;
import org.opensearch.tasks.Task;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.util.List;
+import java.util.Set;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.is;
-import static org.opensearch.security.support.ConfigConstants.SYSTEM_INDEX_PERMISSION;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
@@ -54,6 +52,7 @@
import static org.mockito.Mockito.verifyNoInteractions;
import static org.mockito.Mockito.verifyNoMoreInteractions;
import static org.mockito.Mockito.when;
+import static org.opensearch.security.support.ConfigConstants.SYSTEM_INDEX_PERMISSION;
@RunWith(MockitoJUnitRunner.class)
public class SecurityIndexAccessEvaluatorTest {
diff --git a/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java b/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java
index bc4cc18f61..109d379def 100644
--- a/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java
+++ b/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java
@@ -31,7 +31,7 @@
import java.util.List;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Test;
import org.opensearch.action.admin.cluster.repositories.put.PutRepositoryRequest;
@@ -46,9 +46,9 @@
import org.opensearch.common.settings.Settings;
import org.opensearch.common.xcontent.LoggingDeprecationHandler;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.core.xcontent.XContentParser;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.test.DynamicSecurityConfig;
import org.opensearch.security.test.SingleClusterTest;
diff --git a/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsTest.java b/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsTest.java
index f469d1989c..9d104381a6 100644
--- a/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsTest.java
+++ b/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsTest.java
@@ -35,12 +35,13 @@
import java.util.stream.Collectors;
import java.util.stream.Stream;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
import org.junit.Assert;
import org.junit.Test;
+import org.mockito.Mockito;
import org.opensearch.common.settings.Settings;
import org.opensearch.security.DefaultObjectMapper;
@@ -49,8 +50,6 @@
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
-import org.mockito.Mockito;
-
import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.CERTS_INFO_ACTION;
import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.ENDPOINTS_WITH_PERMISSIONS;
import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.RELOAD_CERTS_ACTION;
diff --git a/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsV6Test.java b/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsV6Test.java
index ace182bcda..edf5a7533b 100644
--- a/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsV6Test.java
+++ b/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsV6Test.java
@@ -11,20 +11,14 @@
package org.opensearch.security.securityconf;
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
-import java.util.TreeMap;
-
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
import org.junit.Assert;
import org.junit.Test;
-
+import org.mockito.quality.Strictness;
import org.opensearch.action.support.IndicesOptions;
import org.opensearch.cluster.ClusterState;
import org.opensearch.cluster.metadata.IndexAbstraction;
@@ -39,7 +33,11 @@
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.user.User;
-import org.mockito.quality.Strictness;
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.TreeMap;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.mock;
diff --git a/src/test/java/org/opensearch/security/securityconf/impl/v6/ConfigV6Test.java b/src/test/java/org/opensearch/security/securityconf/impl/v6/ConfigV6Test.java
index 2983fc6064..f9febb3bda 100644
--- a/src/test/java/org/opensearch/security/securityconf/impl/v6/ConfigV6Test.java
+++ b/src/test/java/org/opensearch/security/securityconf/impl/v6/ConfigV6Test.java
@@ -11,8 +11,8 @@
package org.opensearch.security.securityconf.impl.v6;
-import com.google.common.collect.ImmutableList;
import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.collect.ImmutableList;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
diff --git a/src/test/java/org/opensearch/security/securityconf/impl/v7/ConfigV7Test.java b/src/test/java/org/opensearch/security/securityconf/impl/v7/ConfigV7Test.java
index 542ce878bd..07d446074c 100644
--- a/src/test/java/org/opensearch/security/securityconf/impl/v7/ConfigV7Test.java
+++ b/src/test/java/org/opensearch/security/securityconf/impl/v7/ConfigV7Test.java
@@ -11,8 +11,8 @@
package org.opensearch.security.securityconf.impl.v7;
-import com.google.common.collect.ImmutableList;
import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.collect.ImmutableList;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
diff --git a/src/test/java/org/opensearch/security/securityconf/impl/v7/IndexPatternTests.java b/src/test/java/org/opensearch/security/securityconf/impl/v7/IndexPatternTests.java
index 513e5bb2cc..2b95a6e84c 100644
--- a/src/test/java/org/opensearch/security/securityconf/impl/v7/IndexPatternTests.java
+++ b/src/test/java/org/opensearch/security/securityconf/impl/v7/IndexPatternTests.java
@@ -20,6 +20,9 @@
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.quality.Strictness;
import org.opensearch.action.support.IndicesOptions;
import org.opensearch.cluster.ClusterState;
@@ -31,10 +34,6 @@
import org.opensearch.security.securityconf.ConfigModelV7.IndexPattern;
import org.opensearch.security.user.User;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
-import org.mockito.quality.Strictness;
-
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.contains;
import static org.junit.Assert.assertThrows;
diff --git a/src/test/java/org/opensearch/security/setting/DeprecatedSettingsTest.java b/src/test/java/org/opensearch/security/setting/DeprecatedSettingsTest.java
index a0f9558228..143efe9b11 100644
--- a/src/test/java/org/opensearch/security/setting/DeprecatedSettingsTest.java
+++ b/src/test/java/org/opensearch/security/setting/DeprecatedSettingsTest.java
@@ -9,20 +9,19 @@
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
import org.opensearch.common.logging.DeprecationLogger;
import org.opensearch.common.settings.Settings;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
-
-import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyNoInteractions;
import static org.mockito.Mockito.verifyNoMoreInteractions;
+import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting;
@RunWith(MockitoJUnitRunner.class)
public class DeprecatedSettingsTest {
diff --git a/src/test/java/org/opensearch/security/ssl/OpenSSLTest.java b/src/test/java/org/opensearch/security/ssl/OpenSSLTest.java
index 1758d7dc9c..3568cf738b 100644
--- a/src/test/java/org/opensearch/security/ssl/OpenSSLTest.java
+++ b/src/test/java/org/opensearch/security/ssl/OpenSSLTest.java
@@ -22,6 +22,8 @@
import java.util.Set;
import com.google.common.collect.Lists;
+import io.netty.handler.ssl.OpenSsl;
+import io.netty.util.internal.PlatformDependent;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Assume;
@@ -44,9 +46,6 @@
import org.opensearch.security.test.helper.rest.RestHelper;
import org.opensearch.transport.Netty4ModulePlugin;
-import io.netty.handler.ssl.OpenSsl;
-import io.netty.util.internal.PlatformDependent;
-
public class OpenSSLTest extends SSLTest {
private static final String USE_NETTY_DEFAULT_ALLOCATOR_PROPERTY = "opensearch.unsafe.use_netty_default_allocator";
private static String USE_NETTY_DEFAULT_ALLOCATOR;
diff --git a/src/test/java/org/opensearch/security/ssl/SSLTest.java b/src/test/java/org/opensearch/security/ssl/SSLTest.java
index b5135ebdb0..5272af5781 100644
--- a/src/test/java/org/opensearch/security/ssl/SSLTest.java
+++ b/src/test/java/org/opensearch/security/ssl/SSLTest.java
@@ -24,12 +24,14 @@
import java.util.Arrays;
import java.util.List;
import java.util.Random;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import com.google.common.collect.Lists;
+import io.netty.util.internal.PlatformDependent;
import org.apache.hc.core5.http.NoHttpResponseException;
import org.apache.lucene.util.Constants;
import org.junit.Assert;
@@ -62,8 +64,6 @@
import org.opensearch.security.test.helper.rest.RestHelper;
import org.opensearch.transport.Netty4ModulePlugin;
-import io.netty.util.internal.PlatformDependent;
-
import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_KEYPASSWORD;
import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_PEMKEY_PASSWORD;
import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_KEYPASSWORD;
diff --git a/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java b/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java
index fe201fc2e8..0376253b06 100644
--- a/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java
+++ b/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java
@@ -11,11 +11,6 @@
package org.opensearch.security.ssl;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-import java.util.Objects;
-
import com.fasterxml.jackson.databind.JsonNode;
import org.junit.After;
import org.junit.Assert;
@@ -23,7 +18,6 @@
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
-
import org.opensearch.common.settings.Settings;
import org.opensearch.security.DefaultObjectMapper;
import org.opensearch.security.ssl.util.SSLConfigConstants;
@@ -34,6 +28,11 @@
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.rest.RestHelper;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+
public class SecuritySSLReloadCertsActionTests extends SingleClusterTest {
private final ClusterConfiguration clusterConfiguration = ClusterConfiguration.DEFAULT;
diff --git a/src/test/java/org/opensearch/security/ssl/transport/DualModeSSLHandlerTests.java b/src/test/java/org/opensearch/security/ssl/transport/DualModeSSLHandlerTests.java
index e71e77d414..79d53f4d7b 100644
--- a/src/test/java/org/opensearch/security/ssl/transport/DualModeSSLHandlerTests.java
+++ b/src/test/java/org/opensearch/security/ssl/transport/DualModeSSLHandlerTests.java
@@ -14,22 +14,21 @@
import java.util.ArrayList;
import java.util.List;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import org.opensearch.security.ssl.SecurityKeyStore;
-import org.opensearch.security.ssl.util.SSLConnectionTestUtil;
-
import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufAllocator;
import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelPipeline;
import io.netty.handler.ssl.SslHandler;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
import org.mockito.ArgumentCaptor;
import org.mockito.Mockito;
+import org.opensearch.security.ssl.SecurityKeyStore;
+import org.opensearch.security.ssl.util.SSLConnectionTestUtil;
+
import static org.opensearch.transport.NettyAllocator.getAllocator;
public class DualModeSSLHandlerTests {
diff --git a/src/test/java/org/opensearch/security/ssl/util/SSLConnectionTestUtilTests.java b/src/test/java/org/opensearch/security/ssl/util/SSLConnectionTestUtilTests.java
index be9617b868..98ee95a90b 100644
--- a/src/test/java/org/opensearch/security/ssl/util/SSLConnectionTestUtilTests.java
+++ b/src/test/java/org/opensearch/security/ssl/util/SSLConnectionTestUtilTests.java
@@ -20,7 +20,6 @@
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
-
import org.mockito.ArgumentCaptor;
import org.mockito.Mockito;
diff --git a/src/test/java/org/opensearch/security/ssl/util/TLSUtilTests.java b/src/test/java/org/opensearch/security/ssl/util/TLSUtilTests.java
index 03d8b869ca..c77f05b39f 100644
--- a/src/test/java/org/opensearch/security/ssl/util/TLSUtilTests.java
+++ b/src/test/java/org/opensearch/security/ssl/util/TLSUtilTests.java
@@ -10,13 +10,12 @@
*/
package org.opensearch.security.ssl.util;
+import io.netty.buffer.ByteBuf;
+import io.netty.buffer.ByteBufAllocator;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
-import io.netty.buffer.ByteBuf;
-import io.netty.buffer.ByteBufAllocator;
-
import static org.opensearch.transport.NettyAllocator.getAllocator;
public class TLSUtilTests {
diff --git a/src/test/java/org/opensearch/security/support/Base64CustomHelperTest.java b/src/test/java/org/opensearch/security/support/Base64CustomHelperTest.java
index afba688af7..e35e1d72ba 100644
--- a/src/test/java/org/opensearch/security/support/Base64CustomHelperTest.java
+++ b/src/test/java/org/opensearch/security/support/Base64CustomHelperTest.java
@@ -11,15 +11,10 @@
package org.opensearch.security.support;
-import java.io.Serializable;
-import java.net.InetSocketAddress;
-import java.time.ZonedDateTime;
-import java.util.ArrayList;
-import java.util.HashMap;
-
+import com.amazon.dlic.auth.ldap.LdapUser;
import org.junit.Assert;
import org.junit.Test;
-
+import org.ldaptive.LdapEntry;
import org.opensearch.OpenSearchException;
import org.opensearch.action.search.SearchRequest;
import org.opensearch.core.common.io.stream.StreamOutput;
@@ -28,8 +23,11 @@
import org.opensearch.security.user.AuthCredentials;
import org.opensearch.security.user.User;
-import com.amazon.dlic.auth.ldap.LdapUser;
-import org.ldaptive.LdapEntry;
+import java.io.Serializable;
+import java.net.InetSocketAddress;
+import java.time.ZonedDateTime;
+import java.util.ArrayList;
+import java.util.HashMap;
import static org.opensearch.security.support.Base64CustomHelper.deserializeObject;
import static org.opensearch.security.support.Base64CustomHelper.serializeObject;
diff --git a/src/test/java/org/opensearch/security/support/Base64JDKHelperTest.java b/src/test/java/org/opensearch/security/support/Base64JDKHelperTest.java
index 4aab76bbae..341c4a8659 100644
--- a/src/test/java/org/opensearch/security/support/Base64JDKHelperTest.java
+++ b/src/test/java/org/opensearch/security/support/Base64JDKHelperTest.java
@@ -11,6 +11,10 @@
package org.opensearch.security.support;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.assertThrows;
+import static org.hamcrest.Matchers.containsString;
+
import java.io.ByteArrayOutputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
@@ -18,10 +22,9 @@
import java.util.ArrayList;
import java.util.HashMap;
-import com.google.common.io.BaseEncoding;
import org.junit.Assert;
import org.junit.Test;
-
+import org.ldaptive.LdapEntry;
import org.opensearch.OpenSearchException;
import org.opensearch.action.search.SearchRequest;
import org.opensearch.security.auth.UserInjector;
@@ -29,11 +32,7 @@
import org.opensearch.security.user.User;
import com.amazon.dlic.auth.ldap.LdapUser;
-import org.ldaptive.LdapEntry;
-
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.containsString;
-import static org.junit.Assert.assertThrows;
+import com.google.common.io.BaseEncoding;
public class Base64JDKHelperTest {
private static final class NotSafeSerializable implements Serializable {
diff --git a/src/test/java/org/opensearch/security/support/StreamableRegistryTest.java b/src/test/java/org/opensearch/security/support/StreamableRegistryTest.java
index e1959d3e19..13f2448b30 100644
--- a/src/test/java/org/opensearch/security/support/StreamableRegistryTest.java
+++ b/src/test/java/org/opensearch/security/support/StreamableRegistryTest.java
@@ -11,13 +11,12 @@
package org.opensearch.security.support;
-import java.net.InetSocketAddress;
-
import org.junit.Assert;
import org.junit.Test;
-
import org.opensearch.OpenSearchException;
+import java.net.InetSocketAddress;
+
public class StreamableRegistryTest {
StreamableRegistry streamableRegistry = StreamableRegistry.getInstance();
diff --git a/src/test/java/org/opensearch/security/system_indices/AbstractSystemIndicesTests.java b/src/test/java/org/opensearch/security/system_indices/AbstractSystemIndicesTests.java
index 2e2e71e082..5dcc050a37 100644
--- a/src/test/java/org/opensearch/security/system_indices/AbstractSystemIndicesTests.java
+++ b/src/test/java/org/opensearch/security/system_indices/AbstractSystemIndicesTests.java
@@ -15,9 +15,9 @@
import java.util.List;
import org.apache.hc.core5.http.Header;
+
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
-
import org.opensearch.action.admin.cluster.repositories.put.PutRepositoryRequest;
import org.opensearch.action.admin.cluster.snapshots.create.CreateSnapshotRequest;
import org.opensearch.action.admin.indices.create.CreateIndexRequest;
@@ -28,15 +28,14 @@
import org.opensearch.common.settings.Settings;
import org.opensearch.common.xcontent.LoggingDeprecationHandler;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.rest.RestStatus;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.core.xcontent.XContentParser;
+import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.test.DynamicSecurityConfig;
import org.opensearch.security.test.SingleClusterTest;
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.rest.RestHelper;
-
import static org.junit.Assert.assertEquals;
/**
diff --git a/src/test/java/org/opensearch/security/system_indices/SystemIndexDisabledTests.java b/src/test/java/org/opensearch/security/system_indices/SystemIndexDisabledTests.java
index 9415634596..86e9dd4a68 100644
--- a/src/test/java/org/opensearch/security/system_indices/SystemIndexDisabledTests.java
+++ b/src/test/java/org/opensearch/security/system_indices/SystemIndexDisabledTests.java
@@ -11,18 +11,17 @@
package org.opensearch.security.system_indices;
-import java.io.IOException;
-
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Before;
import org.junit.Test;
-
import org.opensearch.action.admin.indices.close.CloseIndexRequest;
import org.opensearch.client.Client;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.test.helper.rest.RestHelper;
+import java.io.IOException;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
diff --git a/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionDisabledTests.java b/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionDisabledTests.java
index 25514c4118..3d0fbf2108 100644
--- a/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionDisabledTests.java
+++ b/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionDisabledTests.java
@@ -11,18 +11,17 @@
package org.opensearch.security.system_indices;
-import java.io.IOException;
-
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Before;
import org.junit.Test;
-
import org.opensearch.action.admin.indices.close.CloseIndexRequest;
import org.opensearch.client.Client;
import org.opensearch.core.rest.RestStatus;
import org.opensearch.security.test.helper.rest.RestHelper;
+import java.io.IOException;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
diff --git a/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionEnabledTests.java b/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionEnabledTests.java
index 766db1eca8..6a04932f30 100644
--- a/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionEnabledTests.java
+++ b/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionEnabledTests.java
@@ -12,10 +12,9 @@
package org.opensearch.security.system_indices;
import org.apache.hc.core5.http.Header;
-import org.apache.hc.core5.http.HttpStatus;
+import org.apache.http.HttpStatus;
import org.junit.Before;
import org.junit.Test;
-
import org.opensearch.action.admin.indices.close.CloseIndexRequest;
import org.opensearch.client.Client;
import org.opensearch.core.rest.RestStatus;
diff --git a/src/test/java/org/opensearch/security/test/AbstractSecurityUnitTest.java b/src/test/java/org/opensearch/security/test/AbstractSecurityUnitTest.java
index e05d1ffe8a..6ca6c65d91 100644
--- a/src/test/java/org/opensearch/security/test/AbstractSecurityUnitTest.java
+++ b/src/test/java/org/opensearch/security/test/AbstractSecurityUnitTest.java
@@ -36,6 +36,7 @@
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicLong;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
@@ -44,6 +45,7 @@
import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
+import io.netty.handler.ssl.OpenSsl;
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
import org.apache.hc.client5.http.nio.AsyncClientConnectionManager;
import org.apache.hc.client5.http.ssl.ClientTlsStrategyBuilder;
@@ -92,8 +94,6 @@
import org.opensearch.security.test.helper.rules.SecurityTestWatcher;
import org.opensearch.threadpool.ThreadPool;
-import io.netty.handler.ssl.OpenSsl;
-
/*
* There are real thread leaks during test execution, not all threads are
* properly waited on or interrupted. While this normally doesn't create test
diff --git a/src/test/java/org/opensearch/security/test/helper/cluster/ClusterHelper.java b/src/test/java/org/opensearch/security/test/helper/cluster/ClusterHelper.java
index 27668d2657..f3bfc1c110 100644
--- a/src/test/java/org/opensearch/security/test/helper/cluster/ClusterHelper.java
+++ b/src/test/java/org/opensearch/security/test/helper/cluster/ClusterHelper.java
@@ -59,9 +59,9 @@
import org.opensearch.cluster.health.ClusterHealthStatus;
import org.opensearch.cluster.node.DiscoveryNodeRole;
import org.opensearch.common.settings.Settings;
+import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.common.unit.TimeValue;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.http.HttpInfo;
import org.opensearch.node.Node;
import org.opensearch.node.PluginAwareNode;
diff --git a/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java b/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java
index dbab0a4ad9..d243e3c10c 100644
--- a/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java
+++ b/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java
@@ -47,10 +47,10 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.common.io.Streams;
import org.opensearch.common.xcontent.XContentFactory;
import org.opensearch.common.xcontent.XContentType;
-import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.core.xcontent.NamedXContentRegistry;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.core.xcontent.XContentParser;
diff --git a/src/test/java/org/opensearch/security/test/helper/network/SocketUtils.java b/src/test/java/org/opensearch/security/test/helper/network/SocketUtils.java
index c1758510a0..b9f014960c 100644
--- a/src/test/java/org/opensearch/security/test/helper/network/SocketUtils.java
+++ b/src/test/java/org/opensearch/security/test/helper/network/SocketUtils.java
@@ -48,6 +48,7 @@
import java.util.Random;
import java.util.SortedSet;
import java.util.TreeSet;
+
import javax.net.ServerSocketFactory;
/**
diff --git a/src/test/java/org/opensearch/security/test/helper/rest/RestHelper.java b/src/test/java/org/opensearch/security/test/helper/rest/RestHelper.java
index 43e7afc559..03a5d5ca16 100644
--- a/src/test/java/org/opensearch/security/test/helper/rest/RestHelper.java
+++ b/src/test/java/org/opensearch/security/test/helper/rest/RestHelper.java
@@ -38,6 +38,7 @@
import java.util.concurrent.CompletionException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
diff --git a/src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java b/src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java
index 903ad89eac..ea97a5897a 100644
--- a/src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java
+++ b/src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java
@@ -9,20 +9,17 @@
package org.opensearch.security.transport;
// CS-SUPPRESS-SINGLE: RegexpSingleline Extensions manager used for creating a mock
-import java.net.InetAddress;
import java.net.UnknownHostException;
-
import org.junit.Before;
import org.junit.Test;
-
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
import org.opensearch.Version;
import org.opensearch.action.search.PitService;
import org.opensearch.cluster.ClusterName;
import org.opensearch.cluster.node.DiscoveryNode;
import org.opensearch.cluster.service.ClusterService;
import org.opensearch.common.settings.Settings;
-import org.opensearch.core.common.transport.TransportAddress;
-import org.opensearch.core.transport.TransportResponse;
import org.opensearch.extensions.ExtensionsManager;
import org.opensearch.indices.IndicesService;
import org.opensearch.repositories.RepositoriesService;
@@ -43,16 +40,18 @@
import org.opensearch.transport.TransportInterceptor.AsyncSender;
import org.opensearch.transport.TransportRequest;
import org.opensearch.transport.TransportRequestOptions;
+import org.opensearch.core.common.transport.TransportAddress;
+import org.opensearch.core.transport.TransportResponse;
import org.opensearch.transport.TransportResponseHandler;
import org.opensearch.transport.TransportService;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-
import static java.util.Collections.emptySet;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
+// CS-ENFORCE-SINGLE
+
+import java.net.InetAddress;
public class SecurityInterceptorTests {
diff --git a/src/test/java/org/opensearch/security/transport/SecuritySSLRequestHandlerTests.java b/src/test/java/org/opensearch/security/transport/SecuritySSLRequestHandlerTests.java
index b6967b0e68..c168d06839 100644
--- a/src/test/java/org/opensearch/security/transport/SecuritySSLRequestHandlerTests.java
+++ b/src/test/java/org/opensearch/security/transport/SecuritySSLRequestHandlerTests.java
@@ -12,7 +12,8 @@
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
-
+import org.mockito.ArgumentMatchers;
+import org.mockito.Mock;
import org.opensearch.Version;
import org.opensearch.common.settings.Settings;
import org.opensearch.security.ssl.SslExceptionHandler;
@@ -26,9 +27,6 @@
import org.opensearch.transport.TransportRequest;
import org.opensearch.transport.TransportRequestHandler;
-import org.mockito.ArgumentMatchers;
-import org.mockito.Mock;
-
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.Mockito.doNothing;
diff --git a/src/test/java/org/opensearch/security/util/SettingsBasedSSLConfiguratorV4Test.java b/src/test/java/org/opensearch/security/util/SettingsBasedSSLConfiguratorV4Test.java
index e1e3d979fd..976f085ce4 100644
--- a/src/test/java/org/opensearch/security/util/SettingsBasedSSLConfiguratorV4Test.java
+++ b/src/test/java/org/opensearch/security/util/SettingsBasedSSLConfiguratorV4Test.java
@@ -24,6 +24,7 @@
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Map;
+
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
@@ -62,15 +63,15 @@
import org.junit.Test;
import org.junit.rules.ExpectedException;
+import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4;
+import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4.SSLConfig;
+
import org.opensearch.common.settings.MockSecureSettings;
import org.opensearch.common.settings.Settings;
import org.opensearch.security.ssl.util.SSLConfigConstants;
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.network.SocketUtils;
-import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4;
-import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4.SSLConfig;
-
import static org.hamcrest.CoreMatchers.either;
import static org.hamcrest.CoreMatchers.instanceOf;
import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;