[Backport 2.x] add password regex setting onto dashboardsinfo backend…

… call (#3033)

Backport 744b5d4 from #2999

Co-authored-by: Derek Ho <dxho@amazon.com>
Co-authored-by: Craig Perkins <cwperx@amazon.com>

src/integrationTest/java/org/opensearch/security/api/DashboardsInfoTest.java

@@ -27,6 +27,7 @@
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.equalTo;
 import static org.opensearch.security.rest.DashboardsInfoAction.DEFAULT_PASSWORD_MESSAGE;
+import static org.opensearch.security.rest.DashboardsInfoAction.DEFAULT_PASSWORD_REGEX;
 import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL;
 
 @RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class)
@@ -51,6 +52,8 @@ public void testDashboardsInfoValidationMessage() throws Exception {
             assertThat(response.getStatusCode(), equalTo(HttpStatus.SC_OK));
             assertThat(response.getBody(), containsString("password_validation_error_message"));
             assertThat(response.getBody(), containsString(DEFAULT_PASSWORD_MESSAGE));
+            assertThat(response.getBody(), containsString("password_validation_regex"));
+            assertThat(response.getBody(), containsString(DEFAULT_PASSWORD_REGEX));
         }
     }
 }

src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java

@@ -41,14 +41,16 @@ public class DashboardsInfoWithSettingsTest {
     private static final String CUSTOM_PASSWORD_MESSAGE =
         "Password must be minimum 5 characters long and must contain at least one uppercase letter, one lowercase letter, one digit, and one special character.";
 
+    private static final String CUSTOM_PASSWORD_REGEX = "(?=.*[A-Z])(?=.*[^a-zA-Z\\d])(?=.*[0-9])(?=.*[a-z]).{5,}";
+
     @ClassRule
     public static LocalCluster cluster = new LocalCluster.Builder().clusterManager(ClusterManager.THREE_CLUSTER_MANAGERS)
         .authc(AUTHC_HTTPBASIC_INTERNAL)
         .users(DASHBOARDS_USER)
         .nodeSettings(
             Map.of(
                 ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_REGEX,
-                "(?=.*[A-Z])(?=.*[^a-zA-Z\\d])(?=.*[0-9])(?=.*[a-z]).{5,}",
+                CUSTOM_PASSWORD_REGEX,
                 ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_ERROR_MESSAGE,
                 CUSTOM_PASSWORD_MESSAGE
             )
@@ -63,6 +65,8 @@ public void testDashboardsInfoValidationMessageWithCustomMessage() throws Except
             assertThat(response.getStatusCode(), equalTo(HttpStatus.SC_OK));
             assertThat(response.getBody(), containsString("password_validation_error_message"));
             assertThat(response.getBody(), containsString(CUSTOM_PASSWORD_MESSAGE));
+            assertThat(response.getBody(), containsString("password_validation_regex"));
+            assertThat(response.getBody(), containsString(CUSTOM_PASSWORD_REGEX));
         }
     }
 }

src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java

@@ -68,6 +68,8 @@ public class DashboardsInfoAction extends BaseRestHandler {
     public static final String DEFAULT_PASSWORD_MESSAGE = "Password should be at least 8 characters long and contain at least one "
         + "uppercase letter, one lowercase letter, one digit, and one special character.";
 
+    public static final String DEFAULT_PASSWORD_REGEX = "(?=.*[A-Z])(?=.*[^a-zA-Z\\d])(?=.*[0-9])(?=.*[a-z]).{8,}";
+
     public DashboardsInfoAction(
         final Settings settings,
         final RestController controller,
@@ -110,6 +112,10 @@ public void accept(RestChannel channel) throws Exception {
                         "password_validation_error_message",
                         client.settings().get(ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_ERROR_MESSAGE, DEFAULT_PASSWORD_MESSAGE)
                     );
+                    builder.field(
+                        "password_validation_regex",
+                        client.settings().get(ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_REGEX, DEFAULT_PASSWORD_REGEX)
+                    );
                     builder.endObject();
 
                     response = new BytesRestResponse(RestStatus.OK, builder);