[Fleet] Allow exclamation mark in enrollment token name (#191807)

## Summary Closes #191719 Attempting to generate a Fleet enrollment token with a name that ends with `!` produces a malformed ES query which causes `POST agents/enrollment_api_keys` to fail with 500. This PR adds a narrow fix by escaping question marks (which is a `query_string` [special character](https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html#query-string-syntax)). Note: this query probably wouldn't be necessary if we removed the constraint of unique name, as discussed in #155550. Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
elastic · Aug 30, 2024 · a57181a · a57181a
1 parent d56ea8a
commit a57181a
Showing 1 changed file with 9 additions and 2 deletions.
diff --git a/x-pack/plugins/fleet/server/services/api_keys/enrollment_api_key.ts b/x-pack/plugins/fleet/server/services/api_keys/enrollment_api_key.ts
@@ -218,7 +218,7 @@ export async function generateEnrollmentAPIKey(
   const id = uuidv4();
   const { name: providedKeyName, forceRecreate, agentPolicyId } = data;
   const logger = appContextService.getLogger();
-  logger.debug(`Creating enrollment API key ${data}`);
+  logger.debug(`Creating enrollment API key ${JSON.stringify(data)}`);
 
   const agentPolicy = await retrieveAgentPolicyId(soClient, agentPolicyId);
 
@@ -360,7 +360,14 @@ function getQueryForExistingKeyNameOnPolicy(agentPolicyId: string, providedKeyNa
         },
         {
           bool: {
-            should: [{ query_string: { fields: ['name'], query: `(${providedKeyName}) *` } }],
+            should: [
+              {
+                query_string: {
+                  fields: ['name'],
+                  query: `(${providedKeyName.replace('!', '\\!')}) *`,
+                },
+              },
+            ],
             minimum_should_match: 1,
           },
         },