Remove Version.V_6_x_x constants use in security (#41185)

This removes some use of the v6 constants in various parts of
security.
Mostly this is BWC testing code, which is no longer needed as ES8 will
not need to maintain compatibility with ES6.

Relates: #41164

client/rest-high-level/src/test/java/org/elasticsearch/client/security/hlrc/HasPrivilegesResponseTests.java

@@ -19,7 +19,6 @@
 
 package org.elasticsearch.client.security.hlrc;
 
-import org.apache.lucene.util.LuceneTestCase;
 import org.elasticsearch.Version;
 import org.elasticsearch.client.security.HasPrivilegesResponse;
 import org.elasticsearch.common.bytes.BytesReference;
@@ -32,9 +31,7 @@ import org.elasticsearch.common.xcontent.XContentBuilder;
 import org.elasticsearch.common.xcontent.XContentParser;
 import org.elasticsearch.common.xcontent.XContentType;
 import org.elasticsearch.client.AbstractHlrcStreamableXContentTestCase;
-import org.elasticsearch.test.VersionUtils;
 import org.elasticsearch.xpack.core.security.authz.permission.ResourcePrivileges;
-import org.hamcrest.Matchers;
 import org.junit.Assert;
 
 import java.io.IOException;
@@ -55,28 +52,6 @@ public class HasPrivilegesResponseTests extends AbstractHlrcStreamableXContentTe
     org.elasticsearch.xpack.core.security.action.user.HasPrivilegesResponse,
     HasPrivilegesResponse> {
 
-    public void testSerializationV64OrV65() throws IOException {
-        final org.elasticsearch.xpack.core.security.action.user.HasPrivilegesResponse original = randomResponse();
-        final Version version = VersionUtils.randomVersionBetween(LuceneTestCase.random(), Version.V_6_4_0, Version.V_6_5_1);
-        final org.elasticsearch.xpack.core.security.action.user.HasPrivilegesResponse copy = serializeAndDeserialize(original, version);
-
-        Assert.assertThat(copy.isCompleteMatch(), equalTo(original.isCompleteMatch()));
-        Assert.assertThat(copy.getClusterPrivileges().entrySet(), Matchers.emptyIterable());
-        Assert.assertThat(copy.getIndexPrivileges(), equalTo(original.getIndexPrivileges()));
-        Assert.assertThat(copy.getApplicationPrivileges(), equalTo(original.getApplicationPrivileges()));
-    }
-
-    public void testSerializationV63() throws IOException {
-        final org.elasticsearch.xpack.core.security.action.user.HasPrivilegesResponse original = randomResponse();
-        final org.elasticsearch.xpack.core.security.action.user.HasPrivilegesResponse copy =
-            serializeAndDeserialize(original, Version.V_6_3_0);
-
-        Assert.assertThat(copy.isCompleteMatch(), equalTo(original.isCompleteMatch()));
-        Assert.assertThat(copy.getClusterPrivileges().entrySet(), Matchers.emptyIterable());
-        Assert.assertThat(copy.getIndexPrivileges(), equalTo(original.getIndexPrivileges()));
-        Assert.assertThat(copy.getApplicationPrivileges(), equalTo(Collections.emptyMap()));
-    }
-
     public void testToXContent() throws Exception {
         final org.elasticsearch.xpack.core.security.action.user.HasPrivilegesResponse response =
             new org.elasticsearch.xpack.core.security.action.user.HasPrivilegesResponse("daredevil",

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/role/PutRoleRequest.java

@@ -5,7 +5,6 @@
  */
 package org.elasticsearch.xpack.core.security.action.role;
 
-import org.elasticsearch.Version;
 import org.elasticsearch.action.ActionRequest;
 import org.elasticsearch.action.ActionRequestValidationException;
 import org.elasticsearch.action.support.WriteRequest;
@@ -168,10 +167,8 @@ public class PutRoleRequest extends ActionRequest implements WriteRequest<PutRol
         for (int i = 0; i < indicesSize; i++) {
             indicesPrivileges.add(new RoleDescriptor.IndicesPrivileges(in));
         }
-        if (in.getVersion().onOrAfter(Version.V_6_4_0)) {
-            applicationPrivileges = in.readList(RoleDescriptor.ApplicationResourcePrivileges::new);
-            conditionalClusterPrivileges = ConditionalClusterPrivileges.readArray(in);
-        }
+        applicationPrivileges = in.readList(RoleDescriptor.ApplicationResourcePrivileges::new);
+        conditionalClusterPrivileges = ConditionalClusterPrivileges.readArray(in);
         runAs = in.readStringArray();
         refreshPolicy = RefreshPolicy.readFrom(in);
         metadata = in.readMap();
@@ -186,10 +183,8 @@ public class PutRoleRequest extends ActionRequest implements WriteRequest<PutRol
         for (RoleDescriptor.IndicesPrivileges index : indicesPrivileges) {
             index.writeTo(out);
         }
-        if (out.getVersion().onOrAfter(Version.V_6_4_0)) {
-            out.writeList(applicationPrivileges);
-            ConditionalClusterPrivileges.writeArray(out, this.conditionalClusterPrivileges);
-        }
+        out.writeList(applicationPrivileges);
+        ConditionalClusterPrivileges.writeArray(out, this.conditionalClusterPrivileges);
         out.writeStringArray(runAs);
         refreshPolicy.writeTo(out);
         out.writeMap(metadata);

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/user/AuthenticateResponse.java

@@ -5,12 +5,10 @@
  */
 package org.elasticsearch.xpack.core.security.action.user;
 
-import org.elasticsearch.Version;
 import org.elasticsearch.action.ActionResponse;
 import org.elasticsearch.common.io.stream.StreamInput;
 import org.elasticsearch.common.io.stream.StreamOutput;
 import org.elasticsearch.xpack.core.security.authc.Authentication;
-import org.elasticsearch.xpack.core.security.user.User;
 
 import java.io.IOException;
 
@@ -31,23 +29,13 @@ public class AuthenticateResponse extends ActionResponse {
     @Override
     public void writeTo(StreamOutput out) throws IOException {
         super.writeTo(out);
-        if (out.getVersion().before(Version.V_6_6_0)) {
-            User.writeTo(authentication.getUser(), out);
-        } else {
-            authentication.writeTo(out);
-        }
+        authentication.writeTo(out);
     }
 
     @Override
     public void readFrom(StreamInput in) throws IOException {
         super.readFrom(in);
-        if (in.getVersion().before(Version.V_6_6_0)) {
-            final User user = User.readFrom(in);
-            final Authentication.RealmRef unknownRealm = new Authentication.RealmRef("__unknown", "__unknown", "__unknown");
-            authentication = new Authentication(user, unknownRealm, unknownRealm);
-        } else {
-            authentication = new Authentication(in);
-        }
+        authentication = new Authentication(in);
     }
 
 }

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/user/GetUserPrivilegesResponse.java

@@ -5,7 +5,6 @@
  */
 package org.elasticsearch.xpack.core.security.action.user;
 
-import org.elasticsearch.Version;
 import org.elasticsearch.action.ActionResponse;
 import org.elasticsearch.common.Strings;
 import org.elasticsearch.common.bytes.BytesReference;
@@ -145,11 +144,7 @@ public final class GetUserPrivilegesResponse extends ActionResponse {
                 return new FieldPermissionsDefinition.FieldGrantExcludeGroup(grant, exclude);
             }));
             queries = Collections.unmodifiableSet(in.readSet(StreamInput::readBytesReference));
-            if (in.getVersion().onOrAfter(Version.V_6_7_0)) {
-                this.allowRestrictedIndices = in.readBoolean();
-            } else {
-                this.allowRestrictedIndices = false;
-            }
+            this.allowRestrictedIndices = in.readBoolean();
         }
 
         public Set<String> getIndices() {
@@ -254,9 +249,7 @@ public final class GetUserPrivilegesResponse extends ActionResponse {
                 output.writeOptionalStringArray(fields.getExcludedFields());
             });
             out.writeCollection(queries, StreamOutput::writeBytesReference);
-            if (out.getVersion().onOrAfter(Version.V_6_7_0)) {
-                out.writeBoolean(allowRestrictedIndices);
-            }
+            out.writeBoolean(allowRestrictedIndices);
         }
     }
 }

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/user/HasPrivilegesRequest.java

@@ -5,7 +5,6 @@
  */
 package org.elasticsearch.xpack.core.security.action.user;
 
-import org.elasticsearch.Version;
 import org.elasticsearch.action.ActionRequest;
 import org.elasticsearch.action.ActionRequestValidationException;
 import org.elasticsearch.common.io.stream.StreamInput;
@@ -109,9 +108,7 @@ public class HasPrivilegesRequest extends ActionRequest implements UserRequest {
         for (int i = 0; i < indexSize; i++) {
             indexPrivileges[i] = new RoleDescriptor.IndicesPrivileges(in);
         }
-        if (in.getVersion().onOrAfter(Version.V_6_4_0)) {
-            applicationPrivileges = in.readArray(ApplicationResourcePrivileges::new, ApplicationResourcePrivileges[]::new);
-        }
+        applicationPrivileges = in.readArray(ApplicationResourcePrivileges::new, ApplicationResourcePrivileges[]::new);
     }
 
     @Override
@@ -123,9 +120,7 @@ public class HasPrivilegesRequest extends ActionRequest implements UserRequest {
         for (RoleDescriptor.IndicesPrivileges priv : indexPrivileges) {
             priv.writeTo(out);
         }
-        if (out.getVersion().onOrAfter(Version.V_6_4_0)) {
-            out.writeArray(ApplicationResourcePrivileges::write, applicationPrivileges);
-        }
+        out.writeArray(ApplicationResourcePrivileges::write, applicationPrivileges);
     }
 
 }

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/user/HasPrivilegesResponse.java

@@ -5,7 +5,6 @@
  */
 package org.elasticsearch.xpack.core.security.action.user;
 
-import org.elasticsearch.Version;
 import org.elasticsearch.action.ActionResponse;
 import org.elasticsearch.common.io.stream.StreamInput;
 import org.elasticsearch.common.io.stream.StreamOutput;
@@ -103,16 +102,10 @@ public class HasPrivilegesResponse extends ActionResponse implements ToXContentO
     public void readFrom(StreamInput in) throws IOException {
         super.readFrom(in);
         completeMatch = in.readBoolean();
-        if (in.getVersion().onOrAfter(Version.V_6_6_0 )) {
-            cluster = in.readMap(StreamInput::readString, StreamInput::readBoolean);
-        }
+        cluster = in.readMap(StreamInput::readString, StreamInput::readBoolean);
         index = readResourcePrivileges(in);
-        if (in.getVersion().onOrAfter(Version.V_6_4_0)) {
-            application = in.readMap(StreamInput::readString, HasPrivilegesResponse::readResourcePrivileges);
-        }
-        if (in.getVersion().onOrAfter(Version.V_6_6_0)) {
-            username = in.readString();
-        }
+        application = in.readMap(StreamInput::readString, HasPrivilegesResponse::readResourcePrivileges);
+        username = in.readString();
     }
 
     private static Set<ResourcePrivileges> readResourcePrivileges(StreamInput in) throws IOException {
@@ -130,16 +123,10 @@ public class HasPrivilegesResponse extends ActionResponse implements ToXContentO
     public void writeTo(StreamOutput out) throws IOException {
         super.writeTo(out);
         out.writeBoolean(completeMatch);
-        if (out.getVersion().onOrAfter(Version.V_6_6_0)) {
-            out.writeMap(cluster, StreamOutput::writeString, StreamOutput::writeBoolean);
-        }
+        out.writeMap(cluster, StreamOutput::writeString, StreamOutput::writeBoolean);
         writeResourcePrivileges(out, index);
-        if (out.getVersion().onOrAfter(Version.V_6_4_0)) {
-            out.writeMap(application, StreamOutput::writeString, HasPrivilegesResponse::writeResourcePrivileges);
-        }
-        if (out.getVersion().onOrAfter(Version.V_6_6_0)) {
-            out.writeString(username);
-        }
+        out.writeMap(application, StreamOutput::writeString, HasPrivilegesResponse::writeResourcePrivileges);
+        out.writeString(username);
     }
 
     private static void writeResourcePrivileges(StreamOutput out, Set<ResourcePrivileges> privileges) throws IOException {

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authc/Authentication.java

@@ -60,13 +60,8 @@ public class Authentication implements ToXContentObject {
             this.lookedUpBy = null;
         }
         this.version = in.getVersion();
-        if (in.getVersion().onOrAfter(Version.V_6_7_0)) {
-            type = AuthenticationType.values()[in.readVInt()];
-            metadata = in.readMap();
-        } else {
-            type = AuthenticationType.REALM;
-            metadata = Collections.emptyMap();
-        }
+        type = AuthenticationType.values()[in.readVInt()];
+        metadata = in.readMap();
     }
 
     public User getUser() {
@@ -165,10 +160,8 @@ public class Authentication implements ToXContentObject {
         } else {
             out.writeBoolean(false);
         }
-        if (out.getVersion().onOrAfter(Version.V_6_7_0)) {
-            out.writeVInt(type.ordinal());
-            out.writeMap(metadata);
-        }
+        out.writeVInt(type.ordinal());
+        out.writeMap(metadata);
     }
 
     @Override

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/RoleDescriptor.java

@@ -6,7 +6,6 @@
 package org.elasticsearch.xpack.core.security.authz;
 
 import org.elasticsearch.ElasticsearchParseException;
-import org.elasticsearch.Version;
 import org.elasticsearch.common.Nullable;
 import org.elasticsearch.common.ParseField;
 import org.elasticsearch.common.Strings;
@@ -122,13 +121,8 @@ public class RoleDescriptor implements ToXContentObject, Writeable {
         this.metadata = in.readMap();
         this.transientMetadata = in.readMap();
 
-        if (in.getVersion().onOrAfter(Version.V_6_4_0)) {
-            this.applicationPrivileges = in.readArray(ApplicationResourcePrivileges::new, ApplicationResourcePrivileges[]::new);
-            this.conditionalClusterPrivileges = ConditionalClusterPrivileges.readArray(in);
-        } else {
-            this.applicationPrivileges = ApplicationResourcePrivileges.NONE;
-            this.conditionalClusterPrivileges = ConditionalClusterPrivileges.EMPTY_ARRAY;
-        }
+        this.applicationPrivileges = in.readArray(ApplicationResourcePrivileges::new, ApplicationResourcePrivileges[]::new);
+        this.conditionalClusterPrivileges = ConditionalClusterPrivileges.readArray(in);
     }
 
     public String getName() {
@@ -264,10 +258,8 @@ public class RoleDescriptor implements ToXContentObject, Writeable {
         out.writeStringArray(runAs);
         out.writeMap(metadata);
         out.writeMap(transientMetadata);
-        if (out.getVersion().onOrAfter(Version.V_6_4_0)) {
-            out.writeArray(ApplicationResourcePrivileges::write, applicationPrivileges);
-            ConditionalClusterPrivileges.writeArray(out, getConditionalClusterPrivileges());
-        }
+        out.writeArray(ApplicationResourcePrivileges::write, applicationPrivileges);
+        ConditionalClusterPrivileges.writeArray(out, getConditionalClusterPrivileges());
     }
 
     public static RoleDescriptor parse(String name, BytesReference source, boolean allow2xFormat, XContentType xContentType)
@@ -608,11 +600,7 @@ public class RoleDescriptor implements ToXContentObject, Writeable {
             this.deniedFields = in.readOptionalStringArray();
             this.privileges = in.readStringArray();
             this.query = in.readOptionalBytesReference();
-            if (in.getVersion().onOrAfter(Version.V_6_7_0)) {
-                allowRestrictedIndices = in.readBoolean();
-            } else {
-                allowRestrictedIndices = false;
-            }
+            this.allowRestrictedIndices = in.readBoolean();
         }
 
         @Override
@@ -622,9 +610,7 @@ public class RoleDescriptor implements ToXContentObject, Writeable {
             out.writeOptionalStringArray(deniedFields);
             out.writeStringArray(privileges);
             out.writeOptionalBytesReference(query);
-            if (out.getVersion().onOrAfter(Version.V_6_7_0)) {
-                out.writeBoolean(allowRestrictedIndices);
-            }
+            out.writeBoolean(allowRestrictedIndices);
         }
 
         public static Builder builder() {

x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/action/role/PutRoleRequestTests.java

@@ -20,7 +20,6 @@ import org.elasticsearch.common.util.set.Sets;
 import org.elasticsearch.test.ESTestCase;
 import org.elasticsearch.test.VersionUtils;
 import org.elasticsearch.xpack.core.XPackClientPlugin;
-import org.elasticsearch.xpack.core.security.authz.RoleDescriptor;
 import org.elasticsearch.xpack.core.security.authz.RoleDescriptor.ApplicationResourcePrivileges;
 import org.elasticsearch.xpack.core.security.authz.privilege.ConditionalClusterPrivileges;
 
@@ -31,11 +30,9 @@ import java.util.Locale;
 import java.util.Map;
 import java.util.function.Supplier;
 
-import static org.hamcrest.Matchers.arrayWithSize;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasItem;
-import static org.hamcrest.Matchers.iterableWithSize;
 import static org.hamcrest.Matchers.notNullValue;
 import static org.hamcrest.Matchers.nullValue;
 
@@ -60,7 +57,7 @@ public class PutRoleRequestTests extends ESTestCase {
 
         final BytesStreamOutput out = new BytesStreamOutput();
         if (randomBoolean()) {
-            final Version version = VersionUtils.randomVersionBetween(random(), Version.V_6_7_0, Version.CURRENT);
+            final Version version = VersionUtils.randomCompatibleVersion(random(), Version.CURRENT);
             logger.info("Serializing with version {}", version);
             out.setVersion(version);
         }
@@ -75,67 +72,6 @@ public class PutRoleRequestTests extends ESTestCase {
         assertThat(copy.roleDescriptor(), equalTo(original.roleDescriptor()));
     }
 
-    public void testSerializationBetweenV64AndV66() throws IOException {
-        final PutRoleRequest original = buildRandomRequest();
-
-        final BytesStreamOutput out = new BytesStreamOutput();
-        final Version version = VersionUtils.randomVersionBetween(random(), Version.V_6_4_0, Version.V_6_6_0);
-        out.setVersion(version);
-        original.writeTo(out);
-
-        final PutRoleRequest copy = new PutRoleRequest();
-        final NamedWriteableRegistry registry = new NamedWriteableRegistry(new XPackClientPlugin(Settings.EMPTY).getNamedWriteables());
-        StreamInput in = new NamedWriteableAwareStreamInput(ByteBufferStreamInput.wrap(BytesReference.toBytes(out.bytes())), registry);
-        in.setVersion(version);
-        copy.readFrom(in);
-
-        assertThat(copy.name(), equalTo(original.name()));
-        assertThat(copy.cluster(), equalTo(original.cluster()));
-        assertIndicesSerializedRestricted(copy.indices(), original.indices());
-        assertThat(copy.runAs(), equalTo(original.runAs()));
-        assertThat(copy.metadata(), equalTo(original.metadata()));
-        assertThat(copy.getRefreshPolicy(), equalTo(original.getRefreshPolicy()));
-
-        assertThat(copy.applicationPrivileges(), equalTo(original.applicationPrivileges()));
-        assertThat(copy.conditionalClusterPrivileges(), equalTo(original.conditionalClusterPrivileges()));
-    }
-
-    public void testSerializationV60AndV32() throws IOException {
-        final PutRoleRequest original = buildRandomRequest();
-
-        final BytesStreamOutput out = new BytesStreamOutput();
-        final Version version = VersionUtils.randomVersionBetween(random(), Version.V_6_0_0, Version.V_6_3_2);
-        out.setVersion(version);
-        original.writeTo(out);
-
-        final PutRoleRequest copy = new PutRoleRequest();
-        final StreamInput in = out.bytes().streamInput();
-        in.setVersion(version);
-        copy.readFrom(in);
-
-        assertThat(copy.name(), equalTo(original.name()));
-        assertThat(copy.cluster(), equalTo(original.cluster()));
-        assertIndicesSerializedRestricted(copy.indices(), original.indices());
-        assertThat(copy.runAs(), equalTo(original.runAs()));
-        assertThat(copy.metadata(), equalTo(original.metadata()));
-        assertThat(copy.getRefreshPolicy(), equalTo(original.getRefreshPolicy()));
-
-        assertThat(copy.applicationPrivileges(), iterableWithSize(0));
-        assertThat(copy.conditionalClusterPrivileges(), arrayWithSize(0));
-    }
-
-    private void assertIndicesSerializedRestricted(RoleDescriptor.IndicesPrivileges[] copy, RoleDescriptor.IndicesPrivileges[] original) {
-        assertThat(copy.length, equalTo(original.length));
-        for (int i = 0; i < copy.length; i++) {
-            assertThat(copy[i].allowRestrictedIndices(), equalTo(false));
-            assertThat(copy[i].getIndices(), equalTo(original[i].getIndices()));
-            assertThat(copy[i].getPrivileges(), equalTo(original[i].getPrivileges()));
-            assertThat(copy[i].getDeniedFields(), equalTo(original[i].getDeniedFields()));
-            assertThat(copy[i].getGrantedFields(), equalTo(original[i].getGrantedFields()));
-            assertThat(copy[i].getQuery(), equalTo(original[i].getQuery()));
-        }
-    }
-
     private void assertSuccessfulValidation(PutRoleRequest request) {
         final ActionRequestValidationException exception = request.validate();
         assertThat(exception, nullValue());

x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/action/user/HasPrivilegesRequestTests.java

@@ -25,13 +25,12 @@ import java.util.stream.Collectors;
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasItem;
 import static org.hamcrest.Matchers.notNullValue;
-import static org.hamcrest.Matchers.nullValue;
 
 public class HasPrivilegesRequestTests extends ESTestCase {
 
-    public void testSerializationV64OrLater() throws IOException {
+    public void testSerializationCurrentVersion() throws IOException {
         final HasPrivilegesRequest original = randomRequest();
-        final Version version = VersionUtils.randomVersionBetween(random(), Version.V_6_4_0, Version.CURRENT);
+        final Version version = VersionUtils.randomCompatibleVersion(random(), Version.CURRENT);
         final HasPrivilegesRequest copy = serializeAndDeserialize(original, version);
 
         assertThat(copy.username(), equalTo(original.username()));
@@ -40,16 +39,6 @@ public class HasPrivilegesRequestTests extends ESTestCase {
         assertThat(copy.applicationPrivileges(), equalTo(original.applicationPrivileges()));
     }
 
-    public void testSerializationV63() throws IOException {
-        final HasPrivilegesRequest original = randomRequest();
-        final HasPrivilegesRequest copy = serializeAndDeserialize(original, Version.V_6_3_0);
-
-        assertThat(copy.username(), equalTo(original.username()));
-        assertThat(copy.clusterPrivileges(), equalTo(original.clusterPrivileges()));
-        assertThat(copy.indexPrivileges(), equalTo(original.indexPrivileges()));
-        assertThat(copy.applicationPrivileges(), nullValue());
-    }
-
     public void testValidateNullPrivileges() {
         final HasPrivilegesRequest request = new HasPrivilegesRequest();
         final ActionRequestValidationException exception = request.validate();

x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java

@@ -985,7 +985,6 @@ public class Security extends Plugin implements ActionPlugin, IngestPlugin, Netw
             return new ValidateTLSOnJoin(XPackSettings.TRANSPORT_SSL_ENABLED.get(settings),
                     DiscoveryModule.DISCOVERY_TYPE_SETTING.get(settings))
                 .andThen(new ValidateUpgradedSecurityIndex())
-                .andThen(new ValidateLicenseCanBeDeserialized())
                 .andThen(new ValidateLicenseForFIPS(XPackSettings.FIPS_MODE_ENABLED.get(settings)));
         }
         return null;
@@ -1023,17 +1022,6 @@ public class Security extends Plugin implements ActionPlugin, IngestPlugin, Netw
         }
     }
 
-    static final class ValidateLicenseCanBeDeserialized implements BiConsumer<DiscoveryNode, ClusterState> {
-        @Override
-        public void accept(DiscoveryNode node, ClusterState state) {
-            License license = LicenseService.getLicense(state.metaData());
-            if (license != null && license.version() >= License.VERSION_CRYPTO_ALGORITHMS && node.getVersion().before(Version.V_6_4_0)) {
-                throw new IllegalStateException("node " + node + " is on version [" + node.getVersion() +
-                    "] that cannot deserialize the license format [" + license.version() + "], upgrade node to at least 6.4.0");
-            }
-        }
-    }
-
     static final class ValidateLicenseForFIPS implements BiConsumer<DiscoveryNode, ClusterState> {
         private final boolean inFipsMode;
 

x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/ApiKeyService.java

@@ -233,12 +233,6 @@ public class ApiKeyService {
         final Instant expiration = getApiKeyExpiration(created, request);
         final SecureString apiKey = UUIDs.randomBase64UUIDSecureString();
         final Version version = clusterService.state().nodes().getMinNodeVersion();
-        if (version.before(Version.V_6_7_0)) {
-            logger.warn(
-                    "nodes prior to the minimum supported version for api keys {} exist in the cluster;"
-                            + " these nodes will not be able to use api keys",
-                    Version.V_6_7_0);
-        }
 
         final char[] keyHash = hasher.hash(apiKey);
         try (XContentBuilder builder = XContentFactory.jsonBuilder()) {

x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/UserToken.java

@@ -73,11 +73,7 @@ public final class UserToken implements Writeable, ToXContentObject {
         this.id = input.readString();
         this.authentication = new Authentication(input);
         this.expirationTime = Instant.ofEpochSecond(input.readLong(), input.readInt());
-        if (version.before(Version.V_6_2_0)) {
-            this.metadata = Collections.emptyMap();
-        } else {
-            this.metadata = input.readMap();
-        }
+        this.metadata = input.readMap();
     }
 
     @Override
@@ -86,9 +82,7 @@ public final class UserToken implements Writeable, ToXContentObject {
         authentication.writeTo(out);
         out.writeLong(expirationTime.getEpochSecond());
         out.writeInt(expirationTime.getNano());
-        if (out.getVersion().onOrAfter(Version.V_6_2_0)) {
-            out.writeMap(metadata);
-        }
+        out.writeMap(metadata);
     }
 
     /**

x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java

@@ -271,19 +271,6 @@ public class SecurityTests extends ESTestCase {
         }
     }
 
-    public void testJoinValidatorForLicenseDeserialization() throws Exception {
-        DiscoveryNode node = new DiscoveryNode("foo", buildNewFakeTransportAddress(),
-            VersionUtils.randomVersionBetween(random(), null, Version.V_6_3_0));
-        MetaData.Builder builder = MetaData.builder();
-        License license = TestUtils.generateSignedLicense(null,
-            randomIntBetween(License.VERSION_CRYPTO_ALGORITHMS, License.VERSION_CURRENT), -1, TimeValue.timeValueHours(24));
-        TestUtils.putLicense(builder, license);
-        ClusterState state = ClusterState.builder(ClusterName.DEFAULT).metaData(builder.build()).build();
-        IllegalStateException e = expectThrows(IllegalStateException.class,
-            () -> new Security.ValidateLicenseCanBeDeserialized().accept(node, state));
-        assertThat(e.getMessage(), containsString("cannot deserialize the license format"));
-    }
-
     public void testJoinValidatorForFIPSLicense() throws Exception {
         DiscoveryNode node = new DiscoveryNode("foo", buildNewFakeTransportAddress(),
             VersionUtils.randomVersionBetween(random(), null, Version.CURRENT));

x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/RoleDescriptorTests.java

@@ -213,8 +213,8 @@ public class RoleDescriptorTests extends ESTestCase {
         assertThat(ex.getMessage(), containsString("not_supported"));
     }
 
-    public void testSerialization() throws Exception {
-        final Version version = VersionUtils.randomVersionBetween(random(), Version.V_6_4_0, null);
+    public void testSerializationForCurrentVersion() throws Exception {
+        final Version version = VersionUtils.randomCompatibleVersion(random(), Version.CURRENT);
         logger.info("Testing serialization with version {}", version);
         BytesStreamOutput output = new BytesStreamOutput();
         output.setVersion(version);