Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[filebeat][streaming] - Standard OAuth2 implementation for websockets. #41989

Closed
ShourieG opened this issue Dec 11, 2024 · 2 comments · Fixed by #42212
Closed

[filebeat][streaming] - Standard OAuth2 implementation for websockets. #41989

ShourieG opened this issue Dec 11, 2024 · 2 comments · Fixed by #42212
Assignees

Comments

@ShourieG
Copy link
Contributor

ShourieG commented Dec 11, 2024

Describe the enhancement: Current OAuth2 implementation uses just a bearer token to authenticate and establish the connection. Due to the nature of websocket connections these tokens are usually long-lived and generally a token refresh is not required. But having traditional OAuth2 is oftentimes necessary for better security purposes.

Describe a specific use case for the enhancement or feature: The initial handshake in a websocket connection is done over HTTP/HTTPS. This is the point where we need to implement OAuth2, after which, if successful a standard websocket connection will be established. Since we are using gorilla websockets library, this will need to be performed before we upgrade the connection to websocket.

ER: https://github.com/elastic/enhancements/issues/23116

@ShourieG ShourieG self-assigned this Dec 11, 2024
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Dec 11, 2024
@ShourieG ShourieG added Team:Security-Service Integrations Security Service Integrations Team and removed needs_team Indicates that the issue/PR needs a Team:* label labels Dec 11, 2024
@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants