Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cherry-pick #20435 to 7.x: [Filebeat][http_endpoint input] Adds support for custom auth header names and secret #20519

Merged
merged 3 commits into from
Aug 12, 2020
Merged

Cherry-pick #20435 to 7.x: [Filebeat][http_endpoint input] Adds support for custom auth header names and secret #20519

merged 3 commits into from
Aug 12, 2020

Conversation

urso
Copy link

@urso urso commented Aug 10, 2020
edited by zube bot
Loading

Cherry-pick of PR #20435 to 7.x branch. Original message:

What does this PR do?

Certain webhooks offers functionality to add a custom header and defined secret to each request to identify the source. This PR adds the possibility to configure the header name and secret that needs to be confirmed for every request, similar but not the same as basic auth.

Why is it important?

Required for certain modules like Zoom #20414

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Author's Checklist

  • Updated docs
  • Updated nosetests

Added nosetest for wrong configuration option, ensuring that anything not matching header+secret is dropped and that a successful match allows the request with the correct responses.
Tested with:

> INTEGRATION_TESTS=1 BEAT_STRICT_PERMS=false nosetests -v -s tests/system/test_http_endpoint.py 
Test http_endpoint input with correct auth header and secret. ... ok
Test http_endpoint input with empty body. ... ok
Test http_endpoint input with GET request. ... ok
Test http_endpoint input with malformed body. ... ok
Test http_endpoint input with missing basic auth values. ... ok
Test http_endpoint input with HTTP events. ... ok
Test http_endpoint input with wrong auth header and secret. ... ok
Test http_endpoint input with wrong basic auth values. ... ok
Test http_endpoint input with wrong content header. ... ok

@urso urso added [zube]: In Review backport Team:Services (Deprecated) Label for the former Integrations-Services team labels Aug 10, 2020
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Aug 10, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/integrations-services (Team:Services)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Aug 10, 2020
@elasticmachine
Copy link
Collaborator

elasticmachine commented Aug 10, 2020
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: [Pull request #20519 updated]

  • Start Time: 2020-08-12T18:24:49.885+0000

  • Duration: 60 min 13 sec

Test stats 🧪

Test Results
Failed 0
Passed 2446
Skipped 388
Total 2834

@urso urso added the review label Aug 10, 2020
kaiyan-sheng
kaiyan-sheng reviewed Aug 11, 2020
View reviewed changes
CHANGELOG.next.asciidoc Outdated
@@ -586,6 +586,10 @@ field. You can revert this change by configuring tags for the module and omittin
- Add experimental dataset zscaler/zia for Zscaler Internet Access logs {pull}19713[19713]
- Add event.ingested for CrowdStrike module {pull}20138[20138]
- Add support for additional fields and FirewallMatchEvent type events in CrowdStrike module {pull}20138[20138]
- Add event.ingested for Suricata module {pull}20220[20220]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

extra changelog entries

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed. Thanks!

@urso urso force-pushed the backport_20435_7.x branch from bd13b8a to 03dd073 Compare August 12, 2020 17:15
@urso urso merged commit e9b58d5 into elastic:7.x Aug 12, 2020
@urso urso deleted the backport_20435_7.x branch August 12, 2020 22:15
@zube zube bot removed the [zube]: Done label Nov 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaiyan-sheng kaiyan-sheng kaiyan-sheng left review comments

@kvch kvch kvch approved these changes

Assignees
No one assigned
Labels
backport review Team:Services (Deprecated) Label for the former Integrations-Services team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@urso @elasticmachine @kvch @kaiyan-sheng @P1llus