This PR adds JWT parsing using go-jose and uses the aud field from the JWT as the API host URL instead of using the config file.
utils/jwt.go is copy-pasted from the Splunk app.
Since sign in attempt and item usages can have different token here, the token is parsed when newAPIRequest is called instead of on start up.
If the token does not have a URL in the aud field, the elasticbeat will exit with an error.
2021-07-12T14:55:12.379-0400 INFO instance/beat.go:474 eventsapibeat stopped.
2021-07-12T14:55:12.379-0400 ERROR instance/beat.go:971 Exiting: failed when processing item usages. failed to fetch item usages. failed to create new API request. Token does not have a url.
Exiting: failed when processing item usages. failed to fetch item usages. failed to create new API request. Token does not have a url.
This PR adds JWT parsing using
go-jose
and uses theaud
field from the JWT as the API host URL instead of using the config file.utils/jwt.go
is copy-pasted from the Splunk app.Since sign in attempt and item usages can have different token here, the token is parsed when
newAPIRequest
is called instead of on start up.If the token does not have a URL in the
aud
field, the elasticbeat will exit with an error.To make review easier, this is the actual commit that adds the functionality.