search

1Password / events-api-elastic

14 stars 6 forks source link

Parse and use URL from JWT instead of config file #3

Closed anthonythleung closed 3 years ago

anthonythleung commented 3 years ago

This PR adds JWT parsing using go-jose and uses the aud field from the JWT as the API host URL instead of using the config file.

utils/jwt.go is copy-pasted from the Splunk app.

Since sign in attempt and item usages can have different token here, the token is parsed when newAPIRequest is called instead of on start up.

If the token does not have a URL in the aud field, the elasticbeat will exit with an error.

2021-07-12T14:55:12.379-0400    INFO    instance/beat.go:474    eventsapibeat stopped.
2021-07-12T14:55:12.379-0400    ERROR   instance/beat.go:971    Exiting: failed when processing item usages. failed to fetch item usages. failed to create new API request. Token does not have a url.
Exiting: failed when processing item usages. failed to fetch item usages. failed to create new API request. Token does not have a url.

To make review easier, this is the actual commit that adds the functionality.

ogero commented 3 years ago

Tested the changes and works great.