search

NCSC-NL / taranis3

Taranis
Other
59 stars 17 forks source link

Twitter consumers keys will no longer be visible. #44

Closed ihebski closed 3 years ago

ihebski commented 3 years ago

Twitter consumers keys will no longer be visible. we can use Bearer token instead with OAuth 2.0. https://developer.twitter.com/en/docs/authentication/oauth-2-0/bearer-tokens

We have changed ~/etc/taranis.conf.xml from :

 <twitter_access_token></twitter_access_token>
  <twitter_access_token_secret></twitter_access_token_secret>
  <twitter_consumer_key></twitter_consumer_key>
  <twitter_consumer_secret></twitter_consumer_secret>

TO :

<twitter_bearer_token></twitter_bearer_token>

Under ~/taranis-3.7.4/perl5/Taranis/Collector/Twitter.pm we changed

my $response = lwpRequest(
        get => $retrieve_url,
        lwp_constructor => sub {
            LWP::Authen::OAuth->new(
                oauth_consumer_key => $source->{oauth_consumer_key} || Config->{twitter_consumer_key},
                oauth_consumer_secret => $source->{oauth_consumer_secret} || Config->{twitter_consumer_secret},
                oauth_token => $source->{oauth_token} || Config->{twitter_access_token},
                oauth_token_secret => $source->{oauth_token_secret} || Config->{twitter_access_token_secret},
            );
        },
    );

Into

my $response = lwpRequest(
            get => decode_entities( $fullurl ),
            Authorization => join ' ', 'Bearer',$source->{oauth_consumer_key} || Config->{twitter_bearer_token},
        );

Test the new configuration

taranis collector scan-sources --debug twitter

P.N: The field should added to the web application interface too