search

crowdsecurity / crowdsec

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
https://crowdsec.net
MIT License
8.8k stars 453 forks source link

[AppSec] Api key validation improvements #3036

Open LaurenceJJones opened 4 months ago

LaurenceJJones commented 4 months ago

What would you like to be added?

Right now if an appsec component gets a valid response from the LAPI and then ultimately the LAPI goes down we have a auth cache which is fine if you configure it for the "expected" downtime, however, most of the time you dont know how long the downtime will be.

/kind enhancement

Why is this needed?

A potential improvement could be to check if the api key was ever in the cache and presume it is safe until we get a response from LAPI and then ultimately we can invalidate the cache if the key is now invalid to allow better HA

github-actions[bot] commented 4 months ago

@LaurenceJJones: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details I am a bot created to help the [crowdsecurity](https://github.com/crowdsecurity) developers manage community feedback and contributions. You can check out my [manifest file](https://github.com/crowdsecurity/crowdsec/blob/master/.github/governance.yml) to understand my behavior and what I can do. If you want to use this for your project, you can check out the [BirthdayResearch/oss-governance-bot](https://github.com/BirthdayResearch/oss-governance-bot) repository.
github-actions[bot] commented 4 months ago

@LaurenceJJones: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

Details I am a bot created to help the [crowdsecurity](https://github.com/crowdsecurity) developers manage community feedback and contributions. You can check out my [manifest file](https://github.com/crowdsecurity/crowdsec/blob/master/.github/governance.yml) to understand my behavior and what I can do. If you want to use this for your project, you can check out the [BirthdayResearch/oss-governance-bot](https://github.com/BirthdayResearch/oss-governance-bot) repository.