Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ ENH ] Provide authentication failure detail when credentials are provided directly to a Service Class. #501

Closed
jshcodes opened this issue Jan 3, 2022 Discussed in #500 · 0 comments · Fixed by #502
Closed

[ ENH ] Provide authentication failure detail when credentials are provided directly to a Service Class. #501

jshcodes opened this issue Jan 3, 2022 Discussed in #500 · 0 comments · Fixed by #502
Assignees
@jshcodes
Labels
authentication Issues or questions regarding authentication enhancement 🌟 New feature or request SDK usage General SDK usage issues and questions

Comments

@jshcodes
Copy link
Member

jshcodes commented Jan 3, 2022

Describe the issue
Service Class instantiation does not provide an API response, even though a token is generated. On token generation failure, the failure reason is swallowed.

To Reproduce
Create an instance of any Service Class using invalid credentials. You are not provided an immediate response, so any failure reason is hidden. Follow up requests to the API will produce an invalid bearer token error.

Expected behavior
When the token generation fails, provide a place within the class to retrieve the reason.

Environment (please complete the following information):

  • OS: All supported
  • Python: All supported
  • FalconPy: 0.4.0+

Additional context
Discussed in #500

Originally posted by morcef January 3, 2022
Hi,
I am new to this SDK, and I have been starting with using the Detects Service Class (https://falconpy.io/Service-Collections/Detects.html). In the beginning the Detects authenticated() method would return False, and I was having trouble finding the reason.
This seems to be due to the fact that the Service Class will throw away any response that does not have status code 201, and include a token (

falconpy/src/falconpy/_service_class.py

Lines 142 to 156 in 5adb86c

if _["status_code"] == 201:
self.token = _["body"]["access_token"]
self.headers = {"Authorization": f"Bearer {self.token}"}
# Swap to the correct region if they've provided the incorrect one
if "X-Cs-Region" not in _["headers"]:
# GovCloud autodiscovery is not currently supported
token_region = confirm_base_region(confirmed_base)
else:
token_region = _["headers"]["X-Cs-Region"].replace("-", "")
requested_region = confirm_base_region(confirmed_base)
if token_region != requested_region:
self.base_url = confirm_base_url(token_region.upper())
else:
self.token = False
self.headers = {}
).
At this point there was no clear way for me to figure out why this was failing, other than accessing the Detects' auth_object, and executing its token() method a second time to get the actual response. However, my IDE is giving me the following warning when accessing the auth_object: Unresolved attribute reference 'auth_object' for class 'Detects'.
@jshcodes jshcodes added enhancement 🌟 New feature or request authentication Issues or questions regarding authentication SDK usage General SDK usage issues and questions labels Jan 3, 2022
@jshcodes jshcodes self-assigned this Jan 3, 2022
jshcodes added a commit that referenced this issue Jan 4, 2022
@jshcodes
Add token_status attribute. Closes #501.
9d471f5
@jshcodes jshcodes mentioned this issue Jan 4, 2022
Merged
1 task
jshcodes added a commit that referenced this issue Jan 4, 2022
@jshcodes
[DEPLOY] v0.9.0 - Additional token generation failure handling (#502)
2954627 
* Remove fleet reference. Update comments.

* Update wordlist.txt

* Add token generation failure message attribute

* Inherit token_fail_reason from auth. Linting.

* Bump version -> 0.9.0

* Add morcef

* Update CHANGELOG.md

* Handle flaky MalQuery all paths testing

* Add token_status attribute. Closes #501.

* Update CHANGELOG.md
@jshcodes jshcodes changed the title Provide authentication failure detail when credentials are provided directly to a Service Class. [ ENH ] Provide authentication failure detail when credentials are provided directly to a Service Class. Jan 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jshcodes jshcodes

Labels
authentication Issues or questions regarding authentication enhancement 🌟 New feature or request SDK usage General SDK usage issues and questions
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[DEPLOY] v0.9.0 - Additional token generation failure handling CrowdStrike/falconpy
1 participant
@jshcodes