Align credentials to type 9- part 1 (#26973)

* switching to type 9

* more integration thinkst cnaray

* more changes

* fix errors

* fix

* fix

* adding deprecated

* rl

* fix

* valid

* space

* rl fix

* fixes

* updated to required: false

* fix cr

* remove space

* fix unit tests

* fix ctred

* fix unit test

* adding tests

* removing note

* Update Packs/Workday/Integrations/Workday/Workday.py

Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com>

* fix

* change test

* Update Packs/Workday/Integrations/Workday/Workday.py

Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com>

* updates

* add test

* remove info

* reverting code changes

---------

Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com>

Packs/Cisco-umbrella-enforcement/.pack-ignore

@@ -1,5 +1,2 @@
-[file:CiscoUmbrellaEnforcement.yml]
-ignore=IN145
-
 [file:CiscoUmbrellaEnforcement_image.png]
 ignore=IM111

Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.py

@@ -180,7 +180,9 @@ def test_module(client: Client) -> str:
 def main():
     params = demisto.params()
     base_url = f"{params.get('url')}/1.0/"
-    api_key = params.get('api_key')
+    api_key = params.get('cred_api_key', {}).get('password') or params.get('api_key', None)
+    if not api_key:
+        raise DemistoException('API key must be provided.')
     verify = not params.get('insecure', False)
     proxy = params.get('proxy', False)
     command = demisto.command()

Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml

@@ -10,8 +10,14 @@ configuration:
   type: 0
 - display: API Key
   name: api_key
-  required: true
+  required: false
   type: 4
+  hidden: true
+- name: cred_api_key
+  required: false
+  type: 9
+  displaypassword: API Key
+  hiddenusername: true
 - display: Trust any certificate (not secure)
   name: insecure
   required: false
@@ -151,7 +157,7 @@ script:
     description: Delete domain.
     execution: false
     name: umbrella-domain-delete
-  dockerimage: demisto/python3:3.10.11.54132
+  dockerimage: demisto/python3:3.10.11.61265
   feed: false
   isfetch: false
   longRunning: false

Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement_test.py

@@ -1,4 +1,4 @@
-from CiscoUmbrellaEnforcement import prepare_suffix
+from CiscoUmbrellaEnforcement import prepare_suffix, Client
 
 
 def test_domains_list_suffix():
@@ -21,3 +21,127 @@ def test_domains_list_suffix():
     assert 'page=1' in suffix
     suffix = prepare_suffix(page=page, limit=limit)
     assert 'page=1' in suffix and 'limit=50' in suffix
+
+
+def test_domain_event_add_command_happy_path(mocker):
+    """
+    Given:
+    - All required and optional arguments for adding a new event.
+    When:
+    - Calling domain_event_add_command function.
+    Then:
+    - Ensure the function returns the expected result.
+    """
+    from CiscoUmbrellaEnforcement import domain_event_add_command
+    client = Client(base_url='https://test.com', api_key='123', verify=False, proxy=False)
+    args = {'alert_time': '2022-01-01T00:00:00Z',
+            'device_id': '1234',
+            'destination_domain': 'example.com',
+            'destination_url': 'https://example.com',
+            'device_version': '1.0',
+            'destination_ip': '1.1.1.1',
+            'event_severity': 'high',
+            'event_type': 'malware',
+            'event_description': 'test event',
+            'file_name': 'test.exe',
+            'file_hash': '1234567890abcdef',
+            'source': 'test'}
+    mocker.patch.object(client, '_http_request', return_value={'id': 123})
+    result = domain_event_add_command(client, args)
+    assert result == "New event was added successfully, The Event id is 123."
+
+
+def test_domains_list_command_valid_input_params(mocker):
+    """
+    Given:
+    - Valid input parameters.
+    When:
+    - Calling domains_list_command function.
+    Then:
+    - Ensure the function returns the expected CommandResults object.
+    """
+    from CiscoUmbrellaEnforcement import domains_list_command
+    client = Client(base_url='https://test.com', api_key='123', verify=False, proxy=False)
+    mocker.patch.object(client, 'get_domains_list', return_value=[{'id': '1', 'name': 'test.com'}])
+    args = {'page': '1', 'limit': '10'}
+    results = domains_list_command(client, args)
+    assert results.readable_output == '### List of Domains\n|id|name|\n|---|---|\n| 1 | test.com |\n'
+    assert results.outputs_prefix == 'UmbrellaEnforcement.Domains'
+    assert results.outputs == [{'id': '1', 'name': 'test.com'}]
+
+
+def test_domain_delete_command_with_name(mocker):
+    """
+    Given:
+    - A domain name to delete.
+    - A client object.
+    When:
+    - Calling the domain_delete_command function.
+    Then:
+    - Ensure the domain is deleted successfully.
+    - Ensure the CommandResults object is returned with the correct readable_output and outputs.
+    """
+    from CiscoUmbrellaEnforcement import domain_delete_command
+    import demistomock as demisto
+    from unittest.mock import Mock
+    client_mock = Mock(Client)
+    client_mock.delete_domains.return_value = Mock(status_code=204)
+    mocker.patch.object(demisto, 'dt', return_value={'name': 'example.com', 'IsDeleted': True})
+    args = {'name': 'example.com'}
+    result = domain_delete_command(client_mock, args)
+    assert result.readable_output == 'example.com domain was removed from blacklist'
+    assert result.outputs_prefix == 'UmbrellaEnforcement.Domains'
+    assert result.outputs_key_field == 'id'
+    assert result.outputs == {'name': 'example.com', 'IsDeleted': True}
+
+
+def test_module_valid_api_key(mocker):
+    """
+    Given:
+    - Valid API key.
+    When:
+    - Running the 'test-module' command.
+    Then:
+    - Ensure the function returns 'ok'.
+    """
+    from CiscoUmbrellaEnforcement import test_module
+    client = Client(base_url='https://test.com/1.0/', api_key='valid_api_key', verify=True, proxy=False)
+    mocker.patch.object(client, 'get_domains_list', return_value=[{'id': '1', 'name': 'test.com'}])
+    mocker.patch.object(client, '_http_request', return_value={'data': [], 'meta': {}})
+    mocker.patch.object(client, 'add_event_to_domain', return_value={'id': '123'})
+    mocker.patch.object(client, 'delete_domains', return_value={'status_code': 204})
+    assert test_module(client) == 'ok'
+
+
+def test_umbrella_domain_event_add_valid_args(mocker):
+    """
+    Given:
+    - Valid arguments for the 'umbrella-domain-event-add' command.
+    When:
+    - Running the command.
+    Then:
+    - Ensure the function returns a confirmation message.
+    """
+    import demistomock as demisto
+    from CiscoUmbrellaEnforcement import main
+    mocker.patch.object(demisto, 'params', return_value={
+                        'url': 'https://test.com', 'cred_api_key': {'password': 'valid_api_key'}})
+    mocker.patch.object(demisto, 'command', return_value='umbrella-domain-event-add')
+    mocker.patch.object(demisto, 'args', return_value={
+        'alert_time': '2022-01-01T00:00:00Z',
+        'device_id': '123',
+        'destination_domain': 'example.com',
+        'destination_url': 'https://example.com',
+        'device_version': '1.0',
+        'destination_ip': '1.1.1.1',
+        'event_severity': 'high',
+        'event_type': 'malware',
+        'event_description': 'Malware detected',
+        'file_name': 'malware.exe',
+        'file_hash': '1234567890abcdef',
+        'source': 'test'
+    })
+    mocker.patch.object(Client, 'add_event_to_domain', return_value={'id': '123'})
+    # mocker.patch('client.add_event_to_domain', return_value={'id': '123'})
+    mocker.patch.object(demisto, 'results')
+    main()

Packs/Cisco-umbrella-enforcement/ReleaseNotes/1_0_24.md

@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Cisco Umbrella Enforcement
+- Added the *API Key*  integration parameters to support credentials fetching object.
+- Updated the Docker image to: *demisto/python3:3.10.11.61265*.

Packs/Cisco-umbrella-enforcement/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Cisco Umbrella Enforcement",
     "description": "Cisco Umbrella Enforcement",
     "support": "xsoar",
-    "currentVersion": "1.0.23",
+    "currentVersion": "1.0.24",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/ThinkstCanary/.pack-ignore

@@ -1,5 +1,5 @@
 [file:ThinkstCanary.yml]
-ignore=IN126,IN145
+ignore=IN126,IN124
 
 [known_words]
 Thinkst

Packs/ThinkstCanary/Integrations/ThinkstCanary/ThinkstCanary.py

@@ -42,8 +42,11 @@
     'url': 'TokenURL'
 }
 DEF_PARAMS = {
-    'auth_token': demisto.params().get('auth_token')
+    'auth_token': demisto.params().get('authentication_token', {}).get('password')
+    or demisto.params().get('auth_token', None)
 }
+if not DEF_PARAMS['auth_token']:
+    raise DemistoException('API Authentication Token must be provided.')
 '''HELPER FUNCTIONS'''
 
 

Packs/ThinkstCanary/Integrations/ThinkstCanary/ThinkstCanary.yml

@@ -19,8 +19,14 @@ configuration:
   name: auth_token
   defaultvalue: ""
   type: 4
-  required: true
+  required: false
   section: Connect
+  hidden: true
+- name: authentication_token
+  required: false
+  type: 9
+  displaypassword: API Authentication Token
+  hiddenusername: true
 - display: Trust any certificate (not secure)
   name: insecure
   type: 8
@@ -53,7 +59,7 @@ script:
   script: ''
   type: python
   subtype: python3
-  dockerimage: demisto/python3:3.10.10.48392
+  dockerimage: demisto/python3:3.10.11.61265
   commands:
   - name: canarytools-list-canaries
     arguments: []

Packs/ThinkstCanary/Integrations/ThinkstCanary/ThinkstCanary_test.py

@@ -6,7 +6,8 @@
     'secret-key': 'fake_access_key',
     'server': 'http://123-fake-api.com/',
     'unsecure': True,
-    'proxy': True
+    'proxy': True,
+    'authentication_token': {'password': 1}
 }
 
 
@@ -24,7 +25,6 @@ def test_fetch_incidents(mocker, requests_mock):
                       json={'incidents': [{'description': {'created': 1593579498}}]})
     from ThinkstCanary import fetch_incidents_command
     fetch_incidents_command()
-
     assert demisto.setLastRun.call_args[0][0]['time'] == '2020-07-01-04:58:19'
 
 

Packs/ThinkstCanary/ReleaseNotes/1_0_18.md

@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Thinkst Canary
+- Added the integration parameter *API Authentication Token* to support credentials fetching object.
+- Updated the Docker image to: *demisto/python3:3.10.11.61265*.

Packs/ThinkstCanary/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Thinkst Canary",
     "description": "By presenting itself as an apparently benign and legitimate service(s), the Canary draws the attention of unwanted activity. When someone trips one of the Canary's triggers, an alert is sent to notify the responsible parties so that action can be taken before valuable systems in your network are compromised.",
     "support": "xsoar",
-    "currentVersion": "1.0.17",
+    "currentVersion": "1.0.18",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/Workday/.pack-ignore

@@ -1,9 +1,6 @@
 [file:Workday_IAM.yml]
 ignore=IN126,BA108,BA109
 
-[file:Workday.yml]
-ignore=IN145
-
 [file:Workday_image.png]
 ignore=IM111
 

Packs/Workday/Integrations/Workday/Workday.py

@@ -297,10 +297,12 @@ def main():
     params = demisto.params()
     user: str = params.get('credentials', {}).get('identifier')
     base_url: str = params.get('base_url', "").rstrip('/')
-    tenant_name: str = params.get('tenant_name')
+    tenant_name: str = params.get('cred_tenant_name', {}).get('password') or params.get('tenant_name', None)
     username = f"{user}@{tenant_name}"
     password: str = params.get('credentials', {}).get('password')
-    token = params.get('token')
+    token = params.get('cred_token', {}).get('password') or params.get('token')
+    if not (token and tenant_name):
+        raise DemistoException('Token and Tenant name must be provided.')
     verify_certificate: bool = not params.get('insecure', False)
     proxy: bool = params.get('proxy', False)
 

Packs/Workday/Integrations/Workday/Workday.yml

@@ -14,12 +14,24 @@ configuration:
   type: 9
 - display: Tenant name
   name: tenant_name
-  required: true
+  required: false
   type: 4
+  hidden: true
+- display: Tenant name
+  name: cred_tenant_name
+  required: false
+  type: 9
+  hiddenusername: true
 - display: Token
   name: token
-  required: true
+  required: false
   type: 4
+  hidden: true
+- display: Token
+  name: cred_token
+  required: false
+  type: 9
+  hiddenusername: true
 - display: Trust any certificate (not secure)
   name: insecure
   required: false
@@ -266,7 +278,7 @@ script:
   script: '-'
   type: python
   subtype: python3
-  dockerimage: demisto/python3:3.10.10.48392
+  dockerimage: demisto/python3:3.10.11.61265
 fromversion: 5.0.0
 tests:
 - Workday - Test

Packs/Workday/Integrations/Workday/Workday_test.py

@@ -1,7 +1,7 @@
 import io
 import json
 import pytest
-from Workday import Client, list_workers_command, create_worker_context, convert_to_json
+from Workday import Client, list_workers_command, create_worker_context, convert_to_json, main
 
 from CommonServerPython import CommandResults
 
@@ -110,3 +110,33 @@ def test_convert_to_json():
         {'ID': 'PHONE_REFERENCE-3-14614', 'Phone_Number': '+966555055555', 'Type': 'Mobile', 'Usage': 'HOME'}],
     'Managers': [{'Manager_ID': '100700', 'Manager_Name': 'Manager 700'},
                  {'Manager_ID': '100600', 'Manager_Name': 'Manager 600'}]}]
+
+
+def test_api_request_returns_expected_data(mocker):
+    """
+    Given:
+    - Valid input parameters.
+    - A successful API request that returns expected data.
+    When:
+    - Calling the main function.
+    Then:
+    - Ensure the function properly handles the API request and returns the expected data.
+    """
+    import demistomock as demisto
+    import Workday
+    params = {
+        'credentials': {'identifier': 'user', 'password': 'pass'},
+        'base_url': 'https://test.com',
+        'cred_tenant_name': {'password': 'tenant'},
+        'insecure': False,
+        'proxy': False,
+        'cred_token': {'password': 'token'}
+    }
+    mocker.patch.object(demisto, 'params', return_value=params)
+    mocker.patch.object(demisto, 'command', return_value='workday-list-workers')
+    mocker.patch.object(demisto, 'args', return_value={'page': '1', 'count': '1'})
+    mocker.patch.object(Client, 'list_workers', return_value=({}, [{'Worker_Data': {'Worker_ID': '123'}}]))
+    XML_RAW_RESPONSE = util_read_file('test_data/xml_raw_response.txt')
+    mocker.patch.object(client, '_http_request', return_value=XML_RAW_RESPONSE)
+    mocker.patch.object(Workday, 'create_worker_context', return_value=None)
+    main()

Packs/Workday/ReleaseNotes/1_3_1.md

@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Workday
+- Added the *token* integration parameters to support credentials fetching object.
+- Updated the Docker image to: *demisto/python3:3.10.11.61265*.

Packs/Workday/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Workday",
     "description": "Workday offers enterprise-level software solutions for financial management, human resources, and planning.",
     "support": "xsoar",
-    "currentVersion": "1.3.0",
+    "currentVersion": "1.3.1",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",