Skip to content
Permalink
Browse files

Final update for jwt code, removed jwt block from the nginx config to…

… be configured externally via automation.
  • Loading branch information...
Phrozyn committed Dec 13, 2018
1 parent fb976af commit 043e9112644ac77e4e7589672743a1c3c43f0b22
Showing with 9 additions and 26 deletions.
  1. +2 −1 alerts/get_watchlist.conf
  2. +5 −1 alerts/get_watchlist.py
  3. +0 −23 config/nginx.conf
  4. +1 −0 requirements.txt
  5. +1 −1 rest/plugins/watchlist.py
  6. 0 rest/watchlist.txt
@@ -1,3 +1,4 @@
[options]
# set the following to your protected endpoint api_url
api_url = 'http://localhost:8081/getwatchlist'
psk = <psk value>
jwt_secret = somesecretstring
@@ -11,6 +11,7 @@
import requests
import json
import logging
import jwt

logger = logging.getLogger()
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
@@ -19,9 +20,12 @@
class AlertWatchList(AlertTask):
def main(self):
self.parse_config('get_watchlist.conf', ['api_url'])
self.parse_config('get_watchlist.conf', ['jwt_secret'])

jwt_token = self.config.jwt_secret

#Connect to rest api and grab response
r = requests.get(self.config.api_url)
r = requests.get(self.config.api_url, headers={'Authorization': 'jwt_secret {0}'.format(jwt_token) })
status = r.status_code
index = 0
if status == 200:
@@ -94,29 +94,6 @@ http {
}
}

## rest psk endpoint - this may change ##
## doing this rewrite allows us to ensure ##
## that only this endpoint is exposed ##
## but utilizes the above functionality ##
## without having to write another worker ##
server {
access_log off;
error_log /var/log/mozdef/nginx/nginx.rest-watchlist.error_log notice;

listen 8082;
charset utf-8;
root /opt/mozdef/envs/mozdef/rest;

location /getwatchlist {
rewrite ^/getwatchlist/(.*) /$1 break;
proxy_pass http://127.0.0.1:8081;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

## ssl version of elastic search ##
server{
listen *:9000 ssl;
@@ -49,6 +49,7 @@ pyparsing==2.1.10
python-dateutil==2.6.1
pytz==2017.3
requests==2.18.4
requests-jwt==0.5.3
requests-futures==0.9.7
rsa==3.1.4
s3cmd==1.0.1
@@ -143,7 +143,7 @@ def onMessage(self, request, response):
userid = i.values()[0]

if watchitem and watchcontent is not None:
if len(watchcontent) > 1:
if len(watchcontent) < 2:
sys.stderr.write('{0} does not meet requirements. Not added. \n'.format(watchcontent))

else:
No changes.

0 comments on commit 043e911

Please sign in to comment.
You can’t perform that action at this time.