Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ ENH ] Provide authentication failure detail when credentials are provided directly to a Service Class. #501

Closed
jshcodes opened this issue Jan 3, 2022 Discussed in #500 · 0 comments · Fixed by #502
Assignees
Labels
authentication Issues or questions regarding authentication enhancement 🌟 New feature or request SDK usage General SDK usage issues and questions

Comments

@jshcodes
Copy link
Member

jshcodes commented Jan 3, 2022

Describe the issue
Service Class instantiation does not provide an API response, even though a token is generated. On token generation failure, the failure reason is swallowed.

To Reproduce
Create an instance of any Service Class using invalid credentials. You are not provided an immediate response, so any failure reason is hidden. Follow up requests to the API will produce an invalid bearer token error.

Expected behavior
When the token generation fails, provide a place within the class to retrieve the reason.

Environment (please complete the following information):

  • OS: All supported
  • Python: All supported
  • FalconPy: 0.4.0+

Additional context
Discussed in #500

Originally posted by morcef January 3, 2022
Hi,
I am new to this SDK, and I have been starting with using the Detects Service Class (https://falconpy.io/Service-Collections/Detects.html). In the beginning the Detects authenticated() method would return False, and I was having trouble finding the reason.
This seems to be due to the fact that the Service Class will throw away any response that does not have status code 201, and include a token (

if _["status_code"] == 201:
self.token = _["body"]["access_token"]
self.headers = {"Authorization": f"Bearer {self.token}"}
# Swap to the correct region if they've provided the incorrect one
if "X-Cs-Region" not in _["headers"]:
# GovCloud autodiscovery is not currently supported
token_region = confirm_base_region(confirmed_base)
else:
token_region = _["headers"]["X-Cs-Region"].replace("-", "")
requested_region = confirm_base_region(confirmed_base)
if token_region != requested_region:
self.base_url = confirm_base_url(token_region.upper())
else:
self.token = False
self.headers = {}
).
At this point there was no clear way for me to figure out why this was failing, other than accessing the Detects' auth_object, and executing its token() method a second time to get the actual response. However, my IDE is giving me the following warning when accessing the auth_object: Unresolved attribute reference 'auth_object' for class 'Detects'.

@jshcodes jshcodes added enhancement 🌟 New feature or request authentication Issues or questions regarding authentication SDK usage General SDK usage issues and questions labels Jan 3, 2022
@jshcodes jshcodes self-assigned this Jan 3, 2022
jshcodes added a commit that referenced this issue Jan 4, 2022
jshcodes added a commit that referenced this issue Jan 4, 2022
* Remove fleet reference. Update comments.

* Update wordlist.txt

* Add token generation failure message attribute

* Inherit token_fail_reason from auth. Linting.

* Bump version -> 0.9.0

* Add morcef

* Update CHANGELOG.md

* Handle flaky MalQuery all paths testing

* Add token_status attribute. Closes #501.

* Update CHANGELOG.md
@jshcodes jshcodes changed the title Provide authentication failure detail when credentials are provided directly to a Service Class. [ ENH ] Provide authentication failure detail when credentials are provided directly to a Service Class. Jan 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
authentication Issues or questions regarding authentication enhancement 🌟 New feature or request SDK usage General SDK usage issues and questions
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant