diff --git a/examples/generic_connector_configs/README.md b/examples/generic_connector_configs/README.md index 4ae61bfe7..7b5990401 100644 --- a/examples/generic_connector_configs/README.md +++ b/examples/generic_connector_configs/README.md @@ -7,6 +7,7 @@ * [OAuth 2.0 API](#oauth-20-api) * [Slack Web API](#slack-web-api) * [Splunk API](#splunk-api) + * [Twitter API](#twitter-api) * [Contributing](#contributing) ## Introduction @@ -26,6 +27,9 @@ target’s CA to Secretless’ trusted certificate pool. > Note: The following examples use the [Keychain provider](https://docs.cyberark.com/Product-Doc/OnlineHelp/AAM-DAP/11.3/en/Content/References/providers/scl_keychain.htm?TocPath=Fundamentals%7CSecretless%20Pattern%7CSecret%20Providers%7C_____5). > Replace the service prefix `service#` with an appropriate service > or use a different provider as needed. + +> **Protip:** Your target should be either `http://api-target.com` or `api-target.com`. +A URL that starts with https will not work. ___ ### Elasticsearch API This example can be used to interact with [Elasticsearch's API](https://www.elastic.co/guide/en/elasticsearch/reference/current). @@ -42,7 +46,7 @@ The configuration file for the Elasticsearch API can be found at #### Example Usage
- How to use this connector locally + Example setup to try this out locally
  1. Create an account at Elasticsearch's website
    2. @@ -73,13 +77,16 @@ The configuration file for the GitHub API can be found at [github_secretless.yml #### Example Usage
    - How to use this connector locally + Example setup to try this out locally
    1. Get an OAuth token from the Developer Settings page of a user's GitHub account
      2. -
    2. Added that token into the local machine's OSX Keychain
      3. +
    3. + Store the token from your request in your local credential manager so + that it may be retrieved in your secretless.yml +
    4. Build and run Secretless locally
      5. ./bin/build_darwin @@ -127,10 +134,13 @@ depending on if your endpoint requires JSON or URL encoded requests #### Example Usage
      - How to use this connector locally... + Example setup to try this out locally...
      1. Get the Slack application's tokens
        2. -
      2. Save the local token from Slack into the OSX Keychain
        3. +
      3. + Store the token from your request in your local credential manager so + that it may be retrieved in your secretless.yml +
      4. Run Secretless locally
        5. ./dist/darwin/amd64/secretless-broker \ @@ -160,7 +170,7 @@ to the backend server uses SSL. #### Example Usage
        - How to use this connector locally + Example setup to try this out locally
        1. Run a local instance of Splunk in a Docker container
          2. @@ -185,7 +195,10 @@ to the backend server uses SSL. here to create a local Splunk token using Splunk Web -
        2. Save the local token from Splunk Web into the OSX keychain
          3. +
        3. + Store the token from your request in your local credential manager so + that it may be retrieved in your secretless.yml +
        4. Add 'SplunkServerDefaultCert' at IP 127.0.0.1 to etc/hosts on the machine. This was so the host name of the HTTP Request would match the name on the @@ -217,6 +230,69 @@ to the backend server uses SSL. ___ +### Twitter API +This example can be used to interact with +[Twitter's API](https://developer.twitter.com/en/docs). + +The configuration file for the Twitter API can be found at +[twitter_secretless.yml](./twitter_secretless.yml). + +**Note:** This configuration currently only supports connecting to the +Twitter API via OAuth2. An issue can be found +[here](https://github.com/cyberark/secretless-broker/issues/1297) +for adding an OAuth1 Connector for Twitter. + +#### How to use this connector +* Edit the supplied service configuration to get your +[OAuth token](https://developer.twitter.com/en/docs/basics/authentication/oauth-2-0/bearer-tokens) +* Run secretless with the supplied configuration(s) +* Query the API using `http_proxy=localhost:8051 curl api.twitter.com/{Request}` + +#### Example Usage +
          + Example setup to try this out locally +
            +
          1. + Get your + + Twitter API key and Secret Key + +
            2. +
          2. + Get an + + OAuth token + + from Twitter through CURL +
            3. + + curl -u 'API key:API secret key' \ +
            + --data 'grant_type=client_credentials' \ +
            + 'https://api.twitter.com/oauth2/token' +             +
          3. + Store the token from your request in your local credential manager so + that it may be retrieved in your secretless.yml +
            4. +
          4. Run Secretless locally
            5. + + ./dist/darwin/amd64/secretless-broker \ +
            + -f examples/generic_connector_configs/twitter_secretless.yml +             +
          5. + On another terminal window, make a request to Twitter using Secretless +
            6. + + http_proxy=localhost:8051 curl "api.twitter.com/1.1/followers/ids.json?screen_name=twitterdev" + +
          +
          + +___ + ## Contributing Do you have an HTTP service that you use? Can you write a Secretless generic diff --git a/examples/generic_connector_configs/twitter_secretless.yml b/examples/generic_connector_configs/twitter_secretless.yml new file mode 100644 index 000000000..8396f7797 --- /dev/null +++ b/examples/generic_connector_configs/twitter_secretless.yml @@ -0,0 +1,16 @@ +version: 2 +services: + twitter-oauth2: + connector: generic_http + listenOn: tcp://0.0.0.0:8051 + credentials: + token: + from: keychain + get: service#twitter/bearer-token + config: + headers: + authorization: Bearer {{ .token }} + content-type: application/json + forceSSL: true + authenticateURLsMatching: + - ^http[s]*\:\/\/api\.twitter\.com*