Skip to content

Commit

Permalink
Packs/Reco: fix validate_api_key (#27731) (#27767)
Browse files Browse the repository at this point in the history
* Packs/Reco: fix validate_api_key



* update docker image

* Packs/Reco: update docs



* Packs/Reco: update docs



* Packs/Reco: update docs



---------

Signed-off-by: Gal Nakash <[email protected]>
Co-authored-by: GalNakash-RecoLabs <[email protected]>
  • Loading branch information
content-bot and GalNakash-RecoLabs authored Jun 27, 2023
1 parent 898f9e6 commit 71d6252
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 16 deletions.
25 changes: 14 additions & 11 deletions Packs/Reco/Integrations/Reco/Reco.py
Original file line number Diff line number Diff line change
Expand Up @@ -696,11 +696,11 @@ def validate_api_key(self) -> str:
invalid_token_string = "Invalid token"
try:
response = self._http_request(
method="POST",
url_suffix="/incident-tables/tables",
method="GET",
url_suffix="/data-sources",
timeout=RECO_API_TIMEOUT_IN_SECONDS,
)
if response.get("listTablesResponse") is None:
if response.get("dataSources") is None:
demisto.info(f"got bad response, {response}")
else:
demisto.info(f"got good response, {response}")
Expand Down Expand Up @@ -1066,18 +1066,21 @@ def fetch_incidents(
) -> Tuple[Dict[str, Any], List[Dict[str, Any]]]:
demisto.info(f"fetch-incidents called {max_fetch=}")
next_run = {}
incidents = []
last_run_time = last_run.get("lastRun", None)
if last_run_time is not None:
after = dateutil.parser.parse(last_run_time)

incidents_raw = reco_client.get_incidents(
risk_level=risk_level,
source=source,
before=before,
after=after,
limit=max_fetch,
)
incidents = parse_incidents_objects(reco_client, incidents_raw)
try:
incidents_raw = reco_client.get_incidents(risk_level=risk_level,
source=source,
before=before,
after=after,
limit=max_fetch)
incidents = parse_incidents_objects(reco_client, incidents_raw)
except Exception as e:
demisto.info(f"Error fetching incidents: {e}")

alerts = get_alerts(reco_client, risk_level, source, before, after, max_fetch)
alerts_as_incidents = parse_alerts_to_incidents(alerts)
incidents.extend(alerts_as_incidents)
Expand Down
2 changes: 1 addition & 1 deletion Packs/Reco/Integrations/Reco/Reco.yml
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ description: Reco is a Saas data security solution that protects your data from
display: Reco
name: Reco
script:
dockerimage: demisto/python3:3.10.11.61265
dockerimage: demisto/python3:3.10.12.63474
feed: false
isfetch: true
longRunning: false
Expand Down
6 changes: 3 additions & 3 deletions Packs/Reco/Integrations/Reco/Reco_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -345,9 +345,9 @@ def get_mock_assets() -> List[Dict[str, Any]]:


def test_test_module_success(requests_mock, reco_client: RecoClient) -> None:
mock_response = {"listTablesResponse": {"tablesMetadata": [{"name": "table1"}]}}
requests_mock.post(
f"{DUMMY_RECO_API_DNS_NAME}/incident-tables/tables", json=mock_response
mock_response = {"dataSources": {"tablesMetadata": [{"name": "table1"}]}}
requests_mock.get(
f"{DUMMY_RECO_API_DNS_NAME}/data-sources", json=mock_response
)

res = reco_client.validate_api_key()
Expand Down
8 changes: 8 additions & 0 deletions Packs/Reco/ReleaseNotes/1_1_3.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@

#### Integrations

##### Reco

- Change validate api key endpoint
- Fixed the fetch incidents to use try except for safety.
- Updated the Docker image to: *demisto/python3:3.10.12.63474*.
2 changes: 1 addition & 1 deletion Packs/Reco/pack_metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Reco",
"description": "Reco - detects and protects against sensitive data leakage",
"support": "partner",
"currentVersion": "1.1.2",
"currentVersion": "1.1.3",
"author": "Reco",
"url": "https://reco.ai",
"email": "[email protected]",
Expand Down

0 comments on commit 71d6252

Please sign in to comment.