x-pack/filebeat/input/entityanalytics/provider/internal/okta: relax profile shape #40359
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
efd6
added
Filebeat
botelastic
bot
added
needs_team
|
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations) |
andrewkroh
reviewed
Jul 31, 2024
| @@ -39,49 +39,12 @@ type User struct { | |||
| PasswordChanged *time.Time `json:"passwordChanged,omitempty"` | |||
| Type map[string]any `json:"type"` | |||
| TransitioningToStatus *string `json:"transitioningToStatus,omitempty"` | |||
| Profile Profile `json:"profile"` | |||
| Profile map[string]any `json:"profile"` | |||
| Credentials *Credentials `json:"credentials,omitempty"` | |||
There was a problem hiding this comment.
Can you add the recovery_question.question to the credentials object please. That is field also part of a feature request.
There was a problem hiding this comment.
I'll add it, but I think this is not a safe change. I would like to get input from infosec on their views on its inclusion given that knowledge of the question will give significant information to an attacker that has details about a victim.
There was a problem hiding this comment.
I'm checking with the user to understand what their use case is for having this information is. If they actually do want it and understand the risk, then maybe this should be opt-in in some manner.
…rofile shape The deserialisation of profile data was into a struct, preventing custom profile fields from being collected. So replace these types with a generic container.
This reverts commit 562ccb2. To be included in a future PR pending design decisions.
andrewkroh
approved these changes
Aug 6, 2024
mergify bot
pushed a commit
that referenced
this pull request
Aug 6, 2024
…rofile shape (#40359) The deserialisation of profile data was into a struct, preventing custom profile fields from being collected. So replace these types with a generic container. (cherry picked from commit 99c1138) # Conflicts: # x-pack/filebeat/input/entityanalytics/provider/okta/internal/okta/okta_test.go
6 tasks
efd6
added a commit
that referenced
this pull request
Aug 6, 2024
…r/internal/okta: relax profile shape (#40439) * x-pack/filebeat/input/entityanalytics/provider/internal/okta: relax profile shape (#40359) The deserialisation of profile data was into a struct, preventing custom profile fields from being collected. So replace these types with a generic container. (cherry picked from commit 99c1138) # Conflicts: # x-pack/filebeat/input/entityanalytics/provider/okta/internal/okta/okta_test.go * resolve conflicts --------- Co-authored-by: Dan Kortschak <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed commit message
The deserialisation of profile data was into a struct, preventing custom profile fields from being collected. So replace these types with a generic container.
Checklist
CHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.Disruptive User Impact
Author's Checklist
How to test this PR locally
Related issues
Use cases
Screenshots
Logs