[Stack Connectors][SentinelOne + Crowdstrike] Update Crowdstrike and …

…Sentinelone connectors to NOT validate API responses (elastic#202515)

## Summary

- Changed Crowdstrike and SentinelOne connectors to no longer validate
API responses from the external system

x-pack/plugins/stack_connectors/common/crowdstrike/schema.ts

@@ -17,7 +17,9 @@ export const CrowdstrikeSecretsSchema = schema.object({
   clientSecret: schema.string(),
 });
 
-export const RelaxedCrowdstrikeBaseApiResponseSchema = schema.object({}, { unknowns: 'allow' });
+export const RelaxedCrowdstrikeBaseApiResponseSchema = schema.maybe(
+  schema.object({}, { unknowns: 'allow' })
+);
 export const CrowdstrikeBaseApiResponseSchema = schema.object(
   {
     resources: schema.arrayOf(schema.any()),

x-pack/plugins/stack_connectors/common/sentinelone/schema.ts

@@ -16,7 +16,9 @@ export const SentinelOneSecretsSchema = schema.object({
   token: schema.string(),
 });
 
-export const SentinelOneBaseApiResponseSchema = schema.object({}, { unknowns: 'allow' });
+export const SentinelOneBaseApiResponseSchema = schema.maybe(
+  schema.object({}, { unknowns: 'allow' })
+);
 
 export const SentinelOneGetAgentsResponseSchema = schema.object(
   {

x-pack/plugins/stack_connectors/server/connector_types/crowdstrike/crowdstrike.ts

@@ -236,6 +236,11 @@ export class CrowdstrikeConnector extends SubActionConnector<
       const response = await this.request<R>(
         {
           ...req,
+          // We don't validate responses from Crowdstrike API's because we do not want failures for cases
+          // where the external system might add/remove/change values in the response that we have no
+          // control over.
+          responseSchema:
+            RelaxedCrowdstrikeBaseApiResponseSchema as unknown as SubActionRequestParams<R>['responseSchema'],
           headers: {
             ...req.headers,
             Authorization: `Bearer ${CrowdstrikeConnector.token}`,

x-pack/plugins/stack_connectors/server/connector_types/sentinelone/sentinelone.test.ts

@@ -12,7 +12,6 @@ import {
   SentinelOneGetActivitiesParams,
 } from '../../../common/sentinelone/types';
 import { API_PATH } from './sentinelone';
-import { SentinelOneGetActivitiesResponseSchema } from '../../../common/sentinelone/schema';
 import { ConnectorUsageCollector } from '@kbn/actions-plugin/server/types';
 import { loggingSystemMock } from '@kbn/core-logging-server-mocks';
 
@@ -107,7 +106,7 @@ describe('SentinelOne Connector', () => {
         params: {
           APIToken: 'token-abc',
         },
-        responseSchema: SentinelOneGetActivitiesResponseSchema,
+        responseSchema: expect.any(Object),
       });
     });
 

x-pack/plugins/stack_connectors/server/connector_types/sentinelone/sentinelone.ts

@@ -43,6 +43,7 @@ import {
   SentinelOneGetRemoteScriptResultsParamsSchema,
   SentinelOneDownloadRemoteScriptResultsParamsSchema,
   SentinelOneDownloadRemoteScriptResultsResponseSchema,
+  SentinelOneBaseApiResponseSchema,
 } from '../../../common/sentinelone/schema';
 import { SUB_ACTION } from '../../../common/sentinelone/constants';
 import {
@@ -400,6 +401,11 @@ export class SentinelOneConnector extends SubActionConnector<
     const response = await this.request<R>(
       {
         ...req,
+        // We don't validate responses from SentinelOne API's because we do not want failures for cases
+        // where the external system might add/remove/change values in the response that we have no
+        // control over.
+        responseSchema:
+          SentinelOneBaseApiResponseSchema as unknown as SubActionRequestParams<R>['responseSchema'],
         params: {
           ...req.params,
           APIToken: this.secrets.token,