diff --git a/detection.go b/detection.go index e646899..38f380d 100644 --- a/detection.go +++ b/detection.go @@ -202,7 +202,7 @@ func HandleGetDetectionRules(resp http.ResponseWriter, request *http.Request) { } rule.FileId = file.Id - rule.FileName = file.Filename + rule.FileName = strings.Trim(file.Filename, ".yml") sigmaFileInfo = append(sigmaFileInfo, rule) } diff --git a/oauth2.go b/oauth2.go index c6ec4b4..54587a2 100755 --- a/oauth2.go +++ b/oauth2.go @@ -3713,7 +3713,18 @@ func RunOauth2Request(ctx context.Context, user User, appAuth AppAuthenticationS oauthUrl := "" refreshUrl := "" refreshToken := "" + for _, field := range appAuth.Fields { + // Try decryption here as well just in case + // In some cases, it's already decrypted at this point, but it doesn't matter much to re-do it in case, as this function is used multiple places + decryptionKey := fmt.Sprintf("%s_%d_%s_%s", appAuth.OrgId, appAuth.Created, appAuth.Label, field.Key) + newValue, err := HandleKeyDecryption([]byte(field.Value), decryptionKey) + if err == nil { + field.Value = string(newValue) + } else { + //log.Printf("[DEBUG] Failed decrypting field %s: %s", field.Key, err) + } + if field.Key == "authentication_url" { url = field.Value } else if field.Key == "code" { diff --git a/shared.go b/shared.go index c5adf77..460cbc0 100755 --- a/shared.go +++ b/shared.go @@ -20804,6 +20804,7 @@ func PrepareWorkflowExecution(ctx context.Context, workflow Workflow, request *h if field.Key != "access_key" && field.Key != "access_token" { //log.Printf("[ERROR] Failed decryption (1) in org %s for %s: %s", curAuth.OrgId, field.Key, err) } + continue } @@ -20820,7 +20821,7 @@ func PrepareWorkflowExecution(ctx context.Context, workflow Workflow, request *h newAuth, err := GetOauth2ApplicationPermissionToken(ctx, user, curAuth) if err != nil { - log.Printf("[ERROR] Failed running oauth request to refresh oauth2 tokens: %s. Stopping Oauth2 continuation and sending abort for app. This is NOT critical, but means refreshing access_token failed, and it will stop working in the future.", err) + log.Printf("[ERROR] Failed running oauth request to refresh oauth2 tokens (2): '%s'. Stopping Oauth2 continuation and sending abort for app. This is NOT critical, but means refreshing access_token failed, and it will stop working in the future.", err) //workflowExecution.Status = "ABORTED" //workflowExecution.Result = "Oauth2 failed during start of execution. Please re-authenticate the app." @@ -20924,7 +20925,7 @@ func PrepareWorkflowExecution(ctx context.Context, workflow Workflow, request *h newAuth, err := RunOauth2Request(ctx, user, curAuth, true) if err != nil { - log.Printf("[ERROR] Failed running oauth request to refresh oauth2 tokens: '%s'. Stopping Oauth2 continuation and sending abort for app. This is NOT critical, but means refreshing access_token failed, and it will stop working in the future.", err) + log.Printf("[ERROR] Failed running oauth request to refresh oauth2 tokens (1): '%s'. Stopping Oauth2 continuation and sending abort for app. This is NOT critical, but means refreshing access_token failed, and it will stop working in the future.", err) CreateOrgNotification( ctx, diff --git a/dashboards.go b/stats.go similarity index 88% rename from dashboards.go rename to stats.go index 70b9345..dbdd8db 100755 --- a/dashboards.go +++ b/stats.go @@ -279,6 +279,54 @@ func HandleNewWidget(resp http.ResponseWriter, request *http.Request) { resp.Write([]byte(`{"success": true}`)) } +func GetSpecificStats(resp http.ResponseWriter, request *http.Request) { + cors := HandleCors(resp, request) + if cors { + return + } + + var orgId string + var statsKey string + location := strings.Split(request.URL.String(), "/") + if location[1] == "api" { + if len(location) <= 4 { + log.Printf("Path too short: %d", len(location)) + resp.WriteHeader(401) + resp.Write([]byte(`{"success": false}`)) + return + } + + statsKey = location[4] + if len(location) > 6 { + orgId = location[4] + statsKey = location[6] + } + } + + user, err := HandleApiAuthentication(resp, request) + if err != nil { + log.Printf("[WARNING] Api authentication failed in get stats: %s", err) + resp.WriteHeader(401) + resp.Write([]byte(`{"success": false}`)) + return + } + + orgId = user.ActiveOrg.Id + ctx := GetContext(request) + info, err := GetOrgStatistics(ctx, orgId) + if err != nil { + log.Printf("[WARNING] Failed getting stats in specific stats for org %s: %s", orgId, err) + resp.WriteHeader(401) + resp.Write([]byte(`{"success": false, "reason": "Failed getting stats for your org. Maybe not initialized yet?"}`)) + return + } + + log.Printf("RESP: %#v", info) + + resp.WriteHeader(200) + resp.Write([]byte(fmt.Sprintf(`{"success": true, "key": "%s", "value": 2}`, statsKey))) +} + func HandleGetStatistics(resp http.ResponseWriter, request *http.Request) { cors := HandleCors(resp, request) if cors { @@ -286,6 +334,7 @@ func HandleGetStatistics(resp http.ResponseWriter, request *http.Request) { } var orgId string + var statsKey string location := strings.Split(request.URL.String(), "/") if location[1] == "api" { if len(location) <= 4 { @@ -296,6 +345,10 @@ func HandleGetStatistics(resp http.ResponseWriter, request *http.Request) { } orgId = location[4] + + if len(location) > 6 { + statsKey = location[6] + } } user, err := HandleApiAuthentication(resp, request) @@ -344,23 +397,11 @@ func HandleGetStatistics(resp http.ResponseWriter, request *http.Request) { return } - if len(info.DailyStatistics) > 0 { - /* - // Should remove the FIRST day as it's very skewed - // Do this based on the Timestamp (date) - skipIndex := 0 - lowestTimestamp := info.DailyStatistics[0].Date - for _, timestamp := range info.DailyStatistics { - if timestamp.Date.Before(lowestTimestamp) { - lowestTimestamp = timestamp.Date - } - } - - if skipIndex >= 0 { - info.DailyStatistics = append(info.DailyStatistics[:skipIndex], info.DailyStatistics[skipIndex+1:]...) - } - */ + if len(statsKey) > 0 { + log.Printf("[INFO] Should get stats for key %s", statsKey) + } + if len(info.DailyStatistics) > 0 { // Sort the array sort.Slice(info.DailyStatistics, func(i, j int) bool { return info.DailyStatistics[i].Date.Before(info.DailyStatistics[j].Date)