-
Notifications
You must be signed in to change notification settings - Fork 103
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
9 changed files
with
162 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
//go:build !windows | ||
// +build !windows | ||
|
||
package main | ||
|
||
func attachConsole() error { | ||
return nil | ||
} | ||
|
||
func detachConsole() error { | ||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
//go:build windows | ||
// +build windows | ||
|
||
package main | ||
|
||
import ( | ||
"fmt" | ||
"os" | ||
"syscall" | ||
) | ||
|
||
// attachConsole ensures that subsequent output from the process will be | ||
// printed to the user's terminal. | ||
func attachConsole() error { | ||
kernel32 := syscall.NewLazyDLL("kernel32.dll") | ||
attachConsoleProc := kernel32.NewProc("AttachConsole") | ||
|
||
// Call AttachConsole, using the console of the parent of the current process | ||
// See: https://learn.microsoft.com/en-us/windows/console/attachconsole | ||
r1, _, err := attachConsoleProc.Call(^uintptr(0)) | ||
if r1 == 0 { | ||
return fmt.Errorf("could not call AttachConsole: %w", err) | ||
} | ||
|
||
// Set stdout for newly attached console | ||
stdout, err := syscall.GetStdHandle(syscall.STD_OUTPUT_HANDLE) | ||
if err != nil { | ||
return fmt.Errorf("getting stdout handle: %w", err) | ||
} | ||
os.Stdout = os.NewFile(uintptr(stdout), "stdout") | ||
|
||
// Set stderr for newly attached console | ||
stderr, err := syscall.GetStdHandle(syscall.STD_ERROR_HANDLE) | ||
if err != nil { | ||
return fmt.Errorf("getting stderr handle: %w", err) | ||
} | ||
os.Stderr = os.NewFile(uintptr(stderr), "stderr") | ||
|
||
// Print an empty line so that our first line of actual output doesn't occur on the same line | ||
// as the command prompt | ||
fmt.Println("") | ||
|
||
return nil | ||
} | ||
|
||
// detachConsole undos a previous call to attachConsole. It will leave the window | ||
// appearing to hang, so it notifies the user to press enter in order to get | ||
// their command prompt back. | ||
func detachConsole() error { | ||
// Let the user know they have to press enter to get their prompt back | ||
fmt.Println("Press enter to return to your terminal") | ||
|
||
// Now, free the console | ||
kernel32 := syscall.NewLazyDLL("kernel32.dll") | ||
freeConsoleProc := kernel32.NewProc("FreeConsole") | ||
|
||
// See: https://learn.microsoft.com/en-us/windows/console/freeconsole | ||
r1, _, err := freeConsoleProc.Call() | ||
if r1 == 0 { | ||
return fmt.Errorf("could not call FreeConsole: %w", err) | ||
} | ||
|
||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
package dataflatten | ||
|
||
import ( | ||
"fmt" | ||
"io" | ||
"os" | ||
|
||
"github.com/golang-jwt/jwt/v5" | ||
) | ||
|
||
// JWTFile adds support for the kolide_jwt table, which allows parsing | ||
// a file containing a JWT. Note that the kolide_jwt table does not handle | ||
// verification - this is a utility table for convenience. | ||
func JWTFile(file string, opts ...FlattenOpts) ([]Row, error) { | ||
return flattenJWT(file, opts...) | ||
} | ||
|
||
func flattenJWT(path string, opts ...FlattenOpts) ([]Row, error) { | ||
// for now, make it clear that any data we parse is unverified | ||
results := map[string]interface{}{"verified": false} | ||
|
||
jwtFH, err := os.Open(path) | ||
if err != nil { | ||
return nil, fmt.Errorf("unable to access file: %w", err) | ||
} | ||
|
||
defer jwtFH.Close() | ||
|
||
tokenRaw, err := io.ReadAll(jwtFH) | ||
if err != nil { | ||
return nil, fmt.Errorf("unable to read JWT: %w", err) | ||
} | ||
|
||
// attempt decode into the generic (default) MapClaims struct to ensure we capture | ||
// any claims data that might be useful | ||
token, _, err := new(jwt.Parser).ParseUnverified(string(tokenRaw), jwt.MapClaims{}) | ||
if err != nil { | ||
return nil, fmt.Errorf("unable to parse JWT: %w", err) | ||
} | ||
|
||
claims, ok := token.Claims.(jwt.MapClaims) | ||
if !ok { | ||
return nil, fmt.Errorf("JWT has no parseable claims") | ||
} | ||
|
||
parsedClaims := map[string]interface{}{} | ||
for k, v := range claims { | ||
parsedClaims[k] = v | ||
} | ||
|
||
results["claims"] = parsedClaims | ||
results["header"] = token.Header | ||
|
||
return Flatten(results, opts...) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters