Skip to content
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions packages/httpjson/changelog.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
- version: "1.2.2"
changes:
- description: Fixes rendering issue for custom oauth2 scopes
type: bugfix
link: https://github.com/elastic/integrations/pull/3295
- version: "1.2.1"
changes:
- description: Adds missing `delegated_account` option for Google Oauth2
Expand Down
2 changes: 1 addition & 1 deletion packages/httpjson/data_stream/generic/manifest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ streams:
multi: false
required: false
- name: oauth_scopes
type: yaml
type: text

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a test to ensure that this is working as expected? You can construct an endpoint in the packages/httpjson/_dev/deploy/docker/files/config.yml file and make a test in the packages/httpjson/data_stream/generic/_dev/test/system/ directory to check that the scopes are correctly set.

@colin-stubbs colin-stubbs May 9, 2022

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @efd6 - I've added the variable as per my commit no. 3 ( 3105bd5 ) ... there's nothing to add to the docker config file, I don't know if the stream container which provides a HTTP interface to test against is capable of echo'ing back the requested scopes as a "scope" value in the response, and my quick look at it suggests it isn't... and "scope" in an Oauth2 token response is optional. This should do the trick in terms of testing render of a list of scopes as would be generated by the Kibana/Fleet webUI to the Fleet API though.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, actually, my bad, seems like it can

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still an optional part of the response though... OAuth2 token endpoint doesn't need to include scopes, the assumption is that if a code comes back from a request that include scopes, then the token is valid for those.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So what you will need to do is write some rules into the packages/httpjson/_dev/deploy/docker/files/config.yml file. This is the configuration for the stream tool.

@colin-stubbs colin-stubbs May 9, 2022

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's lovely, where's the actual doco, or is the paying customer who's bug fixing Elastic's product (yes that means me.) supposed to reverse engineer stream tool too? Right now, the product I'm paying Elastic for - multiple platinum and enterprise level subscription Elastic Cloud deployments - can't do what it says it can do. The tests are clearly non-existent at present and I'm not going to burn a bunch of my time creating tests for Elastic's commercial product that I'm paying for, creating something that doesn't currently exist, based on documentation that doesn't exist.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can pick this up if you would like.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TBH, noting "Contributor"... if you're not getting paid for this I don't feel you should burn your time either... is there no Elastic support team that this can be assigned to?

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am an Elastic employee, so this is something I'm happy to do. If you'd like me to take this on, I can pick it up.

title: Oauth2 Scopes
description: A list of scopes that will be requested during the oauth2 flow. It is optional for all providers.
show_user: false
Expand Down