[BUG] App Creation stores path to file vs file contents.

Background

Currently in streamalert_cli/helpers.py there is a function called user_input historically user_input used python2 raw_input and as part of calling response_is_valid called a validation function which returned a string.

This string would then replace the contents of raw_input() overriding the user inputed string.

In the later releases of StreamAlert and migration to python3 it appears that input() is no longer having the value manipulated in the same way.

Description

Steps to Reproduce

On a StreamAlert 3.0+ release create a new application such as gsuite or box which utilise this value returned by the validation function, once the application is created go to parameter store and look at the contents you should see the String to the path on disk vs the file contents.

Desired Change

Contents of the file on disk to be stored in parameter store.

As @gavinelder pointed out in py3 it uses input() while py2 uses raw_input(), but they should behave the same to read the user input as a string which is the keyfile path in our case. Later, we should read the content of the keyfile using _required_auth_info classmethod

streamalert/streamalert/apps/_apps/gsuite.py

Lines 200 to 227 in a0a284c

    
           def _required_auth_info(cls): 
        
               # Use a validation function to ensure the file the user provides is valid 
        
               def keyfile_validator(keyfile): 
        
                   """A JSON formatted (not p12) Google service account private key file key""" 
        
                   try: 
        
                       with open(keyfile.strip(), 'r') as json_keyfile: 
        
                           keydata = json.load(json_keyfile) 
        
                   except (IOError, ValueError): 
        
                       return False 
        
                   if not cls._load_credentials(keydata): 
        
                       return False 
        
                   return keydata 
        
               return { 
        
                   'keyfile': 
        
                       { 
        
                           'description': ('the path on disk to the JSON formatted Google ' 
        
                                           'service account private key file'), 
        
                           'format': keyfile_validator 
        
                       }, 
        
                   'delegation_email': 
        
                       { 
        
                           'description': 'the service account user email to delegate access to', 
        
                           'format': re.compile(r'^[A-Za-z0-9-_.+]+@[A-Za-z0-9-.]+\.[A-Za-z]{2,}$') 
        
                       } 
        
                   }

Definitely there is something wrong when calls _required_auth_info or it may not be called. Will investigate more.

To add more context about @gavinelder 's issue, the value of gsuite_token_gtoken_app_auth should be a json blob containing the context of private key. However, instead of storing the context of private key, it stores the path to the private key file which is wrong.

Opened a PR to address this, was forced to spend more time than a quick glance as part of building a new app.

	def _required_auth_info(cls):
	# Use a validation function to ensure the file the user provides is valid
	def keyfile_validator(keyfile):
	"""A JSON formatted (not p12) Google service account private key file key"""
	try:
	with open(keyfile.strip(), 'r') as json_keyfile:
	keydata = json.load(json_keyfile)
	except (IOError, ValueError):
	return False

	if not cls._load_credentials(keydata):
	return False

	return keydata

	return {
	'keyfile':
	{
	'description': ('the path on disk to the JSON formatted Google '
	'service account private key file'),
	'format': keyfile_validator
	},
	'delegation_email':
	{
	'description': 'the service account user email to delegate access to',
	'format': re.compile(r'^[A-Za-z0-9-_.+]+@[A-Za-z0-9-.]+\.[A-Za-z]{2,}$')
	}
	}