Rule for protected HTTP endpoint
kittrCZ opened this issue · 3 comments
Hi,
I have question regarding rules and creation of rules. I'm working on REST endpoint which will provide feed of hashes in JSON format. I would like to add this feed as a rule to the CIF, but I'm not able to find information whether there is a way to add HTTP header to the call in CIF rule.
I have found here: https://github.com/csirtgadgets/massive-octo-spice/wiki/ParsingFeeds that there is Parameter header but I'm not sure if how to use it.
I need specifically pass HTTP header Authorization through the CIF rule. Is that possible?
Could someone point me to example of such existing rule?
Thank you for the help!
it is, but since everyone uses "authorization header" differently, we've started hap-hazardly adding ... 'support' for it as we go.
example:
https://github.com/csirtgadgets/massive-octo-spice/blob/develop/src/rules/default/csirtg_io.yml#L14
which we use "Authorization-Token token=(?)", demonstrated here:
https://github.com/csirtgadgets/massive-octo-spice/blob/develop/src/lib/CIF/Smrt/Fetcher.pm#L136
so if you have something different, you'd need to patch (and submit a PR) for that if/else stmt (or change your rest endpoint to use what we use, which is sort of what a lot of rails apps tend to use, so we did too...).
as long as it doesnt' break anything, we tend to just mash the merge button too. we recognize that there are probably lots of ways to pass through token headers these days, so in v3 we're doing a little bit of work to add a "token-header" flag so you can pass through the format [rather than if/elsing around in the fetcher].
does that make sense?
Ohh @wesyoung thanks for the answer, for some reason I overlooked your answer
Thank you for the help!
no worries; like i said, trying to make this better, so if you make some progress, let us know...