[Filebeat][O365 Module] client_secret produces error if secret starts with @ #25058
Comments
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
|
The issue is that within the generated configuration (the rendered config template) the password is missing single quotes. |
andrewkroh
added a commit
to andrewkroh/beats
that referenced
this issue
Apr 21, 2021
Values passed in by users that are expected to be strings should be single-quoted. Also, this fixes the `tojson` function to not escape &, <, and > to to \u0026, \u003c, and \u003e. This caused problems if the value is an api keys or password that contained one of those characters. Fixes elastic#25058
6 tasks
andrewkroh
added a commit
that referenced
this issue
Apr 22, 2021
Values passed in by users that are expected to be strings should be single-quoted. Also, this fixes the `tojson` function to not escape &, <, and > to to \u0026, \u003c, and \u003e. This caused problems if the value is an api keys or password that contained one of those characters. Fixes #25058
mergify bot
pushed a commit
that referenced
this issue
Apr 22, 2021
Values passed in by users that are expected to be strings should be single-quoted. Also, this fixes the `tojson` function to not escape &, <, and > to to \u0026, \u003c, and \u003e. This caused problems if the value is an api keys or password that contained one of those characters. Fixes #25058 (cherry picked from commit eed1cbb)
mergify bot
pushed a commit
that referenced
this issue
Apr 22, 2021
Values passed in by users that are expected to be strings should be single-quoted. Also, this fixes the `tojson` function to not escape &, <, and > to to \u0026, \u003c, and \u003e. This caused problems if the value is an api keys or password that contained one of those characters. Fixes #25058 (cherry picked from commit eed1cbb)
andrewkroh
added a commit
that referenced
this issue
Apr 23, 2021
…25231) Values passed in by users that are expected to be strings should be single-quoted. Also, this fixes the `tojson` function to not escape &, <, and > to to \u0026, \u003c, and \u003e. This caused problems if the value is an api keys or password that contained one of those characters. Fixes #25058 (cherry picked from commit eed1cbb) Co-authored-by: Andrew Kroh <[email protected]>
andrewkroh
added a commit
that referenced
this issue
Apr 23, 2021
Values passed in by users that are expected to be strings should be single-quoted. Also, this fixes the `tojson` function to not escape &, <, and > to to \u0026, \u003c, and \u003e. This caused problems if the value is an api keys or password that contained one of those characters. Fixes #25058 (cherry picked from commit eed1cbb)
andrewkroh
added a commit
that referenced
this issue
Apr 25, 2021
…5 (backport #25215) (#25232) * Add single quotes around configurable string values in O365 (#25215) Values passed in by users that are expected to be strings should be single-quoted. Also, this fixes the `tojson` function to not escape &, <, and > to to \u0026, \u003c, and \u003e. This caused problems if the value is an api keys or password that contained one of those characters. Fixes #25058 (cherry picked from commit eed1cbb) * Fix changelog Co-authored-by: Andrew Kroh <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Seems like there might be an issue with the configuration mapping (mustache?) for certain fields starting with
@.Looking at: https://discuss.elastic.co/t/yaml-found-character-that-cannot-start-any-token-when-value-starts-with/269778
The following example:
Would produce an error like:
cfgfile/list.go:99 Error creating runner from config: Error getting config for fileset o365/audit: Error reading input config: yaml: line 12: found character that cannot start any token.Will update this issue once I have looked into it.
The text was updated successfully, but these errors were encountered: