Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Sentinel Incidents] 401 Unauthorized error + missing Directory's path #3353

Merged
merged 5 commits into from
Feb 3, 2025
Merged

[Sentinel Incidents] 401 Unauthorized error + missing Directory's path #3353

merged 5 commits into from
Feb 3, 2025

Conversation

Powlinett
Copy link
Member

@Powlinett Powlinett commented Jan 30, 2025
edited
Loading

Proposed changes

  • get a fresh token on every run instead of on every launch
  • handle stix2 errors to avoid blocking imports
  • check if directory's path is valid before creating a Directory observable

Related issues

Checklist

  • I consider the submitted work as finished
  • I tested the code for its functionality using different use cases
  • I added/update the relevant documentation (either on github or on notion)
  • Where necessary I refactored code to improve the overall quality

Further comments

These are naive solutions to fix the issue as quickly as possible. But better solutions exist, such as:

  • add a refresh strategy when the current token is about to expire
  • perform data validation (pydantic models) for both Sentinel’s responses and OpenCTI’s objects

@Powlinett Powlinett added the filigran team use to identify PR from the Filigran team label Jan 30, 2025
@Powlinett Powlinett self-assigned this Jan 30, 2025
This was linked to issues Jan 30, 2025
[Sentinel-incident] Authentication problem - Error 401 after several iterations #3325
Closed
[sentinel-incidents]: No values for required properties for Directory bug #3344
Closed
helene-nguyen
helene-nguyen approved these changes Feb 3, 2025
View reviewed changes
Copy link
Member

@helene-nguyen helene-nguyen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything looks good to me :)

Thanks for improving the typing, good job for adding STIX2 error handling ✨

✅ Missing Directory's path is handled properly
✅ Having an updated fresh token handled

external-import/sentinel-incidents/src/sentinel_incidents_connector/converter_to_stix.py
Comment on lines +170 to +171
account_login=user_account_dict.get("accountName"),
display_name=user_account_dict.get("displayName"),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for adding that :)

@Powlinett Powlinett merged commit 55be8a8 into master Feb 3, 2025
4 checks passed
@Powlinett Powlinett deleted the bug/3325-sentinel-incident-401-unauthorized branch February 3, 2025 14:35
maximus-debski pushed a commit to maximus-debski/connectors that referenced this pull request Feb 26, 2025
@Powlinett @maximus-debski
[Sentinel Incidents] 401 Unauthorized error + missing Directory's path (
5c9f214 
OpenCTI-Platform#3353)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@helene-nguyen helene-nguyen helene-nguyen approved these changes

@Megafredo Megafredo Awaiting requested review from Megafredo

@flavienSindou flavienSindou Awaiting requested review from flavienSindou

Assignees

@Powlinett Powlinett

Labels
filigran team use to identify PR from the Filigran team
Projects
None yet
Milestone
No milestone
2 participants
@Powlinett @helene-nguyen