diff --git a/plugins/rest/.CHECKSUM b/plugins/rest/.CHECKSUM index b34479c294..1bf5fe3ff2 100644 --- a/plugins/rest/.CHECKSUM +++ b/plugins/rest/.CHECKSUM @@ -1,7 +1,7 @@ { - "spec": "01bf89086f7b69361309c6adf67f9ed3", - "manifest": "6a4dfbf514cf030c250d577eecf8ff21", - "setup": "0dba8c490db609ae9977ade0756dbaa6", + "spec": "824d8daed5906eb3eb6a7941f2b25f62", + "manifest": "605d494d836f7a167cc056175e8c452b", + "setup": "775bc205b08880dafc532003dc63eda8", "schemas": [ { "identifier": "delete/schema.py", diff --git a/plugins/rest/Dockerfile b/plugins/rest/Dockerfile index c7d44b88f1..6d9d0b5e9e 100755 --- a/plugins/rest/Dockerfile +++ b/plugins/rest/Dockerfile @@ -1,4 +1,4 @@ -FROM rapid7/insightconnect-python-3-38-plugin:5 +FROM rapid7/insightconnect-python-3-plugin:5 LABEL organization=rapid7 LABEL sdk=python diff --git a/plugins/rest/bin/komand_rest b/plugins/rest/bin/komand_rest index e0171018de..4f7a3c5f9a 100755 --- a/plugins/rest/bin/komand_rest +++ b/plugins/rest/bin/komand_rest @@ -6,7 +6,7 @@ from sys import argv Name = "HTTP Requests" Vendor = "rapid7" -Version = "6.0.3" +Version = "6.0.4" Description = "The HTTP Requests plugin makes it easy to integrate with RESTful services" diff --git a/plugins/rest/help.md b/plugins/rest/help.md index e4ab5445e3..b812503719 100644 --- a/plugins/rest/help.md +++ b/plugins/rest/help.md @@ -342,6 +342,7 @@ Any issues connecting to the remote service should be present in the log of the # Version History +* 6.0.4 - Custom Auth: Fix bug where we could not pass the API Key from the input into the Authentication header if the header value included a prefix * 6.0.3 - Added empty `__init__.py` file to `unit_test` folder | Refreshed with new tooling | Updated `requirements.txt` * 6.0.2 - Fixed a bug that would cause an incorrect error message whenever a 400 error was received and the response object was a list * 6.0.1 - Improved ability of 'Body Any' input to handle non-standard characters and JSON input diff --git a/plugins/rest/komand_rest/util/util.py b/plugins/rest/komand_rest/util/util.py index e25f3f6298..e4ca7c2700 100644 --- a/plugins/rest/komand_rest/util/util.py +++ b/plugins/rest/komand_rest/util/util.py @@ -161,7 +161,7 @@ def check_auth_type_validity( def create_headers_for_custom_auth(self, headers: dict, secret_key) -> dict: new_headers = {} for key, value in headers.items(): - if value == self.CUSTOM_SECRET_INPUT: + if self.CUSTOM_SECRET_INPUT in value: if not secret_key: raise PluginException( cause="'CUSTOM_SECRET_INPUT' used in authentication header, but no secret provided.", diff --git a/plugins/rest/plugin.spec.yaml b/plugins/rest/plugin.spec.yaml index 13fedbb2d0..4624cf4c96 100644 --- a/plugins/rest/plugin.spec.yaml +++ b/plugins/rest/plugin.spec.yaml @@ -4,7 +4,7 @@ products: [insightconnect] name: rest title: HTTP Requests description: The HTTP Requests plugin makes it easy to integrate with RESTful services -version: 6.0.3 +version: 6.0.4 vendor: rapid7 support: community supported_versions: ["2023-10-19"] diff --git a/plugins/rest/setup.py b/plugins/rest/setup.py index fc8d51332e..9ae4d8cc84 100755 --- a/plugins/rest/setup.py +++ b/plugins/rest/setup.py @@ -3,7 +3,7 @@ setup(name="rest-rapid7-plugin", - version="6.0.3", + version="6.0.4", description="The HTTP Requests plugin makes it easy to integrate with RESTful services", author="rapid7", author_email="", diff --git a/plugins/rest/unit_test/test_utils.py b/plugins/rest/unit_test/test_utils.py index ec46c65e59..87b3290bf1 100644 --- a/plugins/rest/unit_test/test_utils.py +++ b/plugins/rest/unit_test/test_utils.py @@ -175,6 +175,12 @@ def test_custom_auth_success(self): api.with_credentials("Custom", secret_key="Key") self.assertEqual(api.default_headers["TEST"], "Key") + def test_custom_auth_with_prefix_success(self): + log = logging.getLogger("Test") + api = RestAPI("www.google.com", log, True, {"TEST": "ApiKey CUSTOM_SECRET_INPUT"}) + api.with_credentials("Custom", secret_key="Key") + self.assertEqual(api.default_headers["TEST"], "Key") + def test_custom_auth_not_provided(self): log = logging.getLogger("Test") api = RestAPI("www.google.com", log, True, {"TEST": "CUSTOM_SECRET_INPUT"})