diff --git a/docs/sources/microsoft-365/msft-teams/example-api-responses/original/Users_onlineMeetings_v1.0.json b/docs/sources/microsoft-365/msft-teams/example-api-responses/original/Users_onlineMeetings_v1.0.json index 6b6066420..ccf17953d 100644 --- a/docs/sources/microsoft-365/msft-teams/example-api-responses/original/Users_onlineMeetings_v1.0.json +++ b/docs/sources/microsoft-365/msft-teams/example-api-responses/original/Users_onlineMeetings_v1.0.json @@ -28,7 +28,7 @@ "displayName": "Tyler Stein" } }, - "upn": "upn-value" + "upn": "foo@some-domain.com" } ], "organizer": { @@ -57,4 +57,4 @@ }, "isEntryExitAnnounced": true, "allowedPresenters": "everyone" -} +} \ No newline at end of file diff --git a/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized/Users_onlineMeetings_v1.0.json b/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized/Users_onlineMeetings_v1.0.json index 3f1385852..983d6b2d2 100644 --- a/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized/Users_onlineMeetings_v1.0.json +++ b/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized/Users_onlineMeetings_v1.0.json @@ -26,8 +26,7 @@ "@odata.type":"#microsoft.graph.identity", "id":"112f7296-5ca-bae8-6a692b15d4b8" } - }, - "upn":"upn-value" + } } ], "organizer":{ @@ -37,8 +36,7 @@ "@odata.type":"#microsoft.graph.identity", "id":"5810cedeb-b2c1-e9bd5d53ec96" } - }, - "upn":"upn-value" + } } }, "startDateTime":"2018-05-30T00:30:00Z", @@ -52,4 +50,4 @@ }, "isEntryExitAnnounced":true, "allowedPresenters":"everyone" -} +} \ No newline at end of file diff --git a/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized_no-userIds/Users_onlineMeetings_attendanceReport_v1.0.json b/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized_no-userIds/Users_onlineMeetings_attendanceReport_v1.0.json index 794897e6b..ce0435781 100644 --- a/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized_no-userIds/Users_onlineMeetings_attendanceReport_v1.0.json +++ b/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized_no-userIds/Users_onlineMeetings_attendanceReport_v1.0.json @@ -9,7 +9,7 @@ "totalAttendanceInSeconds":1152, "role":"Presenter", "identity":{ - "id":"dc17674c-81d9-4adb-bfb2-8f6a442e4623", + "id":"{\"scope\":\"azure-ad\",\"hash\":\"MwYK48L-UYMIsFrz1EHA4xX8hwfxJQfyg_L-vtEV1Mc\"}", "tenantId":null }, "attendanceIntervals":[ diff --git a/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized_no-userIds/Users_onlineMeetings_v1.0.json b/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized_no-userIds/Users_onlineMeetings_v1.0.json index 7312202ad..31abf5c6b 100644 --- a/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized_no-userIds/Users_onlineMeetings_v1.0.json +++ b/docs/sources/microsoft-365/msft-teams/example-api-responses/sanitized_no-userIds/Users_onlineMeetings_v1.0.json @@ -21,8 +21,7 @@ "user":{ "id":"{\"scope\":\"azure-ad\",\"hash\":\"KvrBhIhPrAEMwI320CqhyGSfgVmKedObWZ5X380uX04\"}" } - }, - "upn":"upn-value" + } } ], "organizer":{ @@ -30,8 +29,7 @@ "user":{ "id":"{\"scope\":\"azure-ad\",\"hash\":\"OkGYJKhA8lYaD0IJw3YHj8cB9qiSMw6MA_70P99wa3o\"}" } - }, - "upn":"upn-value" + } } }, "startDateTime":"2018-05-30T00:30:00Z", @@ -45,4 +43,4 @@ }, "isEntryExitAnnounced":true, "allowedPresenters":"everyone" -} +} \ No newline at end of file diff --git a/docs/sources/microsoft-365/msft-teams/msft-teams.yaml b/docs/sources/microsoft-365/msft-teams/msft-teams.yaml index 141e09a60..d2123da6d 100644 --- a/docs/sources/microsoft-365/msft-teams/msft-teams.yaml +++ b/docs/sources/microsoft-365/msft-teams/msft-teams.yaml @@ -221,6 +221,7 @@ endpoints: - "$..joinInformation" - "$..joinMeetingIdSettings.isPasscodeRequired" - "$..joinMeetingIdSettings.passcode" + - "$..upn" - pathTemplate: "/v1.0/users/{userId}/onlineMeetings/{meetingId}/attendanceReports" allowedQueryParams: - "$select" @@ -248,6 +249,7 @@ endpoints: - "$..joinInformation" - "$..joinMeetingIdSettings.isPasscodeRequired" - "$..joinMeetingIdSettings.passcode" + - "$..upn" - pathTemplate: "/v1.0/users/{userId}/onlineMeetings/{meetingId}/attendanceReports/{reportId}" allowedQueryParams: - "$select" @@ -275,6 +277,7 @@ endpoints: - "$..joinInformation" - "$..joinMeetingIdSettings.isPasscodeRequired" - "$..joinMeetingIdSettings.passcode" + - "$..upn" - pathRegex: "^/v1.0/users/?[^/]*" allowedQueryParams: - "$top" diff --git a/docs/sources/microsoft-365/msft-teams/msft-teams_no-userIds.yaml b/docs/sources/microsoft-365/msft-teams/msft-teams_no-userIds.yaml index 8f06ff8a3..06f335aac 100644 --- a/docs/sources/microsoft-365/msft-teams/msft-teams_no-userIds.yaml +++ b/docs/sources/microsoft-365/msft-teams/msft-teams_no-userIds.yaml @@ -243,6 +243,10 @@ endpoints: jsonPaths: - "$..emailAddress" encoding: "JSON" + - ! + jsonPaths: + - "$..identity.id" + encoding: "JSON" - ! jsonPaths: - "$..user.id" @@ -255,6 +259,7 @@ endpoints: - "$..joinInformation" - "$..joinMeetingIdSettings.isPasscodeRequired" - "$..joinMeetingIdSettings.passcode" + - "$..upn" - ! jsonPaths: - "$..['@odata.context']" @@ -272,6 +277,10 @@ endpoints: jsonPaths: - "$..emailAddress" encoding: "JSON" + - ! + jsonPaths: + - "$..identity.id" + encoding: "JSON" - ! jsonPaths: - "$..user.id" @@ -284,6 +293,7 @@ endpoints: - "$..joinInformation" - "$..joinMeetingIdSettings.isPasscodeRequired" - "$..joinMeetingIdSettings.passcode" + - "$..upn" - ! jsonPaths: - "$..['@odata.context']" @@ -305,6 +315,10 @@ endpoints: jsonPaths: - "$..emailAddress" encoding: "JSON" + - ! + jsonPaths: + - "$..identity.id" + encoding: "JSON" - ! jsonPaths: - "$.['@odata.nextLink', '@odata.prevLink', 'sessions@odata.nextLink']" @@ -316,6 +330,7 @@ endpoints: - "$..joinInformation" - "$..joinMeetingIdSettings.isPasscodeRequired" - "$..joinMeetingIdSettings.passcode" + - "$..upn" - "$..['@odata.context']" - "$..['@odata.type']" - pathRegex: "^/v1.0/users(/p~[a-zA-Z0-9_-]+?)?[^/]*" diff --git a/docs/sources/slack/discovery.yaml b/docs/sources/slack/discovery.yaml index c3691c87c..98f66e3ed 100644 --- a/docs/sources/slack/discovery.yaml +++ b/docs/sources/slack/discovery.yaml @@ -11,6 +11,10 @@ endpoints: - ! jsonPaths: - "$.users[*].id" + includeReversible: true + encoding: "URL_SAFE_TOKEN" + - ! + jsonPaths: - "$.users[*].profile.email" - "$.users[*].profile.guest_invited_by" encoding: "JSON" @@ -20,6 +24,11 @@ endpoints: - "$.users[*].profile['title','phone','skype','first_name','last_name','real_name','real_name_normalized','display_name','display_name_normalized']" - "$.users[*].profile['fields','pronouns','status_text','status_emoji','status_emoji_display_info','status_expiration','avatar_hash']" - "$.users[*].profile['image_original','is_custom_image','image_24','image_32','image_48','image_72','image_192','image_512','image_1024','status_text_canonical']" + - pathTemplate: "/api/discovery.user.conversations" + transforms: + - ! + jsonPaths: + - "$.channels[*]['name','topic','purpose']" - pathTemplate: "/api/discovery.conversations.list" transforms: - ! @@ -44,6 +53,7 @@ endpoints: - ! jsonPaths: - "$.messages[*].user" + - "$.messages[*].inviter" - "$.messages[*].files[*].user" - "$.messages[*].reactions[*].users[*]" - "$.messages[*].replies[*].user" diff --git a/docs/sources/slack/example-api-responses/original/discovery-user-conversations.json b/docs/sources/slack/example-api-responses/original/discovery-user-conversations.json new file mode 100644 index 000000000..b79901abb --- /dev/null +++ b/docs/sources/slack/example-api-responses/original/discovery-user-conversations.json @@ -0,0 +1,36 @@ +{ + "ok": true, + "offset": "D123ABC890", + "channels": [ + { + "id": "G123ABC456", + "team_id": "T0123ABC456", + "date_joined": 1538411458, + "date_left": 0, + "is_private": true, + "is_im": false, + "is_mpim": false, + "is_ext_shared": false + }, + { + "id": "D0123ABC456", + "team_id": "E0123ABC456", + "date_joined": 1538411250, + "date_left": 0, + "is_private": true, + "is_im": true, + "is_mpim": false, + "is_ext_shared": false + }, + { + "id": "C123ABC892", + "team_id": "T0123ABC456", + "date_joined": 1538411250, + "date_left": 1538411359, + "is_private": false, + "is_im": false, + "is_mpim": false, + "is_ext_shared": false + } + ] +} \ No newline at end of file diff --git a/docs/sources/slack/example-api-responses/sanitized/discovery-user-conversations.json b/docs/sources/slack/example-api-responses/sanitized/discovery-user-conversations.json new file mode 100644 index 000000000..fe9547a28 --- /dev/null +++ b/docs/sources/slack/example-api-responses/sanitized/discovery-user-conversations.json @@ -0,0 +1,36 @@ +{ + "ok":true, + "offset":"D123ABC890", + "channels":[ + { + "id":"G123ABC456", + "team_id":"T0123ABC456", + "date_joined":1538411458, + "date_left":0, + "is_private":true, + "is_im":false, + "is_mpim":false, + "is_ext_shared":false + }, + { + "id":"D0123ABC456", + "team_id":"E0123ABC456", + "date_joined":1538411250, + "date_left":0, + "is_private":true, + "is_im":true, + "is_mpim":false, + "is_ext_shared":false + }, + { + "id":"C123ABC892", + "team_id":"T0123ABC456", + "date_joined":1538411250, + "date_left":1538411359, + "is_private":false, + "is_im":false, + "is_mpim":false, + "is_ext_shared":false + } + ] +} \ No newline at end of file diff --git a/docs/sources/slack/example-api-responses/sanitized/discovery-users-list.json b/docs/sources/slack/example-api-responses/sanitized/discovery-users-list.json index 6a906dbc5..e8fe32423 100644 --- a/docs/sources/slack/example-api-responses/sanitized/discovery-users-list.json +++ b/docs/sources/slack/example-api-responses/sanitized/discovery-users-list.json @@ -2,7 +2,7 @@ "ok":true, "users":[ { - "id":"{\"scope\":\"slack\",\"hash\":\"BZcy5qhkyGyUTWR9hC_my2o6pHLKA4C8MHUHRy1K5Ts\"}", + "id":"p~BZcy5qhkyGyUTWR9hC_my2o6pHLKA4C8MHUHRy1K5TuugNC6SKYHB4eIKRZ4cFOg", "deleted":false, "color":"e7392d", "tz":"America/Los_Angeles", @@ -27,7 +27,7 @@ ] }, { - "id":"{\"scope\":\"slack\",\"hash\":\"fyCnHbAdterJaFBMVnh6bo_qduSAt-k18eEgbYN_FqI\"}", + "id":"p~fyCnHbAdterJaFBMVnh6bo_qduSAt-k18eEgbYN_FqLZ-38BzAOn6weILvGYSJN4", "deleted":false, "color":"4bbe2e", "tz":"America/Los_Angeles", @@ -53,7 +53,7 @@ ] }, { - "id":"{\"scope\":\"slack\",\"hash\":\"mJlhl3xv52fNY6wyUps5mBYPCl1nVWHT442eQ7v-lJw\"}", + "id":"p~mJlhl3xv52fNY6wyUps5mBYPCl1nVWHT442eQ7v-lJyurnRXe1xte4bUgJLOS0DP", "deleted":false, "color":"9f69e7", "tz":"America/Los_Angeles", @@ -78,4 +78,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/infra/examples-dev/aws-all/google-workspace.tf b/infra/examples-dev/aws-all/google-workspace.tf index 5118c3c62..9d4264f97 100644 --- a/infra/examples-dev/aws-all/google-workspace.tf +++ b/infra/examples-dev/aws-all/google-workspace.tf @@ -8,7 +8,7 @@ provider "google" { module "worklytics_connectors_google_workspace" { source = "../../modules/worklytics-connectors-google-workspace" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.62" providers = { google = google.google_workspace diff --git a/infra/examples-dev/aws-all/main.tf b/infra/examples-dev/aws-all/main.tf index ee406b0a6..a81a7863d 100644 --- a/infra/examples-dev/aws-all/main.tf +++ b/infra/examples-dev/aws-all/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3, < 1.10" + required_version = ">= 1.3, < 1.11" required_providers { # for the infra that will host Psoxy instances @@ -21,7 +21,7 @@ terraform { # general cases module "worklytics_connectors" { source = "../../modules/worklytics-connectors" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.62" enabled_connectors = var.enabled_connectors jira_cloud_id = var.jira_cloud_id @@ -101,7 +101,7 @@ locals { module "psoxy" { source = "../../modules/aws-host" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-host?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-host?ref=v0.4.62" environment_name = var.environment_name aws_account_id = var.aws_account_id @@ -159,7 +159,7 @@ module "connection_in_worklytics" { for_each = local.all_instances source = "../../modules/worklytics-psoxy-connection-aws" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-aws?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-aws?ref=v0.4.62" psoxy_instance_id = each.key worklytics_host = var.worklytics_host diff --git a/infra/examples-dev/aws-all/msft-365.tf b/infra/examples-dev/aws-all/msft-365.tf index bc3890c49..138dbf0f0 100644 --- a/infra/examples-dev/aws-all/msft-365.tf +++ b/infra/examples-dev/aws-all/msft-365.tf @@ -2,7 +2,7 @@ module "worklytics_connectors_msft_365" { source = "../../modules/worklytics-connectors-msft-365" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-msft-365?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-msft-365?ref=v0.4.62" enabled_connectors = var.enabled_connectors environment_id = var.environment_name @@ -48,7 +48,7 @@ module "cognito_identity_pool" { count = local.msft_365_enabled ? 1 : 0 # only provision identity pool if MSFT-365 connectors are enabled source = "../../modules/aws-cognito-pool" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.62" developer_provider_name = local.developer_provider_name name = "${local.env_qualifier}-azure-ad-federation" @@ -71,7 +71,7 @@ module "cognito_identity" { count = local.msft_365_enabled ? 1 : 0 # only provision identity pool if MSFT-365 connectors are enabled source = "../../modules/aws-cognito-identity-cli" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-identity-cli?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-identity-cli?ref=v0.4.62" aws_region = data.aws_region.current.id aws_role = var.aws_assume_role_arn @@ -108,7 +108,7 @@ module "msft_connection_auth_federation" { for_each = local.provision_entraid_apps ? local.enabled_to_entraid_object : local.shared_to_entraid_object source = "../../modules/azuread-federated-credentials" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.62" application_object_id = each.value.connector_id display_name = "${local.env_qualifier}AccessFromAWS" diff --git a/infra/examples-dev/aws-google-workspace/main.tf b/infra/examples-dev/aws-google-workspace/main.tf index 5d422e3d9..b12b39dac 100644 --- a/infra/examples-dev/aws-google-workspace/main.tf +++ b/infra/examples-dev/aws-google-workspace/main.tf @@ -59,7 +59,7 @@ data "google_project" "psoxy-google-connectors" { module "psoxy" { source = "../../modular-examples/aws-google-workspace" - # source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws-google-workspace?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws-google-workspace?ref=v0.4.62" aws_account_id = var.aws_account_id aws_assume_role_arn = var.aws_assume_role_arn # role that can test the instances (lambdas) diff --git a/infra/examples-dev/aws-msft-365/main.tf b/infra/examples-dev/aws-msft-365/main.tf index 6fcf01788..ada79df3f 100644 --- a/infra/examples-dev/aws-msft-365/main.tf +++ b/infra/examples-dev/aws-msft-365/main.tf @@ -51,7 +51,7 @@ provider "azuread" { module "psoxy" { source = "../../modular-examples/aws-msft-365" - # source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws-msft-365?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws-msft-365?ref=v0.4.62" aws_account_id = var.aws_account_id aws_assume_role_arn = var.aws_assume_role_arn # role that can test the instances (lambdas) diff --git a/infra/examples-dev/aws/main.tf b/infra/examples-dev/aws/main.tf index d770569c8..0e9132a4c 100644 --- a/infra/examples-dev/aws/main.tf +++ b/infra/examples-dev/aws/main.tf @@ -57,7 +57,7 @@ provider "azuread" { module "psoxy" { source = "../../modular-examples/aws" - # source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws?ref=v0.4.62" aws_account_id = var.aws_account_id aws_assume_role_arn = var.aws_assume_role_arn # role that can test the instances (lambdas) diff --git a/infra/examples-dev/gcp-google-workspace/main.tf b/infra/examples-dev/gcp-google-workspace/main.tf index 87261c3f3..a7c967531 100644 --- a/infra/examples-dev/gcp-google-workspace/main.tf +++ b/infra/examples-dev/gcp-google-workspace/main.tf @@ -28,7 +28,7 @@ provider "google" { module "psoxy" { source = "../../modular-examples/gcp-google-workspace" - # source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/gcp-google-workspace?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/gcp-google-workspace?ref=v0.4.62" gcp_project_id = var.gcp_project_id environment_name = var.environment_name diff --git a/infra/examples-dev/gcp/google-workspace.tf b/infra/examples-dev/gcp/google-workspace.tf index 5118c3c62..9d4264f97 100644 --- a/infra/examples-dev/gcp/google-workspace.tf +++ b/infra/examples-dev/gcp/google-workspace.tf @@ -8,7 +8,7 @@ provider "google" { module "worklytics_connectors_google_workspace" { source = "../../modules/worklytics-connectors-google-workspace" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.62" providers = { google = google.google_workspace diff --git a/infra/examples-dev/gcp/main.tf b/infra/examples-dev/gcp/main.tf index 16115885b..8c649c695 100644 --- a/infra/examples-dev/gcp/main.tf +++ b/infra/examples-dev/gcp/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3, < 1.10" + required_version = ">= 1.3, < 1.11" required_providers { google = { @@ -29,7 +29,7 @@ locals { # call this 'generic_source_connectors'? module "worklytics_connectors" { source = "../../modules/worklytics-connectors" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.62" enabled_connectors = var.enabled_connectors @@ -81,7 +81,7 @@ locals { module "psoxy" { source = "../../modules/gcp-host" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-host?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-host?ref=v0.4.62" gcp_project_id = var.gcp_project_id environment_name = var.environment_name @@ -121,7 +121,7 @@ module "connection_in_worklytics" { for_each = local.all_instances source = "../../modules/worklytics-psoxy-connection-generic" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key diff --git a/infra/examples-dev/gcp/msft-365.tf b/infra/examples-dev/gcp/msft-365.tf index d84ba02b7..7a8c09627 100644 --- a/infra/examples-dev/gcp/msft-365.tf +++ b/infra/examples-dev/gcp/msft-365.tf @@ -2,7 +2,7 @@ module "worklytics_connectors_msft_365" { source = "../../modules/worklytics-connectors-msft-365" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-msft-365?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-msft-365?ref=v0.4.62" enabled_connectors = var.enabled_connectors environment_id = var.environment_name @@ -34,7 +34,7 @@ module "msft-connection-auth-federation" { for_each = module.worklytics_connectors_msft_365.enabled_api_connectors source = "../../modules/azuread-federated-credentials" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.62" application_object_id = each.value.connector.id display_name = "GcpFederation" diff --git a/infra/examples/aws-google-workspace/main.tf b/infra/examples/aws-google-workspace/main.tf index 61e95ebdf..354b124eb 100644 --- a/infra/examples/aws-google-workspace/main.tf +++ b/infra/examples/aws-google-workspace/main.tf @@ -59,7 +59,7 @@ data "google_project" "psoxy-google-connectors" { module "psoxy" { # source = "../../modular-examples/aws-google-workspace" - source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws-google-workspace?ref=v0.4.61" + source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws-google-workspace?ref=v0.4.62" aws_account_id = var.aws_account_id aws_assume_role_arn = var.aws_assume_role_arn # role that can test the instances (lambdas) diff --git a/infra/examples/aws-msft-365/main.tf b/infra/examples/aws-msft-365/main.tf index ee09a6d65..89501a2f1 100644 --- a/infra/examples/aws-msft-365/main.tf +++ b/infra/examples/aws-msft-365/main.tf @@ -51,7 +51,7 @@ provider "azuread" { module "psoxy" { # source = "../../modular-examples/aws-msft-365" - source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws-msft-365?ref=v0.4.61" + source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/aws-msft-365?ref=v0.4.62" aws_account_id = var.aws_account_id aws_assume_role_arn = var.aws_assume_role_arn # role that can test the instances (lambdas) diff --git a/infra/examples/gcp-google-workspace/main.tf b/infra/examples/gcp-google-workspace/main.tf index b95de2ae6..77c4b6f84 100644 --- a/infra/examples/gcp-google-workspace/main.tf +++ b/infra/examples/gcp-google-workspace/main.tf @@ -28,7 +28,7 @@ provider "google" { module "psoxy" { # source = "../../modular-examples/gcp-google-workspace" - source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/gcp-google-workspace?ref=v0.4.61" + source = "git::https://github.com/worklytics/psoxy//infra/modular-examples/gcp-google-workspace?ref=v0.4.62" gcp_project_id = var.gcp_project_id environment_name = var.environment_name diff --git a/infra/examples/msft-365/main.tf b/infra/examples/msft-365/main.tf index 91a913b21..ab87ccf3b 100644 --- a/infra/examples/msft-365/main.tf +++ b/infra/examples/msft-365/main.tf @@ -34,7 +34,7 @@ data "azuread_client_config" "current" {} module "worklytics_connector_specs" { # source = "../../modules/worklytics-connector-specs" - source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.61" + source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.62" enabled_connectors = var.enabled_connectors @@ -52,7 +52,7 @@ module "msft-connection" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors # source = "../../modules/azuread-connection" - source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-connection?ref=v0.4.61" + source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-connection?ref=v0.4.62" display_name = "Psoxy Connector - ${each.value.display_name}${var.connector_display_name_suffix}" tenant_id = var.msft_tenant_id @@ -65,7 +65,7 @@ module "msft-connection-auth-federation" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors # source = "../../modules/azuread-federated-credentials" - source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.61" + source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.62" application_object_id = module.msft-connection[each.key].connector.id display_name = "AccessFromAWS" @@ -107,7 +107,7 @@ module "msft_365_grants" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors # source = "../../modules/azuread-grant-all-users" - source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-grant-all-users?ref=v0.4.61" + source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-grant-all-users?ref=v0.4.62" psoxy_instance_id = each.key application_id = module.msft-connection[each.key].connector.application_id diff --git a/infra/modular-examples/aws-google-workspace/main.tf b/infra/modular-examples/aws-google-workspace/main.tf index 412fecf33..fd70a5368 100644 --- a/infra/modular-examples/aws-google-workspace/main.tf +++ b/infra/modular-examples/aws-google-workspace/main.tf @@ -22,7 +22,7 @@ locals { module "worklytics_connector_specs" { source = "../../modules/worklytics-connector-specs" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.61 + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.62 enabled_connectors = var.enabled_connectors google_workspace_example_user = var.google_workspace_example_user @@ -41,7 +41,7 @@ module "worklytics_connector_specs" { module "psoxy-aws" { source = "../../modules/aws" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws?ref=v0.4.61 + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws?ref=v0.4.62 aws_account_id = var.aws_account_id region = var.aws_region @@ -55,7 +55,7 @@ module "psoxy-aws" { # secrets shared across all instances module "global_secrets" { source = "../../modules/aws-ssm-secrets" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.61 + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.62 path = var.aws_ssm_param_root_path kms_key_id = var.aws_ssm_key_id @@ -83,7 +83,7 @@ module "google-workspace-connection" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/google-workspace-dwd-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/google-workspace-dwd-connection?ref=v0.4.61 + # source = "git::https://github.com/worklytics/psoxy//infra/modules/google-workspace-dwd-connection?ref=v0.4.62 project_id = var.gcp_project_id connector_service_account_id = "${module.env_id_gcp_sa.id}-${each.key}" @@ -101,7 +101,7 @@ module "google-workspace-connection-auth" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/gcp-sa-auth-key" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-sa-auth-key?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-sa-auth-key?ref=v0.4.62" service_account_id = module.google-workspace-connection[each.key].service_account_id } @@ -110,7 +110,7 @@ module "sa-key-secrets" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/aws-ssm-secrets" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.62" # other possibly implementations: # source = "../hashicorp-vault-secrets" @@ -129,7 +129,7 @@ module "psoxy-google-workspace-connector" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/aws-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -171,7 +171,7 @@ module "worklytics-psoxy-connection-google-workspace" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_instance_id = each.key psoxy_host_platform_id = local.host_platform_id @@ -217,7 +217,7 @@ module "parameter-fill-instructions" { for_each = local.long_access_parameters source = "../../modules/aws-ssm-fill-md" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-fill-md?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-fill-md?ref=v0.4.62" region = var.aws_region parameter_name = aws_ssm_parameter.long-access-secrets[each.key].name @@ -227,7 +227,7 @@ module "source_token_external_todo" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors_todos source = "../../modules/source-token-external-todo" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/source-token-external-todo?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/source-token-external-todo?ref=v0.4.62" source_id = each.key connector_specific_external_steps = each.value.external_token_todo @@ -240,7 +240,7 @@ module "aws-psoxy-long-auth-connectors" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors source = "../../modules/aws-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -285,7 +285,7 @@ module "worklytics-psoxy-connection" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_instance_id = each.key connector_id = try(each.value.worklytics_connector_id, "") @@ -318,7 +318,7 @@ module "psoxy-bulk" { for_each = merge(module.worklytics_connector_specs.enabled_bulk_connectors, var.custom_bulk_connectors) source = "../../modules/aws-psoxy-bulk" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-bulk?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-bulk?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -358,7 +358,7 @@ module "psoxy-bulk-to-worklytics" { var.custom_bulk_connectors) source = "../../modules/worklytics-psoxy-connection-generic" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key @@ -378,7 +378,7 @@ module "lookup_output" { for_each = var.lookup_table_builders source = "../../modules/aws-psoxy-output-bucket" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-output-bucket?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-output-bucket?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key diff --git a/infra/modular-examples/aws-msft-365/main.tf b/infra/modular-examples/aws-msft-365/main.tf index 7fcea2ef8..b5ee191e0 100644 --- a/infra/modular-examples/aws-msft-365/main.tf +++ b/infra/modular-examples/aws-msft-365/main.tf @@ -24,7 +24,7 @@ data "azuread_client_config" "current" {} module "worklytics_connector_specs" { source = "../../modules/worklytics-connector-specs" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.62" enabled_connectors = var.enabled_connectors msft_tenant_id = var.msft_tenant_id @@ -44,7 +44,7 @@ module "worklytics_connector_specs" { module "psoxy-aws" { source = "../../modules/aws" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws?ref=v0.4.62" aws_account_id = var.aws_account_id region = var.aws_region @@ -57,7 +57,7 @@ module "psoxy-aws" { module "global_secrets" { source = "../../modules/aws-ssm-secrets" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.62" path = var.aws_ssm_param_root_path kms_key_id = var.aws_ssm_key_id @@ -76,7 +76,7 @@ moved { module "cognito-identity-pool" { source = "../../modules/aws-cognito-pool" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.62" developer_provider_name = "azure-access" @@ -91,7 +91,7 @@ module "msft-connection" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/azuread-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-connection?ref=v0.4.62" display_name = "Psoxy Connector - ${each.value.display_name}${var.connector_display_name_suffix}" tenant_id = var.msft_tenant_id @@ -113,7 +113,7 @@ module "msft-connection-auth-federation" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/azuread-federated-credentials" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.62" application_object_id = module.msft-connection[each.key].connector.id display_name = "AccessFromAWS" @@ -130,7 +130,7 @@ module "msft_365_grants" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/azuread-grant-all-users" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-grant-all-users?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-grant-all-users?ref=v0.4.62" psoxy_instance_id = each.key application_id = module.msft-connection[each.key].connector.application_id @@ -144,7 +144,7 @@ module "psoxy-msft-connector" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/aws-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -194,7 +194,7 @@ module "worklytics-psoxy-connection-msft-365" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key @@ -239,7 +239,7 @@ module "parameter-fill-instructions" { for_each = local.long_access_parameters source = "../../modules/aws-ssm-fill-md" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-fill-md?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-fill-md?ref=v0.4.62" region = var.aws_region parameter_name = aws_ssm_parameter.long-access-secrets[each.key].name @@ -249,7 +249,7 @@ module "source_token_external_todo" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors_todos source = "../../modules/source-token-external-todo" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/source-token-external-todo?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/source-token-external-todo?ref=v0.4.62" source_id = each.key connector_specific_external_steps = each.value.external_token_todo @@ -262,7 +262,7 @@ module "aws-psoxy-long-auth-connectors" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors source = "../../modules/aws-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -305,7 +305,7 @@ module "worklytics-psoxy-connection-oauth-long-access" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key @@ -364,7 +364,7 @@ module "psoxy-bulk" { var.custom_bulk_connectors) source = "../../modules/aws-psoxy-bulk" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-bulk?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-bulk?ref=v0.4.62" environment_name = var.environment_name aws_account_id = var.aws_account_id @@ -409,7 +409,7 @@ module "psoxy-bulk-to-worklytics" { var.custom_bulk_connectors) source = "../../modules/worklytics-psoxy-connection-generic" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key @@ -429,7 +429,7 @@ module "lookup_output" { for_each = var.lookup_table_builders source = "../../modules/aws-psoxy-output-bucket" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-output-bucket?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-output-bucket?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key diff --git a/infra/modular-examples/aws/main.tf b/infra/modular-examples/aws/main.tf index ce7663645..4cfd265c2 100644 --- a/infra/modular-examples/aws/main.tf +++ b/infra/modular-examples/aws/main.tf @@ -33,7 +33,7 @@ locals { module "worklytics_connector_specs" { source = "../../modules/worklytics-connector-specs" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.61 + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.62 enabled_connectors = var.enabled_connectors google_workspace_example_user = var.google_workspace_example_user @@ -52,7 +52,7 @@ module "worklytics_connector_specs" { module "psoxy_aws" { source = "../../modules/aws" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws?ref=v0.4.61 + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws?ref=v0.4.62 aws_account_id = var.aws_account_id region = data.aws_region.current.id @@ -75,7 +75,7 @@ moved { # secrets shared across all instances module "global_secrets" { source = "../../modules/aws-ssm-secrets" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.61 + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.62 path = var.aws_ssm_param_root_path kms_key_id = var.aws_ssm_key_id @@ -92,7 +92,7 @@ module "google_workspace_connection" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/google-workspace-dwd-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/google-workspace-dwd-connection?ref=v0.4.61 + # source = "git::https://github.com/worklytics/psoxy//infra/modules/google-workspace-dwd-connection?ref=v0.4.62 project_id = var.gcp_project_id connector_service_account_id = "${local.function_name_prefix}${local.deployment_id_sa_id_part}${each.key}" @@ -117,7 +117,7 @@ module "google_workspace_connection_auth" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/gcp-sa-auth-key" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-sa-auth-key?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-sa-auth-key?ref=v0.4.62" service_account_id = module.google_workspace_connection[each.key].service_account_id } @@ -133,7 +133,7 @@ module "sa_key_secrets" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/aws-ssm-secrets" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-secrets?ref=v0.4.62" # other possibly implementations: # source = "../hashicorp-vault-secrets" @@ -159,7 +159,7 @@ module "psoxy_google_workspace_connector" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/aws-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -203,7 +203,7 @@ module "worklytics_psoxy_connection_google_workspace" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_instance_id = each.key psoxy_host_platform_id = local.host_platform_id @@ -237,7 +237,7 @@ module "cognito_identity_pool" { count = local.msft_365_enabled ? 1 : 0 # only provision identity pool if MSFT-365 connectors are enabled source = "../../modules/aws-cognito-pool" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.62" developer_provider_name = "azure-access" name = "azure-ad-federation" @@ -247,7 +247,7 @@ module "cognito_identity" { count = local.msft_365_enabled ? 1 : 0 # only provision identity pool if MSFT-365 connectors are enabled source = "../../modules/aws-cognito-identity-cli" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-identity-cli?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-identity-cli?ref=v0.4.62" identity_pool_id = module.cognito_identity_pool[0].pool_id aws_region = data.aws_region.current.id @@ -269,7 +269,7 @@ module "msft_connection" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/azuread-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-connection?ref=v0.4.62" display_name = "Psoxy Connector - ${each.value.display_name}${var.connector_display_name_suffix}" tenant_id = var.msft_tenant_id @@ -288,7 +288,7 @@ module "msft_connection_auth_federation" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/azuread-federated-credentials" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.62" application_object_id = module.msft_connection[each.key].connector.id display_name = "AccessFromAWS" @@ -312,7 +312,7 @@ module "msft_365_grants" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/azuread-grant-all-users" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-grant-all-users?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-grant-all-users?ref=v0.4.62" psoxy_instance_id = each.key application_id = module.msft_connection[each.key].connector.application_id @@ -326,7 +326,7 @@ module "psoxy_msft_connector" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/aws-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -380,7 +380,7 @@ module "worklytics_psoxy_connection_msft_365" { for_each = module.worklytics_connector_specs.enabled_msft_365_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key @@ -433,7 +433,7 @@ module "parameter_fill_instructions" { for_each = local.long_access_parameters source = "../../modules/aws-ssm-fill-md" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-fill-md?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-ssm-fill-md?ref=v0.4.62" region = data.aws_region.current.id parameter_name = aws_ssm_parameter.long-access-secrets[each.key].name @@ -449,7 +449,7 @@ module "source_token_external_todo" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors_todos source = "../../modules/source-token-external-todo" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/source-token-external-todo?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/source-token-external-todo?ref=v0.4.62" source_id = each.key connector_specific_external_steps = each.value.external_token_todo @@ -462,7 +462,7 @@ module "aws_psoxy_long_auth_connectors" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors source = "../../modules/aws-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-rest?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -510,7 +510,7 @@ module "worklytics_psoxy_connection" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_instance_id = each.key connector_id = try(each.value.worklytics_connector_id, "") @@ -549,7 +549,7 @@ module "psoxy_bulk" { for_each = merge(module.worklytics_connector_specs.enabled_bulk_connectors, var.custom_bulk_connectors) source = "../../modules/aws-psoxy-bulk" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-bulk?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-bulk?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key @@ -593,7 +593,7 @@ module "psoxy_bulk_to_worklytics" { var.custom_bulk_connectors) source = "../../modules/worklytics-psoxy-connection-generic" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key @@ -620,7 +620,7 @@ module "lookup_output" { for_each = var.lookup_table_builders source = "../../modules/aws-psoxy-output-bucket" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-output-bucket?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-psoxy-output-bucket?ref=v0.4.62" environment_name = var.environment_name instance_id = each.key diff --git a/infra/modular-examples/gcp-google-workspace/main.tf b/infra/modular-examples/gcp-google-workspace/main.tf index 0a7d53333..17125b4b8 100644 --- a/infra/modular-examples/gcp-google-workspace/main.tf +++ b/infra/modular-examples/gcp-google-workspace/main.tf @@ -13,7 +13,7 @@ locals { module "worklytics_connector_specs" { source = "../../modules/worklytics-connector-specs" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connector-specs?ref=v0.4.62" enabled_connectors = var.enabled_connectors @@ -33,7 +33,7 @@ module "worklytics_connector_specs" { module "psoxy-gcp" { source = "../../modules/gcp" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp?ref=v0.4.62" project_id = var.gcp_project_id psoxy_base_dir = var.psoxy_base_dir @@ -47,7 +47,7 @@ module "google-workspace-connection" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/google-workspace-dwd-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/google-workspace-dwd-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/google-workspace-dwd-connection?ref=v0.4.62" project_id = var.gcp_project_id connector_service_account_id = "psoxy-${substr(each.key, 0, 24)}" @@ -65,7 +65,7 @@ module "google-workspace-connection-auth" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/gcp-sa-auth-key" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-sa-auth-key?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-sa-auth-key?ref=v0.4.62" service_account_id = module.google-workspace-connection[each.key].service_account_id } @@ -75,7 +75,7 @@ module "google-workspace-key-secrets" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/gcp-secrets" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-secrets?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-secrets?ref=v0.4.62" secret_project = var.gcp_project_id default_labels = var.default_labels @@ -116,7 +116,7 @@ module "psoxy-google-workspace-connector" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/gcp-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-psoxy-rest?ref=v0.4.62" project_id = var.gcp_project_id source_kind = each.value.source_kind @@ -159,7 +159,7 @@ module "worklytics-psoxy-connection" { for_each = module.worklytics_connector_specs.enabled_google_workspace_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key @@ -192,7 +192,7 @@ module "connector-oauth" { for_each = local.long_access_parameters source = "../../modules/gcp-oauth-secrets" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-oauth-secrets?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-oauth-secrets?ref=v0.4.62" secret_name = "PSOXY_${upper(replace(each.value.connector_name, "-", "_"))}_${upper(each.value.secret_name)}" project_id = var.gcp_project_id @@ -213,7 +213,7 @@ module "long-auth-token-secret-fill-instructions" { for_each = local.long_access_parameters source = "../../modules/gcp-secret-fill-md" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-secret-fill-md?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-secret-fill-md?ref=v0.4.62" project_id = var.gcp_project_id secret_id = module.connector-oauth[each.key].secret_id @@ -223,7 +223,7 @@ module "source_token_external_todo" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors_todos source = "../../modules/source-token-external-todo" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/source-token-external-todo?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/source-token-external-todo?ref=v0.4.62" source_id = each.key connector_specific_external_steps = each.value.external_token_todo @@ -236,7 +236,7 @@ module "connector-long-auth-function" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors source = "../../modules/gcp-psoxy-rest" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-psoxy-rest?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-psoxy-rest?ref=v0.4.62" project_id = var.gcp_project_id source_kind = each.value.source_kind @@ -281,7 +281,7 @@ module "worklytics-psoxy-connection-long-auth" { for_each = module.worklytics_connector_specs.enabled_oauth_long_access_connectors source = "../../modules/worklytics-psoxy-connection" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection?ref=v0.4.62" psoxy_host_platform_id = "GCP" psoxy_instance_id = each.key @@ -299,7 +299,7 @@ module "psoxy-gcp-bulk" { var.custom_bulk_connectors) source = "../../modules/gcp-psoxy-bulk" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-psoxy-bulk?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-psoxy-bulk?ref=v0.4.62" project_id = var.gcp_project_id worklytics_sa_emails = var.worklytics_sa_emails @@ -333,7 +333,7 @@ module "psoxy-bulk-to-worklytics" { var.custom_bulk_connectors) source = "../../modules/worklytics-psoxy-connection-generic" - # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.61" + # source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.62" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key diff --git a/infra/modules/aws-host/main.tf b/infra/modules/aws-host/main.tf index 6066d6ff4..6d17533b4 100644 --- a/infra/modules/aws-host/main.tf +++ b/infra/modules/aws-host/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3, < 1.10" + required_version = ">= 1.3, < 1.11" required_providers { aws = { diff --git a/infra/modules/gcp-host/main.tf b/infra/modules/gcp-host/main.tf index 87fb129a8..850868461 100644 --- a/infra/modules/gcp-host/main.tf +++ b/infra/modules/gcp-host/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3, < 1.10" + required_version = ">= 1.3, < 1.11" } locals { diff --git a/infra/modules/worklytics-connector-specs/main.tf b/infra/modules/worklytics-connector-specs/main.tf index f0d7efea9..d6d3f9f09 100644 --- a/infra/modules/worklytics-connector-specs/main.tf +++ b/infra/modules/worklytics-connector-specs/main.tf @@ -898,10 +898,12 @@ EOT reserved_concurrent_executions : null example_api_calls_user_to_impersonate : null example_api_calls : [ - "/api/discovery.enterprise.info", - "/api/discovery.conversations.list", - "/api/discovery.conversations.history?channel={CHANNEL_ID}&limit=10", - "/api/discovery.users.list", + "/api/discovery.enterprise.info?include_deleted=false&limit=5", + "/api/discovery.conversations.list?limit=10", + "/api/discovery.conversations.info?team={WORKSPACE_ID}&channel={CHANNEL_ID}", + "/api/discovery.conversations.recent?limit=10", + "/api/discovery.conversations.history?team={WORKSPACE_ID}&channel={CHANNEL_ID}&limit=10", + "/api/discovery.users.list?limit=5", ] external_token_todo : < getDefaultScopeIdFromRules(com.avaulta.gateway.rules.Rul defaultScopeIdBySource.put("azure-ad", "azure-ad"); defaultScopeIdBySource.put("outlook-cal", "azure-ad"); defaultScopeIdBySource.put("outlook-mail", "azure-ad"); + defaultScopeIdBySource.put("msft-teams", "azure-ad"); defaultScopeIdBySource.put("github", "github"); defaultScopeIdBySource.put("github-enterprise-server", "github"); diff --git a/java/core/src/main/java/co/worklytics/psoxy/rules/msft/PrebuiltSanitizerRules.java b/java/core/src/main/java/co/worklytics/psoxy/rules/msft/PrebuiltSanitizerRules.java index 7dfa8ac54..2096841bf 100644 --- a/java/core/src/main/java/co/worklytics/psoxy/rules/msft/PrebuiltSanitizerRules.java +++ b/java/core/src/main/java/co/worklytics/psoxy/rules/msft/PrebuiltSanitizerRules.java @@ -436,6 +436,7 @@ public class PrebuiltSanitizerRules { .jsonPath("$..joinInformation") .jsonPath("$..joinMeetingIdSettings.isPasscodeRequired") .jsonPath("$..joinMeetingIdSettings.passcode") + .jsonPath("$..upn") .build(); static final Transform.Tokenize MS_TEAMS_CALL_ID_TOKENIZATION = Transform.Tokenize.builder() @@ -650,6 +651,9 @@ public class PrebuiltSanitizerRules { .endpoint(Endpoint.builder() .pathRegex(ENTRA_ID_REGEX_USERS_BY_PSEUDO + "/onlineMeetings/[a-zA-Z0-9_-]+/attendanceReports/[a-zA-Z0-9_-]+(\\?.*)?") .transform(MS_TEAMS_TEAMS_DEFAULT_PSEUDONYMIZE) + .transform(Transform.Pseudonymize.builder() + .jsonPath("$..identity.id") + .build()) .transform(PSEUDONYMIZE_USER_ID) .transform(MS_TEAMS_USERS_ONLINE_MEETINGS_REDACT) .transform(REDACT_ODATA_CONTEXT) @@ -659,6 +663,9 @@ public class PrebuiltSanitizerRules { .endpoint(Endpoint.builder() .pathRegex(ENTRA_ID_REGEX_USERS_BY_PSEUDO + "/onlineMeetings/[a-zA-Z0-9_-]+/attendanceReports(\\?.*)?") .transform(MS_TEAMS_TEAMS_DEFAULT_PSEUDONYMIZE) + .transform(Transform.Pseudonymize.builder() + .jsonPath("$..identity.id") + .build()) .transform(PSEUDONYMIZE_USER_ID) .transform(MS_TEAMS_USERS_ONLINE_MEETINGS_REDACT) .transform(REDACT_ODATA_CONTEXT) @@ -669,6 +676,9 @@ public class PrebuiltSanitizerRules { .pathRegex(ENTRA_ID_REGEX_USERS_BY_PSEUDO + "/onlineMeetings(\\?.*)?") .transforms(Arrays.asList(PSEUDONYMIZE_USER_ID, MS_TEAMS_TEAMS_DEFAULT_PSEUDONYMIZE, + Transform.Pseudonymize.builder() + .jsonPath("$..identity.id") + .build(), TOKENIZE_ODATA_LINKS, MS_TEAMS_USERS_ONLINE_MEETINGS_REDACT .toBuilder() diff --git a/java/core/src/main/java/co/worklytics/psoxy/rules/slack/PrebuiltSanitizerRules.java b/java/core/src/main/java/co/worklytics/psoxy/rules/slack/PrebuiltSanitizerRules.java index bfd479e90..27b9f23e4 100644 --- a/java/core/src/main/java/co/worklytics/psoxy/rules/slack/PrebuiltSanitizerRules.java +++ b/java/core/src/main/java/co/worklytics/psoxy/rules/slack/PrebuiltSanitizerRules.java @@ -1,6 +1,7 @@ package co.worklytics.psoxy.rules.slack; import co.worklytics.psoxy.rules.RESTRules; +import com.avaulta.gateway.pseudonyms.PseudonymEncoder; import com.avaulta.gateway.rules.Endpoint; import co.worklytics.psoxy.rules.Rules2; import com.avaulta.gateway.rules.transforms.Transform; @@ -26,6 +27,10 @@ public class PrebuiltSanitizerRules { .pathTemplate("/api/discovery.users.list") .transform(Transform.Pseudonymize.builder() .jsonPath("$.users[*].id") + .includeReversible(true) + .encoding(PseudonymEncoder.Implementations.URL_SAFE_TOKEN) + .build()) + .transform(Transform.Pseudonymize.builder() .jsonPath("$.users[*].profile.email") .jsonPath("$.users[*].profile.guest_invited_by") .build()) @@ -39,6 +44,16 @@ public class PrebuiltSanitizerRules { .jsonPath("$.users[*].profile['image_original','is_custom_image','image_24','image_32','image_48','image_72','image_192','image_512','image_1024','status_text_canonical']") .build()) .build()) + .endpoint(Endpoint.builder() + .pathTemplate("/api/discovery.user.conversations") + // no PII + // redact channel name, topic and purpose + .transform(Transform.Redact.builder() + // we don't care about names + // topic and purpose contains user ids, not used at all, so just get rid of the entire content + .jsonPath("$.channels[*]['name','topic','purpose']") + .build()) + .build()) .endpoint(Endpoint.builder() .pathTemplate("/api/discovery.conversations.list") // no PII @@ -74,6 +89,7 @@ public class PrebuiltSanitizerRules { .pathTemplate("/api/discovery.conversations.history") .transform(Transform.Pseudonymize.builder() .jsonPath("$.messages[*].user") + .jsonPath("$.messages[*].inviter") .jsonPath("$.messages[*].files[*].user") .jsonPath("$.messages[*].reactions[*].users[*]") .jsonPath("$.messages[*].replies[*].user") diff --git a/java/core/src/test/java/co/worklytics/psoxy/rules/msft/TeamsTests.java b/java/core/src/test/java/co/worklytics/psoxy/rules/msft/TeamsTests.java index bed9253b7..77a833e7a 100644 --- a/java/core/src/test/java/co/worklytics/psoxy/rules/msft/TeamsTests.java +++ b/java/core/src/test/java/co/worklytics/psoxy/rules/msft/TeamsTests.java @@ -15,12 +15,14 @@ public class TeamsTests extends JavaRulesTestBaseCase { @Getter final Rules2 rulesUnderTest = PrebuiltSanitizerRules.MS_TEAMS; - @Getter - final RulesTestSpec rulesTestSpec = RulesTestSpec.builder() - .sourceFamily("microsoft-365") - .defaultScopeId("azure-ad") - .sourceKind("msft-teams") - .build(); + @Override + public RulesTestSpec getRulesTestSpec() { + return RulesTestSpec.builder() + .sourceFamily("microsoft-365") + .defaultScopeId(rulesUtils.getDefaultScopeIdFromSource("msft-teams")) + .sourceKind("msft-teams") + .build(); + } @ParameterizedTest @ValueSource(strings = {"v1.0"}) @@ -424,6 +426,7 @@ public void users_onlineMeetings(String apiVersion) { String userId = "dc17674c-81d9-4adb-bfb2-8f6a442e4622"; String endpoint = "https://graph.microsoft.com/" + apiVersion + "/users/" + userId + "/onlineMeetings"; String jsonResponse = asJson("Users_onlineMeetings_" + apiVersion + ".json"); + assertNotSanitized(jsonResponse, "everyone", "5552478", @@ -437,7 +440,8 @@ public void users_onlineMeetings(String apiVersion) { "https://teams.microsoft.com/l/meetup-join/19%3a:meeting_NTg0NmQ3NTctZDVkZC00YzRhLThmNmEtOGQDdmZDZk@thread.v2/0?context=%7b%22Tid%22%3a%aa67bd4c-8475-432d-bd41-39f255720e0a%22%2c%22Oid%22%3a%22112f7296-5fa4-42ca-bb15d4b8%22%7d", "112f7296-5ca-bae8-6a692b15d4b8", "5810cedeb-b2c1-e9bd5d53ec96", - "joinMeetingId", "1234567890" + "joinMeetingId", + "1234567890" ); String sanitized = sanitize(endpoint, jsonResponse); @@ -451,7 +455,9 @@ public void users_onlineMeetings(String apiVersion) { "macAddress", "reflexiveIPAddress", "relayIPAddress", - "subnet" + "subnet", + "foo@some-domain.com", + "upn-value" ); assertUrlWithSubResourcesBlocked(endpoint); } diff --git a/java/core/src/test/java/co/worklytics/psoxy/rules/msft/Teams_NoUserIds_Tests.java b/java/core/src/test/java/co/worklytics/psoxy/rules/msft/Teams_NoUserIds_Tests.java index a6956288c..cdd870cb7 100644 --- a/java/core/src/test/java/co/worklytics/psoxy/rules/msft/Teams_NoUserIds_Tests.java +++ b/java/core/src/test/java/co/worklytics/psoxy/rules/msft/Teams_NoUserIds_Tests.java @@ -2,6 +2,7 @@ import co.worklytics.psoxy.rules.JavaRulesTestBaseCase; import co.worklytics.psoxy.rules.Rules2; +import co.worklytics.psoxy.rules.RulesUtils; import jdk.jfr.Description; import lombok.Getter; import org.junit.jupiter.api.Disabled; @@ -20,14 +21,16 @@ public class Teams_NoUserIds_Tests extends JavaRulesTestBaseCase { final Rules2 rulesUnderTest = PrebuiltSanitizerRules.MS_TEAMS_NO_USER_ID; - @Getter - final RulesTestSpec rulesTestSpec = RulesTestSpec.builder() - .sourceFamily("microsoft-365") - .defaultScopeId("azure-ad") - .sourceKind("msft-teams") - .rulesFile("msft-teams_no-userIds") - .exampleSanitizedApiResponsesPath("example-api-responses/sanitized_no-userIds/") - .build(); + @Override + public RulesTestSpec getRulesTestSpec() { + return RulesTestSpec.builder() + .sourceFamily("microsoft-365") + .sourceKind("msft-teams") + .defaultScopeId(rulesUtils.getDefaultScopeIdFromSource("msft-teams")) + .rulesFile("msft-teams_no-userIds") + .exampleSanitizedApiResponsesPath("example-api-responses/sanitized_no-userIds/") + .build(); + } @Test @Description("Test endpoint:" + PrebuiltSanitizerRules.MS_TEAMS_PATH_TEMPLATES_TEAMS) @@ -272,6 +275,7 @@ public void users_onlineMeetings() { String jsonResponse = asJson("Users_onlineMeetings_" + "v1.0" + ".json"); String sanitized = sanitize(endpoint, jsonResponse); + assertPseudonymized(sanitized, "112f7296-5ca-bae8-6a692b15d4b8", "5810cedeb-b2c1-e9bd5d53ec96"); assertRedacted(sanitized, "@odata.type", @@ -279,7 +283,9 @@ public void users_onlineMeetings() { "#microsoft.graph.chatInfo", "#microsoft.graph.meetingParticipants", "#microsoft.graph.identitySet", - "#microsoft.graph.identity" + "#microsoft.graph.identity", + "foo@some-domain.com", + "upn-value" ); assertUrlWithSubResourcesBlocked(endpoint); } diff --git a/java/core/src/test/java/co/worklytics/psoxy/rules/slack/SlackDiscoveryTests.java b/java/core/src/test/java/co/worklytics/psoxy/rules/slack/SlackDiscoveryTests.java index 5ad8ecc1a..c420b8b0e 100644 --- a/java/core/src/test/java/co/worklytics/psoxy/rules/slack/SlackDiscoveryTests.java +++ b/java/core/src/test/java/co/worklytics/psoxy/rules/slack/SlackDiscoveryTests.java @@ -26,10 +26,10 @@ public class SlackDiscoveryTests extends JavaRulesTestBaseCase { @Getter final RulesTestSpec rulesTestSpec = RulesTestSpec.builder() - .defaultScopeId("slack") - .sourceKind("slack") - .rulesFile("discovery") - .build(); + .defaultScopeId("slack") + .sourceKind("slack") + .rulesFile("discovery") + .build(); @SneakyThrows @ValueSource(strings = { @@ -40,6 +40,7 @@ public class SlackDiscoveryTests extends JavaRulesTestBaseCase { "https://slack.com/api/discovery.conversations.history", "https://slack.com/api/discovery.conversations.history?channel=X&limit=10", "https://slack.com/api/discovery.conversations.recent?team=X&limit=10&latest=123", + "https://slack.com/api/discovery.user.conversations?include_historical=true&user=X&limit=10&offset=Y", "https://slack.com/api/discovery.users.list", "https://slack.com/api/discovery.users.list?limit=20&include_deleted=true", }) @@ -58,7 +59,6 @@ void allowedEndpointRegex_allowed(String url) { "https://slack.com/api/discovery.conversation.info/", // all the rest of the discovery methods "https://slack.com/api/discovery.user.info", - "https://slack.com/api/discovery.user.conversations", "https://slack.com/api/discovery.conversations.edits", "https://slack.com/api/discovery.conversations.members", "https://slack.com/api/discovery.conversations.renames", @@ -184,6 +184,18 @@ void discovery_conversations_recent() { assertJsonEquals(jsonString, sanitized); } + @SneakyThrows + @Test + void discovery_users_conversations() { + String jsonString = asJson("discovery-user-conversations.json"); + + String sanitized = + sanitizer.sanitize("GET", new URL("https://slack.com/api/discovery.user.conversations"), jsonString); + + // nothing to redact / pseudonymize + assertJsonEquals(jsonString, sanitized); + } + @SneakyThrows @Test void discovery_conversations_info() { @@ -225,12 +237,13 @@ void discovery_enterprise_info() { @Override public Stream getExamples() { return Stream.of( - InvocationExample.of("https://slack.com/api/discovery.enterprise.info", "discovery-enterprise-info.json"), - InvocationExample.of("https://slack.com/api/discovery.conversations.info", "discovery-conversations-info.json"), - InvocationExample.of("https://slack.com/api/discovery.conversations.recent", "discovery-conversations-recent.json"), - InvocationExample.of("https://slack.com/api/discovery.conversations.history", "discovery-conversations-history.json"), - InvocationExample.of("https://slack.com/api/discovery.users.list", "discovery-users-list.json"), - InvocationExample.of("https://slack.com/api/discovery.conversations.list", "discovery-conversations-list.json") + InvocationExample.of("https://slack.com/api/discovery.enterprise.info", "discovery-enterprise-info.json"), + InvocationExample.of("https://slack.com/api/discovery.conversations.info", "discovery-conversations-info.json"), + InvocationExample.of("https://slack.com/api/discovery.conversations.recent", "discovery-conversations-recent.json"), + InvocationExample.of("https://slack.com/api/discovery.conversations.history", "discovery-conversations-history.json"), + InvocationExample.of("https://slack.com/api/discovery.users.list", "discovery-users-list.json"), + InvocationExample.of("https://slack.com/api/discovery.user.conversations", "discovery-user-conversations.json"), + InvocationExample.of("https://slack.com/api/discovery.conversations.list", "discovery-conversations-list.json") ); } } \ No newline at end of file diff --git a/java/core/src/test/java/co/worklytics/psoxy/rules/zoom/ZoomRulesTests.java b/java/core/src/test/java/co/worklytics/psoxy/rules/zoom/ZoomRulesTests.java index 6da1c2c10..f3df8bc16 100644 --- a/java/core/src/test/java/co/worklytics/psoxy/rules/zoom/ZoomRulesTests.java +++ b/java/core/src/test/java/co/worklytics/psoxy/rules/zoom/ZoomRulesTests.java @@ -45,7 +45,10 @@ public class ZoomRulesTests extends JavaRulesTestBaseCase { "https://api.zoom.us/v2/report/users/myuserid/meetings?from=2022-05-16&to=2022-05-31&type=pastJoined&page_size=1", "https://api.zoom.us/v2/report/meetings/{meetingId}", "https://api.zoom.us/v2/report/meetings/{meetingId}/participants", - + "https://api.zoom.us/v2/report/meetings/{meetingId}/participants?page_size=300", + "https://api.zoom.us/v2/report/meetings/NUXghb123TCj0bP6nPVe%252Fsg%253D%253D/participants?page_size=300", + "https://api.zoom.us/v2/report/meetings/NUXghb123TCj0bP6nPVe%2Fsg%3D%3D/participants?page_size=300", // url decode id once + //"https://api.zoom.us/v2/report/meetings/NUXghb123TCj0bP6nPVe/sg==/participants?page_size=300", // url decode id twice }) @ParameterizedTest void allowedEndpointRegex_allowed(String url) { diff --git a/java/pom.xml b/java/pom.xml index 254b5b09c..5a1801fc9 100644 --- a/java/pom.xml +++ b/java/pom.xml @@ -10,7 +10,7 @@ pom - 0.4.61 + 0.4.62 UTF-8 1.18.30 2.40.5 diff --git a/tools/init-tfvars.sh b/tools/init-tfvars.sh index ee1650c28..82cdc2997 100755 --- a/tools/init-tfvars.sh +++ b/tools/init-tfvars.sh @@ -7,7 +7,7 @@ PSOXY_BASE_DIR=$2 DEPLOYMENT_ENV=${3:-"local"} HOST_PLATFORM=${4:-"aws"} -SCRIPT_VERSION="v0.4.61" +SCRIPT_VERSION="v0.4.62" if [ -z "$PSOXY_BASE_DIR" ]; then printf "Usage: init-tfvars.sh [DEPLOYMENT_ENV]\n"