From 0cdd6874bdcc111b2a216995d65af67777c23e05 Mon Sep 17 00:00:00 2001 From: maimorag Date: Sat, 24 Jun 2023 18:49:26 +0300 Subject: [PATCH 1/9] Microsoft Align credentials stores -part 23 --- .../.pack-ignore | 2 +- .../MicrosoftGraphDeviceManagement.py | 9 +++-- .../MicrosoftGraphDeviceManagement.yml | 27 +++++++++++++- .../ReleaseNotes/1_1_13.md | 10 +++++ .../pack_metadata.json | 2 +- Packs/MicrosoftGraphFiles/.pack-ignore | 2 +- .../MicrosoftGraphFiles.py | 9 +++-- .../MicrosoftGraphFiles.yml | 37 ++++++++++++++++--- .../ReleaseNotes/1_1_13.md | 10 +++++ Packs/MicrosoftGraphFiles/pack_metadata.json | 2 +- Packs/MicrosoftGraphGroups/.pack-ignore | 2 +- .../MicrosoftGraphGroups.py | 2 +- .../MicrosoftGraphGroups.yml | 7 ++++ .../ReleaseNotes/1_1_22.md | 5 +++ Packs/MicrosoftGraphGroups/pack_metadata.json | 2 +- .../MicrosoftManagementActivity/.pack-ignore | 2 +- .../MicrosoftManagementActivity.py | 11 +++--- .../MicrosoftManagementActivity.yml | 37 +++++++++++++++++++ .../ReleaseNotes/1_3_20.md | 10 +++++ .../pack_metadata.json | 2 +- 20 files changed, 161 insertions(+), 29 deletions(-) create mode 100644 Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md create mode 100644 Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md create mode 100644 Packs/MicrosoftGraphGroups/ReleaseNotes/1_1_22.md create mode 100644 Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md diff --git a/Packs/MicrosoftGraphDeviceManagement/.pack-ignore b/Packs/MicrosoftGraphDeviceManagement/.pack-ignore index 4d338f94c1de..9c4769ef56d8 100644 --- a/Packs/MicrosoftGraphDeviceManagement/.pack-ignore +++ b/Packs/MicrosoftGraphDeviceManagement/.pack-ignore @@ -2,7 +2,7 @@ ignore=auto-test [file:MicrosoftGraphDeviceManagement.yml] -ignore=DS107,IN145 +ignore=DS107 [known_words] Intune diff --git a/Packs/MicrosoftGraphDeviceManagement/Integrations/MicrosoftGraphDeviceManagement/MicrosoftGraphDeviceManagement.py b/Packs/MicrosoftGraphDeviceManagement/Integrations/MicrosoftGraphDeviceManagement/MicrosoftGraphDeviceManagement.py index 9541be8645c3..1ee5db03e793 100644 --- a/Packs/MicrosoftGraphDeviceManagement/Integrations/MicrosoftGraphDeviceManagement/MicrosoftGraphDeviceManagement.py +++ b/Packs/MicrosoftGraphDeviceManagement/Integrations/MicrosoftGraphDeviceManagement/MicrosoftGraphDeviceManagement.py @@ -405,15 +405,16 @@ def update_windows_device_account_command(client: MsGraphClient, args: dict) -> def main(): args: dict = demisto.args() params: dict = demisto.params() - tenant_id: str = params.get('tenant_id', '') - auth_and_token_url: str = params.get('auth_id', '') - enc_key: str = params.get('enc_key', '') + tenant_id: str = params.get('credentials_tenant_id', {}).get('password') or params.get('tenant_id', '') + auth_and_token_url: str = params.get('credentials_auth_id', {}).get('password') or params.get('auth_id', '') + enc_key: str = params.get('credentials_enc_key', {}).get('password') or params.get('enc_key', '') base_url: str = urljoin(params.get('url', ''), '/v1.0') app_name: str = 'ms-graph-device-management' ok_codes: tuple = (200, 201, 202, 204) use_ssl: bool = not params.get('insecure', False) proxy: bool = params.get('proxy', False) - certificate_thumbprint: str = params.get('certificate_thumbprint', '') + certificate_thumbprint: str = params.get('credentials_certificate_thumbprint', {}).get( + 'password') or params.get('certificate_thumbprint', '') private_key: str = params.get('private_key', '') managed_identities_client_id: Optional[str] = get_azure_managed_identities_client_id(params) self_deployed: bool = params.get('self_deployed', False) or managed_identities_client_id is not None diff --git a/Packs/MicrosoftGraphDeviceManagement/Integrations/MicrosoftGraphDeviceManagement/MicrosoftGraphDeviceManagement.yml b/Packs/MicrosoftGraphDeviceManagement/Integrations/MicrosoftGraphDeviceManagement/MicrosoftGraphDeviceManagement.yml index 0db3612876aa..17ba9baec1b0 100644 --- a/Packs/MicrosoftGraphDeviceManagement/Integrations/MicrosoftGraphDeviceManagement/MicrosoftGraphDeviceManagement.yml +++ b/Packs/MicrosoftGraphDeviceManagement/Integrations/MicrosoftGraphDeviceManagement/MicrosoftGraphDeviceManagement.yml @@ -12,19 +12,44 @@ configuration: name: auth_id required: false type: 4 + hidden: true +- displaypassword: ID or Client ID - see Detailed Instructions (?) + name: credentials_auth_id + required: false + hiddenusername: true + type: 9 - display: Token or Tenant ID - see Detailed Instructions (?) name: tenant_id required: false type: 4 + hidden: true +- displaypassword: Token or Tenant ID - see Detailed Instructions (?) + name: credentials_tenant_id + required: false + hiddenusername: true + type: 9 - display: Key or Client Secret - see Detailed Instructions (?) name: enc_key required: false type: 4 + hidden: true +- displaypassword: Key or Client Secret - see Detailed Instructions (?) + name: credentials_enc_key + required: false + hiddenusername: true + type: 9 - additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. display: Certificate Thumbprint name: certificate_thumbprint required: false type: 4 + hidden: true +- displaypassword: Certificate Thumbprint + additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. + name: credentials_certificate_thumbprint + required: false + hiddenusername: true + type: 9 - additionalinfo: Used for certificate authentication. The private key of the registered certificate. display: Private Key name: private_key @@ -886,7 +911,7 @@ script: - contextPath: MSGraphDeviceManagement.Device.PartnerReportedThreatState description: Indicates the threat state of a device when a Mobile Threat Defense partner is in use by the account and device. Read Only. Possible values are unknown, activated, deactivated, secured, lowSeverity, mediumSeverity, highSeverity, unresponsive, compromised, misconfigured. type: string - dockerimage: demisto/crypto:1.0.0.62404 + dockerimage: demisto/crypto:1.0.0.63672 runonce: false script: '' subtype: python3 diff --git a/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md b/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md new file mode 100644 index 000000000000..58b8add5cfab --- /dev/null +++ b/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md @@ -0,0 +1,10 @@ + +#### Integrations + +##### Microsoft Endpoint Manager (Intune) +- Added the following integration parameters to support credentials fetching object: + - ID or Client ID + - Token or Tenant ID + - Key or Client Secret + - Certificate Thumbprint +- Updated the Docker image to: *demisto/crypto:1.0.0.63672*. diff --git a/Packs/MicrosoftGraphDeviceManagement/pack_metadata.json b/Packs/MicrosoftGraphDeviceManagement/pack_metadata.json index dffa03a5e993..21b9ef54d0a7 100644 --- a/Packs/MicrosoftGraphDeviceManagement/pack_metadata.json +++ b/Packs/MicrosoftGraphDeviceManagement/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Graph Device Management", "description": "Microsoft Graph Device Management", "support": "xsoar", - "currentVersion": "1.1.12", + "currentVersion": "1.1.13", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/MicrosoftGraphFiles/.pack-ignore b/Packs/MicrosoftGraphFiles/.pack-ignore index cf80c630f3f6..b68cdd35a967 100644 --- a/Packs/MicrosoftGraphFiles/.pack-ignore +++ b/Packs/MicrosoftGraphFiles/.pack-ignore @@ -2,4 +2,4 @@ ignore=auto-test [file:MicrosoftGraphFiles.yml] -ignore=DS107,IN145 +ignore=DS107 diff --git a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.py b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.py index b514eefe149a..8464004877a4 100644 --- a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.py +++ b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.py @@ -814,13 +814,14 @@ def delete_file_command(client: MsGraphClient, args): def main(): params: dict = demisto.params() base_url: str = params.get('host', '').rstrip('/') + '/v1.0/' - tenant = params.get('tenant_id') - auth_id = params.get('auth_id') - enc_key = params.get('enc_key') + tenant = params.get('credentials_tenant_id', {}).get('password') or params.get('tenant_id') + auth_id = params.get('credentials_auth_id', {}).get('password') or params.get('auth_id') + enc_key = params.get('credentials_enc_key', {}).get('password') or params.get('enc_key') use_ssl: bool = not params.get('insecure', False) proxy: bool = params.get('proxy', False) ok_codes: tuple = (200, 204, 201) - certificate_thumbprint = params.get('certificate_thumbprint') + certificate_thumbprint = params.get('credentials_certificate_thumbprint', {}).get( + 'password') or params.get('certificate_thumbprint') private_key = params.get('private_key') managed_identities_client_id: Optional[str] = get_azure_managed_identities_client_id(params) self_deployed: bool = params.get('self_deployed', False) or managed_identities_client_id is not None diff --git a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml index 58412a043be3..5dcbebb61ae9 100644 --- a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml +++ b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml @@ -13,29 +13,54 @@ configuration: name: auth_id required: false type: 4 + hidden: true +- name: credentials_auth_id + required: false + type: 9 + displaypassword: ID (received from the admin consent - see Detailed Instructions) + hiddenusername: true - display: Token (received from the admin consent - see Detailed Instructions) name: tenant_id required: false type: 4 + hidden: true +- name: credentials_tenant_id + required: false + type: 9 + displaypassword: Token (received from the admin consent - see Detailed Instructions) + hiddenusername: true - display: Key (received from the admin consent - see Detailed Instructions) name: enc_key required: false type: 4 + hidden: true +- name: credentials_enc_key + required: false + type: 9 + displaypassword: Key (received from the admin consent - see Detailed Instructions) + hiddenusername: true - additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. - display: Certificate Thumbprint name: certificate_thumbprint required: false type: 4 -- additionalinfo: Used for certificate authentication. The private key of the registered certificate. - display: Private Key + display: Certificate Thumbprint + hidden: true +- name: credentials_certificate_thumbprint + required: false + type: 9 + additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. + displaypassword: Certificate Thumbprint + hiddenusername: true +- display: Private Key name: private_key required: false type: 14 -- additionalinfo: Relevant only if the integration is running on Azure VM. If selected, authenticates based on the value provided for the Azure Managed Identities Client ID field. If no value is provided for the Azure Managed Identities Client ID field, authenticates based on the System Assigned Managed Identity. For additional information, see the Help tab. - display: Use Azure Managed Identities + additionalinfo: Used for certificate authentication. The private key of the registered certificate. +- display: Use Azure Managed Identities name: use_managed_identities required: false type: 8 + additionalinfo: Relevant only if the integration is running on Azure VM. If selected, authenticates based on the value provided for the Azure Managed Identities Client ID field. If no value is provided for the Azure Managed Identities Client ID field, authenticates based on the System Assigned Managed Identity. For additional information, see the Help tab. - additionalinfo: The Managed Identities client ID for authentication - relevant only if the integration is running on Azure VM. displaypassword: Azure Managed Identities Client ID name: managed_identities_client_id @@ -610,7 +635,7 @@ script: - contextPath: File.MD5 description: The MD5 hash of the file. type: String - dockerimage: demisto/python_pancloud:1.0.0.49449 + dockerimage: demisto/python_pancloud:1.0.0.60733 runonce: false script: '' subtype: python3 diff --git a/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md b/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md new file mode 100644 index 000000000000..291451094925 --- /dev/null +++ b/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md @@ -0,0 +1,10 @@ + +#### Integrations + +##### O365 File Management (Onedrive/Sharepoint/Teams) +- Added the following integration parameters to support credentials fetching object: + - ID + - Token + - Key + - Certificate Thumbprint +- Updated the Docker image to: *demisto/python_pancloud:1.0.0.60733*. diff --git a/Packs/MicrosoftGraphFiles/pack_metadata.json b/Packs/MicrosoftGraphFiles/pack_metadata.json index 7fd362cbd881..3907d117d0b8 100644 --- a/Packs/MicrosoftGraphFiles/pack_metadata.json +++ b/Packs/MicrosoftGraphFiles/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Graph Files", "description": "Use the O365 File Management (Onedrive/Sharepoint/Teams) integration to enable your app get authorized access to files in OneDrive, SharePoint, and MS Teams across your entire organization. This integration requires admin consent.", "support": "xsoar", - "currentVersion": "1.1.12", + "currentVersion": "1.1.13", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/MicrosoftGraphGroups/.pack-ignore b/Packs/MicrosoftGraphGroups/.pack-ignore index 11ead97f9724..037208e8bdce 100644 --- a/Packs/MicrosoftGraphGroups/.pack-ignore +++ b/Packs/MicrosoftGraphGroups/.pack-ignore @@ -5,4 +5,4 @@ ignore=auto-test ignore=RM106 [file:MicrosoftGraphGroups.yml] -ignore=DS107,IN145,IN124 +ignore=DS107,IN124 diff --git a/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py b/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py index d31f28323477..dd264d8f8d68 100644 --- a/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py +++ b/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py @@ -459,7 +459,7 @@ def main(): auth_code = params.get('creds_auth_code', {}).get('password', '') or params.get('auth_code', '') proxy = params.get('proxy') handle_error: bool = argToBoolean(params.get('handle_error', 'true')) - certificate_thumbprint = params.get('certificate_thumbprint') + certificate_thumbprint = params.get('credentials_certificate_thumbprint', {}).get('password', '') or params.get('certificate_thumbprint') private_key = params.get('private_key') managed_identities_client_id = get_azure_managed_identities_client_id(params) self_deployed: bool = params.get('self_deployed', False) or managed_identities_client_id is not None diff --git a/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml b/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml index e2dc59d96d94..79a024cf39f2 100644 --- a/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml +++ b/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml @@ -38,6 +38,13 @@ configuration: name: certificate_thumbprint required: false type: 4 + hidden: true +- displaypassword: Certificate Thumbprint + additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. + name: credentials_certificate_thumbprint + required: false + hiddenusername: true + type: 9 - additionalinfo: Used for certificate authentication. The private key of the registered certificate. name: private_key required: false diff --git a/Packs/MicrosoftGraphGroups/ReleaseNotes/1_1_22.md b/Packs/MicrosoftGraphGroups/ReleaseNotes/1_1_22.md new file mode 100644 index 000000000000..cab89d529f46 --- /dev/null +++ b/Packs/MicrosoftGraphGroups/ReleaseNotes/1_1_22.md @@ -0,0 +1,5 @@ + +#### Integrations + +##### Azure Active Directory Groups +- Added the *Certificate Thumbprint* integration parameters to support credentials fetching object. diff --git a/Packs/MicrosoftGraphGroups/pack_metadata.json b/Packs/MicrosoftGraphGroups/pack_metadata.json index be94d5544e9b..c55bc9814a1d 100644 --- a/Packs/MicrosoftGraphGroups/pack_metadata.json +++ b/Packs/MicrosoftGraphGroups/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Graph Groups", "description": "Microsoft Graph Groups enables you to create and manage different types of groups and group functionality according to your requirements.", "support": "xsoar", - "currentVersion": "1.1.21", + "currentVersion": "1.1.22", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/MicrosoftManagementActivity/.pack-ignore b/Packs/MicrosoftManagementActivity/.pack-ignore index 39fee3554a5f..dcae014d65a5 100644 --- a/Packs/MicrosoftManagementActivity/.pack-ignore +++ b/Packs/MicrosoftManagementActivity/.pack-ignore @@ -1,2 +1,2 @@ [file:MicrosoftManagementActivity.yml] -ignore=IN126,IN145 +ignore=IN126 diff --git a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.py b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.py index e82e6e07d73e..7bbe739b4e58 100644 --- a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.py +++ b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.py @@ -544,14 +544,15 @@ def main(): command = demisto.command() LOG(f'Command being called is {command}') try: - refresh_token = params.get('refresh_token', '') + refresh_token = params.get('credentials_refresh_token', {}).get('password') or params.get('refresh_token', '') managed_identities_client_id = get_azure_managed_identities_client_id(params) self_deployed = params.get('self_deployed', False) or managed_identities_client_id is not None redirect_uri = params.get('redirect_uri', '') tenant_id = refresh_token if self_deployed else '' - auth_id = params.get('auth_id') - enc_key = params.get('enc_key') - certificate_thumbprint = params.get('certificate_thumbprint') + auth_id = params.get('credentials_auth_id', {}).get('password') or params.get('auth_id') + enc_key = params.get('credentials_enc_key', {}).get('password') or params.get('enc_key') + auth_code = params.get('credentials_auth_code', {}).get('password') or params.get('auth_code', '') + certificate_thumbprint = params.get('credentials_certificate_thumbprint', {}).get('password') or params.get('certificate_thumbprint') private_key = params.get('private_key') if not managed_identities_client_id: @@ -578,7 +579,7 @@ def main(): auth_and_token_url=auth_id, timeout=calculate_timeout_value(params=params, args=args), enc_key=enc_key, - auth_code=params.get('auth_code', ''), + auth_code=auth_code, redirect_uri=redirect_uri, certificate_thumbprint=certificate_thumbprint, private_key=private_key, diff --git a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml index 72999fac4845..cc78fb03654b 100644 --- a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml +++ b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml @@ -18,23 +18,53 @@ configuration: required: false type: 4 section: Connect + hidden: true +- displaypassword: Application ID or Client ID + additionalinfo: See the Help tab. + name: credentials_auth_id + required: false + hiddenusername: true + type: 9 - display: Key or Client Secret additionalinfo: See the Help tab. name: enc_key required: false type: 4 section: Connect + hidden: true +- displaypassword: Key or Client Secret + additionalinfo: See the Help tab. + name: credentials_enc_key + required: false + hiddenusername: true + type: 9 - display: Token or Tenant ID additionalinfo: See the Help tab. name: refresh_token required: false type: 4 section: Connect + hidden: true +- displaypassword: Token or Tenant ID + additionalinfo: See the Help tab. + name: credentials_refresh_token + required: false + hiddenusername: true + type: 9 + hidden: true + section: Connect - additionalinfo: Used for certificate authentication as it appears in the "Certificates & secrets" page of the app. display: Certificate Thumbprint name: certificate_thumbprint required: false type: 4 +- displaypassword: Certificate Thumbprint + additionalinfo: Used for certificate authentication as it appears in the "Certificates & secrets" page of the app. + name: credentials_certificate_thumbprint + required: false + hiddenusername: true + type: 9 + hidden: true section: Connect - additionalinfo: Used for certificate authentication. The private key of the registered certificate. display: Private Key @@ -60,6 +90,13 @@ configuration: required: false type: 4 section: Connect + hidden: true +- displaypassword: The authentication code you got for the service + additionalinfo: For instructions on how to receive it, see the Help tab. + name: credentials_auth_code + required: false + hiddenusername: true + type: 9 - additionalinfo: Relevant only if the integration is running on Azure VM. If selected, authenticates based on the value provided for the Azure Managed Identities Client ID field. If no value is provided for the Azure Managed Identities Client ID field, authenticates based on the System Assigned Managed Identity. diff --git a/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md b/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md new file mode 100644 index 000000000000..54bf9496512b --- /dev/null +++ b/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md @@ -0,0 +1,10 @@ + +#### Integrations + +##### Microsoft Management Activity API (O365 Azure Events) +- Added the following integration parameters to support credentials fetching object: + - Application ID or Client ID + - Key or Client Secret + - Certificate Thumbprint + - Token or Tenant ID + - The authentication code diff --git a/Packs/MicrosoftManagementActivity/pack_metadata.json b/Packs/MicrosoftManagementActivity/pack_metadata.json index 6d4ef6cd1c94..867010ed2a05 100644 --- a/Packs/MicrosoftManagementActivity/pack_metadata.json +++ b/Packs/MicrosoftManagementActivity/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Management Activity API (O365/Azure Events)", "description": "An integration for Microsoft's management activity API, which enables you to fetch content records and manage your subscriptions.", "support": "xsoar", - "currentVersion": "1.3.19", + "currentVersion": "1.3.20", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 03d9cac6d73625bff2222f529eadb18186b9fab2 Mon Sep 17 00:00:00 2001 From: maimorag Date: Sun, 25 Jun 2023 10:03:07 +0300 Subject: [PATCH 2/9] fix lint --- .../Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py | 3 ++- .../MicrosoftManagementActivity/MicrosoftManagementActivity.py | 3 ++- .../MicrosoftManagementActivity.yml | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py b/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py index dd264d8f8d68..94f1ca98ad80 100644 --- a/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py +++ b/Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.py @@ -459,7 +459,8 @@ def main(): auth_code = params.get('creds_auth_code', {}).get('password', '') or params.get('auth_code', '') proxy = params.get('proxy') handle_error: bool = argToBoolean(params.get('handle_error', 'true')) - certificate_thumbprint = params.get('credentials_certificate_thumbprint', {}).get('password', '') or params.get('certificate_thumbprint') + certificate_thumbprint = params.get('credentials_certificate_thumbprint', {}).get( + 'password', '') or params.get('certificate_thumbprint') private_key = params.get('private_key') managed_identities_client_id = get_azure_managed_identities_client_id(params) self_deployed: bool = params.get('self_deployed', False) or managed_identities_client_id is not None diff --git a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.py b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.py index 7bbe739b4e58..dd2475370329 100644 --- a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.py +++ b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.py @@ -552,7 +552,8 @@ def main(): auth_id = params.get('credentials_auth_id', {}).get('password') or params.get('auth_id') enc_key = params.get('credentials_enc_key', {}).get('password') or params.get('enc_key') auth_code = params.get('credentials_auth_code', {}).get('password') or params.get('auth_code', '') - certificate_thumbprint = params.get('credentials_certificate_thumbprint', {}).get('password') or params.get('certificate_thumbprint') + certificate_thumbprint = params.get('credentials_certificate_thumbprint', {}).get( + 'password') or params.get('certificate_thumbprint') private_key = params.get('private_key') if not managed_identities_client_id: diff --git a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml index cc78fb03654b..188de4ec7f5d 100644 --- a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml +++ b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml @@ -58,13 +58,14 @@ configuration: name: certificate_thumbprint required: false type: 4 + hidden: true + section: Connect - displaypassword: Certificate Thumbprint additionalinfo: Used for certificate authentication as it appears in the "Certificates & secrets" page of the app. name: credentials_certificate_thumbprint required: false hiddenusername: true type: 9 - hidden: true section: Connect - additionalinfo: Used for certificate authentication. The private key of the registered certificate. display: Private Key From b8be9ac17307feafe2530ea4d31dfc8a14ab33a2 Mon Sep 17 00:00:00 2001 From: maimorag Date: Sun, 25 Jun 2023 11:00:31 +0300 Subject: [PATCH 3/9] RL --- .../ReleaseNotes/1_1_13.md | 8 ++++---- Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md | 8 ++++---- .../MicrosoftManagementActivity/ReleaseNotes/1_3_20.md | 10 +++++----- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md b/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md index 58b8add5cfab..d6dcd3489c47 100644 --- a/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md +++ b/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md @@ -3,8 +3,8 @@ ##### Microsoft Endpoint Manager (Intune) - Added the following integration parameters to support credentials fetching object: - - ID or Client ID - - Token or Tenant ID - - Key or Client Secret - - Certificate Thumbprint + - ID or Client ID. + - Token or Tenant ID. + - Key or Client Secret. + - Certificate Thumbprint. - Updated the Docker image to: *demisto/crypto:1.0.0.63672*. diff --git a/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md b/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md index 291451094925..81429886ddad 100644 --- a/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md +++ b/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md @@ -3,8 +3,8 @@ ##### O365 File Management (Onedrive/Sharepoint/Teams) - Added the following integration parameters to support credentials fetching object: - - ID - - Token - - Key - - Certificate Thumbprint + - ID. + - Token. + - Key. + - Certificate Thumbprint. - Updated the Docker image to: *demisto/python_pancloud:1.0.0.60733*. diff --git a/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md b/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md index 54bf9496512b..e8fdfa6a0e8d 100644 --- a/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md +++ b/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md @@ -3,8 +3,8 @@ ##### Microsoft Management Activity API (O365 Azure Events) - Added the following integration parameters to support credentials fetching object: - - Application ID or Client ID - - Key or Client Secret - - Certificate Thumbprint - - Token or Tenant ID - - The authentication code + - Application ID or Client ID. + - Key or Client Secret. + - Certificate Thumbprint. + - Token or Tenant ID. + - The authentication code. From 8de2203fc8c9ff5d63fdc600139eda1738e17586 Mon Sep 17 00:00:00 2001 From: maimorag Date: Sun, 25 Jun 2023 11:25:54 +0300 Subject: [PATCH 4/9] fix --- .../Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml index 5dcbebb61ae9..be1dee4b31b1 100644 --- a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml +++ b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml @@ -40,10 +40,10 @@ configuration: displaypassword: Key (received from the admin consent - see Detailed Instructions) hiddenusername: true - additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. + display: Certificate Thumbprint name: certificate_thumbprint required: false type: 4 - display: Certificate Thumbprint hidden: true - name: credentials_certificate_thumbprint required: false From ee93c2ba7722b0cee57da1c26fcc9854687ce19b Mon Sep 17 00:00:00 2001 From: maimorag Date: Sun, 25 Jun 2023 11:30:01 +0300 Subject: [PATCH 5/9] fix --- .../Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml index be1dee4b31b1..b2f2621bb05c 100644 --- a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml +++ b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml @@ -51,11 +51,11 @@ configuration: additionalinfo: Used for certificate authentication. As appears in the "Certificates & secrets" page of the app. displaypassword: Certificate Thumbprint hiddenusername: true -- display: Private Key +- additionalinfo: Used for certificate authentication. The private key of the registered certificate. + display: Private Key name: private_key required: false type: 14 - additionalinfo: Used for certificate authentication. The private key of the registered certificate. - display: Use Azure Managed Identities name: use_managed_identities required: false From 72dafe12336eaf26c35d49b915edffa3a6c73414 Mon Sep 17 00:00:00 2001 From: maimorag Date: Sun, 25 Jun 2023 13:56:54 +0300 Subject: [PATCH 6/9] fix --- .../MicrosoftManagementActivity/MicrosoftManagementActivity.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml index 188de4ec7f5d..cf449bed6734 100644 --- a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml +++ b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml @@ -51,7 +51,6 @@ configuration: required: false hiddenusername: true type: 9 - hidden: true section: Connect - additionalinfo: Used for certificate authentication as it appears in the "Certificates & secrets" page of the app. display: Certificate Thumbprint From 0e1dfe10c93b53f59b1e02d641a33e85c63cbc4b Mon Sep 17 00:00:00 2001 From: maimorag Date: Sun, 25 Jun 2023 15:20:12 +0300 Subject: [PATCH 7/9] fix rl --- .../ReleaseNotes/1_1_13.md | 8 ++++---- Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md | 8 ++++---- .../MicrosoftManagementActivity/ReleaseNotes/1_3_20.md | 10 +++++----- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md b/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md index d6dcd3489c47..42d388745dac 100644 --- a/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md +++ b/Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_13.md @@ -3,8 +3,8 @@ ##### Microsoft Endpoint Manager (Intune) - Added the following integration parameters to support credentials fetching object: - - ID or Client ID. - - Token or Tenant ID. - - Key or Client Secret. - - Certificate Thumbprint. + - ID or Client ID. + - Token or Tenant ID. + - Key or Client Secret. + - Certificate Thumbprint. - Updated the Docker image to: *demisto/crypto:1.0.0.63672*. diff --git a/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md b/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md index 81429886ddad..b88e6b8c11e0 100644 --- a/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md +++ b/Packs/MicrosoftGraphFiles/ReleaseNotes/1_1_13.md @@ -3,8 +3,8 @@ ##### O365 File Management (Onedrive/Sharepoint/Teams) - Added the following integration parameters to support credentials fetching object: - - ID. - - Token. - - Key. - - Certificate Thumbprint. + - ID. + - Token. + - Key. + - Certificate Thumbprint. - Updated the Docker image to: *demisto/python_pancloud:1.0.0.60733*. diff --git a/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md b/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md index e8fdfa6a0e8d..d1b58330d430 100644 --- a/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md +++ b/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_20.md @@ -3,8 +3,8 @@ ##### Microsoft Management Activity API (O365 Azure Events) - Added the following integration parameters to support credentials fetching object: - - Application ID or Client ID. - - Key or Client Secret. - - Certificate Thumbprint. - - Token or Tenant ID. - - The authentication code. + - Application ID or Client ID. + - Key or Client Secret. + - Certificate Thumbprint. + - Token or Tenant ID. + - The authentication code. From 0106a7331fcf2f8cfa9a874e65ecf426519ad460 Mon Sep 17 00:00:00 2001 From: maimorag Date: Sun, 25 Jun 2023 16:57:34 +0300 Subject: [PATCH 8/9] fix client bug for for Michal's request --- .../MicrosoftManagementActivity.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml index cf449bed6734..0ecf0d2ffeb8 100644 --- a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml +++ b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml @@ -25,33 +25,33 @@ configuration: required: false hiddenusername: true type: 9 -- display: Key or Client Secret +- display: Token or Tenant ID additionalinfo: See the Help tab. - name: enc_key + name: refresh_token required: false type: 4 section: Connect hidden: true -- displaypassword: Key or Client Secret +- displaypassword: Token or Tenant ID additionalinfo: See the Help tab. - name: credentials_enc_key + name: credentials_refresh_token required: false hiddenusername: true type: 9 -- display: Token or Tenant ID + section: Connect +- display: Key or Client Secret additionalinfo: See the Help tab. - name: refresh_token + name: enc_key required: false type: 4 section: Connect hidden: true -- displaypassword: Token or Tenant ID +- displaypassword: Key or Client Secret additionalinfo: See the Help tab. - name: credentials_refresh_token + name: credentials_enc_key required: false hiddenusername: true type: 9 - section: Connect - additionalinfo: Used for certificate authentication as it appears in the "Certificates & secrets" page of the app. display: Certificate Thumbprint name: certificate_thumbprint @@ -77,7 +77,7 @@ configuration: required: false type: 8 section: Connect - advanced: true + advanced: false - display: Application redirect URI (for self-deployed mode) name: redirect_uri required: false From a7f4b07dda784ab0befc1ca683b048803e66c94c Mon Sep 17 00:00:00 2001 From: maimorag Date: Sun, 25 Jun 2023 17:02:08 +0300 Subject: [PATCH 9/9] fixes --- .../Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml | 4 ++-- .../MicrosoftManagementActivity.yml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml index b2f2621bb05c..2844214afcca 100644 --- a/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml +++ b/Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/MicrosoftGraphFiles.yml @@ -56,11 +56,11 @@ configuration: name: private_key required: false type: 14 -- display: Use Azure Managed Identities +- additionalinfo: Relevant only if the integration is running on Azure VM. If selected, authenticates based on the value provided for the Azure Managed Identities Client ID field. If no value is provided for the Azure Managed Identities Client ID field, authenticates based on the System Assigned Managed Identity. For additional information, see the Help tab. + display: Use Azure Managed Identities name: use_managed_identities required: false type: 8 - additionalinfo: Relevant only if the integration is running on Azure VM. If selected, authenticates based on the value provided for the Azure Managed Identities Client ID field. If no value is provided for the Azure Managed Identities Client ID field, authenticates based on the System Assigned Managed Identity. For additional information, see the Help tab. - additionalinfo: The Managed Identities client ID for authentication - relevant only if the integration is running on Azure VM. displaypassword: Azure Managed Identities Client ID name: managed_identities_client_id diff --git a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml index 0ecf0d2ffeb8..51640fa9fc74 100644 --- a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml +++ b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml @@ -24,6 +24,7 @@ configuration: name: credentials_auth_id required: false hiddenusername: true + section: Connect type: 9 - display: Token or Tenant ID additionalinfo: See the Help tab. @@ -52,6 +53,7 @@ configuration: required: false hiddenusername: true type: 9 + section: Connect - additionalinfo: Used for certificate authentication as it appears in the "Certificates & secrets" page of the app. display: Certificate Thumbprint name: certificate_thumbprint