[filebeat][streaming] - Standard OAuth2 implementation for websockets. #41989
Assignees
Labels
enhancement
Filebeat
Filebeat
input:streaming
Team:Security-Service Integrations
Security Service Integrations Team
Comments
botelastic
bot
added
the
needs_team
ShourieG
added
Team:Security-Service Integrations
|
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations) |
5 tasks
This was referenced Jan 7, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the enhancement: Current OAuth2 implementation uses just a bearer token to authenticate and establish the connection. Due to the nature of websocket connections these tokens are usually long-lived and generally a token refresh is not required. But having traditional OAuth2 is oftentimes necessary for better security purposes.
Describe a specific use case for the enhancement or feature: The initial handshake in a websocket connection is done over HTTP/HTTPS. This is the point where we need to implement OAuth2, after which, if successful a standard websocket connection will be established. Since we are using gorilla websockets library, this will need to be performed before we upgrade the connection to websocket.
ER: https://github.com/elastic/enhancements/issues/23116
The text was updated successfully, but these errors were encountered: