Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DXE-2672 400 Error - SIEM API #185

Open
estelae opened this issue May 12, 2023 · 1 comment
Open

DXE-2672 400 Error - SIEM API #185

estelae opened this issue May 12, 2023 · 1 comment
Labels
bug STG

Comments

@estelae
Copy link

estelae commented May 12, 2023
edited

Describe the issue
Using this library for the SIEM API (https://techdocs.akamai.com/siem-integration/reference/get-configid) returns a 400 error for missing parameters.

To Reproduce
Steps to reproduce the behavior:

import (
   "github.com/akamai/AkamaiOPEN-edgegrid-golang/v5/pkg/edgegrid"
    ...
)

config := &edgegrid.Config{
   Host: host,
   ClientToken: clienttoken,
   ClientSecret: clientsecret,
   AccessToken: accesstoken,
}

path := "siem/v1/configs/12345?from=1488816784&to=1488816442&limit=1"
req, err := http.NewRequest("GET", fmt.Sprintf("https://%s/%s", host, path), nil)

if err != nil {
   fmt.Println(err)
}

config.SignRequest(req)

client := &http.Client{}
resp,err2 := client.Do(req)

if err2 != nil{
   fmt.Println(err2)
}

out, _ := io.ReadAll(resp.Body)
var unmarshal map[string]interface{}
json.Unmarshal(out, &unmarshal)
fmt.Printf("%+v",string(out))

Expected behavior
An endpoint with a similar format https://host/prolexic-analytics/v2/time-series?destinations=ip&locations=agr&source=both works with this library using the above example, so it is unexpected for the SIEM endpoint not to work.

Actual behavior
It outputs this error.

{
'type': 'https://problems.cloudsecurity.akamaiapis.net/siem/v1/missing-parameters',
'title': 'Missing mandatory parameter(s) or illegal parameter parameter(s) in the request',
'instance': 'https://{host}/siem/v1/configs/{configid}?from={from}',
'detail': 'Missing mandatory parameter(s) or illegal parameter parameter(s) in the request',
'method': 'GET'
...
}

Judging from the instance above, it appears that only the first query parameter is being recognized. If the & character is encoded to %26 in the signature generation then the instance variable changes to 'instance': 'https://{host}/siem/v1/configs/{configid}?from={from}&to={to}&limit={limit}', but gives a 401 error for the signature not matching. If the & character is encoded to %26 in the request and signature, then it returns a 400 error for missing parameters.

Please add a working example using this library for this endpoint (https://techdocs.akamai.com/siem-integration/reference/get-configid).
@dstopka
Copy link
Contributor

dstopka commented May 24, 2023

Hi @estelae,
I wanted to let you know that we're looking into both this and akamai/AkamaiOPEN-edgegrid-python#68, but it requires somewhat more investigation. I'll get back to you as soon as I have something to share.

Best regards,
Darek

@dstopka dstopka added the bug label May 24, 2023
@dstopka dstopka changed the title 400 Error - SIEM API DXE-2672 400 Error - SIEM API May 24, 2023
@aka-mark aka-mark added the STG label Nov 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug STG
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dstopka @aka-mark @estelae