App-ElasticSearch-Utilities
3 results

 view release on metacpan or  search on metacpan

Changes  view on Meta::CPAN 

  Author: Brad Lhotsky <brad@divisionbyzero.net>
  Date : 2022-06-01 03:56:41 +0000

    Correct version check for TLS and Auth

    * Use `App::ElasticSearch::Utilities::HTTPRequest` for checking the

    version string. * Add a check for `PASSEXEC` to `_get_es_version()` so we
    can use the

    provided credentials * Correct `::Connection->request()` to set
    `authorization_basic()` when

    the `->password` has a length greater than 0. 

  Change: e978a9b33eecd59191cfbf88ffc4f7b54d698c74
  Author: Brad Lhotsky <brad@divisionbyzero.net>
  Date : 2022-05-31 19:02:24 +0000

    More fixes for HTTP Authentication

    * Remove `--http-password` and parsing `~/.es-utils.yaml` for the

    password. This is not a secure default. * Do not allow HTTP Basic Auth over
    HTTP as it leaks credentials * Check for `value_as_string` in
    `es_flatten_aggregations` 

  Change: e49f4394b7a35b3f0539debec53f693f36d43da7
  Author: Brad Lhotsky <brad@divisionbyzero.net>
  Date : 2022-05-31 03:41:01 +0000

    Support HTTPS and Basic Authorization

    * Adds support for HTTP Basic Authorization username/password to the

README.mkdn  view on Meta::CPAN 


        '*'    expanded to '.*'
        'ANY'  expanded to '.*'
        'DATE' expanded to a pattern to match a date,

    The indexes are compared against this pattern.

# HTTP Basic Authentication

HTTP Basic Authorization is only supported when the `proto` is set to **https**
as not to leak credentials all over.

The username is selected by going through these mechanisms until one is found:

    --http-username
    'http-username' in /etc/es-utils.yml or ~/.es-utils.yml
    Netrc element matching the hostname of the request
    CLI::Helpers prompt()

Once the username has been resolved, the following mechanisms are tried in order:

lib/App/ElasticSearch/Utilities.pm  view on Meta::CPAN 

            }
        }
        elsif( $resp->code == 500 && $resp->message eq "Server closed connection without sending any data back" ) {
            # Try TLS
            last unless $try{tls};
            delete $try{tls};
            $conn->proto('https');
            warn "Attempting promotion to HTTPS, try setting 'proto: https' in ~/.es-utils.yaml";
        }
        elsif( $resp->code == 401 ) {
            # Retry with credentials
            last unless $try{auth};
            delete $try{auth};
            warn "Authorization required, try setting 'password-exec: /home/user/bin/get-password.sh` in ~/.es-utils.yaml'"
                unless $DEF{PASSEXEC};
            $req->authorization_basic( es_basic_auth($conn->host) );
        }
        else {
            warn "Failed getting version";
            last;
        }

lib/App/ElasticSearch/Utilities.pm  view on Meta::CPAN 

    'ANY'  expanded to '.*'
    'DATE' expanded to a pattern to match a date,

The indexes are compared against this pattern.

=back

=head1 HTTP Basic Authentication

HTTP Basic Authorization is only supported when the C<proto> is set to B<https>
as not to leak credentials all over.

The username is selected by going through these mechanisms until one is found:

    --http-username
    'http-username' in /etc/es-utils.yml or ~/.es-utils.yml
    Netrc element matching the hostname of the request
    CLI::Helpers prompt()

Once the username has been resolved, the following mechanisms are tried in order:



( run in 0.284 second using v1.01-cache-2.11-cpan-4d50c553e7e )