[
https://issues.apache.org/jira/browse/NIFI-5833?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694233#comment-16694233
]
ASF GitHub Bot commented on NIFI-5833:
--------------------------------------
GitHub user alopresto opened a pull request:
https://github.com/apache/nifi/pull/3180
NIFI-5833 Treat GetTwitter API properties as sensitive
Thank you for submitting a contribution to Apache NiFi.
In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:
### For all changes:
- [x] Is there a JIRA ticket associated with this PR? Is it referenced
in the commit message?
- [x] Does your PR title start with NIFI-XXXX where XXXX is the JIRA number
you are trying to resolve? Pay particular attention to the hyphen "-" character.
- [x] Has your PR been rebased against the latest commit within the target
branch (typically master)?
- [ ] Is your initial contribution a single, squashed commit?
### For code changes:
- [x] Have you ensured that the full suite of tests is executed via mvn
-Pcontrib-check clean install at the root nifi folder?
- [x] Have you written or updated unit tests to verify your changes?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the LICENSE file, including the main
LICENSE file under nifi-assembly?
- [ ] If applicable, have you updated the NOTICE file, including the main
NOTICE file found under nifi-assembly?
- [ ] If adding new Properties, have you added .displayName in addition to
.name (programmatic access) for each of the new properties?
### For documentation related changes:
- [x] Have you ensured that format looks appropriate for the output in
which it is rendered?
### Note:
Please ensure that once the PR is submitted, you check travis-ci for build
issues and submit an update to your PR as soon as possible.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/alopresto/nifi NIFI-5833
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi/pull/3180.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #3180
----
commit 9c051560f801867d5fb5c70a16813f990ee54f4f
Author: Andy LoPresto <alopresto@...>
Date: 2018-11-21T02:15:40Z
NIFI-5833 Marked GetTwitter Consumer Key and Access Token processor
properties as sensitive.
commit 32a4f3187120dedde6d89f3d02747079e24d1bbd
Author: Andy LoPresto <alopresto@...>
Date: 2018-11-21T04:32:08Z
NIFI-5833 Added unit test to demonstrate arbitrary decryption of sensitive
values regardless of processor property sensitive status.
commit 9d1e2be41801703478a5d937a10f7829b89f3252
Author: Andy LoPresto <alopresto@...>
Date: 2018-11-21T04:48:50Z
NIFI-5833 Updated GetTwitter documentation with note about 1.9.0+ marking
Consumer Key and Access Token as sensitive.
----
> Treat Twitter tokens as sensitive values in GetTwitter
> ------------------------------------------------------
>
> Key: NIFI-5833
> URL: https://issues.apache.org/jira/browse/NIFI-5833
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Affects Versions: 1.8.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Priority: Major
> Labels: api, key, properties, security, sensitive, token, twitter
>
> The {{GetTwitter}} processor marks properties {{Consumer Secret}} and
> {{Access Token Secret}} as *sensitive*, but {{Consumer Key}} and {{Access
> Token}} are not marked as such. The [Twitter API
> documentation|https://developer.twitter.com/en/docs/basics/authentication/guides/securing-keys-and-tokens]
> says:
> {quote}
> Your applications’ API keys should be guarded very closely. They represent
> your unique access to the API and if leaked/used by other parties, this could
> lead to abuse and restrictions placed on your application. *User access
> tokens are even more sensitive*. When access tokens are generated, the user
> they represent is trusting your application to keep them secure. If the
> security of both API keys and user access tokens are compromised, your
> application would potentially expose access to private information and
> account functionality.
> {quote}
> Once the processor code is updated to treat these properties as sensitive,
> there may need to be backward-compatibility changes added to ensure that
> existing flows and templates do not break when deployed on the "new" system
> (following, marked as *1.X*). The following scenarios should be tested:
> * 1.8.0 flow (unencrypted {{CK}} and {{AT}}) deployed on 1.X
> * 1.8.0 template (unencrypted {{CK}} and {{AT}}) deployed on 1.X
> * 1.X flow (encrypted {{CK}} and {{AT}}) deployed on 1.X
> * 1.X template (no {{CK}} and {{AT}}) deployed on 1.X
> The component documentation should also be appropriately updated to note that
> a 1.X flow (encrypted {{CK}} and {{AT}}) will not work (immediately) on a
> <=1.8.0 instance. Rather, manual intervention will be required to re-enter
> the {{Consumer Key}} and {{Access Token}}, as the processor will attempt to
> use the raw value {code} enc{ABCDEF...} {code} from the {{flow.xml.gz}} file
> as the literal {{CK}} and {{AT}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
