这是indexloc提供的服务,不要输入任何密码
Skip to content

add api key support #1660

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 20, 2025
Merged

add api key support #1660

merged 1 commit into from
Oct 20, 2025

Conversation

@dogancanbakir
Copy link
Member

@dogancanbakir dogancanbakir commented Oct 20, 2025
edited by coderabbitai bot
Loading

closes #1659

Summary by CodeRabbit

  • New Features
    • AlienVault source now supports API key authentication with Bearer token authorization
    • Random API key selection for load distribution across multiple credentials
    • Improved status tracking with skipped state reporting when API keys are unavailable
    • Enhanced security through mandatory authentication requirement for requests

@dogancanbakir dogancanbakir self-assigned this Oct 20, 2025
@coderabbitai
Copy link

coderabbitai bot commented Oct 20, 2025
edited
Loading

Walkthrough

The AlienVault subscraping source now supports API key authentication. The implementation adds API key storage, random key selection during execution, bearer token authorization headers, and a skipped state when keys are unavailable. The public AddApiKeys method signature was updated to accept and store provided keys.

Changes

Cohort / File(s) Summary
AlienVault API Key Support
pkg/subscraping/sources/alienvault/alienvault.go		 Added apiKeys field and skipped flag; Run method selects random API key and exits early if unavailable; HTTP requests now include Authorization header with bearer token; NeedsKey now returns true; AddApiKeys method signature updated to accept and store keys; statistics reporting extended to include Skipped state

Sequence Diagram

sequenceDiagram
    participant Caller
    participant Run as Run Method
    participant ApiKeyMgmt as API Key Management
    participant HttpClient as HTTP Client
    participant Target as AlienVault API

    Caller->>Run: Execute
    Run->>ApiKeyMgmt: Check apiKeys available?
    
    alt No API Keys
        ApiKeyMgmt-->>Run: None available
        Run->>Run: Set skipped=true
        Run-->>Caller: Return with Skipped state
    else API Keys Available
        ApiKeyMgmt-->>Run: Select random key
        Run->>HttpClient: Get (with Authorization header)
        HttpClient->>Target: Request + Bearer Token
        Target-->>HttpClient: Response
        HttpClient-->>Run: Return data
        Run-->>Caller: Return with results
    end
Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Single-file change with straightforward authentication logic, random key selection, and state management. The pattern is clear and localized to one source, though the public API signature change warrants verification of call sites.

Poem

🐰 A key for AlienVault, selected with care,
Bearer tokens flying through the digital air,
Random choices made, skipped when none are found,
Authentication whispers, where secrets abound! 🔐

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The pull request title "add api key support" clearly and concisely describes the primary change in the changeset. It directly references the main objective of implementing API key support for the AlienVault source as specified in linked issue #1659. The title is specific and descriptive enough that a teammate reviewing the commit history would immediately understand the core change without being vague or misleading.
Linked Issues Check ✅ Passed The code changes fully implement the API key support requirement specified in linked issue #1659 ("Add API key support to AlientVault"). All necessary modifications are present: API key handling with the apiKeys field, the Run method now selects and uses a random API key with proper error handling when keys are unavailable, NeedsKey returns true to reflect the authentication requirement, the AddApiKeys method signature is updated and functional, and Authorization headers are properly configured with Bearer tokens. The implementation comprehensively addresses the primary objective of the linked issue.
Out of Scope Changes Check ✅ Passed All code changes in this pull request are directly related to implementing API key support for the AlienVault source. The modifications to the apiKeys field, skipped flag, Run method, NeedsKey method, AddApiKeys method, and statistics reporting are all integral to the API key feature. The addition of Skipped state to statistics reporting is appropriately scoped since the Skipped state is specifically used when no API keys are available. No unrelated or extraneous changes were introduced outside the stated objectives.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch 1659_add_api_key_support
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7396f0d and 61bc082.

📒 Files selected for processing (1)
  • pkg/subscraping/sources/alienvault/alienvault.go (3 hunks)
🧰 Additional context used
🧬 Code graph analysis (1)
pkg/subscraping/sources/alienvault/alienvault.go (2)
pkg/subscraping/utils.go (1)
  • PickRandom (12-20)
pkg/subscraping/types.go (1)
  • Statistics (29-34)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: Test Builds (ubuntu-latest)
  • GitHub Check: Test Builds (windows-latest)
  • GitHub Check: Analyze (go)
  • GitHub Check: release-test
🔇 Additional comments (6)
pkg/subscraping/sources/alienvault/alienvault.go (6)

26-27: LGTM! Well-structured fields for API key support.

The addition of apiKeys for storing multiple keys and skipped for tracking unavailable-key scenarios properly supports the new authentication requirement.

42-46: LGTM! Proper handling of missing API keys.

The random key selection with early exit when unavailable prevents unauthenticated requests and correctly tracks the skipped state.

48-49: LGTM! Correct Bearer token authentication.

The Authorization header format and the switch to session.Get with headers properly implements API key authentication.

98-98: LGTM! Correctly reflects the API key requirement.

Returning true is now consistent with the source's authentication requirement.

101-103: LGTM! Proper API key storage implementation.

The method now correctly stores the provided keys for use during execution, replacing the previous no-op implementation.

110-110: LGTM! Statistics properly reflect the skipped state.

Including the Skipped field ensures callers are informed when the source was bypassed due to missing API keys.

Comment @coderabbitai help to get the list of available commands and usage tips.

@dogancanbakir dogancanbakir linked an issue Oct 20, 2025 that may be closed by this pull request
[Issue] Error with sources: Hunter, Alienvault #1658
Closed
@Mzack9999 Mzack9999 merged commit 2ba3645 into dev Oct 20, 2025
10 checks passed
@Mzack9999 Mzack9999 deleted the 1659_add_api_key_support branch October 20, 2025 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Mzack9999 Mzack9999 Mzack9999 approved these changes

Assignees

@dogancanbakir dogancanbakir

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add API key support to AlientVault [Issue] Error with sources: Hunter, Alienvault

3 participants

@dogancanbakir @Mzack9999