Merge branch 'main' into BIPS-17870-vulnerability

BeyondTrust · Apr 12, 2024 · d813694 · d813694
2 parents 4e8d59a + 1258cb9
commit d813694
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 9 deletions.
diff --git a/TestClient.go b/TestClient.go
@@ -98,6 +98,6 @@ func main() {
 	zapLogger.Warn(fmt.Sprintf("%v", gotManagedAccount))
 
 	// signing out
-	_ = authenticate.SignOut(authenticate.ApiUrl.JoinPath("Auth/Signout").String())
+	_ = authenticate.SignOut()
 
 }
diff --git a/api/authentication/authentication_test.go b/api/authentication/authentication_test.go
@@ -48,7 +48,6 @@ func TestSignOut(t *testing.T) {
 	backoffDefinition := backoff.NewExponentialBackOff()
 	backoffDefinition.MaxElapsedTime = time.Second
 
-	var authenticate, _ = Authenticate(*httpClientObj, backoffDefinition, "https://fake.api.com:443/BeyondTrust/api/public/v3/", "fakeone_a654+9sdf7+8we4f", "fakeone_aasd156465sfdef", zapLogger, 300)
 	testConfig := UserTestConfig{
 		name: "TestSignOut",
 		server: httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -61,7 +60,9 @@ func TestSignOut(t *testing.T) {
 		response: nil,
 	}
 
-	err := authenticate.SignOut(testConfig.server.URL)
+	var authenticate, _ = Authenticate(*httpClientObj, backoffDefinition, testConfig.server.URL, "fakeone_a654+9sdf7+8we4f", "fakeone_aasd156465sfdef", zapLogger, 300)
+
+	err := authenticate.SignOut()
 	if err != nil {
 		t.Errorf("Test case Failed: %v", err)
 	}

diff --git a/api/authentication/authetication.go b/api/authentication/authetication.go
@@ -156,24 +156,26 @@ func (authenticationObj *AuthenticationObj) SignAppin(endpointUrl string, access
 // SignOut is responsible for closing the PS API session and cleaning up idle connections.
 // Warn: should only be called one time for all data sources. The session is closed server
 // side automatically after 20 minutes of uninterupted inactivity.
-func (authenticationObj *AuthenticationObj) SignOut(url string) error {
-	authenticationObj.log.Debug(url)
+func (authenticationObj *AuthenticationObj) SignOut() error {
 
 	var technicalError error
 	var businessError error
 	var body io.ReadCloser
 
 	technicalError = backoff.Retry(func() error {
-		body, _, technicalError, businessError = authenticationObj.HttpClient.CallSecretSafeAPI(url, "POST", bytes.Buffer{}, "SignOut", "")
+		body, _, technicalError, businessError = authenticationObj.HttpClient.CallSecretSafeAPI(authenticationObj.ApiUrl.JoinPath("Auth/Signout").String(), "POST", bytes.Buffer{}, "SignOut", "")
 		return technicalError
 	}, authenticationObj.ExponentialBackOff)
 
-	defer body.Close()
 	if businessError != nil {
 		authenticationObj.log.Error(businessError.Error())
 		return businessError
 	}
 
+	if body != nil {
+		defer body.Close()
+	}
+
 	defer authenticationObj.HttpClient.HttpClient.CloseIdleConnections()
 	authenticationObj.log.Info("Successfully Signed out.")
 	return nil

diff --git a/performancetest/PerformanceTest.go b/performancetest/PerformanceTest.go
@@ -71,7 +71,7 @@ func callPasswordSafeAPI() {
 	separator := "/"
 	certificate := ""
 	certificateKey := ""
-	clientTimeOutInSeconds := 5
+	clientTimeOutInSeconds := 30
 	verifyCa := true
 	retryMaxElapsedTimeMinutes := 15
 	maxFileSecretSizeBytes := 5000000
@@ -109,6 +109,6 @@ func callPasswordSafeAPI() {
 	zapLogger.Warn(fmt.Sprintf("%v", gotSecret))
 
 	// signing out
-	_ = authenticate.SignOut(authenticate.ApiUrl.JoinPath("Auth/Signout").String())
+	_ = authenticate.SignOut()
 
 }