Add check to cover no projects (Fix #1)

README.md

@@ -6,7 +6,6 @@ The app adds two main components to your Splunk deployment: scripted data inputs
 _Note: For bringing in data besides incidents and forensics, please use syslog or webhooks._
 
 ## Important news
-[2021-11-02] The app does **not** support fetching data from 21.08 or newer Consoles ([#1](https://github.com/PaloAltoNetworks/prisma-cloud-compute-splunk/issues/1)).
 
 ## Getting the app
 ### GitHub

twistlock/bin/utils/compute.py

@@ -68,15 +68,19 @@ def get_projects(console_url, auth_token):
 
     # Address case in which user has permission to all projects
     # Otherwise Central Console would not be added to projects list
-    if jwt_payload["permissions"][0]["project"] == "Central Console":
+    if "permissions" in jwt_payload:
+        if jwt_payload["permissions"][0]["project"] == "Central Console":
+            projects.append("Central Console")
+
+        # jwt_payload["permissions"][0]["project"] ensures that the
+        # project specified is one the user is permitted to access
+        params = {"project": jwt_payload["permissions"][0]["project"]}
+    else:
         projects.append("Central Console")
+        return projects
 
-    endpoint = "/api/v1/current/projects"
-    # jwt_payload["permissions"][0]["project"] ensures that the
-    # project specified is one the user is permitted to access
-    params = {"project": jwt_payload["permissions"][0]["project"]}
     headers = {"Authorization": "Bearer " + auth_token, "Accept": "application/json"}
-    request_url = slash_join(console_url, endpoint)
+    request_url = slash_join(console_url, "/api/v1/current/projects")
 
     try:
         response = requests.get(request_url, params=params, headers=headers)