Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ASA 7231 #131

Merged
merged 19 commits into from
Jan 25, 2024
Merged

ASA 7231 #131

Show file tree
Hide file tree
Changes from 18 commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
a2af44c
v2 -> v4
vishalhcl-5960 Dec 19, 2023
43b0c08
DAST api migration
vishalhcl-5960 Jan 4, 2024
5ee1ecb
Merge branch 'HCL-TECH-SOFTWARE:master' into ASA-7231
vishalhcl-5960 Jan 4, 2024
a370a01
Update CoreConstants.java
vishalhcl-5960 Jan 8, 2024
352547b
Added the copyright years
vishalhcl-5960 Jan 9, 2024
2c9fbbc
Identation check
vishalhcl-5960 Jan 9, 2024
7a4ac22
Update DASTConstants.java
vishalhcl-5960 Jan 10, 2024
9029154
Suggested changes
vishalhcl-5960 Jan 10, 2024
6e5afb8
Update HttpClient.java
vishalhcl-5960 Jan 12, 2024
219b4e4
Added the ExtraField parameter in the Login object
vishalhcl-5960 Jan 18, 2024
2ed7017
Merge branch 'v2-->-v4' into ASA-7231
vishalhcl-5960 Jan 18, 2024
fd14841
Update DASTConstants.java
vishalhcl-5960 Jan 18, 2024
f4ac12e
Report name issue
vishalhcl-5960 Jan 22, 2024
42648fc
Modified the API
vishalhcl-5960 Jan 24, 2024
5183091
Indentation resolution
vishalhcl-5960 Jan 24, 2024
14110ff
Update IScanServiceProvider.java
vishalhcl-5960 Jan 24, 2024
811886c
Update DASTScan.java
vishalhcl-5960 Jan 24, 2024
5625d65
Update DASTScan.java
vishalhcl-5960 Jan 24, 2024
d839d8d
Update CloudScanServiceProvider.java
vishalhcl-5960 Jan 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/main/java/com/hcl/appscan/sdk/CoreConstants.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ public interface CoreConstants {
String API_PRESENCES = API_ENV_LATEST + "/Presences"; //$NON-NLS-1$
String API_PRESENCES_ID = API_ENV_LATEST + "/Presences/%s"; //$NON-NLS-1$
String API_PRESENCES_NEW_KEY = API_ENV_LATEST + "/Presences/%s/NewKey"; //$NON-NLS-1$
String API_BASIC_DETAILS = API_ENV_LATEST + "/Scans/Executions/%s"; //$NON-NLS-1$
String API_BASIC_DETAILS = API_ENV_LATEST + "/Scans"; //$NON-NLS-1$
String API_SCANNER_DETAILS = API_ENV + "/Scans/&s/&s"; //$NON-NLS-1$
String API_FILE_UPLOAD = API_ENV_LATEST + "/FileUpload"; //$NON-NLS-1$
String API_SCAN = API_ENV + "/%s"; //$NON-NLS-1$
Expand Down
3 changes: 2 additions & 1 deletion src/main/java/com/hcl/appscan/sdk/results/CloudResultsProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,8 @@ public void setReportFormat(String format) {

protected void loadResults() {
try {
JSONObject obj = m_scanProvider.getScanDetails(m_scanId);
JSONObject items = m_scanProvider.getScanDetails(m_scanId);
JSONObject obj = items.getJSONObject(LATEST_EXECUTION);
m_status = obj.getString(STATUS);
if(m_status != null && !(m_status.equalsIgnoreCase(INQUEUE) || m_status.equalsIgnoreCase(RUNNING))) {
m_totalFindings = obj.getInt(TOTAL_ISSUES);
Expand Down
13 changes: 6 additions & 7 deletions src/main/java/com/hcl/appscan/sdk/results/NonCompliantIssuesResultProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,12 @@ public NonCompliantIssuesResultProvider(String scanId, String type, IScanService
@Override
protected void loadResults() {
try {
JSONObject obj = m_scanProvider.getScanDetails(m_scanId);
JSONObject items = m_scanProvider.getScanDetails(m_scanId);
JSONObject obj = items.getJSONObject(LATEST_EXECUTION);
if (obj == null) {
m_status = FAILED;
return;
} else if (obj.has(KEY) && obj.get(KEY).equals(UNAUTHORIZED_ACTION)) {
} else if (items.has(KEY) && items.get(KEY).equals(UNAUTHORIZED_ACTION)) {
m_status = FAILED;
return;
} else if (obj.has(STATUS) && obj.get(STATUS).equals(UNKNOWN)) {
Expand Down Expand Up @@ -218,13 +219,11 @@ private JSONObject getConfiguration(String format) throws JSONException {
}

private String getScanName() {
JSONObject obj;
try {
obj = m_scanProvider.getScanDetails(m_scanId);
return obj.getString("Name");
JSONObject items = m_scanProvider.getScanDetails(m_scanId);
return items.getString(NAME);
} catch (IOException | JSONException e) {
m_progress.setStatus(new Message(Message.ERROR, Messages.getMessage(ERROR_GETTING_DETAILS, e.getMessage())),
e);
m_progress.setStatus(new Message(Message.ERROR, Messages.getMessage(ERROR_GETTING_DETAILS, e.getMessage())), e);
return "";
}

Expand Down
8 changes: 5 additions & 3 deletions src/main/java/com/hcl/appscan/sdk/scan/CloudScanServiceProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -179,15 +179,17 @@ public JSONObject getScanDetails(String scanId) throws IOException, JSONExceptio
if(loginExpired())
return null;

String request_url = m_authProvider.getServer() + String.format(API_BASIC_DETAILS, scanId);
String request_url = m_authProvider.getServer() + API_BASIC_DETAILS;
request_url += "?$filter=Id eq " +String.format("%s",scanId);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason to use String.format() here as opposed to just using the scanId directly? If there's a need to use String.format(), I suggest using the full string "?$filter=Id eq %s" instead of appending to that value.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, Matt. Now, I am appending the following string in the request_url: String.format("?$filter=Id eq %s",scanId).

Map<String, String> request_headers = m_authProvider.getAuthorizationHeader(true);

HttpClient client = new HttpClient(m_authProvider.getProxy(), m_authProvider.getacceptInvalidCerts());
try {
HttpResponse response = client.get(request_url, request_headers, null);

if (response.getResponseCode() == HttpsURLConnection.HTTP_OK || response.getResponseCode() == HttpsURLConnection.HTTP_CREATED){
JSONArray array = (JSONArray) response.getResponseBodyAsJSON();
JSONObject obj = (JSONObject) response.getResponseBodyAsJSON();
JSONArray array = (JSONArray) obj.get(ITEMS);
return (JSONObject) array.getJSONObject(0);
} else if (response.getResponseCode() == -1) {
return new JSONObject().put(STATUS,UNKNOWN); //If the server is not reachable Internet disconnect
Expand All @@ -210,7 +212,7 @@ public JSONObject getScanDetails(String scanId) throws IOException, JSONExceptio
return null;
}

@Override
@Override
public JSONArray getNonCompliantIssues(String scanId) throws IOException, JSONException {
if(loginExpired())
return null;
Expand Down
1 change: 1 addition & 0 deletions src/main/java/com/hcl/appscan/sdk/scanners/dynamic/DASTConstants.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ public interface DASTConstants {
String TEST_OPTIMIZATION_LEVEL = "TestOptimizationLevel"; //$NON-NLS-1$
String USER_NAME = "UserName"; //$NON-NLS-1$
String PASSWORD = "Password"; //$NON-NLS-1$
String EXTRA_FIELD = "ExtraField"; //$NON-NLS-1$
//Errors
String ERROR_SUBMITTING_SCAN = "error.submitting.scan"; //$NON-NLS-1$
}
13 changes: 10 additions & 3 deletions src/main/java/com/hcl/appscan/sdk/scanners/dynamic/DASTScan.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,16 +91,20 @@ public void run() throws ScannerException, InvalidTargetException, JSONException
}
}

JSONObject propertiesJSON = creatingJSONForProperties(params);
JSONObject propertiesJSON = createJSONForProperties(params);
setScanId(getServiceProvider().createAndExecuteScanWithJSONParameter(type, propertiesJSON));

if(getScanId() == null)
throw new ScannerException(Messages.getMessage(ERROR_CREATING_SCAN));
}

private JSONObject creatingJSONForProperties(Map<String, String> params) throws JSONException {
private JSONObject createJSONForProperties(Map<String, String> params) throws JSONException {
JSONObject json = new JSONObject(params);
return json.put(SCAN_CONFIGURATION, createScanConfiguration(json));
if(!params.containsKey(SCAN_FILE_ID)) {
return json.put(SCAN_CONFIGURATION, createScanConfiguration(json));
} else {
return json;
}
}

private JSONObject createScanConfiguration(JSONObject json) throws JSONException {
Expand All @@ -123,6 +127,9 @@ private JSONObject createLogin(JSONObject json) throws JSONException {
login.put(USER_NAME, json.remove(LOGIN_USER));
login.put(PASSWORD, json.remove(LOGIN_PASSWORD));
}
if (json.containsKey(EXTRA_FIELD)) {
login.put(EXTRA_FIELD, json.remove(EXTRA_FIELD));
}
return login;
}

Expand Down
Loading