Search in sources :

Example 6 with ShardSession

use of com.checkmarx.sdk.ShardManager.ShardSession in project cx-flow by checkmarx-ltd.

the class ScanRequestConverter method setShardPropertiesIfExists.

public void setShardPropertiesIfExists(ScanRequest request, String fullTeamName) {
    if (cxProperties.getEnableShardManager()) {
        ShardSession shard = sessionTracker.getShardSession();
        shard.setTeam(fullTeamName);
        shard.setProject(request.getProject());
    }
}
Also used : ShardSession(com.checkmarx.sdk.ShardManager.ShardSession)

Example 7 with ShardSession

use of com.checkmarx.sdk.ShardManager.ShardSession in project cx-flow by checkmarx-ltd.

the class GitHubService method startBlockMerge.

public void startBlockMerge(ScanRequest request, String url) {
    if (properties.isBlockMerge()) {
        final String PULL_REQUEST_STATUS = "pending";
        // When Shard Manager is enabled overide the PULL url to link to the correct shard.
        if (cxProperties.getEnableShardManager()) {
            ShardSession shard = sessionTracker.getShardSession();
            try {
                String teamId = cxService.getTeamId(request.getTeam());
                List<CxProject> projects = cxService.getProjects(teamId);
                String projectID = "0";
                // String projName = request.getRepoName() + "-" + request.getBranch();
                for (CxProject project : projects) {
                    if (project.getName().equals(request.getProject())) {
                        projectID = project.getId().toString();
                    }
                }
                url = shard.getUrl() + "/cxwebclient/portal#/projectState/" + projectID + "/Summary";
            } catch (CheckmarxException e) {
                log.error(URL_INVALID);
            }
        }
        HttpEntity<?> httpEntity = new HttpEntity<>(getJSONStatus(PULL_REQUEST_STATUS, url, "Checkmarx Scan Initiated").toString(), createAuthHeaders(request));
        String statusApiUrl = request.getAdditionalMetadata(STATUSES_URL_KEY);
        if (ScanUtils.empty(statusApiUrl)) {
            log.error(STATUSES_URL_NOT_PROVIDED);
            return;
        }
        log.debug("Setting pull request status to '{}': {}", PULL_REQUEST_STATUS, statusApiUrl);
        String logErrorMessage = String.format("failed to set pull request status to %s", PULL_REQUEST_STATUS);
        statusExchange(request, httpEntity, statusApiUrl, logErrorMessage);
    }
}
Also used : HttpEntity(org.springframework.http.HttpEntity) ShardSession(com.checkmarx.sdk.ShardManager.ShardSession) CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) CxProject(com.checkmarx.sdk.dto.cx.CxProject)

Example 8 with ShardSession

use of com.checkmarx.sdk.ShardManager.ShardSession in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class CxLegacyService method getWSCallback.

private WebServiceMessageCallback getWSCallback(String callbackUri, String token) {
    String curToken;
    if (properties.getEnableShardManager()) {
        ShardSession shard = sessionTracker.getShardSession();
        curToken = shard.getSoapToken();
    } else {
        curToken = token;
    }
    return message -> {
        SoapMessage soapMessage = (SoapMessage) message;
        soapMessage.setSoapAction(callbackUri);
        TransportContext context = TransportContextHolder.getTransportContext();
        HttpUrlConnection connection = (HttpUrlConnection) context.getConnection();
        try {
            if (!ScanUtils.empty(curToken) && properties.getVersion() >= 9.0) {
                connection.addRequestHeader(HttpHeaders.AUTHORIZATION, "Bearer ".concat(token));
            }
        } catch (IOException e) {
            log.warn("Problem adding SOAP WS http header: {}", ExceptionUtils.getStackTrace(e));
        }
    };
}
Also used : ShardSessionTracker(com.checkmarx.sdk.ShardManager.ShardSessionTracker) CxProperties(com.checkmarx.sdk.config.CxProperties) HashMap(java.util.HashMap) CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) ArrayList(java.util.ArrayList) checkmarx.wsdl.portal(checkmarx.wsdl.portal) WebServiceTemplate(org.springframework.ws.client.core.WebServiceTemplate) ShardSession(com.checkmarx.sdk.ShardManager.ShardSession) HttpUrlConnection(org.springframework.ws.transport.http.HttpUrlConnection) Map(java.util.Map) HttpHeaders(org.apache.http.HttpHeaders) SoapActionCallback(org.springframework.ws.soap.client.core.SoapActionCallback) ScanUtils(com.checkmarx.sdk.utils.ScanUtils) Logger(org.slf4j.Logger) CxUser(com.checkmarx.sdk.dto.sast.CxUser) SoapMessage(org.springframework.ws.soap.SoapMessage) ImmutableMap(com.google.common.collect.ImmutableMap) CheckmarxLegacyException(com.checkmarx.sdk.exception.CheckmarxLegacyException) IOException(java.io.IOException) TransportContext(org.springframework.ws.transport.context.TransportContext) Component(org.springframework.stereotype.Component) List(java.util.List) WebServiceMessageCallback(org.springframework.ws.client.core.WebServiceMessageCallback) ExceptionUtils(org.apache.commons.lang3.exception.ExceptionUtils) TransportContextHolder(org.springframework.ws.transport.context.TransportContextHolder) HttpUrlConnection(org.springframework.ws.transport.http.HttpUrlConnection) ShardSession(com.checkmarx.sdk.ShardManager.ShardSession) TransportContext(org.springframework.ws.transport.context.TransportContext) IOException(java.io.IOException) SoapMessage(org.springframework.ws.soap.SoapMessage)

Example 9 with ShardSession

use of com.checkmarx.sdk.ShardManager.ShardSession in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class CxAuthService method getSoapAuthToken.

/**
 * Get Auth Token specific to SOAP API Calls
 */
@Override
public String getSoapAuthToken(String username, String password) {
    HttpHeaders headers = new HttpHeaders();
    headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
    MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
    if (cxProperties.getEnableShardManager()) {
        ShardSession shard = sessionTracker.getShardSession();
        username = shard.getUsername();
        password = shard.getPassword();
    }
    map.add("username", username);
    map.add("password", password);
    map.add("grant_type", "password");
    map.add("scope", cxProperties.getSoapScope());
    map.add("client_id", cxProperties.getSoapClientId());
    if (!ScanUtils.empty(cxProperties.getSoapClientSecret())) {
        map.add("client_secret", cxProperties.getSoapClientSecret());
    }
    HttpEntity<MultiValueMap<String, String>> requestEntity = new HttpEntity<>(map, headers);
    try {
        // get the access token
        log.info("Logging into Checkmarx for SOAP token {}", cxProperties.getUrl().concat(LOGIN));
        CxAuthResponse response = restTemplate.postForObject(cxProperties.getUrl().concat(LOGIN), requestEntity, CxAuthResponse.class);
        if (response == null) {
            throw new InvalidCredentialsException();
        }
        soapToken = response.getAccessToken();
        // expire 500 seconds early
        soapTokenExpires = LocalDateTime.now().plusSeconds(response.getExpiresIn() - 500);
        if (cxProperties.getEnableShardManager()) {
            ShardSession shard = sessionTracker.getShardSession();
            shard.setSoapToken(soapToken);
            shard.setSoapTokenExpires(soapTokenExpires);
        }
    } catch (NullPointerException | HttpStatusCodeException e) {
        log.error("Error occurred white obtaining Access Token.  Possibly incorrect credentials");
        log.error(ExceptionUtils.getStackTrace(e));
        throw new InvalidCredentialsException();
    }
    return soapToken;
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) CxAuthResponse(com.checkmarx.sdk.dto.cx.CxAuthResponse) HttpEntity(org.springframework.http.HttpEntity) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) HttpStatusCodeException(org.springframework.web.client.HttpStatusCodeException) ShardSession(com.checkmarx.sdk.ShardManager.ShardSession) InvalidCredentialsException(com.checkmarx.sdk.exception.InvalidCredentialsException) MultiValueMap(org.springframework.util.MultiValueMap) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)

Example 10 with ShardSession

use of com.checkmarx.sdk.ShardManager.ShardSession in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class CxAuthService method isTokenExpired.

private boolean isTokenExpired() {
    // 
    // / If sharding enabled then use Shards token
    // 
    LocalDateTime curTokenExpires = tokenExpires;
    if (cxProperties.getEnableShardManager()) {
        ShardSession shard = sessionTracker.getShardSession();
        curTokenExpires = shard.getTokenExpires();
    }
    if (curTokenExpires == null) {
        return true;
    }
    return LocalDateTime.now().isAfter(curTokenExpires);
}
Also used : LocalDateTime(java.time.LocalDateTime) ShardSession(com.checkmarx.sdk.ShardManager.ShardSession)

Aggregations

ShardSession (com.checkmarx.sdk.ShardManager.ShardSession)12 WebServiceTemplate (org.springframework.ws.client.core.WebServiceTemplate)4 CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)3 HttpEntity (org.springframework.http.HttpEntity)3 HttpHeaders (org.springframework.http.HttpHeaders)3 SoapActionCallback (org.springframework.ws.soap.client.core.SoapActionCallback)3 CxAuthResponse (com.checkmarx.sdk.dto.cx.CxAuthResponse)2 CheckmarxLegacyException (com.checkmarx.sdk.exception.CheckmarxLegacyException)2 InvalidCredentialsException (com.checkmarx.sdk.exception.InvalidCredentialsException)2 LocalDateTime (java.time.LocalDateTime)2 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)2 MultiValueMap (org.springframework.util.MultiValueMap)2 HttpStatusCodeException (org.springframework.web.client.HttpStatusCodeException)2 checkmarx.wsdl.portal (checkmarx.wsdl.portal)1 BugTracker (com.checkmarx.flow.dto.BugTracker)1 ControllerRequest (com.checkmarx.flow.dto.ControllerRequest)1 FlowOverride (com.checkmarx.flow.dto.FlowOverride)1 ScanRequest (com.checkmarx.flow.dto.ScanRequest)1 ShardSessionTracker (com.checkmarx.sdk.ShardManager.ShardSessionTracker)1 CxProperties (com.checkmarx.sdk.config.CxProperties)1