Example 6 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class ThresholdsSteps method initMock.
private void initMock(CxClient cxClientMock) {
try {
CxProject cxProject = CxProject.builder().id(1).name("testproject").isPublic(false).customFields(Collections.EMPTY_LIST).build();
ScanResultsAnswerer answerer = new ScanResultsAnswerer();
when(cxClientMock.getReportContentByScanId(anyInt(), any())).thenAnswer(answerer);
when(cxClientMock.getProject(anyInt())).thenReturn(cxProject);
when(cxClientMock.getTeamId(anyString())).thenReturn("1");
} catch (CheckmarxException e) {
Assert.fail("Error initializing mock." + e);
}
}
Also used :
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
CxProject(com.checkmarx.sdk.dto.cx.CxProject)
Example 7 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxServiceTest method getReportContent.
@Test
public void getReportContent() {
properties.setOffline(true);
File file = new File(getClass().getClassLoader().getResource("ScanReport.xml").getFile());
try {
ScanResults results = service.getReportContent(file, null);
assertNotNull(results);
List<ScanResults.XIssue> issues = results.getXIssues().stream().filter(x -> x.getFalsePositiveCount() > 0).collect(Collectors.toList());
assertEquals(2, issues.size());
assertEquals("Command_Injection", issues.get(0).getVulnerability());
List<ScanResults.XIssue> sqlIssues = results.getXIssues().stream().filter(x -> x.getVulnerability().equalsIgnoreCase("SQL_INJECTION") && x.getSeverity().equalsIgnoreCase("HIGH")).collect(Collectors.toList());
assertEquals(3, sqlIssues.size());
} catch (CheckmarxException e) {
fail("Unexpected Exception");
}
}
Also used :
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
CxProperties(com.checkmarx.sdk.config.CxProperties)
ScanResults(com.checkmarx.sdk.dto.ScanResults)
RunWith(org.junit.runner.RunWith)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Import(org.springframework.context.annotation.Import)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
Collectors(java.util.stream.Collectors)
File(java.io.File)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
HttpStatus(org.springframework.http.HttpStatus)
HttpClientErrorException(org.springframework.web.client.HttpClientErrorException)
List(java.util.List)
SpringConfiguration(com.checkmarx.sdk.config.SpringConfiguration)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
CxAuthService(com.checkmarx.sdk.service.CxAuthService)
CxService(com.checkmarx.sdk.service.CxService)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
CxLegacyService(com.checkmarx.sdk.service.CxLegacyService)
SpringRunner(org.springframework.test.context.junit4.SpringRunner)
Assert(org.junit.Assert)
RestTemplate(org.springframework.web.client.RestTemplate)
MockBean(org.springframework.boot.test.mock.mockito.MockBean)
ScanResults(com.checkmarx.sdk.dto.ScanResults)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
File(java.io.File)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 8 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxLegacyService method deleteTeam.
void deleteTeam(String sessionId, String teamId) throws CheckmarxException {
DeleteTeam request = new DeleteTeam();
request.setSessionID(sessionId);
request.setTeamID(teamId);
log.info("Deleting team id {}", teamId);
try {
DeleteTeamResponse response = (DeleteTeamResponse) ws.marshalSendAndReceive(ws.getDefaultUri(), request, new SoapActionCallback(CX_WS_DELETE_TEAM_URI));
if (!response.getDeleteTeamResult().isIsSuccesfull()) {
log.error("Error occurred while deleting Team id {}", teamId);
throw new CheckmarxException("Error occurred during team deletion");
}
} catch (NullPointerException e) {
log.error("Error occurred while deleting Team id {}", teamId);
throw new CheckmarxException("Error occurred during team deletion");
}
}
Also used :
SoapActionCallback(org.springframework.ws.soap.client.core.SoapActionCallback)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
Example 9 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaClientHelper method getReportContent.
@Override
public ScanResults getReportContent(File file, FilterConfiguration filter) throws CheckmarxException {
SCAResults scaResult = new SCAResults();
ScanResults result = null;
if (file == null) {
throw new CheckmarxException("File not provided for processing of results");
}
try {
/* protect against XXE */
JAXBContext jc = JAXBContext.newInstance(SCARiskReportType.class);
XMLInputFactory xif = XMLInputFactory.newInstance();
xif.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false);
xif.setProperty(XMLInputFactory.SUPPORT_DTD, false);
xif.setProperty(XMLInputFactory.IS_NAMESPACE_AWARE, false);
Unmarshaller unmarshaller = jc.createUnmarshaller();
List<ScanResults.XIssue> issueList = new ArrayList<>();
JAXBElement<SCARiskReportType> event = (JAXBElement<SCARiskReportType>) unmarshaller.unmarshal(file);
SCARiskReportType scaResults = event.getValue();
ScanResults.ScanResultsBuilder scaScanBuilder = ScanResults.builder();
RiskReportSummaryType iskReportSummaryType = scaResults.getRiskReportSummary();
PackagesType packagesType = scaResults.getPackages();
VulnerabilitiesType vulnerabilitiesType = scaResults.getVulnerabilities();
LicensesType licensesType = scaResults.getLicenses();
PoliciesType policiesType = scaResults.getPolicies();
this.scanId = iskReportSummaryType.getRiskReportId();
this.projectId = iskReportSummaryType.getProjectId();
scaResult = getLatestScaResults(iskReportSummaryType, packagesType, vulnerabilitiesType, licensesType, policiesType);
scaResult.setScanId(scanId);
AstScaResults internalResults = new AstScaResults(new SCAResults(), new ASTResults());
result = toScanResults(scaResult);
return result;
} catch (JAXBException e) {
log.error(ERROR_WITH_XML_REPORT);
log.error(ExceptionUtils.getStackTrace(e));
throw new CheckmarxException(ERROR_PROCESSING_SCAN_RESULTS);
} catch (NullPointerException e) {
log.info("Null error");
log.error(ExceptionUtils.getStackTrace(e));
throw new CheckmarxException(ERROR_PROCESSING_SCAN_RESULTS);
}
}
Also used :
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
JAXBException(javax.xml.bind.JAXBException)
ASTResults(com.checkmarx.sdk.dto.ast.ASTResults)
JAXBContext(javax.xml.bind.JAXBContext)
JAXBElement(javax.xml.bind.JAXBElement)
Unmarshaller(javax.xml.bind.Unmarshaller)
XMLInputFactory(javax.xml.stream.XMLInputFactory)
Example 10 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScanSettingsClientImpl method getEngineConfigurationId.
@Override
public int getEngineConfigurationId(String configurationName) throws CheckmarxException {
HttpEntity<Void> httpEntity = new HttpEntity<>(authClient.createAuthHeaders());
int defaultConfigId = Constants.UNKNOWN_INT;
try {
log.info("Retrieving Cx engineConfigurations");
ResponseEntity<CxScanEngine[]> response = restTemplate.exchange(cxProperties.getUrl().concat(ENGINE_CONFIGURATIONS), HttpMethod.GET, httpEntity, CxScanEngine[].class);
CxScanEngine[] engines = response.getBody();
if (engines == null) {
throw new CheckmarxException("Error obtaining Scan configurations");
}
log.debug("Engine configurations found: {}.", engines.length);
for (CxScanEngine engine : engines) {
String engineName = engine.getName();
int engineId = engine.getId();
if (engineName.equalsIgnoreCase(configurationName)) {
log.info("Found xml/engine configuration {} with ID {}", configurationName, engineId);
return engineId;
}
}
log.warn("No scan configuration found for {}", configurationName);
log.warn("Scan Configuration {} with ID {} will be used instead", Constants.CX_DEFAULT_CONFIGURATION, defaultConfigId);
return defaultConfigId;
} catch (HttpStatusCodeException e) {
log.error("Error occurred while retrieving engine configurations");
log.error(ExceptionUtils.getStackTrace(e));
throw new CheckmarxException("Error obtaining Configuration Id");
}
}
Also used :
CxScanEngine(com.checkmarx.sdk.dto.cx.CxScanEngine)
HttpEntity(org.springframework.http.HttpEntity)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
HttpStatusCodeException(org.springframework.web.client.HttpStatusCodeException)
Aggregations
CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)62
HttpStatusCodeException (org.springframework.web.client.HttpStatusCodeException)23
ScanResults (com.checkmarx.sdk.dto.ScanResults)11
HttpEntity (org.springframework.http.HttpEntity)10
MachinaException (com.checkmarx.flow.exception.MachinaException)8
Test (org.junit.Test)7
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)7
File (java.io.File)6
JSONObject (org.json.JSONObject)6
CxProject (com.checkmarx.sdk.dto.cx.CxProject)5
CxScanParams (com.checkmarx.sdk.dto.cx.CxScanParams)4
IOException (java.io.IOException)4
JAXBContext (javax.xml.bind.JAXBContext)4
JAXBException (javax.xml.bind.JAXBException)4
Unmarshaller (javax.xml.bind.Unmarshaller)4
XMLInputFactory (javax.xml.stream.XMLInputFactory)3
GitAPIException (org.eclipse.jgit.api.errors.GitAPIException)3
LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)3
SoapActionCallback (org.springframework.ws.soap.client.core.SoapActionCallback)3
ScanReport (com.checkmarx.flow.dto.report.ScanReport)2
