use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class ThresholdsSteps method initMock.
private void initMock(CxClient cxClientMock) {
try {
CxProject cxProject = CxProject.builder().id(1).name("testproject").isPublic(false).customFields(Collections.EMPTY_LIST).build();
ScanResultsAnswerer answerer = new ScanResultsAnswerer();
when(cxClientMock.getReportContentByScanId(anyInt(), any())).thenAnswer(answerer);
when(cxClientMock.getProject(anyInt())).thenReturn(cxProject);
when(cxClientMock.getTeamId(anyString())).thenReturn("1");
} catch (CheckmarxException e) {
Assert.fail("Error initializing mock." + e);
}
}
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxServiceTest method getReportContent.
@Test
public void getReportContent() {
properties.setOffline(true);
File file = new File(getClass().getClassLoader().getResource("ScanReport.xml").getFile());
try {
ScanResults results = service.getReportContent(file, null);
assertNotNull(results);
List<ScanResults.XIssue> issues = results.getXIssues().stream().filter(x -> x.getFalsePositiveCount() > 0).collect(Collectors.toList());
assertEquals(2, issues.size());
assertEquals("Command_Injection", issues.get(0).getVulnerability());
List<ScanResults.XIssue> sqlIssues = results.getXIssues().stream().filter(x -> x.getVulnerability().equalsIgnoreCase("SQL_INJECTION") && x.getSeverity().equalsIgnoreCase("HIGH")).collect(Collectors.toList());
assertEquals(3, sqlIssues.size());
} catch (CheckmarxException e) {
fail("Unexpected Exception");
}
}
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxLegacyService method deleteTeam.
void deleteTeam(String sessionId, String teamId) throws CheckmarxException {
DeleteTeam request = new DeleteTeam();
request.setSessionID(sessionId);
request.setTeamID(teamId);
log.info("Deleting team id {}", teamId);
try {
DeleteTeamResponse response = (DeleteTeamResponse) ws.marshalSendAndReceive(ws.getDefaultUri(), request, new SoapActionCallback(CX_WS_DELETE_TEAM_URI));
if (!response.getDeleteTeamResult().isIsSuccesfull()) {
log.error("Error occurred while deleting Team id {}", teamId);
throw new CheckmarxException("Error occurred during team deletion");
}
} catch (NullPointerException e) {
log.error("Error occurred while deleting Team id {}", teamId);
throw new CheckmarxException("Error occurred during team deletion");
}
}
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaClientHelper method getReportContent.
@Override
public ScanResults getReportContent(File file, FilterConfiguration filter) throws CheckmarxException {
SCAResults scaResult = new SCAResults();
ScanResults result = null;
if (file == null) {
throw new CheckmarxException("File not provided for processing of results");
}
try {
/* protect against XXE */
JAXBContext jc = JAXBContext.newInstance(SCARiskReportType.class);
XMLInputFactory xif = XMLInputFactory.newInstance();
xif.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false);
xif.setProperty(XMLInputFactory.SUPPORT_DTD, false);
xif.setProperty(XMLInputFactory.IS_NAMESPACE_AWARE, false);
Unmarshaller unmarshaller = jc.createUnmarshaller();
List<ScanResults.XIssue> issueList = new ArrayList<>();
JAXBElement<SCARiskReportType> event = (JAXBElement<SCARiskReportType>) unmarshaller.unmarshal(file);
SCARiskReportType scaResults = event.getValue();
ScanResults.ScanResultsBuilder scaScanBuilder = ScanResults.builder();
RiskReportSummaryType iskReportSummaryType = scaResults.getRiskReportSummary();
PackagesType packagesType = scaResults.getPackages();
VulnerabilitiesType vulnerabilitiesType = scaResults.getVulnerabilities();
LicensesType licensesType = scaResults.getLicenses();
PoliciesType policiesType = scaResults.getPolicies();
this.scanId = iskReportSummaryType.getRiskReportId();
this.projectId = iskReportSummaryType.getProjectId();
scaResult = getLatestScaResults(iskReportSummaryType, packagesType, vulnerabilitiesType, licensesType, policiesType);
scaResult.setScanId(scanId);
AstScaResults internalResults = new AstScaResults(new SCAResults(), new ASTResults());
result = toScanResults(scaResult);
return result;
} catch (JAXBException e) {
log.error(ERROR_WITH_XML_REPORT);
log.error(ExceptionUtils.getStackTrace(e));
throw new CheckmarxException(ERROR_PROCESSING_SCAN_RESULTS);
} catch (NullPointerException e) {
log.info("Null error");
log.error(ExceptionUtils.getStackTrace(e));
throw new CheckmarxException(ERROR_PROCESSING_SCAN_RESULTS);
}
}
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScanSettingsClientImpl method getEngineConfigurationId.
@Override
public int getEngineConfigurationId(String configurationName) throws CheckmarxException {
HttpEntity<Void> httpEntity = new HttpEntity<>(authClient.createAuthHeaders());
int defaultConfigId = Constants.UNKNOWN_INT;
try {
log.info("Retrieving Cx engineConfigurations");
ResponseEntity<CxScanEngine[]> response = restTemplate.exchange(cxProperties.getUrl().concat(ENGINE_CONFIGURATIONS), HttpMethod.GET, httpEntity, CxScanEngine[].class);
CxScanEngine[] engines = response.getBody();
if (engines == null) {
throw new CheckmarxException("Error obtaining Scan configurations");
}
log.debug("Engine configurations found: {}.", engines.length);
for (CxScanEngine engine : engines) {
String engineName = engine.getName();
int engineId = engine.getId();
if (engineName.equalsIgnoreCase(configurationName)) {
log.info("Found xml/engine configuration {} with ID {}", configurationName, engineId);
return engineId;
}
}
log.warn("No scan configuration found for {}", configurationName);
log.warn("Scan Configuration {} with ID {} will be used instead", Constants.CX_DEFAULT_CONFIGURATION, defaultConfigId);
return defaultConfigId;
} catch (HttpStatusCodeException e) {
log.error("Error occurred while retrieving engine configurations");
log.error(ExceptionUtils.getStackTrace(e));
throw new CheckmarxException("Error obtaining Configuration Id");
}
}
Aggregations