Search in sources :

Example 1 with AdapterMetaDataCallback

use of com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback in project sechub by mercedes-benz.

the class CheckmarxAdapterTestApplication method main.

public static void main(String[] args) throws Exception {
    System.setProperty("log4j.logger.org.apache.http", "ERROR");
    System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.http", "OFF");
    dump("https.proxyHost");
    dump("https.proxyPort");
    dump("https.nonProxyHosts");
    dump("http.proxyHost");
    dump("http.proxyPort");
    dump("http.nonProxyHosts");
    dump("javax.net.ssl.keyStore");
    dump("javax.net.ssl.trustStore");
    String user = ensureProperty("test.sechub.adapter.checkmarx.user");
    String password = ensureProperty("test.sechub.adapter.checkmarx.password");
    String baseUrl = ensureProperty("test.sechub.adapter.checkmarx.baseurl");
    String projectname = ensureProperty("test.sechub.adapter.checkmarx.projectName");
    String teamId = ensureProperty("test.sechub.adapter.checkmarx.teamid");
    Long presetId = Long.valueOf(ensureProperty("test.sechub.adapter.checkmarx.presetid"));
    String pathInOtherProject = ensurePropertyOrDefault("test.sechub.adapter..checkmarx.zipfilename", "zipfile_contains_only_one_simple_java_file.zip");
    // "zipfile_contains_only_test1.txt.zip"; // leads to FAILED in queue
    // "zipfile_contains_sechub_doc_java.zip"; // should work
    File zipFile = CheckmarxTestFileSupport.getTestfileSupport().createFileFromRoot("sechub-other/testsourcecode/" + pathInOtherProject);
    /* @formatter:off */
    CheckmarxAdapterConfig config = CheckmarxConfig.builder().setUser(user).setProjectId(projectname).setTeamIdForNewProjects(teamId).setPresetIdForNewProjects(presetId).setPasswordOrAPIToken(password).setSourceCodeZipFileInputStream(new FileInputStream(zipFile)).setTrustAllCertificates(true).setProductBaseUrl(baseUrl).build();
    /* @formatter:on */
    CheckmarxAdapterV1 adapter = new CheckmarxAdapterV1();
    String data = adapter.start(config, new AdapterMetaDataCallback() {

        @Override
        public void persist(AdapterMetaData metaData) {
            System.out.println("update metadata:" + metaData);
        }

        @Override
        public AdapterMetaData getMetaDataOrNull() {
            return null;
        }
    });
    File file = TestUtil.createTempFileInBuildFolder("checkmarx-adaptertest-result", "xml").toFile();
    FileWriter fileWriter = new FileWriter(file);
    fileWriter.write(data);
    fileWriter.close();
    System.out.println("-----------------------------------------------------------------------------------------------------------------");
    System.out.println("- RESULT:");
    System.out.println("-----------------------------------------------------------------------------------------------------------------");
    System.out.println(file.getAbsolutePath());
}
Also used : AdapterMetaDataCallback(com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback) FileWriter(java.io.FileWriter) File(java.io.File) AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData) FileInputStream(java.io.FileInputStream)

Example 2 with AdapterMetaDataCallback

use of com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback in project sechub by mercedes-benz.

the class NessusAdapterV1WireMockTest method start_scan_returns_returns_result_when_using_agent.

@Test
public void start_scan_returns_returns_result_when_using_agent() throws Exception {
    /* prepare */
    String sessionToken = "token-returned-by-nessus";
    JSONObject loginJson = new JSONObject();
    loginJson.put("username", USERNAME);
    loginJson.put("password", PASSWORD);
    String loginJSONBody = loginJson.toString();
    /* @formatter:off */
    /* +-----------------------------------------------------------------------+ */
    /* +............................ login ....................................+ */
    /* +-----------------------------------------------------------------------+ */
    stubFor(post(urlEqualTo(history.rememberPOST(apiURLSupport.nextURL("/session")))).withHeader("X-Cookie", equalTo("token=")).withHeader("content-type", equalTo(APPLICATION_JSON)).withRequestBody(equalToJson(loginJSONBody)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_JSON).withBody("{\"token\" : \"" + sessionToken + "\"}")));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ get all policies .........................+ */
    /* +-----------------------------------------------------------------------+ */
    JSONObject policyTemplatesBody = new JSONObject();
    JSONArray policyTemplates = new JSONArray();
    for (int i = 0; i < 10; i++) {
        JSONObject policyTemplate = new JSONObject();
        policyTemplate.put("title", "title" + i);
        policyTemplate.put("uuid", "uuid" + i);
        policyTemplates.put(policyTemplate);
    }
    JSONObject policyTemplate = new JSONObject();
    policyTemplate.put("title", POLICY_ID);
    policyTemplate.put("uuid", POLICY_UUID);
    policyTemplates.put(policyTemplate);
    policyTemplatesBody.put("templates", policyTemplates);
    String shrinkedPolici = policyTemplatesBody.toString();
    /* +-----------------------------------------------------------------------+ */
    /* +............................ fetch templates ..........................+ */
    /* +-----------------------------------------------------------------------+ */
    stubFor(get(urlEqualTo(history.rememberGET(apiURLSupport.nextURL("/editor/policy/templates")))).withHeader("X-Cookie", equalTo("token=" + sessionToken)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.CREATED.value()).withHeader("Content-Type", APPLICATION_JSON).withBody(shrinkedPolici)));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ fetch scan id.............................+ */
    /* +-----------------------------------------------------------------------+ */
    int scanId = 3281;
    stubFor(post(urlEqualTo(history.rememberPOST(apiURLSupport.nextURL("/scans")))).withHeader("X-Cookie", equalTo("token=" + sessionToken)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).withRequestBody(equalToJson("{  \"uuid\":\"" + POLICY_UUID + "\",  \"settings\":{\n" + "      \"name\":\"" + EXPECTED_NAME_IN_DATA + "\",\n" + "      \"description\":\"SecHub scan " + SECHUB_TRACE_ID + " for target type " + TARGET_TYPE + "\",\n" + "      \"text_targets\":\"" + TARGET_URL + "\"\n" + "  }\n" + "}")).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_JSON).withBody("{\"scan\":{\"id\":" + scanId + "}}")));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ launch scan...............................+ */
    /* +-----------------------------------------------------------------------+ */
    String scanUUID = "6048780b-ff64-db35-5f96-dfc9a2a371b9c0c1bf76077ee30e";
    stubFor(post(urlEqualTo(history.rememberPOST(apiURLSupport.nextURL("/scans/" + scanId + "/launch")))).withHeader("X-Cookie", equalTo("token=" + sessionToken)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_JSON).withBody("{\"scan_uuid\":\"" + scanUUID + "\"}")));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ get history id for scan id ...............+ */
    /* +-----------------------------------------------------------------------+ */
    int historyId = 3282;
    stubFor(get(urlEqualTo(history.rememberGET(apiURLSupport.assertCheck(5).nextURL("/scans/" + scanId)))).withHeader("X-Cookie", equalTo("token=" + sessionToken)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_JSON).withBody("{\"history_id_variant_comphosts\":[],\"hosts\":[],\"notes\":null,\"remediations\":{\"remediations\":null,\"num_hosts\":0,\"num_cves\":0,\"num_impacted_hosts\":0,\"num_remediated_cves\":0},\"vulnerabilities\":[],\"filters\":[{\"operators\":[\"eq\",\"neq\",\"match\",\"nmatch\"],\"control\":{\"readable_regex\":\"TEXT\",\"type\":\"entry\",\"regex\":\".*\"},\"name\":\"hostname\",\"readable_name\":\"Hostname\"},{\"operators\":[\"eq\",\"neq\"],\"control\":{\"type\":\"dropdown\",\"list\":[\"AIX Local Security Checks\",\"Amazon Linux Local Security Checks\",\"Backdoors\",\"Brute force attacks\",\"CGI abuses\",\"CGI abuses : XSS\",\"CISCO\",\"CentOS Local Security Checks\",\"DNS\",\"Databases\",\"Debian Local Security Checks\",\"Default Unix Accounts\",\"Denial of Service\",\"F5 Networks Local Security Checks\",\"FTP\",\"Fedora Local Security Checks\",\"Firewalls\",\"FreeBSD Local Security Checks\",\"Gain a shell remotely\",\"General\",\"Gentoo Local Security Checks\",\"HP-UX Local Security Checks\",\"Huawei Local Security Checks\",\"Incident Response\",\"Junos Local Security Checks\",\"MacOS X Local Security Checks\",\"Mandriva Local Security Checks\",\"Misc.\",\"Mobile Devices\",\"Netware\",\"Offsec Plugins\",\"Offsec Plugins Disabled\",\"Oracle Linux Local Security Checks\",\"OracleVM Local Security Checks\",\"Palo Alto Local Security Checks\",\"Peer-To-Peer File Sharing\",\"Policy Compliance\",\"Port scanners\",\"RPC\",\"Red Hat Local Security Checks\",\"SCADA\",\"SMTP problems\",\"SNMP\",\"Scientific Linux Local Security Checks\",\"Service detection\",\"Settings\",\"Slackware Local Security Checks\",\"Solaris Local Security Checks\",\"SuSE Local Security Checks\",\"Ubuntu Local Security Checks\",\"VMware ESX Local Security Checks\",\"Virtuozzo Local Security Checks\",\"Web Servers\",\"Windows\",\"Windows : Microsoft Bulletins\",\"Windows : User management\"]},\"name\":\"plugin_family\",\"readable_name\":\"Plugin Family\"},{\"operators\":[\"eq\",\"neq\",\"match\",\"nmatch\"],\"control\":{\"readable_regex\":\"NUMBER\",\"type\":\"entry\",\"regex\":\"^[0-9, ]+$\"},\"name\":\"plugin_id\",\"readable_name\":\"Plugin ID\"},{\"operators\":[\"eq\",\"neq\",\"match\",\"nmatch\"],\"control\":{\"readable_regex\":\"TEXT\",\"type\":\"entry\",\"regex\":\".*\"},\"name\":\"plugin_name\",\"readable_name\":\"Plugin Name\"},{\"operators\":[\"eq\",\"neq\",\"match\",\"nmatch\"],\"control\":{\"readable_regex\":\"TEXT\",\"type\":\"entry\",\"regex\":\".*\"},\"name\":\"plugin_output\",\"readable_name\":\"Plugin Output\"},{\"operators\":[\"eq\",\"neq\",\"match\",\"nmatch\"],\"control\":{\"readable_regex\":\"80\",\"type\":\"entry\",\"regex\":\"^[0-9]+$\"},\"name\":\"port\",\"readable_name\":\"Port\"},{\"operators\":[\"eq\",\"neq\"],\"control\":{\"type\":\"dropdown\",\"list\":[\"tcp\",\"udp\",\"icmp\"]},\"name\":\"protocol\",\"readable_name\":\"Protocol\"}],\"history\":[{\"alt_targets_used\":false,\"scheduler\":0,\"status\":\"running\",\"type\":\"local\",\"uuid\":\"6048780b-ff64-db35-5f96-dfc9a2a371b9c0c1bf76077ee30e\",\"last_modification_date\":1523527046,\"creation_date\":1523527046,\"owner_id\":4,\"history_id\":" + historyId + "}],\"compliance\":[],\"info\":{\"acls\":[{\"permissions\":0,\"owner\":null,\"display_name\":null,\"name\":null,\"id\":null,\"type\":\"default\"},{\"permissions\":128,\"owner\":1,\"display_name\":\"SecHub robot\",\"name\":\"sechub\",\"id\":4,\"type\":\"user\"}],\"edit_allowed\":true,\"status\":\"running\",\"alt_targets_used\":null,\"scanner_start\":1523527046,\"policy\":\"Advanced Scan\",\"pci-can-upload\":false,\"hasaudittrail\":false,\"scan_start\":1523527046,\"user_permissions\":128,\"folder_id\":null,\"no_target\":null,\"targets\":\"http://localhost\",\"control\":true,\"timestamp\":1523527046,\"object_id\":" + scanId + ",\"scanner_name\":\"Local Scanner\",\"haskb\":false,\"uuid\":\"6048780b-ff64-db35-5f96-dfc9a2a371b9c0c1bf76077ee30e\",\"hostcount\":0,\"scan_type\":\"local\",\"name\":\"FALLBACK_TRACE_ID#593858262630564\"}}")));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ fetch history information for  history id + */
    /* +-----------------------------------------------------------------------+ */
    simulateCheckScanState(sessionToken, scanId, historyId, "running", 6);
    simulateCheckScanState(sessionToken, scanId, historyId, "running", 7);
    simulateCheckScanState(sessionToken, scanId, historyId, "completed", 8);
    /* +-----------------------------------------------------------------------+ */
    /* +............................ trigger export ...........................+ */
    /* +-----------------------------------------------------------------------+ */
    int fileId = 1455461011;
    String resultExport = "{\"token\":\"bd92bd4a297fcae1f9e3a7a18d9fec9269d9ab997c5e58d9fe00ade4ecf5ecb0\",\"file\":" + fileId + "}";
    stubFor(post(urlEqualTo(history.rememberPOST(apiURLSupport.assertCheck(9).nextURL("/scans/" + scanId + "/export")))).withHeader("X-Cookie", equalTo("token=" + sessionToken)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_JSON).withBody(resultExport)));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ fetch status of export ...................+ */
    /* +-----------------------------------------------------------------------+ */
    simulateServerRepsonseForFileExportStatus(sessionToken, scanId, fileId, "loading", 10);
    simulateServerRepsonseForFileExportStatus(sessionToken, scanId, fileId, "loading", 11);
    simulateServerRepsonseForFileExportStatus(sessionToken, scanId, fileId, "ready", 12);
    /* +-----------------------------------------------------------------------+ */
    /* +............................ Download report ..........................+ */
    /* +-----------------------------------------------------------------------+ */
    String xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>" + "<NessusClientData_v2/>";
    stubFor(get(urlEqualTo(history.rememberGET(apiURLSupport.assertCheck(13).nextURL("/scans/" + scanId + "/export/" + fileId + "/download")))).withHeader("X-Cookie", equalTo("token=" + sessionToken)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_JSON).withBody(xml)));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ DELETE session ...........................+ */
    /* +-----------------------------------------------------------------------+ */
    stubFor(delete(urlEqualTo(history.rememberDELETE(apiURLSupport.assertCheck(14).nextURL("/session")))).withHeader("X-Cookie", equalTo("token=" + sessionToken)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_XML).withBody("{Connection=[close], Cache-Control=[], Pragma=[], Expires=[0], Content-Length=[0], Server=[NessusWWW], Date=[: Thu, 12 Apr 2018 10:30:31 GMT], X-Frame-Options=[DENY]}")));
    AdapterMetaDataCallback callback = mock(AdapterMetaDataCallback.class);
    /* @formatter:on */
    /* execute */
    String result = adapterToTest.start(config, callback);
    /* test */
    history.assertAllRememberedUrlsWereRequested();
    assertEquals(xml, result);
}
Also used : JSONObject(org.json.JSONObject) AdapterMetaDataCallback(com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback) JSONArray(org.json.JSONArray) Test(org.junit.Test)

Example 3 with AdapterMetaDataCallback

use of com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback in project sechub by mercedes-benz.

the class NetsparkerAdapterTestApplication method main.

public static void main(String[] args) throws Exception {
    SecHubTimeUnitData maxScanDuration = null;
    String maxScanDurationDurationProperty = getSystemProperty("sechub.adapter.netsparker.maxscanduration.duration");
    String maxScanDurationUnitProperty = getSystemProperty("sechub.adapter.netsparker.maxscanduration.unit");
    if (maxScanDurationDurationProperty != null && maxScanDurationUnitProperty != null) {
        int duration = Integer.valueOf(maxScanDurationDurationProperty);
        SecHubTimeUnit unit = SecHubTimeUnit.valueOf(maxScanDurationUnitProperty);
        maxScanDuration = SecHubTimeUnitData.of(duration, unit);
    }
    /* @formatter:off */
    NetsparkerConfigBuilder builder = NetsparkerConfig.builder().setUser(getSystemProperty("sechub.adapter.netsparker.user")).setTrustAllCertificates(getSystemPropertyBooleanOrFalse("sechub.adapter.netsparker.trustall")).setAgentGroupName(getSystemProperty("sechub.adapter.netsparker.user.agent.groupname")).setPasswordOrAPIToken(getSystemProperty("sechub.adapter.netsparker.apitoken")).setPolicyID(getSystemProperty("sechub.adapter.netsparker.policyid")).setProductBaseUrl(getSystemProperty("sechub.adapter.netsparker.baseurl")).setLicenseID(getSystemProperty("sechub.adapter.netsparker.licenseid", "none")).setTargetURI(new URI(getSystemProperty("sechub.adapter.netsparker.targeturi"))).setMaxScanDuration(maxScanDuration);
    /* @formatter:on */
    String loginType = getSystemProperty("sechub.adapter.netsparker.login.type", "<none>");
    if ("basic".equalsIgnoreCase(loginType)) {
        handleBasicLogin(builder);
    } else if ("formAutodetect".equalsIgnoreCase(loginType)) {
        handleFormAutodetect(builder);
    } else if ("formScript".equalsIgnoreCase(loginType)) {
        handleFormScript(builder);
    } else if ("<none>".equalsIgnoreCase(loginType)) {
    /* ignore */
    } else {
        throw new IllegalArgumentException("login type:" + loginType + " not supported!");
    }
    NetsparkerAdapterConfig config = builder.build();
    NetsparkerAdapter netsparker = new NetsparkerAdapterV1();
    String result = netsparker.start(config, new AdapterMetaDataCallback() {

        AdapterMetaData metaData;

        @Override
        public void persist(AdapterMetaData metaData) {
            System.out.println("persist:" + metaData);
            this.metaData = metaData;
        }

        @Override
        public AdapterMetaData getMetaDataOrNull() {
            return metaData;
        }
    });
    System.out.println("result:");
    System.out.println(result);
}
Also used : NetsparkerConfigBuilder(com.mercedesbenz.sechub.adapter.netsparker.NetsparkerConfig.NetsparkerConfigBuilder) SecHubTimeUnitData(com.mercedesbenz.sechub.adapter.SecHubTimeUnitData) URI(java.net.URI) AdapterMetaDataCallback(com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback) AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData) SecHubTimeUnit(com.mercedesbenz.sechub.commons.model.SecHubTimeUnit)

Example 4 with AdapterMetaDataCallback

use of com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback in project sechub by mercedes-benz.

the class NetsparkerAdapterV1WireMockTest method common_start_scan_returns_result.

private void common_start_scan_returns_result(boolean configHasAgentGroup) throws Exception {
    /* prepare */
    when(config.hasAgentGroup()).thenReturn(configHasAgentGroup);
    JSONObject newWebsiteBodyJSON = new JSONObject();
    newWebsiteBodyJSON.put("RootUrl", ROOT_URL);
    newWebsiteBodyJSON.put("Name", WEBSITE_ID);
    newWebsiteBodyJSON.put("LicenseType", "Subscription");
    newWebsiteBodyJSON.put("SubscriptionBasedProductLicenseId", LICENSE_ID);
    String createNewWebsiteBody = newWebsiteBodyJSON.toString();
    /* @formatter:off */
    /* +-----------------------------------------------------------------------+ */
    /* +............................ check website ............................+ */
    /* +-----------------------------------------------------------------------+ */
    stubFor(get(urlEqualTo(apiURLSupport.nextURL("/api/1.0/websites/get?query=" + WEBSITE_ID))).withHeader("Authorization", equalTo("Basic " + BASE_64_TOKEN)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.NOT_FOUND.value())));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ create website ...........................+ */
    /* +-----------------------------------------------------------------------+ */
    stubFor(post(urlEqualTo(apiURLSupport.nextURL("/api/1.0/websites/new"))).withHeader("Authorization", equalTo("Basic " + BASE_64_TOKEN)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).withRequestBody(equalToJson(createNewWebsiteBody)).willReturn(aResponse().withStatus(HttpStatus.CREATED.value()).withHeader("Content-Type", APPLICATION_JSON).withBody("[{\"ID\" : \"1234567890\"}]")));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ new scan .................................+ */
    /* +-----------------------------------------------------------------------+ */
    JSONObject newScanBodyJSON = new JSONObject();
    newScanBodyJSON.put("TargetUri", TARGET_URL);
    if (configHasAgentGroup) {
        newScanBodyJSON.put("AgentGroupName", "agentGroupName");
    } else {
        newScanBodyJSON.put("AgentName", "agentName");
    }
    newScanBodyJSON.put("ExcludeAuthenticationPages", "true");
    newScanBodyJSON.put("PolicyId", POLICY_ID);
    String newScanBodyJSONString = newScanBodyJSON.toString();
    stubFor(post(urlEqualTo(apiURLSupport.nextURL("/api/1.0/scans/new"))).withHeader("Authorization", equalTo("Basic " + BASE_64_TOKEN)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).withRequestBody(equalToJson(newScanBodyJSONString)).willReturn(aResponse().withStatus(HttpStatus.CREATED.value()).withHeader("Content-Type", APPLICATION_JSON).withBody("[{\"Id\" : \"1234567890\"}]")));
    /* +-----------------------------------------------------------------------+ */
    /* +............................ check scan state .........................+ */
    /* +-----------------------------------------------------------------------+ */
    stubFor(get(urlEqualTo(apiURLSupport.nextURL("/api/1.0/scans/status/1234567890"))).inScenario("checkState").whenScenarioStateIs(Scenario.STARTED).willSetStateTo("scanning").withHeader("Authorization", equalTo("Basic " + BASE_64_TOKEN)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_JSON).withBody("{\"State\":\"Scanning\",\"EstimatedSteps\":5000,\"CompletedSteps\":5000,\"EstimatedLaunchTime\":null}")));
    /* hm.. this does not work - only the last stub is used...*/
    stubFor(get(urlEqualTo(apiURLSupport.nextURL("/api/1.0/scans/status/1234567890"))).inScenario("checkState").whenScenarioStateIs("scanning").willSetStateTo("complete").withHeader("Authorization", equalTo("Basic " + BASE_64_TOKEN)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_JSON).withBody("{\"State\":\"Complete\",\"EstimatedSteps\":5000,\"CompletedSteps\":5000,\"EstimatedLaunchTime\":null}")));
    String xml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>" + "<netsparker-cloud generated=\"13/02/2018 16:23\"/>";
    /* +-----------------------------------------------------------------------+ */
    /* +............................ get report ..... .........................+ */
    /* +-----------------------------------------------------------------------+ */
    stubFor(get(urlEqualTo(apiURLSupport.nextURL("/api/1.0/scans/report/1234567890?Type=Vulnerabilities&Format=Xml"))).withHeader("Authorization", equalTo("Basic " + BASE_64_TOKEN)).withHeader("Content-Type", equalTo(APPLICATION_JSON)).willReturn(aResponse().withStatus(HttpStatus.OK.value()).withHeader("Content-Type", APPLICATION_XML).withBody(xml)));
    /* @formatter:on */
    AdapterMetaDataCallback callback = mock(AdapterMetaDataCallback.class);
    /* execute */
    String result = adapterToTest.start(config, callback);
    /* test */
    verify(getRequestedFor(urlEqualTo("/netsparkertest_1/api/1.0/websites/get?query=" + WEBSITE_ID)));
    verify(postRequestedFor(urlEqualTo("/netsparkertest_2/api/1.0/websites/new")));
    verify(postRequestedFor(urlEqualTo("/netsparkertest_3/api/1.0/scans/new")));
    // scanning
    verify(getRequestedFor(urlEqualTo("/netsparkertest_4/api/1.0/scans/status/1234567890")));
    // complete...
    verify(getRequestedFor(urlEqualTo("/netsparkertest_5/api/1.0/scans/status/1234567890")));
    assertEquals(xml, result);
}
Also used : JSONObject(org.json.JSONObject) AdapterMetaDataCallback(com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback)

Aggregations

AdapterMetaDataCallback (com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback)4 AdapterMetaData (com.mercedesbenz.sechub.adapter.AdapterMetaData)2 JSONObject (org.json.JSONObject)2 SecHubTimeUnitData (com.mercedesbenz.sechub.adapter.SecHubTimeUnitData)1 NetsparkerConfigBuilder (com.mercedesbenz.sechub.adapter.netsparker.NetsparkerConfig.NetsparkerConfigBuilder)1 SecHubTimeUnit (com.mercedesbenz.sechub.commons.model.SecHubTimeUnit)1 File (java.io.File)1 FileInputStream (java.io.FileInputStream)1 FileWriter (java.io.FileWriter)1 URI (java.net.URI)1 JSONArray (org.json.JSONArray)1 Test (org.junit.Test)1