Example 21 with SecHubWebScanConfiguration
use of com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration in project sechub by mercedes-benz.
the class SecHubWebScanConfigurationHelperTest method determines_AuthenticationType_sechub_config_has_basic_auth.
@Test
void determines_AuthenticationType_sechub_config_has_basic_auth() {
/* prepare */
File file = new File("src/test/resources/sechub-config-examples/basic-auth.json");
String sechubConfigJSON = TestFileReader.loadTextFile(file);
SecHubScanConfiguration sechubConfig = SecHubScanConfiguration.createFromJSON(sechubConfigJSON);
SecHubWebScanConfiguration secHubWebScanConfiguration = sechubConfig.getWebScan().get();
/* execute */
AuthenticationType authenticationType = helperToTest.determineAuthenticationType(secHubWebScanConfiguration);
/* test */
assertEquals(authenticationType, AuthenticationType.HTTP_BASIC_AUTHENTICATION);
}
Also used :
SecHubWebScanConfiguration(com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration)
File(java.io.File)
SecHubScanConfiguration(com.mercedesbenz.sechub.commons.model.SecHubScanConfiguration)
AuthenticationType(com.mercedesbenz.sechub.owaspzapwrapper.config.auth.AuthenticationType)
Test(org.junit.jupiter.api.Test)
Example 22 with SecHubWebScanConfiguration
use of com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration in project sechub by mercedes-benz.
the class SecHubWebScanConfigurationHelperTest method determines_AuthenticationType_from_empty_sechub_config_correctly.
@Test
void determines_AuthenticationType_from_empty_sechub_config_correctly() {
/* execute */
AuthenticationType authTypeNewConfig = helperToTest.determineAuthenticationType(new SecHubWebScanConfiguration());
/* test */
assertEquals(authTypeNewConfig, AuthenticationType.UNAUTHENTICATED);
}
Also used :
SecHubWebScanConfiguration(com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration)
AuthenticationType(com.mercedesbenz.sechub.owaspzapwrapper.config.auth.AuthenticationType)
Test(org.junit.jupiter.api.Test)
Example 23 with SecHubWebScanConfiguration
use of com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration in project sechub by mercedes-benz.
the class SechubWebConfigProvider method getSecHubWebConfiguration.
public SecHubWebScanConfiguration getSecHubWebConfiguration(File secHubConfigFile) {
TextFileReader fileReader = new TextFileReader();
if (secHubConfigFile == null) {
// can happen when an unauthenticated scan is started with only the target URL
return new SecHubWebScanConfiguration();
}
String sechubConfigJson;
SecHubScanConfiguration sechubConfig;
try {
sechubConfigJson = fileReader.loadTextFile(secHubConfigFile);
sechubConfig = SecHubScanConfiguration.createFromJSON(sechubConfigJson);
} catch (IOException e) {
throw new MustExitRuntimeException("Was not able to read sechub config file: " + secHubConfigFile, e, MustExitCode.SECHUB_CONFIGURATION_INVALID);
}
return getSecHubWebConfiguration(sechubConfig);
}
Also used :
SecHubWebScanConfiguration(com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration)
MustExitRuntimeException(com.mercedesbenz.sechub.owaspzapwrapper.cli.MustExitRuntimeException)
IOException(java.io.IOException)
SecHubScanConfiguration(com.mercedesbenz.sechub.commons.model.SecHubScanConfiguration)
TextFileReader(com.mercedesbenz.sechub.commons.TextFileReader)
Example 24 with SecHubWebScanConfiguration
use of com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration in project sechub by mercedes-benz.
the class WebConfigBuilderStrategy method configureImpl.
private <B extends AbstractWebScanAdapterConfigBuilder<B, C>, C extends AbstractWebScanAdapterConfig> void configureImpl(B configBuilder) {
/* check precondition : login configured */
SecHubConfiguration configuration = context.getConfiguration();
if (configuration == null) {
return;
}
Optional<SecHubWebScanConfiguration> webScan = configuration.getWebScan();
if (!webScan.isPresent()) {
return;
}
SecHubWebScanConfiguration webscanConfig = webScan.get();
configBuilder.setTargetURI(webscanConfig.getUri());
handleMaxScanDuration(configBuilder, webscanConfig);
handleIncludes(configBuilder, webscanConfig);
handleExcludes(configBuilder, webscanConfig);
/* ----------------------- LOGIN ----------------------- */
Optional<WebLoginConfiguration> loginOpt = webscanConfig.getLogin();
if (!loginOpt.isPresent()) {
return;
}
/* handle different web login configurations: */
WebLoginConfiguration loginConfiguration = loginOpt.get();
URL loginUrl = loginConfiguration.getUrl();
/* ------ BASIC --------- */
Optional<BasicLoginConfiguration> basic = loginConfiguration.getBasic();
if (basic.isPresent()) {
configureBasicAuth(configBuilder, loginUrl, basic.get());
return;
}
/* ------ FORM --------- */
Optional<FormLoginConfiguration> formLogin = loginConfiguration.getForm();
if (!formLogin.isPresent()) {
return;
}
FormLoginConfiguration formLoginConfig = formLogin.get();
/* ------ FORM:SCRIPT--------- */
if (formLoginConfig.getScript().isPresent()) {
configureScriptAuth(configBuilder, loginUrl, formLoginConfig.getScript().get());
}
}
Also used :
WebLoginConfiguration(com.mercedesbenz.sechub.commons.model.login.WebLoginConfiguration)
SecHubWebScanConfiguration(com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration)
FormLoginConfiguration(com.mercedesbenz.sechub.commons.model.login.FormLoginConfiguration)
SecHubConfiguration(com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration)
URL(java.net.URL)
BasicLoginConfiguration(com.mercedesbenz.sechub.commons.model.login.BasicLoginConfiguration)
Example 25 with SecHubWebScanConfiguration
use of com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration in project sechub by mercedes-benz.
the class WebScanNetworkLocationProvider method getURIs.
@Override
public List<URI> getURIs() {
/* assert WEBSCAN configuration available */
Optional<SecHubWebScanConfiguration> webscan = config.getWebScan();
if (!webscan.isPresent()) {
throw new IllegalStateException("At this state there must be a webscan setup!");
}
/* Fetch URL */
SecHubWebScanConfiguration secHubWebScanConfiguration = webscan.get();
URI uri = secHubWebScanConfiguration.getUri();
if (uri == null) {
throw new IllegalStateException("At this state the URI must be set - validation failed!");
}
return Arrays.asList(uri);
}
Also used :
SecHubWebScanConfiguration(com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration)
URI(java.net.URI)
Aggregations
SecHubWebScanConfiguration (com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration)28
URI (java.net.URI)11
Test (org.junit.Test)11
BasicLoginConfiguration (com.mercedesbenz.sechub.commons.model.login.BasicLoginConfiguration)7
WebLoginConfiguration (com.mercedesbenz.sechub.commons.model.login.WebLoginConfiguration)7
FormLoginConfiguration (com.mercedesbenz.sechub.commons.model.login.FormLoginConfiguration)6
URL (java.net.URL)6
Test (org.junit.jupiter.api.Test)6
LinkedList (java.util.LinkedList)5
List (java.util.List)5
Action (com.mercedesbenz.sechub.commons.model.login.Action)4
Script (com.mercedesbenz.sechub.commons.model.login.Script)4
AuthenticationType (com.mercedesbenz.sechub.owaspzapwrapper.config.auth.AuthenticationType)4
SecHubScanConfiguration (com.mercedesbenz.sechub.commons.model.SecHubScanConfiguration)3
CommandLineSettings (com.mercedesbenz.sechub.owaspzapwrapper.cli.CommandLineSettings)3
File (java.io.File)3
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)3
MustExitRuntimeException (com.mercedesbenz.sechub.owaspzapwrapper.cli.MustExitRuntimeException)2
TextFileReader (com.mercedesbenz.sechub.commons.TextFileReader)1
SecHubInfrastructureScanConfiguration (com.mercedesbenz.sechub.commons.model.SecHubInfrastructureScanConfiguration)1
