Examples with UnauthenticatedScan - com.mercedesbenz.sechub.owaspzapwrapper.scan.UnauthenticatedScan

Example 1 with UnauthenticatedScan

use of com.mercedesbenz.sechub.owaspzapwrapper.scan.UnauthenticatedScan in project sechub by mercedes-benz.

the class OwaspZapScanResolver method resolveScanImplementation.

public OwaspZapScan resolveScanImplementation(OwaspZapScanConfiguration scanConfig, ClientApi clientApi) {
    LOG.info("Resolve scan implementation.");
    OwaspZapScan scan;
    AuthenticationType authenticationType = scanConfig.getAuthenticationType();
    if (authenticationType == null) {
        throw new MustExitRuntimeException("No matching scan type could be found.", MustExitCode.AUTHENTICATIONTYPE_CONFIGURATION_INVALID);
    }
    switch(authenticationType) {
        case UNAUTHENTICATED:
            scan = new UnauthenticatedScan(clientApi, scanConfig);
            LOG.info("Using unauthenticated scan");
            break;
        case HTTP_BASIC_AUTHENTICATION:
            scan = new HTTPBasicAuthScan(clientApi, scanConfig);
            LOG.info("Using http basic authentication scan");
            break;
        default:
            throw new MustExitRuntimeException("No matching scan type could be found.", MustExitCode.AUTHENTICATIONTYPE_CONFIGURATION_INVALID);
    }
    return scan;
}

Also used : UnauthenticatedScan(com.mercedesbenz.sechub.owaspzapwrapper.scan.UnauthenticatedScan) HTTPBasicAuthScan(com.mercedesbenz.sechub.owaspzapwrapper.scan.auth.HTTPBasicAuthScan) OwaspZapScan(com.mercedesbenz.sechub.owaspzapwrapper.scan.OwaspZapScan) AuthenticationType(com.mercedesbenz.sechub.owaspzapwrapper.config.auth.AuthenticationType)

Example 2 with UnauthenticatedScan

use of com.mercedesbenz.sechub.owaspzapwrapper.scan.UnauthenticatedScan in project sechub by mercedes-benz.

the class OwaspZapScanResolverTest method unauthenticated_scan_is_resolved_correctly.

@Test
void unauthenticated_scan_is_resolved_correctly() {
    /* prepare */
    OwaspZapScanConfiguration scanConfig = mock(OwaspZapScanConfiguration.class);
    when(scanConfig.getAuthenticationType()).thenReturn(AuthenticationType.UNAUTHENTICATED);
    ClientApi clientApi = mock(ClientApi.class);
    /* execute */
    OwaspZapScan scan = resolverToTest.resolveScanImplementation(scanConfig, clientApi);
    /* test */
    assertTrue(scan instanceof UnauthenticatedScan);
}

Also used : UnauthenticatedScan(com.mercedesbenz.sechub.owaspzapwrapper.scan.UnauthenticatedScan) OwaspZapScanConfiguration(com.mercedesbenz.sechub.owaspzapwrapper.config.OwaspZapScanConfiguration) ClientApi(org.zaproxy.clientapi.core.ClientApi) OwaspZapScan(com.mercedesbenz.sechub.owaspzapwrapper.scan.OwaspZapScan) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Aggregations

OwaspZapScan (com.mercedesbenz.sechub.owaspzapwrapper.scan.OwaspZapScan)2 UnauthenticatedScan (com.mercedesbenz.sechub.owaspzapwrapper.scan.UnauthenticatedScan)2 OwaspZapScanConfiguration (com.mercedesbenz.sechub.owaspzapwrapper.config.OwaspZapScanConfiguration)1 AuthenticationType (com.mercedesbenz.sechub.owaspzapwrapper.config.auth.AuthenticationType)1 HTTPBasicAuthScan (com.mercedesbenz.sechub.owaspzapwrapper.scan.auth.HTTPBasicAuthScan)1 Test (org.junit.jupiter.api.Test)1 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)1 ClientApi (org.zaproxy.clientapi.core.ClientApi)1