Search in sources :

Example 1 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class FormBasedAuthenticationMethodType method getPopupFlagLoginRequestMenuFactory.

/**
	 * Gets the popup menu factory for flagging login requests.
	 * 
	 * @return the popup flag login request menu factory
	 */
private PopupMenuItemSiteNodeContextMenuFactory getPopupFlagLoginRequestMenuFactory() {
    PopupMenuItemSiteNodeContextMenuFactory popupFlagLoginRequestMenuFactory = new PopupMenuItemSiteNodeContextMenuFactory(Constant.messages.getString("context.flag.popup")) {

        private static final long serialVersionUID = 8927418764L;

        @Override
        public PopupMenuItemContext getContextMenu(Context context, String parentMenu) {
            return new PopupMenuItemContext(context, parentMenu, MessageFormat.format(Constant.messages.getString("authentication.method.fb.popup.login.request"), context.getName())) {

                private static final long serialVersionUID = 1967885623005183801L;

                private ExtensionUserManagement usersExtension;

                private Context uiSharedContext;

                /**
					 * Make sure the user acknowledges the Users corresponding to this context will
					 * be deleted.
					 * 
					 * @return true, if successful
					 */
                private boolean confirmUsersDeletion(Context uiSharedContext) {
                    usersExtension = (ExtensionUserManagement) Control.getSingleton().getExtensionLoader().getExtension(ExtensionUserManagement.NAME);
                    if (usersExtension != null) {
                        if (usersExtension.getSharedContextUsers(uiSharedContext).size() > 0) {
                            int choice = JOptionPane.showConfirmDialog(this, Constant.messages.getString("authentication.dialog.confirmChange.label"), Constant.messages.getString("authentication.dialog.confirmChange.title"), JOptionPane.OK_CANCEL_OPTION);
                            if (choice == JOptionPane.CANCEL_OPTION) {
                                return false;
                            }
                        }
                    }
                    return true;
                }

                @Override
                public void performAction(SiteNode sn) {
                    // Manually create the UI shared contexts so any modifications are done
                    // on an UI shared Context, so changes can be undone by pressing Cancel
                    SessionDialog sessionDialog = View.getSingleton().getSessionDialog();
                    sessionDialog.recreateUISharedContexts(Model.getSingleton().getSession());
                    uiSharedContext = sessionDialog.getUISharedContext(this.getContext().getIndex());
                    // Do the work/changes on the UI shared context
                    if (this.getContext().getAuthenticationMethod() instanceof FormBasedAuthenticationMethod) {
                        log.info("Selected new login request via PopupMenu. Changing existing Form-Based Authentication instance for Context " + getContext().getIndex());
                        FormBasedAuthenticationMethod method = (FormBasedAuthenticationMethod) uiSharedContext.getAuthenticationMethod();
                        try {
                            method.setLoginRequest(sn);
                        } catch (Exception e) {
                            log.error("Failed to set login request: " + e.getMessage(), e);
                            return;
                        }
                        // Show the session dialog without recreating UI Shared contexts
                        View.getSingleton().showSessionDialog(Model.getSingleton().getSession(), ContextAuthenticationPanel.buildName(this.getContext().getIndex()), false);
                    } else {
                        log.info("Selected new login request via PopupMenu. Creating new Form-Based Authentication instance for Context " + getContext().getIndex());
                        FormBasedAuthenticationMethod method = new FormBasedAuthenticationMethod();
                        try {
                            method.setLoginRequest(sn);
                        } catch (Exception e) {
                            log.error("Failed to set login request: " + e.getMessage(), e);
                            return;
                        }
                        if (!confirmUsersDeletion(uiSharedContext)) {
                            log.debug("Cancelled change of authentication type.");
                            return;
                        }
                        uiSharedContext.setAuthenticationMethod(method);
                        // Show the session dialog without recreating UI Shared contexts
                        // NOTE: First init the panels of the dialog so old users data gets
                        // loaded and just then delete the users
                        // from the UI data model, otherwise the 'real' users from the
                        // non-shared context would be loaded
                        // and would override any deletions made.
                        View.getSingleton().showSessionDialog(Model.getSingleton().getSession(), ContextAuthenticationPanel.buildName(this.getContext().getIndex()), false, new Runnable() {

                            @Override
                            public void run() {
                                // save as well
                                if (usersExtension != null)
                                    usersExtension.removeSharedContextUsers(uiSharedContext);
                            }
                        });
                    }
                }
            };
        }

        @Override
        public int getParentMenuIndex() {
            return 3;
        }
    };
    return popupFlagLoginRequestMenuFactory;
}
Also used : Context(org.zaproxy.zap.model.Context) PopupMenuItemContext(org.zaproxy.zap.view.popup.PopupMenuItemContext) RecordContext(org.parosproxy.paros.db.RecordContext) ExtensionUserManagement(org.zaproxy.zap.extension.users.ExtensionUserManagement) PopupMenuItemContext(org.zaproxy.zap.view.popup.PopupMenuItemContext) SessionDialog(org.parosproxy.paros.view.SessionDialog) PopupMenuItemSiteNodeContextMenuFactory(org.zaproxy.zap.view.popup.PopupMenuItemSiteNodeContextMenuFactory) URIException(org.apache.commons.httpclient.URIException) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) ApiException(org.zaproxy.zap.extension.api.ApiException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ConfigurationException(org.apache.commons.configuration.ConfigurationException) IOException(java.io.IOException) DatabaseException(org.parosproxy.paros.db.DatabaseException) SiteNode(org.parosproxy.paros.model.SiteNode)

Example 2 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class ReportLastScan method siteXML.

private void siteXML(StringBuilder report) {
    SiteMap siteMap = Model.getSingleton().getSession().getSiteTree();
    SiteNode root = (SiteNode) siteMap.getRoot();
    int siteNumber = root.getChildCount();
    for (int i = 0; i < siteNumber; i++) {
        SiteNode site = (SiteNode) root.getChildAt(i);
        String siteName = ScanPanel.cleanSiteName(site, true);
        String[] hostAndPort = siteName.split(":");
        boolean isSSL = (site.getNodeName().startsWith("https"));
        String siteStart = "<site name=\"" + XMLStringUtil.escapeControlChrs(site.getNodeName()) + "\"" + " host=\"" + XMLStringUtil.escapeControlChrs(hostAndPort[0]) + "\"" + " port=\"" + XMLStringUtil.escapeControlChrs(hostAndPort[1]) + "\"" + " ssl=\"" + String.valueOf(isSSL) + "\"" + ">";
        StringBuilder extensionsXML = getExtensionsXML(site);
        String siteEnd = "</site>";
        report.append(siteStart);
        report.append(extensionsXML);
        report.append(siteEnd);
    }
}
Also used : SiteMap(org.parosproxy.paros.model.SiteMap) SiteNode(org.parosproxy.paros.model.SiteNode)

Example 3 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class CoreAPI method getURLs.

private void getURLs(SiteNode parent, ApiResponseList list) {
    @SuppressWarnings("unchecked") Enumeration<SiteNode> en = parent.children();
    while (en.hasMoreElements()) {
        SiteNode child = en.nextElement();
        String site = child.getNodeName();
        if (site.indexOf("//") >= 0) {
            site = site.substring(site.indexOf("//") + 2);
        }
        try {
            list.addItem(new ApiResponseElement("url", child.getHistoryReference().getURI().toString()));
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
        }
        getURLs(child, list);
    }
}
Also used : URIException(org.apache.commons.httpclient.URIException) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) PatternSyntaxException(java.util.regex.PatternSyntaxException) JSONException(net.sf.json.JSONException) IOException(java.io.IOException) DatabaseException(org.parosproxy.paros.db.DatabaseException) SiteNode(org.parosproxy.paros.model.SiteNode)

Example 4 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class PopupMenuExportSelectedURLs method getOutputSet.

private SortedSet<String> getOutputSet(TreePath[] startingPoints) {
    JTree siteTree = extension.getView().getSiteTreePanel().getTreeSite();
    ArrayList<TreePath> startingPts = new ArrayList<>();
    if (ArrayUtils.isEmpty(startingPoints)) {
        startingPts.add(new TreePath(siteTree.getModel().getRoot()));
    } else {
        startingPts.addAll(Arrays.asList(startingPoints));
    }
    SortedSet<String> outputSet = new TreeSet<>();
    for (TreePath aPath : startingPts) {
        Enumeration<?> en = (((SiteNode) aPath.getLastPathComponent()).preorderEnumeration());
        while (en.hasMoreElements()) {
            SiteNode node = (SiteNode) en.nextElement();
            if (node.isRoot()) {
                continue;
            }
            outputSet.add(node.getHistoryReference().getURI().toString());
        }
    }
    return outputSet;
}
Also used : JTree(javax.swing.JTree) TreePath(javax.swing.tree.TreePath) TreeSet(java.util.TreeSet) ArrayList(java.util.ArrayList) SiteNode(org.parosproxy.paros.model.SiteNode)

Example 5 with SiteNode

use of org.parosproxy.paros.model.SiteNode in project zaproxy by zaproxy.

the class PopupMenuItemContextDataDrivenNode method performAction.

@Override
public void performAction(SiteNode sn) {
    Session session = Model.getSingleton().getSession();
    SessionDialog sessionDialog = View.getSingleton().getSessionDialog();
    sessionDialog.recreateUISharedContexts(session);
    Context uiSharedContext = sessionDialog.getUISharedContext(context.getId());
    // We want to form a regex expression like:
    // https://www.example.com/(aa/bb/cc/)(.+?)(/.*)
    StringBuilder sb = new StringBuilder();
    SiteNode parent = sn.getParent();
    while (!parent.getParent().isRoot()) {
        sb.insert(0, "/");
        if (parent.isDataDriven()) {
            // Don't want these in their own regex group
            sb.insert(0, ".+?");
        } else {
            sb.insert(0, parent.getCleanNodeName());
        }
        parent = parent.getParent();
    }
    sb.insert(0, "/(");
    sb.insert(0, parent.getCleanNodeName());
    sb.append(")(.+?)(/.*)");
    Pattern p = Pattern.compile(sb.toString());
    uiSharedContext.addDataDrivenNodes(new StructuralNodeModifier(StructuralNodeModifier.Type.DataDrivenNode, p, uiSharedContext.getDefaultDDNName()));
    // Show the session dialog without recreating UI Shared contexts
    View.getSingleton().showSessionDialog(session, ContextStructurePanel.getPanelName(context.getId()), false);
}
Also used : Context(org.zaproxy.zap.model.Context) Pattern(java.util.regex.Pattern) StructuralNodeModifier(org.zaproxy.zap.model.StructuralNodeModifier) SessionDialog(org.parosproxy.paros.view.SessionDialog) Session(org.parosproxy.paros.model.Session) SiteNode(org.parosproxy.paros.model.SiteNode)

Aggregations

SiteNode (org.parosproxy.paros.model.SiteNode)68 DatabaseException (org.parosproxy.paros.db.DatabaseException)11 JTree (javax.swing.JTree)9 TreeNode (javax.swing.tree.TreeNode)9 TreePath (javax.swing.tree.TreePath)9 Target (org.zaproxy.zap.model.Target)9 URIException (org.apache.commons.httpclient.URIException)8 SiteMap (org.parosproxy.paros.model.SiteMap)8 ArrayList (java.util.ArrayList)7 HistoryReference (org.parosproxy.paros.model.HistoryReference)7 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)7 Context (org.zaproxy.zap.model.Context)7 Test (org.junit.jupiter.api.Test)5 Alert (org.parosproxy.paros.core.scanner.Alert)5 Session (org.parosproxy.paros.model.Session)5 IOException (java.io.IOException)4 List (java.util.List)4 RecordStructure (org.parosproxy.paros.db.RecordStructure)4 ActionEvent (java.awt.event.ActionEvent)3 PatternSyntaxException (java.util.regex.PatternSyntaxException)3