use of org.parosproxy.paros.network.ConnectionParam in project zaproxy by zaproxy.
the class ApiGeneratorUtils method getAllImplementors.
/**
* Return all of the available ApiImplementors. If you implement a new ApiImplementor then you
* must add it to this class.
*
* @return all of the available ApiImplementors.
*/
public static List<ApiImplementor> getAllImplementors() {
List<ApiImplementor> imps = new ArrayList<>();
ApiImplementor api;
imps.add(new AlertAPI(null));
api = new AntiCsrfAPI(null);
api.addApiOptions(new AntiCsrfParam());
imps.add(api);
imps.add(new PassiveScanAPI(null));
imps.add(new SearchAPI(null));
api = new AutoUpdateAPI(null);
api.addApiOptions(new OptionsParamCheckForUpdates());
imps.add(api);
api = new SpiderAPI(null);
api.addApiOptions(new SpiderParam());
imps.add(api);
api = new CoreAPI(new ConnectionParam());
imps.add(api);
imps.add(new ParamsAPI(null));
api = new ActiveScanAPI(null);
api.addApiOptions(new ScannerParam());
imps.add(api);
imps.add(new ContextAPI());
imps.add(new HttpSessionsAPI(null));
imps.add(new BreakAPI(null));
imps.add(new AuthenticationAPI(null));
imps.add(new AuthorizationAPI());
imps.add(new RuleConfigAPI(null));
imps.add(new SessionManagementAPI(null));
imps.add(new UsersAPI(null));
imps.add(new ForcedUserAPI(null));
imps.add(new ScriptAPI(null));
api = new StatsAPI(null);
api.addApiOptions(new StatsParam());
imps.add(api);
return imps;
}
use of org.parosproxy.paros.network.ConnectionParam in project zaproxy by zaproxy.
the class CoreAPI method handleApiAction.
@Override
public ApiResponse handleApiAction(String name, JSONObject params) throws ApiException {
Session session = Model.getSingleton().getSession();
if (ACTION_ACCESS_URL.equals(name)) {
URI uri;
try {
uri = new URI(params.getString(PARAM_URL), true);
} catch (URIException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_URL, e);
}
HttpMessage request;
try {
request = new HttpMessage(new HttpRequestHeader(HttpRequestHeader.GET, uri, HttpHeader.HTTP11));
} catch (HttpMalformedHeaderException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_URL, e);
}
return sendHttpMessage(request, getParam(params, PARAM_FOLLOW_REDIRECTS, false), name);
} else if (ACTION_SHUTDOWN.equals(name)) {
Thread thread = new Thread("ZAP-Shutdown") {
@Override
public void run() {
try {
// Give the API a chance to return
sleep(1000);
} catch (InterruptedException e) {
// Ignore
}
try {
Control.getSingleton().shutdown(Model.getSingleton().getOptionsParam().getDatabaseParam().isCompactDatabase());
logger.info(Constant.PROGRAM_TITLE + " terminated.");
} catch (Throwable e) {
logger.error("An error occurred while shutting down:", e);
} finally {
System.exit(Control.getSingleton().getExitStatus());
}
}
};
thread.start();
} else if (ACTION_SAVE_SESSION.equalsIgnoreCase(name)) {
// Ignore case for backwards compatibility
Path sessionPath = SessionUtils.getSessionPath(params.getString(PARAM_SESSION));
String filename = sessionPath.toAbsolutePath().toString();
final boolean overwrite = getParam(params, PARAM_OVERWRITE_SESSION, false);
if (Files.exists(sessionPath)) {
boolean sameSession = false;
if (overwrite && !session.isNewState()) {
try {
sameSession = Files.isSameFile(Paths.get(session.getFileName()), sessionPath);
} catch (IOException e) {
logger.error("Failed to check if same session path:", e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
}
if (!overwrite || sameSession) {
throw new ApiException(ApiException.Type.ALREADY_EXISTS, filename);
}
}
this.savingSession = true;
try {
Control.getSingleton().saveSession(filename, this);
} catch (Exception e) {
logger.error("Failed to save the session:", e);
this.savingSession = false;
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
// Wait for notification that its worked ok
try {
while (this.savingSession) {
Thread.sleep(200);
}
} catch (InterruptedException e) {
// Probably not an error
logger.debug(e.getMessage(), e);
}
logger.debug("Can now return after saving session");
} else if (ACTION_SNAPSHOT_SESSION.equalsIgnoreCase(name)) {
// Ignore case for backwards compatibility
if (session.isNewState()) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
}
List<String> actions = Control.getSingleton().getExtensionLoader().getActiveActions();
if (!actions.isEmpty()) {
throw new ApiException(ApiException.Type.BAD_STATE, "Active actions prevent the session snapshot: " + actions);
}
String fileName = ApiUtils.getOptionalStringParam(params, PARAM_SESSION);
if (fileName == null || fileName.isEmpty()) {
fileName = session.getFileName();
if (fileName.endsWith(".session")) {
fileName = fileName.substring(0, fileName.length() - 8);
}
fileName += "-" + dateFormat.format(new Date()) + ".session";
} else {
Path sessionPath = SessionUtils.getSessionPath(fileName);
fileName = sessionPath.toAbsolutePath().toString();
if (Files.exists(sessionPath)) {
final boolean overwrite = getParam(params, PARAM_OVERWRITE_SESSION, false);
boolean sameSession = false;
try {
sameSession = Files.isSameFile(Paths.get(session.getFileName()), sessionPath);
} catch (IOException e) {
logger.error("Failed to check if same session path:", e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
if (!overwrite || sameSession) {
throw new ApiException(ApiException.Type.ALREADY_EXISTS, fileName);
}
}
}
this.savingSession = true;
try {
Control.getSingleton().snapshotSession(fileName, this);
} catch (Exception e) {
logger.error("Failed to snapshot the session:", e);
this.savingSession = false;
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
// Wait for notification that its worked ok
try {
while (this.savingSession) {
Thread.sleep(200);
}
} catch (InterruptedException e) {
// Probably not an error
logger.debug(e.getMessage(), e);
}
logger.debug("Can now return after saving session");
} else if (ACTION_LOAD_SESSION.equalsIgnoreCase(name)) {
// Ignore case for backwards compatibility
Path sessionPath = SessionUtils.getSessionPath(params.getString(PARAM_SESSION));
String filename = sessionPath.toAbsolutePath().toString();
if (!Files.exists(sessionPath)) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, filename);
}
try {
Control.getSingleton().runCommandLineOpenSession(filename);
} catch (Exception e) {
logger.error("Failed to load the session:", e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
} else if (ACTION_NEW_SESSION.equalsIgnoreCase(name)) {
// Ignore case for backwards compatibility
String sessionName = null;
try {
sessionName = params.getString(PARAM_SESSION);
} catch (Exception e1) {
// Ignore
}
if (sessionName == null || sessionName.length() == 0) {
// Create a new 'unnamed' session
Control.getSingleton().discardSession();
try {
Control.getSingleton().newSession();
} catch (Exception e) {
logger.error("Failed to create a new session:", e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
} else {
Path sessionPath = SessionUtils.getSessionPath(sessionName);
String filename = sessionPath.toAbsolutePath().toString();
final boolean overwrite = getParam(params, PARAM_OVERWRITE_SESSION, false);
if (Files.exists(sessionPath) && !overwrite) {
throw new ApiException(ApiException.Type.ALREADY_EXISTS, filename);
}
try {
Control.getSingleton().runCommandLineNewSession(filename);
} catch (Exception e) {
logger.error("Failed to create a new session:", e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
}
} else if (ACTION_CLEAR_EXCLUDED_FROM_PROXY.equals(name)) {
try {
session.setExcludeFromProxyRegexs(new ArrayList<>());
} catch (DatabaseException e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
} else if (ACTION_EXCLUDE_FROM_PROXY.equals(name)) {
String regex = params.getString(PARAM_REGEX);
try {
session.addExcludeFromProxyRegex(regex);
} catch (DatabaseException e) {
logger.error(e.getMessage(), e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
} catch (PatternSyntaxException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_REGEX);
}
} else if (ACTION_SET_HOME_DIRECTORY.equals(name)) {
File f = new File(params.getString(PARAM_DIR));
if (f.exists() && f.isDirectory()) {
Model.getSingleton().getOptionsParam().setUserDirectory(f);
} else {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_DIR);
}
} else if (ACTION_SET_MODE.equals(name)) {
try {
Mode mode = Mode.valueOf(params.getString(PARAM_MODE).toLowerCase());
if (View.isInitialised()) {
View.getSingleton().getMainFrame().getMainToolbarPanel().setMode(mode);
View.getSingleton().getMainFrame().getMainMenuBar().setMode(mode);
} else {
Control.getSingleton().setMode(mode);
}
} catch (Exception e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_MODE);
}
} else if (ACTION_GENERATE_ROOT_CA.equals(name)) {
return getNetworkImplementor().handleApiAction("generateRootCaCert", params);
} else if (ACTION_SEND_REQUEST.equals(name)) {
HttpMessage request;
try {
request = createRequest(params.getString(PARAM_REQUEST));
} catch (HttpMalformedHeaderException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_REQUEST, e);
}
validateForCurrentMode(request);
return sendHttpMessage(request, getParam(params, PARAM_FOLLOW_REDIRECTS, false), name);
} else if (ACTION_DELETE_ALL_ALERTS.equals(name)) {
return API.getInstance().getImplementors().get(AlertAPI.PREFIX).handleApiAction(name, params);
} else if (ACTION_DELETE_ALERT.equals(name)) {
return API.getInstance().getImplementors().get(AlertAPI.PREFIX).handleApiAction(name, params);
} else if (ACTION_COLLECT_GARBAGE.equals(name)) {
System.gc();
return ApiResponseElement.OK;
} else if (ACTION_DELETE_SITE_NODE.equals(name)) {
try {
String url = params.getString(PARAM_URL);
String method = getParam(params, PARAM_METHOD, "GET");
String postData = getParam(params, PARAM_POST_DATA, "");
URI uri = new URI(url, true);
SiteMap siteMap = session.getSiteTree();
SiteNode siteNode = siteMap.findNode(uri, method, postData);
if (siteNode == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, PARAM_URL);
}
if (getExtHistory() != null) {
getExtHistory().purge(siteMap, siteNode);
}
return ApiResponseElement.OK;
} catch (URIException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_URL, e);
}
} else if (ACTION_ADD_PROXY_CHAIN_EXCLUDED_DOMAIN.equals(name)) {
try {
ConnectionParam connectionParam = Model.getSingleton().getOptionsParam().getConnectionParam();
String value = params.getString(PARAM_VALUE);
DomainMatcher domain;
if (getParam(params, PARAM_IS_REGEX, false)) {
domain = new DomainMatcher(DomainMatcher.createPattern(value));
} else {
domain = new DomainMatcher(value);
}
domain.setEnabled(getParam(params, PARAM_IS_ENABLED, true));
List<DomainMatcher> domains = new ArrayList<>(connectionParam.getProxyExcludedDomains());
domains.add(domain);
connectionParam.setProxyExcludedDomains(domains);
} catch (IllegalArgumentException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_VALUE, e);
}
} else if (ACTION_MODIFY_PROXY_CHAIN_EXCLUDED_DOMAIN.equals(name)) {
try {
ConnectionParam connectionParam = Model.getSingleton().getOptionsParam().getConnectionParam();
int idx = params.getInt(PARAM_IDX);
if (idx < 0 || idx >= connectionParam.getProxyExcludedDomains().size()) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_IDX);
}
DomainMatcher oldDomain = connectionParam.getProxyExcludedDomains().get(idx);
String value = getParam(params, PARAM_VALUE, oldDomain.getValue());
if (value.isEmpty()) {
value = oldDomain.getValue();
}
DomainMatcher newDomain;
if (getParam(params, PARAM_IS_REGEX, oldDomain.isRegex())) {
newDomain = new DomainMatcher(DomainMatcher.createPattern(value));
} else {
newDomain = new DomainMatcher(value);
}
newDomain.setEnabled(getParam(params, PARAM_IS_ENABLED, oldDomain.isEnabled()));
if (!oldDomain.equals(newDomain)) {
List<DomainMatcher> domains = new ArrayList<>(connectionParam.getProxyExcludedDomains());
domains.set(idx, newDomain);
connectionParam.setProxyExcludedDomains(domains);
}
} catch (JSONException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_IDX, e);
} catch (IllegalArgumentException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_VALUE, e);
}
} else if (ACTION_REMOVE_PROXY_CHAIN_EXCLUDED_DOMAIN.equals(name)) {
try {
ConnectionParam connectionParam = Model.getSingleton().getOptionsParam().getConnectionParam();
int idx = params.getInt(PARAM_IDX);
if (idx < 0 || idx >= connectionParam.getProxyExcludedDomains().size()) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_IDX);
}
List<DomainMatcher> domains = new ArrayList<>(connectionParam.getProxyExcludedDomains());
domains.remove(idx);
connectionParam.setProxyExcludedDomains(domains);
} catch (JSONException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_IDX, e);
}
} else if (ACTION_ENABLE_ALL_PROXY_CHAIN_EXCLUDED_DOMAINS.equals(name)) {
setProxyChainExcludedDomainsEnabled(true);
} else if (ACTION_DISABLE_ALL_PROXY_CHAIN_EXCLUDED_DOMAINS.equals(name)) {
setProxyChainExcludedDomainsEnabled(false);
} else if (ACTION_OPTION_MAXIMUM_ALERT_INSTANCES.equals(name)) {
try {
getAlertParam(ApiException.Type.BAD_ACTION).setMaximumInstances(params.getInt(PARAM_NUMBER_OF_INSTANCES));
} catch (JSONException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_NUMBER_OF_INSTANCES, e);
}
} else if (ACTION_OPTION_MERGE_RELATED_ALERTS.equals(name)) {
try {
getAlertParam(ApiException.Type.BAD_ACTION).setMergeRelatedIssues(params.getBoolean(PARAM_ENABLED));
} catch (JSONException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_ENABLED, e);
}
} else if (ACTION_OPTION_ALERT_OVERRIDES_FILE_PATH.equals(name)) {
String filePath = getParam(params, PARAM_FILE_PATH, "");
if (!filePath.isEmpty()) {
File file = new File(filePath);
if (!file.isFile() || !file.canRead()) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_FILE_PATH);
}
}
getAlertParam(ApiException.Type.BAD_ACTION).setOverridesFilename(filePath);
if (!Control.getSingleton().getExtensionLoader().getExtension(ExtensionAlert.class).reloadOverridesFile()) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_FILE_PATH);
}
} else if (ACTION_ENABLE_PKCS12_CLIENT_CERTIFICATE.equals(name)) {
String filePath = getParam(params, PARAM_FILE_PATH, "");
if (!filePath.isEmpty()) {
File file = new File(filePath);
if (!file.isFile() || !file.canRead()) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_FILE_PATH);
}
}
String password = getParam(params, PARAM_PASSWORD, "");
if (password.isEmpty()) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_PASSWORD);
}
int certIndex = getParam(params, PARAM_INDEX, 0);
if (certIndex < 0) {
certIndex = 0;
}
OptionsParamCertificate certParams = Model.getSingleton().getOptionsParam().getCertificateParam();
try {
SSLContextManager contextManager = certParams.getSSLContextManager();
int ksIndex = contextManager.loadPKCS12Certificate(filePath, password);
contextManager.unlockKey(ksIndex, certIndex, password);
contextManager.setDefaultKey(ksIndex, certIndex);
certParams.setActiveCertificate();
certParams.setEnableCertificate(true);
logger.info("Client Certificate enabled from API");
} catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException | KeyManagementException ex) {
logger.error("The certificate could not be enabled due to an error", ex);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, ex);
}
return ApiResponseElement.OK;
} else if (ACTION_DISABLE_CLIENT_CERTIFICATE.equals(name)) {
Model.getSingleton().getOptionsParam().getCertificateParam().setEnableCertificate(false);
logger.info("Client Certificate disabled from API");
return ApiResponseElement.OK;
} else {
throw new ApiException(ApiException.Type.BAD_ACTION);
}
return ApiResponseElement.OK;
}
use of org.parosproxy.paros.network.ConnectionParam in project zaproxy by zaproxy.
the class OptionsConnectionPanel method saveParam.
@Override
public void saveParam(Object obj) throws Exception {
OptionsParam optionsParam = (OptionsParam) obj;
ConnectionParam connectionParam = optionsParam.getConnectionParam();
connectionParam.setProxyChainName(txtProxyChainName.getText());
// ZAP: Do not allow invalid port numbers
connectionParam.setProxyChainPort(spinnerProxyChainPort.getValue());
connectionParam.setProxyExcludedDomains(getProxyExcludedDomainsTableModel().getElements());
connectionParam.setConfirmRemoveProxyExcludedDomain(!getProxyExcludedDomainsPanel().isRemoveWithoutConfirmation());
connectionParam.setProxyChainRealm(txtProxyChainRealm.getText());
connectionParam.setProxyChainUserName(txtProxyChainUserName.getText());
connectionParam.setProxyChainPrompt(chkProxyChainPrompt.isSelected());
// ZAP: Added prompt option
if (chkUseProxyChain.isSelected() && chkProxyChainAuth.isSelected() && chkProxyChainPrompt.isSelected()) {
if (View.isInitialised()) {
// And prompt now
ProxyDialog dialog = new ProxyDialog(View.getSingleton().getMainFrame(), true);
dialog.init(Model.getSingleton().getOptionsParam());
dialog.setVisible(true);
}
} else {
connectionParam.setProxyChainPassword(new String(txtProxyChainPassword.getPassword()));
}
connectionParam.setTimeoutInSecs(spinnerTimeoutInSecs.getValue());
connectionParam.setSingleCookieRequestHeader(checkBoxSingleCookieRequestHeader.isSelected());
connectionParam.setHttpStateEnabled(checkBoxHttpStateEnabled.isSelected());
connectionParam.setUseProxyChain(chkUseProxyChain.isSelected());
connectionParam.setUseProxyChainAuth(chkProxyChainAuth.isSelected());
connectionParam.setDnsTtlSuccessfulQueries(dnsTtlSuccessfulQueriesNumberSpinner.getValue());
connectionParam.setSecurityProtocolsEnabled(securityProtocolsPanel.getSelectedProtocols());
connectionParam.setDefaultUserAgent(defaultUserAgent.getText());
socksProxyPanel.saveParam(connectionParam);
}
use of org.parosproxy.paros.network.ConnectionParam in project zaproxy by zaproxy.
the class OptionsConnectionPanel method initParam.
@Override
public void initParam(Object obj) {
OptionsParam optionsParam = (OptionsParam) obj;
ConnectionParam connectionParam = optionsParam.getConnectionParam();
// set Proxy Chain parameters
txtProxyChainRealm.setText(connectionParam.getProxyChainRealm());
txtProxyChainRealm.discardAllEdits();
txtProxyChainUserName.setText(connectionParam.getProxyChainUserName());
txtProxyChainUserName.discardAllEdits();
// Default don't show (everytime)
chkShowPassword.setSelected(false);
// Default mask (everytime)
txtProxyChainPassword.setEchoChar('*');
this.proxyDialog.pack();
}
use of org.parosproxy.paros.network.ConnectionParam in project zaproxy by zaproxy.
the class OptionsConnectionPanel method saveParam.
@Override
public void saveParam(Object obj) throws Exception {
OptionsParam optionsParam = (OptionsParam) obj;
ConnectionParam connectionParam = optionsParam.getConnectionParam();
connectionParam.setProxyChainRealm(txtProxyChainRealm.getText());
connectionParam.setProxyChainUserName(txtProxyChainUserName.getText());
// Make sure this isn't saved in the config file
connectionParam.setProxyChainPassword(new String(txtProxyChainPassword.getPassword()), false);
}
Aggregations