Search in sources :

Example 46 with ApiException

use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.

the class AntiCsrfAPI method handleApiView.

@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
    ApiResponse result;
    ApiResponseList resultList;
    switch(name) {
        case VIEW_TOKENS_NAMES:
            resultList = new ApiResponseList(name);
            for (String tokenName : extension.getParam().getTokensNames()) {
                resultList.addItem(new ApiResponseElement(TOKEN_NAME, tokenName));
            }
            result = resultList;
            break;
        default:
            throw new ApiException(Type.BAD_VIEW);
    }
    return result;
}
Also used : ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement) ApiResponse(org.zaproxy.zap.extension.api.ApiResponse) ApiException(org.zaproxy.zap.extension.api.ApiException)

Example 47 with ApiException

use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.

the class RuleConfigAPI method handleApiView.

@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
    ApiResponse result;
    switch(name) {
        case VIEW_RULE_CONFIG_VALUE:
            RuleConfig rc = extension.getRuleConfig(params.getString(PARAM_KEY));
            if (rc != null) {
                result = new ApiResponseElement(name, rc.getValue());
            } else {
                throw new ApiException(ApiException.Type.DOES_NOT_EXIST, PARAM_KEY);
            }
            break;
        case VIEW_ALL_RULE_CONFIGS:
            List<RuleConfig> allRules = extension.getAllRuleConfigs();
            ApiResponseList resultList = new ApiResponseList(name);
            for (RuleConfig rc2 : allRules) {
                Map<String, String> map = new HashMap<>();
                map.put("key", String.valueOf(rc2.getKey()));
                map.put("defaultValue", rc2.getDefaultValue());
                map.put("value", String.valueOf(rc2.getValue()));
                if (Constant.messages.containsKey(rc2.getKey())) {
                    map.put("description", Constant.messages.getString(rc2.getKey()));
                }
                resultList.addItem(new ApiResponseSet<>("ruleConfig", map));
            }
            result = resultList;
            break;
        default:
            throw new ApiException(ApiException.Type.BAD_VIEW);
    }
    return result;
}
Also used : ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement) ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) HashMap(java.util.HashMap) ApiResponse(org.zaproxy.zap.extension.api.ApiResponse) ApiException(org.zaproxy.zap.extension.api.ApiException)

Example 48 with ApiException

use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.

the class ProxiesAPI method handleApiView.

@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
    if (VIEW_ADDITIONAL_PROXIES.equals(name)) {
        ApiResponseList response = new ApiResponseList(name);
        for (ProxiesParamProxy p : (this.extension.getAdditionalProxies())) {
            Map<String, String> map = new HashMap<>();
            map.put("address", p.getAddress());
            map.put("port", Integer.toString(p.getPort()));
            map.put("enabled", Boolean.toString(p.isEnabled()));
            map.put("behindNat", Boolean.toString(p.isBehindNat()));
            map.put("alwaysDecodeZip", Boolean.toString(p.isAlwaysDecodeGzip()));
            map.put("removeUnsupportedEncodings", Boolean.toString(p.isRemoveUnsupportedEncodings()));
            response.addItem(new ApiResponseSet<>("proxy", map));
        }
        return response;
    } else {
        throw new ApiException(ApiException.Type.BAD_VIEW, name);
    }
}
Also used : ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) HashMap(java.util.HashMap) ApiException(org.zaproxy.zap.extension.api.ApiException)

Example 49 with ApiException

use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.

the class PassiveScanAPI method handleApiView.

@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
    ApiResponse result;
    switch(name) {
        case VIEW_SCAN_ONLY_IN_SCOPE:
            result = new ApiResponseElement(name, Boolean.toString(extension.getPassiveScanParam().isScanOnlyInScope()));
            break;
        case VIEW_RECORDS_TO_SCAN:
            result = new ApiResponseElement(name, String.valueOf(extension.getRecordsToScan()));
            break;
        case VIEW_SCANNERS:
            List<PluginPassiveScanner> scanners = extension.getPluginPassiveScanners();
            ApiResponseList resultList = new ApiResponseList(name);
            for (PluginPassiveScanner scanner : scanners) {
                Map<String, String> map = new HashMap<>();
                map.put("id", String.valueOf(scanner.getPluginId()));
                map.put("name", scanner.getName());
                map.put("enabled", String.valueOf(scanner.isEnabled()));
                map.put("alertThreshold", scanner.getAlertThreshold(true).name());
                map.put("quality", scanner.getStatus().toString());
                resultList.addItem(new ApiResponseSet<>("scanner", map));
            }
            result = resultList;
            break;
        case VIEW_CURRENT_RULE:
            Map<String, String> map = new HashMap<>();
            map.put("name", extension.getCurrentRuleName());
            map.put("url", extension.getCurrentUrl());
            long time = extension.getCurrentRuleStartTime();
            if (time > 0) {
                time = System.currentTimeMillis() - time;
            }
            map.put("time", String.valueOf(time));
            result = new ApiResponseSet<>(name, map);
            break;
        case VIEW_MAX_ALERTS_PER_RULE:
            result = new ApiResponseElement(VIEW_MAX_ALERTS_PER_RULE, Integer.toString(extension.getPassiveScanParam().getMaxAlertsPerRule()));
            break;
        default:
            throw new ApiException(ApiException.Type.BAD_VIEW);
    }
    return result;
}
Also used : ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement) ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) HashMap(java.util.HashMap) ApiResponse(org.zaproxy.zap.extension.api.ApiResponse) ApiException(org.zaproxy.zap.extension.api.ApiException)

Example 50 with ApiException

use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.

the class SearchAPI method handleApiOther.

@Override
public HttpMessage handleApiOther(HttpMessage msg, String name, JSONObject params) throws ApiException {
    byte[] responseBody = {};
    ExtensionSearch.Type searchType;
    switch(name) {
        case OTHER_HAR_BY_URL_REGEX:
            searchType = ExtensionSearch.Type.URL;
            break;
        case OTHER_HAR_BY_REQUEST_REGEX:
            searchType = ExtensionSearch.Type.Request;
            break;
        case OTHER_HAR_BY_RESPONSE_REGEX:
            searchType = ExtensionSearch.Type.Response;
            break;
        case OTHER_HAR_BY_HEADER_REGEX:
            searchType = ExtensionSearch.Type.Header;
            break;
        default:
            throw new ApiException(ApiException.Type.BAD_OTHER);
    }
    validateRegex(params);
    try {
        final HarEntries entries = new HarEntries();
        search(params, searchType, rh -> {
            HarEntry entry = HarUtils.createHarEntry(rh.getHistoryId(), rh.getHistoryType(), rh.getHttpMessage());
            entries.addEntry(entry);
        });
        HarLog harLog = HarUtils.createZapHarLog();
        harLog.setEntries(entries);
        responseBody = HarUtils.harLogToByteArray(harLog);
    } catch (Exception e) {
        log.error(e.getMessage(), e);
        ApiException apiException = new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
        responseBody = apiException.toString(API.Format.JSON, incErrorDetails()).getBytes(StandardCharsets.UTF_8);
    }
    try {
        msg.setResponseHeader(API.getDefaultResponseHeader("application/json; charset=UTF-8", responseBody.length));
    } catch (HttpMalformedHeaderException e) {
        log.error("Failed to create response header: " + e.getMessage(), e);
    }
    msg.setResponseBody(responseBody);
    return msg;
}
Also used : HarEntry(edu.umass.cs.benchlab.har.HarEntry) HarEntries(edu.umass.cs.benchlab.har.HarEntries) HarLog(edu.umass.cs.benchlab.har.HarLog) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) PatternSyntaxException(java.util.regex.PatternSyntaxException) ApiException(org.zaproxy.zap.extension.api.ApiException) DatabaseException(org.parosproxy.paros.db.DatabaseException) ApiException(org.zaproxy.zap.extension.api.ApiException)

Aggregations

ApiException (org.zaproxy.zap.extension.api.ApiException)57 JSONObject (net.sf.json.JSONObject)22 Context (org.zaproxy.zap.model.Context)20 ApiResponseList (org.zaproxy.zap.extension.api.ApiResponseList)16 ApiResponseElement (org.zaproxy.zap.extension.api.ApiResponseElement)15 DatabaseException (org.parosproxy.paros.db.DatabaseException)13 HashMap (java.util.HashMap)12 ApiDynamicActionImplementor (org.zaproxy.zap.extension.api.ApiDynamicActionImplementor)10 ApiResponse (org.zaproxy.zap.extension.api.ApiResponse)9 User (org.zaproxy.zap.users.User)9 ArrayList (java.util.ArrayList)8 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)8 HttpMessage (org.parosproxy.paros.network.HttpMessage)7 JSONException (net.sf.json.JSONException)6 ConfigurationException (org.apache.commons.configuration.ConfigurationException)6 IOException (java.io.IOException)5 PatternSyntaxException (java.util.regex.PatternSyntaxException)5 URIException (org.apache.commons.httpclient.URIException)5 RecordContext (org.parosproxy.paros.db.RecordContext)5 ExtensionUserManagement (org.zaproxy.zap.extension.users.ExtensionUserManagement)5