Example 56 with ApiException
use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.
the class HttpSessionsAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
if (log.isDebugEnabled()) {
log.debug("Request for handleApiView: " + name + " (params: " + params.toString() + ")");
}
HttpSessionsSite site;
switch(name) {
case VIEW_SITES:
// Get all sites with sessions
ApiResponseList responseSites = new ApiResponseList(name);
for (String s : extension.getSites()) {
responseSites.addItem(new ApiResponseElement("site", s));
}
return responseSites;
case VIEW_SESSIONS:
// Get existing sessions
site = extension.getHttpSessionsSite(ApiUtils.getAuthority(params.getString(ACTION_PARAM_SITE)), false);
if (site == null) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SITE);
}
ApiResponseList response = new ApiResponseList(name);
String vsName = getParam(params, VIEW_PARAM_SESSION, "");
// If a session name was not provided
if (vsName == null || vsName.isEmpty()) {
Set<HttpSession> sessions = site.getHttpSessions();
if (log.isDebugEnabled()) {
log.debug("API View for sessions for " + ApiUtils.getAuthority(params.getString(VIEW_PARAM_SITE)) + ": " + site);
}
// Build the response
for (HttpSession session : sessions) {
// Dont include 'null' sessions
if (session.getTokenValuesUnmodifiableMap().size() > 0) {
response.addItem(createSessionResponse(session));
}
}
} else // If a session name was provided
{
HttpSession session = site.getHttpSession(vsName);
if (session != null) {
response.addItem(createSessionResponse(session));
}
}
return response;
case VIEW_ACTIVE_SESSION:
// Get existing sessions
site = extension.getHttpSessionsSite(ApiUtils.getAuthority(params.getString(ACTION_PARAM_SITE)), false);
if (site == null) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SITE);
}
if (log.isDebugEnabled()) {
log.debug("API View for active session for " + ApiUtils.getAuthority(params.getString(VIEW_PARAM_SITE)) + ": " + site);
}
if (site.getActiveSession() != null) {
return new ApiResponseElement("active_session", site.getActiveSession().getName());
} else {
return new ApiResponseElement("active_session", "");
}
case VIEW_SESSION_TOKENS:
final String siteName = ApiUtils.getAuthority(params.getString(ACTION_PARAM_SITE));
// Check if the site exists
if (extension.getHttpSessionsSite(siteName, false) == null) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SITE);
}
// Get session tokens
HttpSessionTokensSet sessionTokens = extension.getHttpSessionTokensSet(siteName);
ApiResponseList responseST = new ApiResponseList("session_tokens");
if (sessionTokens != null) {
Set<String> tokens = sessionTokens.getTokensSet();
// Build response list
if (tokens != null) {
for (String token : tokens) {
responseST.addItem(new ApiResponseElement("token", token));
}
}
}
return responseST;
case VIEW_DEFAULT_SESSION_TOKENS:
ApiResponseList defaultSessionTokens = new ApiResponseList(name);
for (HttpSessionToken token : extension.getParam().getDefaultTokens()) {
Map<String, Object> tokenFields = new HashMap<>();
tokenFields.put("name", token.getName());
tokenFields.put("enabled", token.isEnabled());
defaultSessionTokens.addItem(new ApiResponseSet<>("token", tokenFields));
}
return defaultSessionTokens;
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
Also used :
HashMap(java.util.HashMap)
ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList)
ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement)
JSONObject(net.sf.json.JSONObject)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Example 57 with ApiException
use of org.zaproxy.zap.extension.api.ApiException in project zaproxy by zaproxy.
the class ParamsAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
if (VIEW_PARAMS.equals(name)) {
ApiResponseList result = new ApiResponseList("Parameters");
if (params.containsKey(VIEW_PARAMS_PARAM_SITE)) {
String paramSite = params.getString(VIEW_PARAMS_PARAM_SITE);
if (!paramSite.isEmpty()) {
String site = ApiUtils.getAuthority(paramSite);
if (!extension.hasSite(site)) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, paramSite);
}
if (extension.hasParameters(site)) {
result.addItem(createSiteParamStatsResponse(extension.getSiteParameters(site)));
}
return result;
}
}
Collection<SiteParameters> siteParams = extension.getAllSiteParameters();
for (SiteParameters siteParam : siteParams) {
result.addItem(createSiteParamStatsResponse(siteParam));
}
return result;
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
Also used :
ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Aggregations
ApiException (org.zaproxy.zap.extension.api.ApiException)57
JSONObject (net.sf.json.JSONObject)22
Context (org.zaproxy.zap.model.Context)20
ApiResponseList (org.zaproxy.zap.extension.api.ApiResponseList)16
ApiResponseElement (org.zaproxy.zap.extension.api.ApiResponseElement)15
DatabaseException (org.parosproxy.paros.db.DatabaseException)13
HashMap (java.util.HashMap)12
ApiDynamicActionImplementor (org.zaproxy.zap.extension.api.ApiDynamicActionImplementor)10
ApiResponse (org.zaproxy.zap.extension.api.ApiResponse)9
User (org.zaproxy.zap.users.User)9
ArrayList (java.util.ArrayList)8
HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)8
HttpMessage (org.parosproxy.paros.network.HttpMessage)7
JSONException (net.sf.json.JSONException)6
ConfigurationException (org.apache.commons.configuration.ConfigurationException)6
IOException (java.io.IOException)5
PatternSyntaxException (java.util.regex.PatternSyntaxException)5
URIException (org.apache.commons.httpclient.URIException)5
RecordContext (org.parosproxy.paros.db.RecordContext)5
ExtensionUserManagement (org.zaproxy.zap.extension.users.ExtensionUserManagement)5
