use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class StatsAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
ApiResponse result = null;
InMemoryStats memStats = extension.getInMemoryStats();
if (memStats == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
}
if (VIEW_STATS.equals(name)) {
Map<String, String> map = new TreeMap<>();
for (Entry<String, Long> stat : memStats.getStats(this.getParam(params, PARAM_KEY_PREFIX, "")).entrySet()) {
map.put(stat.getKey(), stat.getValue().toString());
}
result = new ApiResponseSet<String>(name, map);
} else if (VIEW_ALL_SITES_STATS.equals(name)) {
result = new ApiResponseList(name);
for (Entry<String, Map<String, Long>> stats : memStats.getAllSiteStats(this.getParam(params, PARAM_KEY_PREFIX, "")).entrySet()) {
((ApiResponseList) result).addItem(new SiteStatsApiResponse(stats.getKey(), stats.getValue()));
}
} else if (VIEW_SITE_STATS.equals(name)) {
String site = params.getString(PARAM_SITE);
URI siteURI;
try {
siteURI = new URI(site, true);
site = SessionStructure.getHostName(siteURI);
} catch (Exception e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_SITE);
}
String scheme = siteURI.getScheme();
if (scheme == null || (!scheme.equalsIgnoreCase("http") && !scheme.equalsIgnoreCase("https"))) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_SITE);
}
result = new SiteStatsApiResponse(site, memStats.getSiteStats(site, this.getParam(params, PARAM_KEY_PREFIX, "")));
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
return result;
}
use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class ScriptAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
if (VIEW_SCRIPTS.equals(name)) {
ApiResponseList result = new ApiResponseList(name);
for (ScriptType type : extension.getScriptTypes()) {
for (ScriptWrapper script : extension.getScripts(type)) {
Map<String, String> map = new HashMap<>();
map.put("name", script.getName());
map.put("type", script.getTypeName());
map.put("engine", script.getEngineName());
map.put("description", script.getDescription());
map.put("error", Boolean.toString(script.isError()));
if (script.isError()) {
map.put("lastError", script.getLastErrorDetails());
}
if (type.isEnableable()) {
map.put("enabled", Boolean.toString(script.isEnabled()));
}
result.addItem(new ApiResponseSet<String>("Script", map));
}
}
return result;
} else if (VIEW_ENGINES.equals(name)) {
ApiResponseList result = new ApiResponseList(name);
for (String engine : extension.getScriptingEngines()) {
result.addItem(new ApiResponseElement("engine", engine));
}
return result;
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class UsersAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
log.debug("handleApiView " + name + " " + params.toString());
switch(name) {
case VIEW_USERS_LIST:
ApiResponseList usersListResponse = new ApiResponseList(name);
// Get the users
List<User> users;
if (hasContextId(params))
users = extension.getContextUserAuthManager(getContextId(params)).getUsers();
else {
users = new ArrayList<>();
for (Context c : Model.getSingleton().getSession().getContexts()) users.addAll(extension.getContextUserAuthManager(c.getIndex()).getUsers());
}
// Prepare the response
for (User user : users) usersListResponse.addItem(buildResponseFromUser(user));
return usersListResponse;
case VIEW_GET_USER_BY_ID:
return buildResponseFromUser(getUser(params));
case VIEW_GET_AUTH_CREDENTIALS:
return getUser(params).getAuthenticationCredentials().getApiResponseRepresentation();
case VIEW_GET_AUTH_CREDENTIALS_CONFIG_PARAMETERS:
AuthenticationMethodType type = ApiUtils.getContextByParamId(params, PARAM_CONTEXT_ID).getAuthenticationMethod().getType();
ApiDynamicActionImplementor a = loadedAuthenticationMethodActions.get(type.getUniqueIdentifier());
return a.buildParamsDescription();
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class HttpSessionsAPI method createSessionResponse.
private ApiResponseList createSessionResponse(HttpSession session) {
ApiResponseList sessionResult = new ApiResponseList("session");
sessionResult.addItem(new ApiResponseElement("name", session.getName()));
sessionResult.addItem(new TokenValuesResponseSet(session.getTokenValuesUnmodifiableMap()));
sessionResult.addItem(new ApiResponseElement("messages_matched", Integer.toString(session.getMessagesMatched())));
return sessionResult;
}
use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class SearchAPI method handleApiView.
@Override
public ApiResponse handleApiView(final String name, JSONObject params) throws ApiException {
final ApiResponseList result = new ApiResponseList(name);
ExtensionSearch.Type searchType;
SearchViewResponseType responseType;
switch(name) {
case VIEW_URLS_BY_URL_REGEX:
searchType = ExtensionSearch.Type.URL;
responseType = SearchViewResponseType.URL;
break;
case VIEW_MESSAGES_BY_URL_REGEX:
searchType = ExtensionSearch.Type.URL;
responseType = SearchViewResponseType.MESSAGE;
break;
case VIEW_URLS_BY_REQUEST_REGEX:
searchType = ExtensionSearch.Type.Request;
responseType = SearchViewResponseType.URL;
break;
case VIEW_MESSAGES_BY_REQUEST_REGEX:
searchType = ExtensionSearch.Type.Request;
responseType = SearchViewResponseType.MESSAGE;
break;
case VIEW_URLS_BY_RESPONSE_REGEX:
searchType = ExtensionSearch.Type.Response;
responseType = SearchViewResponseType.URL;
break;
case VIEW_MESSAGES_BY_RESPONSE_REGEX:
searchType = ExtensionSearch.Type.Response;
responseType = SearchViewResponseType.MESSAGE;
break;
case VIEW_URLS_BY_HEADER_REGEX:
searchType = ExtensionSearch.Type.Header;
responseType = SearchViewResponseType.URL;
break;
case VIEW_MESSAGES_BY_HEADER_REGEX:
searchType = ExtensionSearch.Type.Header;
responseType = SearchViewResponseType.MESSAGE;
break;
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
validateRegex(params);
try {
SearchResultsProcessor processor;
if (SearchViewResponseType.MESSAGE == responseType) {
processor = new SearchResultsProcessor() {
@Override
public void processRecordHistory(RecordHistory recordHistory) {
result.addItem(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
}
};
} else {
processor = new SearchResultsProcessor() {
@Override
public void processRecordHistory(RecordHistory recordHistory) {
final HttpMessage msg = recordHistory.getHttpMessage();
Map<String, String> map = new HashMap<>();
map.put("id", String.valueOf(recordHistory.getHistoryId()));
map.put("type", String.valueOf(recordHistory.getHistoryType()));
map.put("method", msg.getRequestHeader().getMethod());
map.put("url", msg.getRequestHeader().getURI().toString());
map.put("code", String.valueOf(msg.getResponseHeader().getStatusCode()));
map.put("time", String.valueOf(msg.getTimeElapsedMillis()));
result.addItem(new ApiResponseSet<String>(name, map));
}
};
}
search(params, searchType, processor);
} catch (Exception e) {
log.error(e.getMessage(), e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
return result;
}
Aggregations