use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class HttpSessionsAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
if (log.isDebugEnabled()) {
log.debug("Request for handleApiView: " + name + " (params: " + params.toString() + ")");
}
HttpSessionsSite site;
switch(name) {
case VIEW_SITES:
// Get all sites with sessions
ApiResponseList responseSites = new ApiResponseList(name);
for (String s : extension.getSites()) {
responseSites.addItem(new ApiResponseElement("site", s));
}
return responseSites;
case VIEW_SESSIONS:
// Get existing sessions
site = extension.getHttpSessionsSite(ApiUtils.getAuthority(params.getString(ACTION_PARAM_SITE)), false);
if (site == null) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SITE);
}
ApiResponseList response = new ApiResponseList(name);
String vsName = getParam(params, VIEW_PARAM_SESSION, "");
// If a session name was not provided
if (vsName == null || vsName.isEmpty()) {
Set<HttpSession> sessions = site.getHttpSessions();
if (log.isDebugEnabled()) {
log.debug("API View for sessions for " + ApiUtils.getAuthority(params.getString(VIEW_PARAM_SITE)) + ": " + site);
}
// Build the response
for (HttpSession session : sessions) {
// Dont include 'null' sessions
if (session.getTokenValuesUnmodifiableMap().size() > 0) {
response.addItem(createSessionResponse(session));
}
}
} else // If a session name was provided
{
HttpSession session = site.getHttpSession(vsName);
if (session != null) {
response.addItem(createSessionResponse(session));
}
}
return response;
case VIEW_ACTIVE_SESSION:
// Get existing sessions
site = extension.getHttpSessionsSite(ApiUtils.getAuthority(params.getString(ACTION_PARAM_SITE)), false);
if (site == null) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SITE);
}
if (log.isDebugEnabled()) {
log.debug("API View for active session for " + ApiUtils.getAuthority(params.getString(VIEW_PARAM_SITE)) + ": " + site);
}
if (site.getActiveSession() != null) {
return new ApiResponseElement("active_session", site.getActiveSession().getName());
} else {
return new ApiResponseElement("active_session", "");
}
case VIEW_SESSION_TOKENS:
final String siteName = ApiUtils.getAuthority(params.getString(ACTION_PARAM_SITE));
// Check if the site exists
if (extension.getHttpSessionsSite(siteName, false) == null) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, ACTION_PARAM_SITE);
}
// Get session tokens
HttpSessionTokensSet sessionTokens = extension.getHttpSessionTokensSet(siteName);
ApiResponseList responseST = new ApiResponseList("session_tokens");
if (sessionTokens != null) {
Set<String> tokens = sessionTokens.getTokensSet();
// Build response list
if (tokens != null) {
for (String token : tokens) {
responseST.addItem(new ApiResponseElement("token", token));
}
}
}
return responseST;
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class ParamsAPI method createSiteParamStatsResponse.
private static ApiResponseList createSiteParamStatsResponse(SiteParameters siteParam) {
ApiResponseList stats = new ApiResponseList("Parameter");
for (HtmlParameterStats param : siteParam.getParams()) {
Map<String, String> map = new HashMap<>();
map.put("site", param.getSite());
map.put("name", param.getName());
map.put("type", param.getType().name());
map.put("timesUsed", String.valueOf(param.getTimesUsed()));
stats.addItem(new ApiResponseSet<String>("Stats", map));
ApiResponseList flags = new ApiResponseList("Flags");
for (String flag : param.getFlags()) {
flags.addItem(new ApiResponseElement("Flag", flag));
}
if (param.getFlags().size() > 0) {
stats.addItem(flags);
}
ApiResponseList vals = new ApiResponseList("Values");
for (String value : param.getValues()) {
vals.addItem(new ApiResponseElement("Value", value));
}
if (param.getValues().size() > 0) {
stats.addItem(vals);
}
}
return stats;
}
use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class ParamsAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
if (VIEW_PARAMS.equals(name)) {
ApiResponseList result = new ApiResponseList("Parameters");
if (params.containsKey(VIEW_PARAMS_PARAM_SITE)) {
String paramSite = params.getString(VIEW_PARAMS_PARAM_SITE);
if (!paramSite.isEmpty()) {
String site = ApiUtils.getAuthority(paramSite);
if (!extension.hasSite(site)) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, paramSite);
}
if (extension.hasParameters(site)) {
result.addItem(createSiteParamStatsResponse(extension.getSiteParameters(site)));
}
return result;
}
}
Collection<SiteParameters> siteParams = extension.getAllSiteParameters();
for (SiteParameters siteParam : siteParams) {
result.addItem(createSiteParamStatsResponse(siteParam));
}
return result;
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
}
use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class RuleConfigAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
ApiResponse result;
switch(name) {
case VIEW_RULE_CONFIG_VALUE:
RuleConfig rc = extension.getRuleConfig(params.getString(PARAM_KEY));
if (rc != null) {
result = new ApiResponseElement(name, rc.getValue());
} else {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST, PARAM_KEY);
}
break;
case VIEW_ALL_RULE_CONFIGS:
List<RuleConfig> allRules = extension.getAllRuleConfigs();
ApiResponseList resultList = new ApiResponseList(name);
for (RuleConfig rc2 : allRules) {
Map<String, String> map = new HashMap<>();
map.put("key", String.valueOf(rc2.getKey()));
map.put("defaultValue", rc2.getDefaultValue());
map.put("value", String.valueOf(rc2.getValue()));
if (Constant.messages.containsKey(rc2.getKey())) {
map.put("description", Constant.messages.getString(rc2.getKey()));
}
resultList.addItem(new ApiResponseSet<String>("ruleConfig", map));
}
result = resultList;
break;
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
return result;
}
use of org.zaproxy.zap.extension.api.ApiResponseList in project zaproxy by zaproxy.
the class PassiveScanAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
ApiResponse result;
switch(name) {
case VIEW_SCAN_ONLY_IN_SCOPE:
result = new ApiResponseElement(name, Boolean.toString(extension.getPassiveScanParam().isScanOnlyInScope()));
break;
case VIEW_RECORDS_TO_SCAN:
result = new ApiResponseElement(name, String.valueOf(extension.getRecordsToScan()));
break;
case VIEW_SCANNERS:
List<PluginPassiveScanner> scanners = extension.getPluginPassiveScanners();
ApiResponseList resultList = new ApiResponseList(name);
for (PluginPassiveScanner scanner : scanners) {
Map<String, String> map = new HashMap<>();
map.put("id", String.valueOf(scanner.getPluginId()));
map.put("name", scanner.getName());
map.put("enabled", String.valueOf(scanner.isEnabled()));
map.put("alertThreshold", scanner.getLevel(true).name());
map.put("quality", scanner.getStatus().toString());
resultList.addItem(new ApiResponseSet<String>("scanner", map));
}
result = resultList;
break;
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
return result;
}
Aggregations