Examples with ApiResponseSet org.zaproxy.zap.extension.api.ApiResponseSet used on opensource projects

Search in sources :

Example 1 with ApiResponseSet

use of org.zaproxy.zap.extension.api.ApiResponseSet in project zaproxy by zaproxy.

the class SpiderAPI method handleApiView.

@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
    ApiResponse result;
    if (VIEW_STATUS.equals(name)) {
        SpiderScan scan = (SpiderScan) this.getSpiderScan(params);
        int progress = 0;
        if (scan != null) {
            if (scan.isStopped()) {
                progress = 100;
            } else {
                progress = scan.getProgress();
            }
        }
        result = new ApiResponseElement(name, Integer.toString(progress));
    } else if (VIEW_RESULTS.equals(name)) {
        result = new ApiResponseList(name);
        SpiderScan scan = (SpiderScan) this.getSpiderScan(params);
        if (scan != null) {
            synchronized (scan.getResults()) {
                for (String s : scan.getResults()) {
                    ((ApiResponseList) result).addItem(new ApiResponseElement("url", s));
                }
            }
        }
    } else if (VIEW_FULL_RESULTS.equals(name)) {
        ApiResponseList resultUrls = new ApiResponseList(name);
        SpiderScan scan = (SpiderScan) this.getSpiderScan(params);
        ApiResponseList resultList = new ApiResponseList("urlsInScope");
        synchronized (scan.getResourcesFound()) {
            for (SpiderResource sr : scan.getResourcesFound()) {
                Map<String, String> map = new HashMap<>();
                map.put("messageId", Integer.toString(sr.getHistoryId()));
                map.put("method", sr.getMethod());
                map.put("url", sr.getUri());
                map.put("statusCode", Integer.toString(sr.getStatusCode()));
                map.put("statusReason", sr.getStatusReason());
                resultList.addItem(new ApiResponseSet<String>("resource", map));
            }
        }
        resultUrls.addItem(resultList);
        resultList = new ApiResponseList("urlsOutOfScope");
        synchronized (scan.getResultsOutOfScope()) {
            for (String url : scan.getResultsOutOfScope()) {
                resultList.addItem(new ApiResponseElement("url", url));
            }
        }
        resultUrls.addItem(resultList);
        result = resultUrls;
    } else if (VIEW_EXCLUDED_FROM_SCAN.equals(name)) {
        result = new ApiResponseList(name);
        Session session = Model.getSingleton().getSession();
        List<String> regexs = session.getExcludeFromSpiderRegexs();
        for (String regex : regexs) {
            ((ApiResponseList) result).addItem(new ApiResponseElement("regex", regex));
        }
    } else if (VIEW_SCANS.equals(name)) {
        ApiResponseList resultList = new ApiResponseList(name);
        for (GenericScanner2 scan : extension.getAllScans()) {
            SpiderScan spiderScan = (SpiderScan) scan;
            Map<String, String> map = new HashMap<>();
            map.put("id", Integer.toString(spiderScan.getScanId()));
            map.put("progress", Integer.toString(spiderScan.getProgress()));
            map.put("state", spiderScan.getState());
            resultList.addItem(new ApiResponseSet<String>("scan", map));
        }
        result = resultList;
    } else if (VIEW_ALL_URLS.equals(name)) {
        ApiResponseList resultUrls = new ApiResponseList(name);
        Set<String> urlSet = new HashSet<String>();
        TableHistory tableHistory = extension.getModel().getDb().getTableHistory();
        List<Integer> ids = Collections.emptyList();
        try {
            ids = tableHistory.getHistoryIdsOfHistType(extension.getModel().getSession().getSessionId(), HistoryReference.TYPE_SPIDER, HistoryReference.TYPE_SPIDER_TASK);
        } catch (DatabaseException e) {
            throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
        }
        String url;
        for (Integer id : ids) {
            try {
                RecordHistory rh = tableHistory.read(id.intValue());
                if (rh != null) {
                    url = rh.getHttpMessage().getRequestHeader().getURI().toString();
                    if (urlSet.add(url)) {
                        resultUrls.addItem(new ApiResponseElement("url", url));
                    }
                }
            } catch (HttpMalformedHeaderException | DatabaseException e) {
                throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
            }
        }
        result = resultUrls;
    } else if (VIEW_DOMAINS_ALWAYS_IN_SCOPE.equals(name) || VIEW_OPTION_DOMAINS_ALWAYS_IN_SCOPE.equals(name)) {
        result = domainMatchersToApiResponseList(name, extension.getSpiderParam().getDomainsAlwaysInScope(), false);
    } else if (VIEW_OPTION_DOMAINS_ALWAYS_IN_SCOPE_ENABLED.equals(name)) {
        result = domainMatchersToApiResponseList(name, extension.getSpiderParam().getDomainsAlwaysInScope(), true);
    } else {
        throw new ApiException(ApiException.Type.BAD_VIEW);
    }
    return result;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) ApiResponseSet(org.zaproxy.zap.extension.api.ApiResponseSet) HashMap(java.util.HashMap) ApiResponse(org.zaproxy.zap.extension.api.ApiResponse) ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement) ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) GenericScanner2(org.zaproxy.zap.model.GenericScanner2) ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) ArrayList(java.util.ArrayList) List(java.util.List) TableHistory(org.parosproxy.paros.db.TableHistory) DatabaseException(org.parosproxy.paros.db.DatabaseException) RecordHistory(org.parosproxy.paros.db.RecordHistory) Session(org.parosproxy.paros.model.Session) ApiException(org.zaproxy.zap.extension.api.ApiException)

Example 2 with ApiResponseSet

use of org.zaproxy.zap.extension.api.ApiResponseSet in project zaproxy by zaproxy.

the class SearchAPI method handleApiView.

@Override
public ApiResponse handleApiView(final String name, JSONObject params) throws ApiException {
    final ApiResponseList result = new ApiResponseList(name);
    ExtensionSearch.Type searchType;
    SearchViewResponseType responseType;
    switch(name) {
        case VIEW_URLS_BY_URL_REGEX:
            searchType = ExtensionSearch.Type.URL;
            responseType = SearchViewResponseType.URL;
            break;
        case VIEW_MESSAGES_BY_URL_REGEX:
            searchType = ExtensionSearch.Type.URL;
            responseType = SearchViewResponseType.MESSAGE;
            break;
        case VIEW_URLS_BY_REQUEST_REGEX:
            searchType = ExtensionSearch.Type.Request;
            responseType = SearchViewResponseType.URL;
            break;
        case VIEW_MESSAGES_BY_REQUEST_REGEX:
            searchType = ExtensionSearch.Type.Request;
            responseType = SearchViewResponseType.MESSAGE;
            break;
        case VIEW_URLS_BY_RESPONSE_REGEX:
            searchType = ExtensionSearch.Type.Response;
            responseType = SearchViewResponseType.URL;
            break;
        case VIEW_MESSAGES_BY_RESPONSE_REGEX:
            searchType = ExtensionSearch.Type.Response;
            responseType = SearchViewResponseType.MESSAGE;
            break;
        case VIEW_URLS_BY_HEADER_REGEX:
            searchType = ExtensionSearch.Type.Header;
            responseType = SearchViewResponseType.URL;
            break;
        case VIEW_MESSAGES_BY_HEADER_REGEX:
            searchType = ExtensionSearch.Type.Header;
            responseType = SearchViewResponseType.MESSAGE;
            break;
        default:
            throw new ApiException(ApiException.Type.BAD_VIEW);
    }
    validateRegex(params);
    try {
        SearchResultsProcessor processor;
        if (SearchViewResponseType.MESSAGE == responseType) {
            processor = new SearchResultsProcessor() {

                @Override
                public void processRecordHistory(RecordHistory recordHistory) {
                    result.addItem(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
                }
            };
        } else {
            processor = new SearchResultsProcessor() {

                @Override
                public void processRecordHistory(RecordHistory recordHistory) {
                    final HttpMessage msg = recordHistory.getHttpMessage();
                    Map<String, String> map = new HashMap<>();
                    map.put("id", String.valueOf(recordHistory.getHistoryId()));
                    map.put("type", String.valueOf(recordHistory.getHistoryType()));
                    map.put("method", msg.getRequestHeader().getMethod());
                    map.put("url", msg.getRequestHeader().getURI().toString());
                    map.put("code", String.valueOf(msg.getResponseHeader().getStatusCode()));
                    map.put("time", String.valueOf(msg.getTimeElapsedMillis()));
                    result.addItem(new ApiResponseSet<String>(name, map));
                }
            };
        }
        search(params, searchType, processor);
    } catch (Exception e) {
        log.error(e.getMessage(), e);
        throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
    }
    return result;
}
Also used : HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) PatternSyntaxException(java.util.regex.PatternSyntaxException) ApiException(org.zaproxy.zap.extension.api.ApiException) DatabaseException(org.parosproxy.paros.db.DatabaseException) ApiResponseSet(org.zaproxy.zap.extension.api.ApiResponseSet) ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) HttpMessage(org.parosproxy.paros.network.HttpMessage) RecordHistory(org.parosproxy.paros.db.RecordHistory) HashMap(java.util.HashMap) Map(java.util.Map) ApiException(org.zaproxy.zap.extension.api.ApiException)

Aggregations

HashMap (java.util.HashMap)2 DatabaseException (org.parosproxy.paros.db.DatabaseException)2 RecordHistory (org.parosproxy.paros.db.RecordHistory)2 ApiException (org.zaproxy.zap.extension.api.ApiException)2 ApiResponseList (org.zaproxy.zap.extension.api.ApiResponseList)2 ApiResponseSet (org.zaproxy.zap.extension.api.ApiResponseSet)2 ArrayList (java.util.ArrayList)1 HashSet (java.util.HashSet)1 List (java.util.List)1 Map (java.util.Map)1 Set (java.util.Set)1 PatternSyntaxException (java.util.regex.PatternSyntaxException)1 TableHistory (org.parosproxy.paros.db.TableHistory)1 Session (org.parosproxy.paros.model.Session)1 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)1 HttpMessage (org.parosproxy.paros.network.HttpMessage)1 ApiResponse (org.zaproxy.zap.extension.api.ApiResponse)1 ApiResponseElement (org.zaproxy.zap.extension.api.ApiResponseElement)1 GenericScanner2 (org.zaproxy.zap.model.GenericScanner2)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial