Examples with ScriptWrapper org.zaproxy.zap.extension.script.ScriptWrapper used on opensource projects

Example 21 with ScriptWrapper

use of org.zaproxy.zap.extension.script.ScriptWrapper in project zaproxy by zaproxy.

the class ScriptsActiveScannerUnitTest method shouldScanParamsWithActiveScript.

@Test
@SuppressWarnings("unchecked")
void shouldScanParamsWithActiveScript() throws Exception {
    // Given
    ActiveScript script1 = mock(ActiveScript.class);
    ScriptWrapper scriptWrapper1 = createScriptWrapper(script1, ActiveScript.class);
    ActiveScript script2 = mock(ActiveScript.class);
    ScriptWrapper scriptWrapper2 = createScriptWrapper(script2, ActiveScript.class);
    given(extensionScript.getScripts(SCRIPT_TYPE)).willReturn(asList(scriptWrapper1, scriptWrapper2));
    ScriptsCache<ActiveScript> scriptsCache = createScriptsCache(createCachedScript(script1, scriptWrapper1), createCachedScript(script2, scriptWrapper2));
    given(extensionScript.<ActiveScript>createScriptsCache(any())).willReturn(scriptsCache);
    given(parent.getScannerParam()).willReturn(mock(ScannerParam.class));
    String name1 = "Name1";
    String value1 = "Value1";
    NameValuePair param1 = param(name1, value1);
    String name2 = "Name2";
    String value2 = "Value2";
    NameValuePair param2 = param(name2, value2);
    Variant variant = mock(Variant.class);
    given(variant.getParamList()).willReturn(asList(param1, param2));
    VariantFactory variantFactory = mock(VariantFactory.class);
    given(variantFactory.createVariants(any(), any())).willReturn(asList(variant));
    given(model.getVariantFactory()).willReturn(variantFactory);
    ScriptsActiveScanner scriptsActiveScanner = new ScriptsActiveScanner();
    scriptsActiveScanner.init(message, parent);
    // When
    scriptsActiveScanner.scan();
    // Then
    verify(scriptsCache, times(2)).refresh();
    verify(scriptsCache, times(2)).getCachedScripts();
    verify(script1, times(1)).scan(scriptsActiveScanner, message, name1, value1);
    verify(script1, times(1)).scan(scriptsActiveScanner, message, name2, value2);
    verify(script2, times(1)).scan(scriptsActiveScanner, message, name1, value1);
    verify(script2, times(1)).scan(scriptsActiveScanner, message, name2, value2);
}

Example 22 with ScriptWrapper

use of org.zaproxy.zap.extension.script.ScriptWrapper in project zaproxy by zaproxy.

the class VariantCustomUnitTest method shouldCallScriptForGetTreePath.

@Test
void shouldCallScriptForGetTreePath() throws Exception {
    // Given
    ScriptWrapper scriptWrapper = mock(ScriptWrapper.class);
    given(scriptWrapper.isEnabled()).willReturn(true);
    String expectedPath = "newpath";
    List<String> list = new ArrayList<>();
    list.add(expectedPath);
    ExtensionScript extScript = mock(ExtensionScript.class);
    VariantScript variantScript = mock(VariantScript.class);
    given(extScript.getInterface(scriptWrapper, VariantScript.class)).willReturn(variantScript);
    VariantCustom variantCustom = new VariantCustom(scriptWrapper, extScript);
    HttpMessage msg = mock(HttpMessage.class);
    given(variantScript.getTreePath(variantCustom, msg)).willReturn(list);
    // When
    List<String> path = variantCustom.getTreePath(msg);
    // Then
    assertThat(path.size(), is(equalTo(1)));
    assertThat(path.get(0), is(equalTo(expectedPath)));
}

Example 23 with ScriptWrapper

use of org.zaproxy.zap.extension.script.ScriptWrapper in project zaproxy by zaproxy.

the class VariantCustomUnitTest method shouldReturnNullTreePathWithDisabledScript.

@Test
void shouldReturnNullTreePathWithDisabledScript() throws Exception {
    // Given
    ScriptWrapper scriptWrapper = mock(ScriptWrapper.class);
    given(scriptWrapper.isEnabled()).willReturn(false);
    List<String> list = new ArrayList<>();
    ExtensionScript extScript = mock(ExtensionScript.class);
    VariantScript variantScript = mock(VariantScript.class);
    given(extScript.getInterface(scriptWrapper, VariantScript.class)).willReturn(variantScript);
    VariantCustom variantCustom = new VariantCustom(scriptWrapper, extScript);
    HttpMessage msg = mock(HttpMessage.class);
    given(variantScript.getTreePath(variantCustom, msg)).willReturn(list);
    // When
    List<String> path = variantCustom.getTreePath(msg);
    // Then
    assertThat(path, is(equalTo(null)));
}

Example 24 with ScriptWrapper

use of org.zaproxy.zap.extension.script.ScriptWrapper in project zaproxy by zaproxy.

the class VariantCustomUnitTest method shouldReturnNullLeafNameWithScriptException.

@Test
void shouldReturnNullLeafNameWithScriptException() throws Exception {
    // Given
    ScriptWrapper scriptWrapper = mock(ScriptWrapper.class);
    String nodeName = "name";
    ExtensionScript extScript = mock(ExtensionScript.class);
    VariantScript variantScript = mock(VariantScript.class);
    given(extScript.getInterface(scriptWrapper, VariantScript.class)).willReturn(variantScript);
    VariantCustom variantCustom = new VariantCustom(scriptWrapper, extScript);
    HttpMessage msg = mock(HttpMessage.class);
    given(variantScript.getLeafName(variantCustom, nodeName, msg)).willThrow(RuntimeException.class);
    // When
    String name = variantCustom.getLeafName(nodeName, msg);
    // Then
    assertThat(name, is(equalTo(null)));
}

Example 25 with ScriptWrapper

use of org.zaproxy.zap.extension.script.ScriptWrapper in project zaproxy by zaproxy.

the class ScriptBasedAuthenticationMethodType method loadMethod.

public void loadMethod(ScriptBasedAuthenticationMethod method, List<String> scripts, List<String> paramValuesS) {
    // Load the script and make sure it still exists and still follows the required interface
    String scriptName = "";
    if (scripts != null && scripts.size() > 0) {
        scriptName = scripts.get(0);
        ScriptWrapper script = getScriptsExtension().getScript(scriptName);
        if (script == null) {
            log.error("Unable to find script while loading Script Based Authentication Method for name: " + scriptName);
            if (View.isInitialised()) {
                View.getSingleton().showMessageDialog(Constant.messages.getString("authentication.method.script.load.errorScriptNotFound", scriptName));
            }
            return;
        }
        log.info("Loaded script:" + script.getName());
        method.script = script;
        // Check script interface and make sure we load the credentials parameter names
        AuthenticationScript s = getScriptInterfaceV2(script);
        if (s == null) {
            s = getScriptInterface(script);
        }
        if (s == null) {
            log.error("Unable to load Script Based Authentication method. The script " + scriptName + " does not properly implement the Authentication Script interface.");
            return;
        }
        try {
            if (s instanceof AuthenticationScriptV2) {
                AuthenticationScriptV2 sV2 = (AuthenticationScriptV2) s;
                method.setLoggedInIndicatorPattern(sV2.getLoggedInIndicator());
                method.setLoggedOutIndicatorPattern(sV2.getLoggedOutIndicator());
            }
            method.credentialsParamNames = s.getCredentialsParamsNames();
        } catch (Exception e) {
            getScriptsExtension().handleScriptException(script, e);
        }
    }
    // Load the parameter values
    Map<String, String> paramValues = null;
    if (paramValuesS != null && paramValuesS.size() > 0) {
        paramValues = EncodingUtils.stringToMap(paramValuesS.get(0));
        method.paramValues = paramValues;
    } else {
        method.paramValues = new HashMap<>();
        log.error("Unable to load script parameter values loading Script Based Authentication Method for name: " + scriptName);
    }
}