Package com.denimgroup.threadfix.importer.impl.remoteprovider.utils

Examples of com.denimgroup.threadfix.importer.impl.remoteprovider.utils.HttpResponse


   
    username = remoteProviderApplication.getRemoteProviderType().getUsername();
    password = remoteProviderApplication.getRemoteProviderType().getPassword();
   
    // This block tries to get the latest build for the app and dies if it fails.
        HttpResponse response = utils.getUrl(GET_APP_BUILDS_URI, username, password);

        InputStream appBuildsInputStream;
        if (response.isValid()) {
        appBuildsInputStream = response.getInputStream();
        } else {
            LOG.error("Error encountered while getting application builds. Status was " + response.getStatus());
            return null;
        }

    String appName = remoteProviderApplication.getNativeName();
    VeracodeApplicationIdMapParser parser = new VeracodeApplicationIdMapParser();
   
    List<String> buildIds = null;

        assert appBuildsInputStream != null : "Failed to get app builds.";
    if (appBuildsInputStream != null) {
      parse(appBuildsInputStream, parser);
      buildIds = parser.map.get(appName);
    }
   
    if (buildIds == null || buildIds.size() == 0) {
      LOG.warn("No build IDs were parsed.");
      return null; // we failed.
    } else {
      LOG.warn("Retrieved build IDs " + buildIds + " for application " + appName);
    }
   
    List<Scan> scans = list();
   
    for (String buildId : buildIds) {
      if (buildId == null || buildId.trim().equals("")) {
        LOG.warn("Build ID was null or empty. This should never happen.");
        continue; // we failed.
            } else if (parser.dateMap.get(buildId) != null && parser.dateMap.get(buildId)
                    .before(remoteProviderApplication.getLastImportTime())) {
                log.info("Build ID " + buildId + " was scanned before the most recent scan in ThreadFix.");
                continue;
            } else if (parser.dateMap.get(buildId)== null) {
                log.info("Build ID " + buildId + " was null.");
                continue;
            }
       
      LOG.warn("Importing scan for build ID " + buildId + " and application " + appName);
 
      // This block tries to parse the scan corresponding to the build.
      response = utils.getUrl(GET_DETAILED_REPORT_URI + "?build_id=" + buildId, username, password);

            if (response.isValid()) {
                inputStream = response.getInputStream();
            } else {
        LOG.warn("Received a bad response (status code " + response.getStatus() +
                        ") from Veracode servers while attempting to parse a scan, skipping to next scan.");
        continue;
      }
     
      VeracodeSAXParser scanParser = new VeracodeSAXParser();
View Full Code Here


    LOG.info("Fetching Veracode applications.");
   
    password = remoteProviderType.getPassword();
    username = remoteProviderType.getUsername();
   
        HttpResponse response = utils.getUrl(GET_APP_BUILDS_URI,username,password);

    InputStream stream;
        if (response.isValid()) {
            stream = response.getInputStream();
        } else {
      LOG.warn("Got a bad response from Veracode. Check your username and password.");
      return null;
    }
   
View Full Code Here

  public List<Scan> getScans(RemoteProviderApplication remoteProviderApplication) {
    LOG.info("Retrieving a WhiteHat scan.");

    apiKey = remoteProviderApplication.getRemoteProviderType().getApiKey();

        HttpResponse response = utils.getUrl(SITES_URL + "?key=" + apiKey);

    InputStream labelSiteIdStream;
    if (response.isValid()) {
            labelSiteIdStream = response.getInputStream();
        } else {
      LOG.warn("Received a " + response.getStatus() + " status code from WhiteHat servers while trying " +
                    "to get scans for " + remoteProviderApplication.getNativeName() + ", returning null.");
      return null;
    }
   
    String appName = remoteProviderApplication.getNativeName();
   
    WhiteHatSitesParser parser = new WhiteHatSitesParser();
   
    parse(labelSiteIdStream, parser);
   
    String siteId = parser.map.get(appName);
    if (siteId == null) {
      LOG.warn("No build ID was parsed.");
      return null; // we failed.
    } else {
      LOG.info("Retrieved build ID " + siteId + " for application " + appName);
    }
   
    String url = VULNS_URL + "?key=" + apiKey + EXTRA_PARAMS + siteId;
   
    LOG.info("Requesting site ID " + siteId);

        response = utils.getUrl(url);
        if (response.isValid()) {
            inputStream = response.getInputStream();
        } else {
      LOG.warn("Received a bad response from WhiteHat servers, returning null.");
      return null;
    }
View Full Code Here

   
    apiKey = remoteProviderType.getApiKey();
   
    WhiteHatSitesParser parser = new WhiteHatSitesParser();

        HttpResponse response = utils.getUrl(SITES_URL + "?key=" + apiKey);

        if (response.isValid()) {
        parse(response.getInputStream(), parser);
        } else {
            LOG.error("Unable to retrieve applications due to " + response.getStatus() +
                    " response status from WhiteHat servers.");
            return null;
        }

    return parser.getApplications();
View Full Code Here

    }
   
    List<Scan> scanList = list();

    for (String scanId : scanIds) {
            HttpResponse response = utils.getUrl(
                    getScanUrl(remoteProviderApplication.getRemoteProviderType()) + scanId, username, password);
     
      if (response.isValid()) {
                inputStream = response.getInputStream();
            } else {
        LOG.warn("Got a " + response.getStatus() + " response code when requesting scan with ID " + scanId +
                        ". Trying the next scan.");
        continue;
      }
 
      QualysWASSAXParser scanParser = new QualysWASSAXParser();
      Scan resultScan = parseSAXInput(scanParser);

            Set<String> qidSet = set();

            for (Finding finding : resultScan) {
                qidSet.add(finding.getChannelVulnerability().getCode());
            }

            String qids = CollectionUtils.join(",", qidSet);

            String[] parameters = {
                    QualysScanDetailParam.ACTION.getParam(),
                    QualysScanDetailParam.IDS.getParam(),
                    QualysScanDetailParam.DETAILS.getParam()
            };

            String[] values = {"list", qids, "All"};
            String[] headerNames = {"X-Requested-With", "Content-Type"};
            String[] headerVals = {"Curl", "application/x-www-form-urlencoded"};

            response = utils.postUrl(getScanDetailsUrl(remoteProviderApplication.getRemoteProviderType()), parameters, values, username, password, headerNames, headerVals);
            if (response.isValid()) {
                inputStream = response.getInputStream();

                parseQualysSAXInput();

                LOG.info("Retrieved additional scanner details for QID: " + qids);
            } else {
                LOG.warn("Unable to retrieve scan details for the application " + remoteProviderApplication.getNativeName() + ". Got response code " + response.getStatus());
            }

            LOG.info("The Qualys scan import for scan ID " + scanId + " was successful.");

            resultScan.setApplicationChannel(remoteProviderApplication.getApplicationChannel());
View Full Code Here

    password = remoteProviderType.getPassword();
    username = remoteProviderType.getUsername();

    // POST with no parameters
    // TODO include filters
    HttpResponse connection = utils.postUrl(getAppsUrl(remoteProviderType), new String[]{}, new String[]{}, username, password);

    InputStream stream;
        if (connection.isValid()) {
            stream = connection.getInputStream();
        } else {
            LOG.warn("Failed to retrieve the applications. Check your credentials. status code was " +
                    connection.getStatus());
            return null;
        }

    QualysAppsParser parser = new QualysAppsParser();
   
View Full Code Here

      return null;
    }

    // POST with no parameters
    // TODO include filters
    HttpResponse response = utils.postUrl(getScansForAppUrl(app.getRemoteProviderType()),new String[]{},new String[]{}, username, password);
        InputStream stream;
    if (response.isValid()) {
            stream = response.getInputStream();
        } else {
            LOG.warn("Unable to retrieve scans for the application " + app.getNativeName() + ". Got response code " + response.getStatus());
            return null;
        }

    QualysScansForAppParser parser = new QualysScansForAppParser();
    parse(stream, parser);
View Full Code Here

TOP

Related Classes of com.denimgroup.threadfix.importer.impl.remoteprovider.utils.HttpResponse

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.