Package org.zaproxy.zap.extension.compare

Source Code of org.zaproxy.zap.extension.compare.ExtensionCompare

/*
* Zed Attack Proxy (ZAP) and its related class files.
*
* ZAP is an HTTP/HTTPS proxy for assessing web application security.
*
* Copyright 2010 psiinon@gmail.com
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*  
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.zaproxy.zap.extension.compare;

import java.awt.EventQueue;
import java.io.File;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.TreeSet;
import java.util.Vector;

import javax.swing.JFileChooser;
import javax.swing.JMenuItem;
import javax.swing.filechooser.FileFilter;

import org.apache.commons.httpclient.URI;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.db.Database;
import org.parosproxy.paros.db.RecordHistory;
import org.parosproxy.paros.db.TableHistory;
import org.parosproxy.paros.extension.ExtensionAdaptor;
import org.parosproxy.paros.extension.ExtensionHook;
import org.parosproxy.paros.extension.SessionChangedListener;
import org.parosproxy.paros.extension.report.ReportGenerator;
import org.parosproxy.paros.model.HistoryReference;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.model.Session;
import org.parosproxy.paros.model.SessionListener;
import org.parosproxy.paros.network.HttpMalformedHeaderException;
import org.parosproxy.paros.view.View;

/**
*
* To change the template for this generated type comment go to
* Window - Preferences - Java - Code Generation - Code and Comments
*/
public class ExtensionCompare extends ExtensionAdaptor implements SessionChangedListener, SessionListener {

  private static final String CRLF = "\r\n";
  private JMenuItem menuCompare = null;

    private static Log log = LogFactory.getLog(ExtensionCompare.class);

  /**
     *
     */
    public ExtensionCompare() {
        super();
     initialize();
    }

    /**
     * @param name
     */
    public ExtensionCompare(String name) {
        super(name);
    }

  /**
   * This method initializes this
   *
   * @return void
   */
  private void initialize() {
        this.setName("ExtensionCompare");
  }
 
  public void hook(ExtensionHook extensionHook) {
      super.hook(extensionHook);
      if (getView() != null) {
          extensionHook.getHookMenu().addReportMenuItem(getMenuCompare());
      }
  }
 

  public void sessionChanged(final Session session)  {
      if (EventQueue.isDispatchThread()) {
        sessionChangedEventHandler(session);

      } else {
         
          try {
              EventQueue.invokeAndWait(new Runnable() {
                  public void run() {
                  sessionChangedEventHandler(session);
                  }
              });
          } catch (Exception e) {
            log.warn(e.getMessage(), e);
          }
      }
  }
 
  private void sessionChangedEventHandler(Session session) {
  }
 
    private JMenuItem getMenuCompare() {
        if (menuCompare == null) {
          menuCompare = new JMenuItem();
          menuCompare.setText(Constant.messages.getString("cmp.file.menu.compare"));

          menuCompare.addActionListener(new java.awt.event.ActionListener() {
                public void actionPerformed(java.awt.event.ActionEvent e) {
                 
                  compareSessions();
                }
            });
        }
        return menuCompare;
    }
   
  private void buildHistoryMap (TableHistory th, Map<String, String> map)
        throws SQLException, HttpMalformedHeaderException {

    // Get the first session id
      RecordHistory rh = null;
      for (int i=0; i < 100; i++ ) {
        rh = th.read(i);
        if (rh != null) {
          break;
        }
      }
      if (rh == null) {
        return;
      }
        @SuppressWarnings("unchecked")
      Vector<Integer> hIds = th.getHistoryList(rh.getSessionId(), HistoryReference.TYPE_MANUAL);
      for (Integer hId : hIds) {
        RecordHistory recH = th.read(hId);
        URI uri = recH.getHttpMessage().getRequestHeader().getURI();
        String mapKey = recH.getHttpMessage().getRequestHeader().getMethod() +
          " " + uri.toString();
       
        // TODO Optionally strip off params?
        if (mapKey.indexOf("?") > -1) {
          mapKey = mapKey.substring(0, mapKey.indexOf("?"));
        }
       
        String val = map.get(mapKey);
        String code = recH.getHttpMessage().getResponseHeader().getStatusCode() + " ";
        if (val == null) {
          map.put(mapKey, code);
        } else if (val.indexOf(code) < 0){
          map.put(mapKey, val + code);
        }
      }
    }
   
    private void compareSessions () {
    JFileChooser chooser = new JFileChooser(Model.getSingleton().getOptionsParam().getUserDirectory());
    File file = null;
      chooser.setFileFilter(new FileFilter() {
             public boolean accept(File file) {
                  if (file.isDirectory()) {
                      return true;
                  } else if (file.isFile() && file.getName().endsWith(".session")) {
                      return true;
                  }
                  return false;
              }
             public String getDescription() {
                 return Constant.messages.getString("file.format.zap.session");
             }
      });
      int rc = chooser.showOpenDialog(View.getSingleton().getMainFrame());
      if(rc == JFileChooser.APPROVE_OPTION) {
      try {
          file = chooser.getSelectedFile();
          if (file == null) {
            return;
          }
          Model cmpModel = new Model();
          Session session = cmpModel.getSession();

            //log.info("opening session file " + file.getAbsolutePath());
            //WaitMessageDialog waitMessageDialog = View.getSingleton().getWaitMessageDialog("Loading session file.  Please wait ...");
          session.open(file, this);

        Database db = new Database();
        db.open(file.getAbsolutePath());
       
        Map <String, String> curMap = new HashMap<String,String>();
        Map <String, String> cmpMap = new HashMap<String,String>();
       
        // Load the 2 sessions into 2 maps
        this.buildHistoryMap(Database.getSingleton().getTableHistory(), curMap);
        this.buildHistoryMap(db.getTableHistory(), cmpMap);

          File outputFile = this.getOutputFile();

          if (outputFile != null) {
            // Write the result to the specified file
            try {
                TreeSet<String> sset = new TreeSet<String>();
                // Combine the keys for both maps
                sset.addAll(curMap.keySet());
                sset.addAll(cmpMap.keySet());
               
              StringBuffer sb = new StringBuffer(500);
              sb.append("<?xml version=\"1.0\"?>");
              sb.append(CRLF);
              sb.append("<report>");
              sb.append(CRLF);
              sb.append("<session-names>");
              sb.append(CRLF);
              sb.append("<session1>");
              sb.append(Model.getSingleton().getSession().getSessionName());
              sb.append("</session1>");
              sb.append(CRLF);
              sb.append("<session2>");
              sb.append(session.getSessionName());
              sb.append("</session2>");
              sb.append(CRLF);
              sb.append("</session-names>");
              sb.append(CRLF);


                Iterator<String> iter = sset.iterator();
                while (iter.hasNext()) {
                sb.append("<urlrow>")
                sb.append(CRLF);
                  String key = iter.next();
                  String method = key.substring(0, key.indexOf(" "));
                  String url = key.substring(key.indexOf(" ") + 1);

                sb.append("<method>");
                sb.append(method);
                sb.append("</method>");
                sb.append(CRLF);
               
                sb.append("<url>");
                sb.append(url);
                sb.append("</url>");
                sb.append(CRLF);
               
                sb.append("<code1>");
                if (curMap.containsKey(key)) {
                      sb.append(curMap.get(key));
                    } else {
                      sb.append("---");
                    }
                sb.append("</code1>");
                sb.append(CRLF);

                sb.append("<code2>");
                    if (cmpMap.containsKey(key)) {
                      sb.append(cmpMap.get(key));
                    } else {
                      sb.append("---");
                    }
                sb.append("</code2>");
                sb.append(CRLF);
 
                sb.append("</urlrow>")
                sb.append(CRLF);
                }

              sb.append("</report>")
              sb.append(CRLF);
             
                ReportGenerator.stringToHtml(sb.toString(),
                  "xml" + File.separator + "reportCompare.xsl",
                  outputFile.getAbsolutePath());
       
            } catch (Exception e1) {
                log.warn(e1.getMessage(), e1);
            }
          }
         
          //waitMessageDialog.setVisible(true);
      } catch (Exception e) {
        log.warn(e.getMessage(), e);
      }
      }
    }

    private File getOutputFile() {

      JFileChooser chooser = new JFileChooser(getModel().getOptionsParam().getUserDirectory());
      chooser.setFileFilter(new FileFilter() {
             public boolean accept(File file) {
                  if (file.isDirectory()) {
                      return true;
                  } else if (file.isFile() &&
                      file.getName().toLowerCase().endsWith(".htm")) {
                      return true;
                  } else if (file.isFile() &&
                      file.getName().toLowerCase().endsWith(".html")) {
                      return true;
                  }
                  return false;
              }
             public String getDescription() {
                 return Constant.messages.getString("file.format.html");
             }
      });
     
    File file = null;
      int rc = chooser.showSaveDialog(getView().getMainFrame());
      if(rc == JFileChooser.APPROVE_OPTION) {
        file = chooser.getSelectedFile();
        if (file == null) {
          return file;
        }
            getModel().getOptionsParam().setUserDirectory(chooser.getCurrentDirectory());
        String fileName = file.getAbsolutePath().toLowerCase();
        if (! fileName.endsWith(".htm") &&
            ! fileName.endsWith(".html")) {
            fileName += ".html";
            file = new File(fileName);
        }
        return file;
       
      }
      return file;
    }

  @Override
  public void sessionOpened(File file, Exception e) {
   
  }

  @Override
  public void sessionSaved(Exception e) {
   
  }
}
TOP

Related Classes of org.zaproxy.zap.extension.compare.ExtensionCompare

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.