public static ProjectScanStatuses EditRemark(long resultId, long pathId, string remark)
{
LoginData loginData = LoginHelper.LoadSaved();
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
LoginResult loginResult = new LoginResult();
bool cancelPressed = false;
if (oidcLoginData.AccessToken == null)
{
//Execute login
loginResult = LoginHelper.DoLoginWithoutForm(out cancelPressed, false);
if (!loginResult.IsSuccesfull)
{
loginResult = LoginHelper.DoLogin(out cancelPressed);
}
if (loginResult.IsSuccesfull)
{
return(EditRemark(loginResult, resultId, pathId, remark));
}
else if (!cancelPressed)
{
TopMostMessageBox.Show("Unable to connect to server or user creadentials are invalid. Please verify data", "Log in problem");
return(ProjectScanStatuses.Error);
}
}
else
{
loginResult.AuthenticationData = loginData;
loginResult.IsSuccesfull = true;
}
return(ProjectScanStatuses.CanceledByUser);
}
/// <summary>
/// Logout from service
/// </summary>
internal static void DoLogout()
{
Logger.Create().Debug("Logging out, clear authentication data");
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
oidcLoginData.AccessToken = null;
oidcLoginData.RefreshToken = null;
oidcLoginData.AccessTokenExpiration = -1;
_isLogged = false;
}
private OidcLoginData ParseOidcInfo(HttpWebResponse webResponse)
{
AccessTokenDTO jsonResponse = ParseAccessTokenJsonFromResponse(webResponse);
long accessTokenExpirationInMillis = GetAccessTokenExpirationInMillis(jsonResponse.ExpiresIn);
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
oidcLoginData.AccessToken = jsonResponse.AccessToken;
oidcLoginData.RefreshToken = jsonResponse.RefreshToken;
oidcLoginData.AccessTokenExpiration = accessTokenExpirationInMillis;
return(oidcLoginData);
}
internal void getAccessTokenFromRefreshToken(string refreshToken)
{
OidcLoginData oidcLoginData = null;
Uri uri = GetTokenEndpointUri();
string messageBody = GetAccessTokenFromRefreshTokenMessageBody(refreshToken);
byte[] messageBodyAsByteArray = GetRefTokenMessageBodyEncoded(refreshToken);
HttpWebRequest webRequest = CreateWebRequest(uri, messageBody, messageBodyAsByteArray, null);
HttpWebResponse webResponse = HandleWebResponse(webRequest, "CxRESTApiLogin->getAccessTokenFromRefreshToken->Rest API, status message: ", "Session expired. Please login.");
oidcLoginData = ParseOidcInfo(webResponse);
}
public string Login(string code)
{
Uri uri = GetTokenEndpointUri();
string messageBody = GetLoginMesageBody(code);
byte[] messageBodyAsByteArray = GetMesageBodyEncoded(code);
HttpWebRequest webRequest = CreateWebRequest(uri, messageBody, messageBodyAsByteArray, null);
HttpWebResponse webResponse = HandleWebResponse(webRequest, "CxRESTApiLogin->Login->Rest API, status message: ", "Login Failed");
OidcLoginData oidcLoginData = ParseOidcInfo(webResponse);
return(oidcLoginData.AccessToken);
}
/// <summary>
/// Bind object data to form controls
/// </summary>
private void BindDataToView()
{
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
currentLogin = LoginHelper.Load(0);
txtServer.Text = currentLogin.ServerDomain;
if (oidcLoginData.AccessToken == null)
{
loginBtn.Enabled = true;
logoutBtn.Enabled = false;
}
else {
loginBtn.Enabled = false;
logoutBtn.Enabled = true;
}
}
public static LoginResult LoginToServer()
{
LoginData loginData = LoginHelper.LoadSaved();
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
LoginResult loginResult = new LoginResult();
bool cancelPressed = false;
if (oidcLoginData.AccessToken == null)
{
try
{
loginResult = LoginHelper.DoLoginWithoutForm(out cancelPressed, false);
if (!loginResult.IsSuccesfull)
{
loginResult = LoginHelper.DoLogin(out cancelPressed);
}
}
catch (Exception e)
{
Logger.Create().Error(e.ToString());
MessageBox.Show(e.Message, "Error", MessageBoxButtons.OK);
return(null);
}
}
else
{
loginResult.AuthenticationData = loginData;
loginResult.IsSuccesfull = true;
}
if (cancelPressed)
{
return(null);
}
if (!loginResult.IsSuccesfull)
{
if (!OIDCLoginHelper.errorWasShown)
{
OIDCLoginHelper.errorWasShown = false;
showErrorMessage("Unable to connect to the server. Please verify data");
return(null);
}
return(LoginToServer());
}
return(loginResult);
}
private HttpWebRequest GetWebRequest(Uri uri)
{
HttpWebRequest webRequest = new CxRESTApiWebRequestCore().Create(uri, "GET");
webRequest.Accept = requestContentType;
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
if (CxVSWebServiceWrapper.IsTokenExpired(oidcLoginData))
{
//get the login data again with the new access token
oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
}
;
webRequest.Headers.Clear();
webRequest.Headers.Add(Constants.AUTHORIZATION_HEADER, Constants.BEARER + oidcLoginData.AccessToken);
return(webRequest);
}
public static bool IsTokenExpired(OidcLoginData oidcLoginData)
{
bool isExpired = false;
if (oidcLoginData.AccessToken != null)
{
long currentTimeInMilli = DateTime.Now.Ticks;
isExpired = DateTime.Compare(new DateTime(currentTimeInMilli), DateTimeOffset.FromUnixTimeMilliseconds(oidcLoginData.AccessTokenExpiration).UtcDateTime) > 0 ? false : true;
if (isExpired)
{
LoginData loginData = LoginHelper.LoadSaved();
CxRESTApi cxRestApi = new CxRESTApi(loginData);
cxRestApi.getAccessTokenFromRefreshToken(oidcLoginData.RefreshToken);
}
}
return(isExpired);
}
static ProjectScanStatuses LoginAndBindSelectedProject(Entities.Project project)
{
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
LoginData loginData = LoginHelper.LoadSaved();
LoginResult loginResult = new LoginResult();
bool cancelPressed = false;
if (oidcLoginData.AccessToken == null)
{
//Execute login
loginResult = LoginHelper.DoLoginWithoutForm(out cancelPressed, false);
if (!loginResult.IsSuccesfull)
{
loginResult = LoginHelper.DoLogin(out cancelPressed);
}
}
else
{
loginResult.AuthenticationData = loginData;
loginResult.IsSuccesfull = true;
}
if (loginResult.IsSuccesfull)
{
_canceled = false;
BindSelectedProject(loginResult, project);
if (!_canceled)
{
return(ProjectScanStatuses.Success);
}
else
{
return(ProjectScanStatuses.CanceledByUser);
}
}
else if (!cancelPressed)
{
TopMostMessageBox.Show("Unable to connect to server.", "Log in problem");
return(ProjectScanStatuses.Error);
}
return(ProjectScanStatuses.CanceledByUser);
}
protected override WebRequest GetWebRequest(Uri uri)
{
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
if (IsTokenExpired(oidcLoginData))
{
//get the login data again with the new access token
oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
}
WebRequest request = base.GetWebRequest(uri);
request.Headers.Clear();
request.Headers.Add(Constants.AUTHORIZATION_HEADER, Constants.BEARER + oidcLoginData.AccessToken);
if (DisableConnectionOptimizations)
{
((HttpWebRequest)request).ServicePoint.UseNagleAlgorithm = false;
((HttpWebRequest)request).ServicePoint.Expect100Continue = false;
((HttpWebRequest)request).KeepAlive = false;
((HttpWebRequest)request).ServicePoint.ConnectionLimit = 10;
}
return(request);
}
private static LoginResult getLoginResult()
{
LoginData loginData = LoginHelper.LoadSaved();
LoginResult loginResult = new LoginResult();
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
bool cancelPressed;
if (oidcLoginData.AccessToken == null)
{
loginResult = LoginHelper.DoLoginWithoutForm(out cancelPressed, false);
if (!loginResult.IsSuccesfull)
{
loginResult = LoginHelper.DoLogin(out cancelPressed);
}
}
else
{
loginResult.AuthenticationData = loginData;
loginResult.IsSuccesfull = true;
}
return(loginResult);
}
/// <summary>
/// Execute scan
/// </summary>
/// <param name="project">Upload project folder</param>
/// <param name="isIncremental"></param>
/// <param name="scanData"></param>
/// <param name="scanId"></param>
/// <returns></returns>
public ProjectScanStatuses DoScan(Project project, bool isIncremental, ref CxWSQueryVulnerabilityData[] scanData, ref long scanId)
{
if (_scan != null && _scan.InProcess)
{
return(ProjectScanStatuses.CanceledByUser);
}
LoginResult loginResult = new LoginResult();
try
{
//Release old view data
CommonActionsInstance.getInstance().ClearScanProgressView();
LoginData logindata = LoginHelper.LoadSaved();
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
//Execute login
if (oidcLoginData.AccessToken == null)
{
loginResult = Login();
if (loginResult == null || loginResult.AuthenticationData == null)
{
LoginHelper.ShowLoginErrorMessage(loginResult);
return(ProjectScanStatuses.Error);
}
}
else
{
loginResult.AuthenticationData = logindata;
loginResult.IsSuccesfull = true;
}
if (_cancelPressed)
{
return(ProjectScanStatuses.CanceledByUser);
}
if (loginResult.IsSuccesfull)
{
_scan = new Scan(loginResult, onScanInBackground, onCancel, onDetails)
{
InProcess = true,
DockView = CommonActionsInstance.getInstance().ScanProgressView,
ScanProject = project,
IsIncremental = isIncremental
};
//Execute setting upload project properties
_uploadSettings = GetUploadSettings(project, loginResult);
if (_uploadSettings == null || _cancelPressed)
{
return(ProjectScanStatuses.CanceledByUser);
}
if (_uploadSettings.IsUploading)
{
_scan.UploadSettings = _uploadSettings;
return(ExecuteScan(project, ref scanData, ref scanId));
}
}
else if (!_cancelPressed)
{
TopMostMessageBox.Show("Unable to connect to server or user creadentials are invalid. Please verify data", "Log in problem");
return(ProjectScanStatuses.Error);
}
}
finally
{
if (_scan != null)
{
_scan.InProcess = false;
}
}
return(ProjectScanStatuses.CanceledByUser);
}
public void NavigateToQueryDescription(object sender, EventArgs e)
{
try
{
QueryDescriptionEventArg nodeData = (QueryDescriptionEventArg)e;
CxRESTApiPortalConfiguration rESTApiPortalConfiguration = new CxRESTApiPortalConfiguration();
rESTApiPortalConfiguration.InitPortalBaseUrl();
string urlToDescription = new QueryDescriptionUrlBuilder().Build(nodeData.QueryId, nodeData.QueryName, nodeData.QueryVersionCode);
WebBrowser webBrowser = new WebBrowser();
webBrowser.Navigate(urlToDescription, "Query Description", null, "Authorization: Bearer " + OidcLoginData.GetOidcLoginDataInstance().AccessToken);
}
catch (Exception ex)
{
Logger.Create().Error(ex.ToString());
TopMostMessageBox.Show(ex.Message);
}
}
