// Example usage of CheckForTrace method private static bool DoesTraceExistForUrl(TeamServerClient client, string applicationId, string url) { string conditions = "request.uri=~" + url; var statusCode = client.CheckForTrace(applicationId, conditions); return(statusCode == System.Net.HttpStatusCode.OK); }
public void MarkTraceStatusByServer_VerifySuccess() { string json = @"{ ""success"": true, ""messages"": [ ""1 Vulnerability successfully marked as Reported"" ] }"; TraceMarkStatusRequest request = new TraceMarkStatusRequest(); request.Traces = new List <string> { "traceId" }; request.Note = "This is my note."; request.Status = ""; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.PutMessage("api/ng/orgId/servertraces/1/mark", JsonConvert.SerializeObject(request), null)).Returns( PostUtil.GetPostResponse(System.Net.HttpStatusCode.OK, json) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var response = teamServerClient.MarkTraceStatus("orgId", 1, request); Assert.IsTrue(response.Success); }
public void MarkTraceStatus_VerifyException() { string json = @"{ ""success"": false, ""messages"": [ ""Forbidden access?"" ] }"; TraceMarkStatusRequest request = new TraceMarkStatusRequest(); request.Traces = new List <string> { "traceId" }; request.Note = "This is my note."; request.Status = ""; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.PutMessage("api/ng/orgId/orgtraces/mark", JsonConvert.SerializeObject(request), null)).Returns( PostUtil.GetPostResponse(System.Net.HttpStatusCode.Forbidden, json) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); try { var response = teamServerClient.MarkTraceStatus("orgId", request); Assert.Fail(); } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(ForbiddenException)); } }
public void TagTraces_VerifySuccess() { string json = @"{ ""success"": true, ""messages"": [ ""Tag successful"" ] }"; TagsServersResource request = new TagsServersResource(); request.TracesId = new List <string> { "traceId1", "traceId2" }; request.Tags = new List <string> { "testTag", "anotherTag" }; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.PutMessage("api/ng/orgId/tags/traces", JsonConvert.SerializeObject(request), null)).Returns( PostUtil.GetPostResponse(System.Net.HttpStatusCode.OK, json) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var response = teamServerClient.TagTraces("orgId", request); Assert.IsTrue(response.Success); }
public void GetTagsByTraces_VerifyTags() { string json = @"{ ""success"": true, ""messages"": [ ""Unique tags for organization loaded successfully"" ], ""tags"": [ ""Infinite Scroll Test"", ""Different test too"" ], ""totalLibraryHashes"": 0 }"; TagsTraceRequest request = new TagsTraceRequest(); request.TracesId = new List <string> { "traceId1", "traceId2" }; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.PostMessage("api/ng/orgId/tags/traces/bulk", JsonConvert.SerializeObject(request), null)).Returns( PostUtil.GetPostResponse(System.Net.HttpStatusCode.OK, json) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var response = teamServerClient.GetTagsByTraces("orgId", request); Assert.AreEqual(2, response.Tags.Count); Assert.AreEqual("Infinite Scroll Test", response.Tags[0]); Assert.AreEqual("Different test too", response.Tags[1]); }
public void GetOrganizationInfo_VerifySuccess() { string json = @"{ ""success"": true, ""messages"": [ ""Organization Information loaded successfully"" ], ""organization"": { ""name"": ""Test organization"", ""timezone"": ""EST"", ""superadmin"": false, ""organization_uuid"": ""0c2a726b-af04-47b6-8be9-844058fbcdbd"", ""date_format"": ""MM/dd/yyyy"", ""time_format"": ""hh:mm a"", ""creation_time"": 1531430241000, ""protection_enabled"": true, ""auto_license_protection"": false, ""auto_license_assessment"": false, ""is_superadmin"": false, ""server_environments"": [] }, ""managed"": true }"; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/ng/orgId/organizations")).Returns( new MemoryStream(Encoding.UTF8.GetBytes(json)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var response = teamServerClient.GetOrganizationInfo("orgId"); Assert.IsTrue(response.Success); Assert.AreEqual(response.Organization.name, "Test organization"); }
public void GetTraceUniqueTags_VerifyTags() { string json = @"{ ""success"": true, ""messages"": [ ""Unique tags for organization loaded successfully"" ], ""tags"": [ ""Infinite Scroll Test"", ""Another test too"" ], ""totalLibraryHashes"": 0 }"; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/ng/orgId/tags/traces")).Returns( new MemoryStream(Encoding.UTF8.GetBytes(json)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var response = teamServerClient.GetTracesUniqueTags("orgId"); Assert.AreEqual(2, response.Tags.Count); Assert.AreEqual("Infinite Scroll Test", response.Tags[0]); Assert.AreEqual("Another test too", response.Tags[1]); }
static void Main(string[] args) { Console.WriteLine("SampleContrastClient Started. Reading configuration..."); string user = ConfigurationManager.AppSettings["TeamServerUserName"]; string serviceKey = ConfigurationManager.AppSettings["TeamServerServiceKey"]; string apiKey = ConfigurationManager.AppSettings["TeamServerApiKey"]; string url = ConfigurationManager.AppSettings["TeamServerUrl"]; using (TeamServerClient client = new TeamServerClient(user, serviceKey, apiKey, url)) { Console.WriteLine("Connecting to Contrast Team Server: '{0}' as user: '******'", url, user); var orgs = client.GetOrganizations(); Console.WriteLine("User is associated with {0} orgs. {1}", orgs.Count, (orgs.Count > 0 ? "First Organization: " + orgs[0].name : string.Empty)); if( orgs.Count > 0 ) { _organizationId = orgs[0].organization_uuid; } var defaultOrg = client.GetDefaultOrganization(); Console.WriteLine("User's default org is:{0}({1})", defaultOrg.name, defaultOrg.organization_uuid); var servers = client.GetServers(_organizationId); Console.WriteLine("Found {0} servers.", servers.Count); var apps = client.GetApplications(_organizationId); Console.WriteLine("Found {0} applications.", apps.Count); if (apps.Count > 0) { string appId = apps[0].AppID; string appName = apps[0].Name; Console.WriteLine("Retrieving traces for the first application: {0} ({1}", appName, appId); var traces = client.GetTraces(_organizationId, appId); Console.WriteLine("Found {0} traces for application.", traces.Count); if (traces.Count > 0) { WriteFirstTenTraces(traces); //foreach (Trace trace in traces) //{ // Console.WriteLine("Trace Exists:{0}", DoesTraceExistForUrl(client, appId, trace.Request.Uri)); //} } } // DownloadAgentToDesktop(client); } Console.WriteLine("SampleContrastClient Finished."); Console.ReadLine(); }
static void Main(string[] args) { Console.WriteLine("SampleContrastClient Started. Reading configuration..."); string user = ConfigurationManager.AppSettings["TeamServerUserName"]; string serviceKey = ConfigurationManager.AppSettings["TeamServerServiceKey"]; string apiKey = ConfigurationManager.AppSettings["TeamServerApiKey"]; string url = ConfigurationManager.AppSettings["TeamServerUrl"]; using (TeamServerClient client = new TeamServerClient(user, serviceKey, apiKey, url)) { Console.WriteLine("Connecting to Contrast Team Server: '{0}' as user: '******'", url, user); var orgs = client.GetOrganizations(); Console.WriteLine("User is associated with {0} orgs. {1}", orgs.Count, (orgs.Count > 0 ? "First Organization: " + orgs[0].name : string.Empty)); if (orgs.Count > 0) { _organizationId = orgs[0].organization_uuid; } var defaultOrg = client.GetDefaultOrganization(); Console.WriteLine("User's default org is:{0}({1})", defaultOrg.name, defaultOrg.organization_uuid); var servers = client.GetServers(_organizationId); Console.WriteLine("Found {0} servers.", servers.Count); var apps = client.GetApplications(_organizationId); Console.WriteLine("Found {0} applications.", apps.Count); if (apps.Count > 0) { string appId = apps[0].AppID; string appName = apps[0].Name; Console.WriteLine("Retrieving traces for the first application: {0} ({1}", appName, appId); var traces = client.GetTraces(_organizationId, appId); Console.WriteLine("Found {0} traces for application.", traces.Count); if (traces.Count > 0) { WriteFirstTenTraces(traces); //foreach (Trace trace in traces) //{ // Console.WriteLine("Trace Exists:{0}", DoesTraceExistForUrl(client, appId, trace.Request.Uri)); //} } } // DownloadAgentToDesktop(client); } Console.WriteLine("SampleContrastClient Finished."); Console.ReadLine(); }
public void GetTraces_Config_PropertiesMatchExpected() { string appId = "arbitraryId"; string configTraceJson = @"[{ ""uuid"" : ""DW0P-4SKO-JEAK-TDOO"", ""status"" : ""Reported"", ""platform"" : """", ""language"" : "".NET"", ""title"" : ""Application Displays Detailed Error Messages in \\web.config"", ""likelihood"" : ""High"", ""impact"" : ""Low"", ""confidence"" : ""High"", ""request"" : { ""port"" : 0, ""headers"" : [ ], ""parameters"" : [ ], ""links"" : [ ] }, ""events"" : [ ], ""links"" : [ { ""rel"" : ""self"", ""href"" : ""https://localhost/Contrast/api/traces/c744888c-96e2-4e1d-926d-c3d715cedeeb/DW0P-4SKO-JEAK-TDOO"" }, { ""rel"" : ""application"", ""href"" : ""https://localhost/Contrast/api/applications/c744888c-96e2-4e1d-926d-c3d715cedeeb"" } ], ""trace-id"" : 259676, ""total-traces-received"" : 1, ""last-time-seen"" : 1424268996169, ""first-time-seen"" : 1424268996169, ""sub-status"" : """", ""sub-title"" : ""in \\web.config"", ""reported-to-bug-tracker"" : false, ""rule-name"" : ""custom-errors-off"", ""severity"" : ""Medium"" }]"; DateTime expectedDate = new DateTime(1970, 1, 1).AddMilliseconds(1424268996169); var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/orgId/traces/" + appId)).Returns( new MemoryStream(Encoding.Unicode.GetBytes(configTraceJson)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var traces = teamServerClient.GetTraces("orgId", appId); Assert.AreEqual(1, traces.Count); Trace trace = traces[0]; Assert.AreEqual("259676", trace.TraceId); Assert.AreEqual("Application Displays Detailed Error Messages in \\web.config", trace.Title); Assert.AreEqual(0, trace.Request.Parameters.Count); Assert.AreEqual(expectedDate, trace.FirstTimeSeen); }
// Example usage of GetAgent method private static void DownloadAgentToDesktop(TeamServerClient client) { string filename = Environment.GetFolderPath(Environment.SpecialFolder.DesktopDirectory) + "\\dotnetagent.zip"; using (var agentStream = client.GetAgent(AgentType.DotNet, _organizationId)) { using (var fs = new System.IO.FileStream(filename, System.IO.FileMode.Create, System.IO.FileAccess.Write)) { agentStream.CopyTo(fs); } } }
public void GetApplications_PropertiesMatchExpected() { string json = @"[{ ""name"" : ""MyTestApp"", ""path"" : ""/MyTestApp"", ""language"" : "".NET"", ""license"" : ""Enterprise"", ""views"" : 0, ""links"" : [ { ""rel"" : ""self"", ""href"" : ""https://localhost/Contrast/api/applications/91ce4b14-353c-4e0e-8bab-663895cff574"" }, { ""rel"" : ""traces"", ""href"" : ""https://localhost/Contrast/api/traces/91ce4b14-353c-4e0e-8bab-663895cff574"" }, { ""rel"" : ""servers"", ""href"" : ""https://localhost/Contrast/api/applications/91ce4b14-353c-4e0e-8bab-663895cff574/servers"" }, { ""rel"" : ""sitemap-activity"", ""href"" : ""https://localhost/Contrast/api/applications/91ce4b14-353c-4e0e-8bab-663895cff574/sitemap/activity"" }, { ""rel"" : ""reset-application"", ""href"" : ""https://localhost/Contrast/api/applications/91ce4b14-353c-4e0e-8bab-663895cff574"" } ], ""app-id"" : ""91ce4b14-353c-4e0e-8bab-663895cff574"", ""application-code"" : null, ""group-name"" : null, ""platform-version"" : null, ""platform-vulnerabilities"" : [ ], ""last-seen"" : 1416352488000 }]"; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/orgId/applications/")).Returns( new MemoryStream(Encoding.Unicode.GetBytes(json)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var apps = teamServerClient.GetApplications("orgId"); Assert.AreEqual(1, apps.Count); ContrastApplication app = apps[0]; Assert.AreEqual("91ce4b14-353c-4e0e-8bab-663895cff574", app.AppID); Assert.AreEqual("MyTestApp", app.Name); }
public void GetLibraries_PropertiesMatchExpected() { string appId = "arbitraryId"; string libraryJson = "[ { \"libraryId\" : 127302, \"filename\" : \"log4net.dll\", \"sha1\" : \"08D926E9EFE56C69A370A30737E3346F86F7FB77\", \"url\" : \"file:/C:\\\\inetpub\\\\wwwroot\\\\MyTestApp\\\\bin\\\\log4net.dll\", \"version\" : \"1.2.13.0\", \"profiled\" : false, \"common\" : false, \"sponsored\" : false, \"links\" : [ { \"rel\" : \"self\", \"href\" : \"https://localhost/Contrast/api/applications/c744888c-96e2-4e1d-926d-c3d715cedeeb/libraries/127302\" }, { \"rel\" : \"cves\", \"href\" : \"https://localhost/Contrast/api/applications/c744888c-96e2-4e1d-926d-c3d715cedeeb/libraries/127302/cves\" }, { \"rel\" : \"servers\", \"href\" : \"https://localhost/Contrast/api/servers/libraries/127302\" } ], \"lines-of-code\" : 4515, \"internal-date\" : \"2013-11-17\", \"external-date\" : \"2014-11-04\", \"class-count\" : 289, \"used-class-count\" : 0, \"cve-count\" : 0} ]"; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/orgId/applications/arbitraryId/libraries")).Returns( new MemoryStream(Encoding.Unicode.GetBytes(libraryJson)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var libs = teamServerClient.GetLibraries("orgId", appId); Assert.AreEqual(1, libs.Count); Library lib = libs[0]; Assert.AreEqual("127302", lib.LibraryId); Assert.AreEqual("log4net.dll", lib.FileName); }
public void DeleteTags_VerifyBaseResponse() { string json = @"{ ""success"": true, ""messages"": [ ""Delete successful"" ], ""totalLibraryHashes"": 0 }"; TagRequest request = new TagRequest(); request.Tag = "none"; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.DeleteMessage("api/ng/orgId/tags/trace/traceId", JsonConvert.SerializeObject(request))).Returns( PostUtil.GetPostResponse(System.Net.HttpStatusCode.OK, json) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var response = teamServerClient.DeleteTraceTag("orgId", "traceId", "none"); Assert.IsTrue(response.Success); Assert.AreEqual(1, response.Messages.Count); }
public void GetLibraries_PropertiesMatchExpected() { string appId = "arbitraryId"; string libraryJson = "[ { \"libraryId\" : 127302, \"filename\" : \"log4net.dll\", \"sha1\" : \"08D926E9EFE56C69A370A30737E3346F86F7FB77\", \"url\" : \"file:/C:\\\\inetpub\\\\wwwroot\\\\MyTestApp\\\\bin\\\\log4net.dll\", \"version\" : \"1.2.13.0\", \"profiled\" : false, \"common\" : false, \"sponsored\" : false, \"links\" : [ { \"rel\" : \"self\", \"href\" : \"https://localhost/Contrast/api/applications/c744888c-96e2-4e1d-926d-c3d715cedeeb/libraries/127302\" }, { \"rel\" : \"cves\", \"href\" : \"https://localhost/Contrast/api/applications/c744888c-96e2-4e1d-926d-c3d715cedeeb/libraries/127302/cves\" }, { \"rel\" : \"servers\", \"href\" : \"https://localhost/Contrast/api/servers/libraries/127302\" } ], \"lines-of-code\" : 4515, \"internal-date\" : \"2013-11-17\", \"external-date\" : \"2014-11-04\", \"class-count\" : 289, \"used-class-count\" : 0, \"cve-count\" : 0} ]"; var mockSdkHttpClient = new Mock<IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/orgId/applications/arbitraryId/libraries")).Returns( new MemoryStream(Encoding.Unicode.GetBytes(libraryJson)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var libs = teamServerClient.GetLibraries("orgId", appId); Assert.AreEqual(1, libs.Count); Library lib = libs[0]; Assert.AreEqual("127302", lib.LibraryId); Assert.AreEqual("log4net.dll", lib.FileName); }
public void GetTraces_DataFlow_PropertiesMatchExpected() { string appId = "arbitraryId"; string dataFlowTraceJson = @"[{ ""uuid"" : ""S17L-WMVW-GYBY-Z00Z"", ""status"" : ""Reported"", ""platform"" : """", ""language"" : "".NET"", ""title"" : ""Cross-Site Scripting from \""input\"" Parameter on \""CharArrayVuln0.aspx\"" page"", ""likelihood"" : ""High"", ""impact"" : ""Medium"", ""confidence"" : ""High"", ""request"" : { ""protocol"" : ""http"", ""version"" : ""1.1"", ""uri"" : ""/MyTestApp/propagators/carray/CharArrayVuln0.aspx"", ""queryString"" : ""input=sourceTaintedData"", ""method"" : ""GET"", ""port"" : 80, ""headers"" : [ { ""name"" : ""Connection"", ""value"" : ""keep-alive"" }, { ""name"" : ""Accept"", ""value"" : ""text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"" }, { ""name"" : ""Accept-Encoding"", ""value"" : ""gzip, deflate"" }, { ""name"" : ""Accept-Language"", ""value"" : ""en-US,en;q=0.5"" }, { ""name"" : ""Cookie"", ""value"" : ""ASP.NET_SessionId=tlspmetl2k4155htm41jkkjn"" }, { ""name"" : ""Host"", ""value"" : ""localhost"" }, { ""name"" : ""Referer"", ""value"" : ""http://localhost/MyTestApp/default.aspx"" }, { ""name"" : ""User-Agent"", ""value"" : ""Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 Firefox/35.0"" } ], ""parameters"" : [ ], ""links"" : [ ] }, ""events"" : [ { ""eventId"" : 567243, ""type"" : ""Creation"", ""codeContext"" : null }, { ""eventId"" : 567244, ""type"" : ""O2R"", ""codeContext"" : null }, { ""eventId"" : 567245, ""type"" : ""P2R"", ""codeContext"" : null }, { ""eventId"" : 567246, ""type"" : ""Trigger"", ""codeContext"" : null } ], ""links"" : [ { ""rel"" : ""self"", ""href"" : ""https://localhost/Contrast/api/traces/c744888c-96e2-4e1d-926d-c3d715cedeeb/S17L-WMVW-GYBY-Z00Z"" }, { ""rel"" : ""application"", ""href"" : ""https://localhost/Contrast/api/applications/c744888c-96e2-4e1d-926d-c3d715cedeeb"" } ], ""trace-id"" : 259779, ""total-traces-received"" : 1, ""last-time-seen"" : 1424269052776, ""first-time-seen"" : 1424269052776, ""sub-status"" : """", ""sub-title"" : ""from \""input\"" Parameter on \""CharArrayVuln0.aspx\"" page"", ""reported-to-bug-tracker"" : false, ""rule-name"" : ""reflected-xss"", ""severity"" : ""High"" }]"; var mockSdkHttpClient = new Mock<IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/orgId/traces/" + appId)).Returns( new MemoryStream(Encoding.Unicode.GetBytes(dataFlowTraceJson)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var traces = teamServerClient.GetTraces("orgId", appId); Assert.AreEqual(1, traces.Count); Trace trace = traces[0]; Assert.AreEqual("259779", trace.TraceId); Assert.AreEqual("Cross-Site Scripting from \"input\" Parameter on \"CharArrayVuln0.aspx\" page", trace.Title); Assert.AreEqual(8, trace.Request.Headers.Count); Assert.AreEqual(2, trace.Links.Count); }
public void Constructor_InvalidUrl_ArgumentExceptionThrown() { var tsClient = new TeamServerClient("arbitraryUser", "arbitraryServiceKey", "arbitraryApiKey", "invalidUrlValue"); }
public void Constructor_ValidUrl_NoException() { var tsClient = new TeamServerClient("arbitraryUser", "arbitraryServiceKey", "arbitraryApiKey", "http://localhost/Contrast"); }
// Example usage of DoesTraceExist method private static bool DoesTraceExist(TeamServerClient client, string traceUuid, string organizationId) { var traces = client.GetTracesByUuid(organizationId, traceUuid)?.Traces; return(traces != null && traces.Count > 0); }
public void GetTraces_Config_PropertiesMatchExpected() { string appId = "arbitraryId"; string configTraceJson = @"[{ ""uuid"" : ""DW0P-4SKO-JEAK-TDOO"", ""status"" : ""Reported"", ""platform"" : """", ""language"" : "".NET"", ""title"" : ""Application Displays Detailed Error Messages in \\web.config"", ""likelihood"" : ""High"", ""impact"" : ""Low"", ""confidence"" : ""High"", ""request"" : { ""port"" : 0, ""headers"" : [ ], ""parameters"" : [ ], ""links"" : [ ] }, ""events"" : [ ], ""links"" : [ { ""rel"" : ""self"", ""href"" : ""https://localhost/Contrast/api/traces/c744888c-96e2-4e1d-926d-c3d715cedeeb/DW0P-4SKO-JEAK-TDOO"" }, { ""rel"" : ""application"", ""href"" : ""https://localhost/Contrast/api/applications/c744888c-96e2-4e1d-926d-c3d715cedeeb"" } ], ""trace-id"" : 259676, ""total-traces-received"" : 1, ""last-time-seen"" : 1424268996169, ""first-time-seen"" : 1424268996169, ""sub-status"" : """", ""sub-title"" : ""in \\web.config"", ""reported-to-bug-tracker"" : false, ""rule-name"" : ""custom-errors-off"", ""severity"" : ""Medium"" }]"; DateTime expectedDate = new DateTime(1970, 1, 1).AddMilliseconds(1424268996169); var mockSdkHttpClient = new Mock<IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/orgId/traces/" + appId)).Returns( new MemoryStream(Encoding.Unicode.GetBytes(configTraceJson)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var traces = teamServerClient.GetTraces("orgId", appId); Assert.AreEqual(1, traces.Count); Trace trace = traces[0]; Assert.AreEqual("259676", trace.TraceId); Assert.AreEqual("Application Displays Detailed Error Messages in \\web.config", trace.Title); Assert.AreEqual(0, trace.Request.Parameters.Count); Assert.AreEqual(expectedDate, trace.FirstTimeSeen); }
// Example usage of CheckForTrace method private static bool DoesTraceExistForUrl( TeamServerClient client, string applicationId, string url ) { string conditions = "request.uri=~" + url; var statusCode = client.CheckForTrace(applicationId, conditions); return (statusCode == System.Net.HttpStatusCode.OK); }
public void GetTraces_DataFlow_PropertiesMatchExpected() { string appId = "arbitraryId"; string dataFlowTraceJson = @"[{ ""uuid"" : ""S17L-WMVW-GYBY-Z00Z"", ""status"" : ""Reported"", ""platform"" : """", ""language"" : "".NET"", ""title"" : ""Cross-Site Scripting from \""input\"" Parameter on \""CharArrayVuln0.aspx\"" page"", ""likelihood"" : ""High"", ""impact"" : ""Medium"", ""confidence"" : ""High"", ""request"" : { ""protocol"" : ""http"", ""version"" : ""1.1"", ""uri"" : ""/MyTestApp/propagators/carray/CharArrayVuln0.aspx"", ""queryString"" : ""input=sourceTaintedData"", ""method"" : ""GET"", ""port"" : 80, ""headers"" : [ { ""name"" : ""Connection"", ""value"" : ""keep-alive"" }, { ""name"" : ""Accept"", ""value"" : ""text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"" }, { ""name"" : ""Accept-Encoding"", ""value"" : ""gzip, deflate"" }, { ""name"" : ""Accept-Language"", ""value"" : ""en-US,en;q=0.5"" }, { ""name"" : ""Cookie"", ""value"" : ""ASP.NET_SessionId=tlspmetl2k4155htm41jkkjn"" }, { ""name"" : ""Host"", ""value"" : ""localhost"" }, { ""name"" : ""Referer"", ""value"" : ""http://localhost/MyTestApp/default.aspx"" }, { ""name"" : ""User-Agent"", ""value"" : ""Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 Firefox/35.0"" } ], ""parameters"" : [ ], ""links"" : [ ] }, ""events"" : [ { ""eventId"" : 567243, ""type"" : ""Creation"", ""codeContext"" : null }, { ""eventId"" : 567244, ""type"" : ""O2R"", ""codeContext"" : null }, { ""eventId"" : 567245, ""type"" : ""P2R"", ""codeContext"" : null }, { ""eventId"" : 567246, ""type"" : ""Trigger"", ""codeContext"" : null } ], ""links"" : [ { ""rel"" : ""self"", ""href"" : ""https://localhost/Contrast/api/traces/c744888c-96e2-4e1d-926d-c3d715cedeeb/S17L-WMVW-GYBY-Z00Z"" }, { ""rel"" : ""application"", ""href"" : ""https://localhost/Contrast/api/applications/c744888c-96e2-4e1d-926d-c3d715cedeeb"" } ], ""trace-id"" : 259779, ""total-traces-received"" : 1, ""last-time-seen"" : 1424269052776, ""first-time-seen"" : 1424269052776, ""sub-status"" : """", ""sub-title"" : ""from \""input\"" Parameter on \""CharArrayVuln0.aspx\"" page"", ""reported-to-bug-tracker"" : false, ""rule-name"" : ""reflected-xss"", ""severity"" : ""High"" }]"; var mockSdkHttpClient = new Mock <IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/orgId/traces/" + appId)).Returns( new MemoryStream(Encoding.Unicode.GetBytes(dataFlowTraceJson)) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var traces = teamServerClient.GetTraces("orgId", appId); Assert.AreEqual(1, traces.Count); Trace trace = traces[0]; Assert.AreEqual("259779", trace.TraceId); Assert.AreEqual("Cross-Site Scripting from \"input\" Parameter on \"CharArrayVuln0.aspx\" page", trace.Title); Assert.AreEqual(8, trace.Request.Headers.Count); Assert.AreEqual(2, trace.Links.Count); }
public void GetApplications_PropertiesMatchExpected() { string json = @"[{ ""name"" : ""MyTestApp"", ""path"" : ""/MyTestApp"", ""language"" : "".NET"", ""license"" : ""Enterprise"", ""views"" : 0, ""links"" : [ { ""rel"" : ""self"", ""href"" : ""https://localhost/Contrast/api/applications/91ce4b14-353c-4e0e-8bab-663895cff574"" }, { ""rel"" : ""traces"", ""href"" : ""https://localhost/Contrast/api/traces/91ce4b14-353c-4e0e-8bab-663895cff574"" }, { ""rel"" : ""servers"", ""href"" : ""https://localhost/Contrast/api/applications/91ce4b14-353c-4e0e-8bab-663895cff574/servers"" }, { ""rel"" : ""sitemap-activity"", ""href"" : ""https://localhost/Contrast/api/applications/91ce4b14-353c-4e0e-8bab-663895cff574/sitemap/activity"" }, { ""rel"" : ""reset-application"", ""href"" : ""https://localhost/Contrast/api/applications/91ce4b14-353c-4e0e-8bab-663895cff574"" } ], ""app-id"" : ""91ce4b14-353c-4e0e-8bab-663895cff574"", ""application-code"" : null, ""group-name"" : null, ""platform-version"" : null, ""platform-vulnerabilities"" : [ ], ""last-seen"" : 1416352488000 }]"; var mockSdkHttpClient = new Mock<IContrastRestClient>(); mockSdkHttpClient.Setup(client => client.GetResponseStream("api/orgId/applications/")).Returns( new MemoryStream( Encoding.Unicode.GetBytes(json) ) ); var teamServerClient = new TeamServerClient(mockSdkHttpClient.Object); var apps = teamServerClient.GetApplications("orgId"); Assert.AreEqual(1, apps.Count); ContrastApplication app = apps[0]; Assert.AreEqual("91ce4b14-353c-4e0e-8bab-663895cff574", app.AppID); Assert.AreEqual("MyTestApp", app.Name); }