public int getScanProgress(int id)
{
ApiResponseList response = (ApiResponseList)clientApi.ascan.scans();
ApiResponseSet scanResponse = (ApiResponseSet)response.List.First(s => ((ApiResponseSet)s).Dictionary["id"].Equals(id.ToString()));
return(Int32.Parse(scanResponse.Dictionary["progress"]));
}
public Script(ApiResponseSet apiResponseSet)
{
Name = apiResponseSet.Dictionary["name"];
Type = apiResponseSet.Dictionary["type"];
Engine = apiResponseSet.Dictionary["engine"];
Error = Boolean.Parse(apiResponseSet.Dictionary["error"]);
Description = apiResponseSet.Dictionary["description"];
}
public User(ApiResponseSet apiResponseSet)
{
Id = apiResponseSet.Dictionary["id"];
Enabled = Boolean.Parse(apiResponseSet.Dictionary["enabled"]);
ContextId = apiResponseSet.Dictionary["contextId"];
Name = apiResponseSet.Dictionary["name"];
Credentials = JsonConvert.DeserializeObject <Dictionary <string, string> >(apiResponseSet.Dictionary["credentials"]);
}
public void CheckAlerts()
{
ApiResponseSet alertSummary = (ApiResponseSet)zap.core.alertsSummary(TargetUrl);
alertSummary.Dictionary.TryGetValue("High", out var high);
alertSummary.Dictionary.TryGetValue("Medium", out var medium);
Convert.ToInt32(high).Should().Be(0);
Convert.ToInt32(medium).Should().Be(0);
}
private static void CheckForHighOrMediumAlerts()
{
ApiResponseSet alertSummary = (ApiResponseSet)zapClient.core.alertsSummary(TargetUrl);
alertSummary.Dictionary.TryGetValue("High", out var high);
alertSummary.Dictionary.TryGetValue("Medium", out var medium);
if (Convert.ToInt32(high) > 0 || Convert.ToInt32(medium) > 0)
{
throw new TestException("High or Medium alert has been found");
}
}
/**
* Returns authentication method info for a given context.
*
* @param contextId Id of a context.
* @return Authentication method name for the given context id.
* @throws ProxyException
*/
public Dictionary <String, String> getAuthenticationMethodInfo(String contextId)
{
Dictionary <String, String> authenticationMethodDetails = new Dictionary <String, String>();
IApiResponse apiResponse = apiResponse = clientApi.authentication.getAuthenticationMethod(contextId);
if (apiResponse is ApiResponseElement)
{
authenticationMethodDetails
.Add("methodName", ((ApiResponseElement)apiResponse).Value);
}
else if (apiResponse is ApiResponseSet)
{
ApiResponseSet apiResponseSet = (ApiResponseSet)apiResponse;
String authenticationMethod = apiResponseSet.Dictionary["methodName"];
authenticationMethodDetails.Add("methodName", authenticationMethod);
if (authenticationMethod
.Equals(AuthenticationMethod.FORM_BASED_AUTHENTICATION.getValue()))
{
List <Dictionary <string, string> > configParameters = getAuthMethodConfigParameters(
AuthenticationMethod.FORM_BASED_AUTHENTICATION.getValue());
foreach (Dictionary <string, string> configParameter in configParameters)
{
authenticationMethodDetails.Add(configParameter["name"],
apiResponseSet.Dictionary[configParameter["name"]]);
}
}
else if (authenticationMethod
.Equals(AuthenticationMethod.HTTP_AUTHENTICATION.getValue()))
{
// Cannot dynamically populate the values for httpAuthentication, as one of the parameters in getAuthMethodConfigParameters (hostname) is different to what is returned here (host).
authenticationMethodDetails.Add("host", apiResponseSet.Dictionary["host"]);
authenticationMethodDetails.Add("realm", apiResponseSet.Dictionary["realm"]);
authenticationMethodDetails.Add("port", apiResponseSet.Dictionary["port"]);
}
else if (authenticationMethod
.Equals(AuthenticationMethod.SCRIPT_BASED_AUTHENTICATION.getValue()))
{
authenticationMethodDetails
.Add("scriptName", apiResponseSet.Dictionary["scriptName"]);
authenticationMethodDetails.Add("LoginURL", apiResponseSet.Dictionary["LoginURL"]);
authenticationMethodDetails.Add("Method", apiResponseSet.Dictionary["Method"]);
authenticationMethodDetails.Add("Domain", apiResponseSet.Dictionary["Domain"]);
authenticationMethodDetails.Add("Path", apiResponseSet.Dictionary["Path"]);
}
}
return(authenticationMethodDetails);
}
public Context(ApiResponseSet response)
{
Id = response.Dictionary["id"];
Name = response.Dictionary["name"];
Description = response.Dictionary["description"];
LoggedInPattern = response.Dictionary["loggedInPattern"];
LoggedOutPattern = response.Dictionary["loggedOutPattern"];
string includedRegexsNode = response.Dictionary["includeRegexs"];
if (includedRegexsNode.Length > 2)
{
IncludedRegexs = (includedRegexsNode.Substring(1, includedRegexsNode.Length - 1).Split(", ".ToCharArray())).ToList();
}
string excludedRegexsNode = response.Dictionary["excludeRegexs"];
if (excludedRegexsNode.Length > 2)
{
ExcludedRegexs = (excludedRegexsNode.Substring(1, excludedRegexsNode.Length - 1).Split(", ".ToCharArray())).ToList();
}
AuthType = response.Dictionary["authType"];
AuthenticationDetectionMethodId = Int32.Parse(response.Dictionary["authenticationDetectionMethodId"]);
}
/**
* Returns the authentication credentials as a map with key value pairs for a given context id and user id.
*
* @param contextId Id of a context.
* @param userId Id of a user.
* @return Authentication credentials.
* @throws ProxyException
*/
public Dictionary <String, String> getAuthenticationCredentials(String contextId, String userId)
{
Dictionary <String, String> credentials = new Dictionary <String, String>();
ApiResponseSet apiResponseSet = (ApiResponseSet)clientApi.users
.getAuthenticationCredentials(contextId, userId);
String type = apiResponseSet.Dictionary["type"];
credentials.Add("type", type);
if (type.Equals("UsernamePasswordAuthenticationCredentials"))
{
credentials.Add("username", apiResponseSet.Dictionary["username"]);
credentials.Add("password", apiResponseSet.Dictionary["password"]);
}
else if (type.Equals("ManualAuthenticationCredentials"))
{
credentials.Add("sessionName", apiResponseSet.Dictionary["sessionName"]);
}
else if (type.Equals("GenericAuthenticationCredentials"))
{
if (apiResponseSet.Dictionary.ContainsKey("username"))
{
credentials.Add("username", apiResponseSet.Dictionary["username"]);
}
if (apiResponseSet.Dictionary.ContainsKey("password"))
{
credentials.Add("password", apiResponseSet.Dictionary["password"]);
}
if (apiResponseSet.Dictionary.ContainsKey("Username"))
{
credentials.Add("Username", apiResponseSet.Dictionary["Username"]);
}
if (apiResponseSet.Dictionary.ContainsKey("Password"))
{
credentials.Add("Password", apiResponseSet.Dictionary["Password"]);
}
}
return(credentials);
}
public ScanInfo(ApiResponseSet response)
{
Id = Int32.Parse(response.Dictionary["id"]);
Progress = Int32.Parse(response.Dictionary["progress"]);
ScanState = ParseState(response.Dictionary["state"]);
}