public T Get <T>(string endPoint) { var responseString = ""; var request = (HttpWebRequest)WebRequest.Create(endPoint); request.Method = "GET"; request.ContentType = _contentType; request.Headers.Add(_httpHeaderModel.Name, _httpHeaderModel.Value); using (var response = (HttpWebResponse)request.GetResponse()) { using (var dataStream = response.GetResponseStream()) { using (var streamReader = new StreamReader(dataStream)) { responseString = streamReader.ReadToEnd(); streamReader.Close(); } } } return(_jsonConvertService.ToObject <T>(responseString)); }
public void GetVulnerability(int ossIndexId) { var ossIndex = _ossIndexRepository.Select(ossIndexId); var coordinates = ossIndex.Coordinates; var endPoint = $"https://ossindex.sonatype.org/api/v3/component-report/{coordinates}"; // TODO ~ read from config var request = _httpWebRequestFactory.Create(endPoint); request.Method = WebRequestMethods.Http.Get; request.ContentType = _contentType; try { using (var response = request.GetResponse()) { using (var streamReader = new StreamReader(response.GetResponseStream())) { var responseString = streamReader.ReadToEnd(); var componentReport = _jsonConvertService.ToObject <ComponentReportModel>(responseString); // TODO - consideration: // - perhaps update `dbo.oss_index` if the data has changed ossIndex.Description = componentReport.description; ossIndex.Reference = componentReport.reference; ossIndex.ExpireDate = DateTime.Now.AddMonths(1); ossIndex.HttpStatus = (int)HttpStatusCode.OK; _ossIndexRepository.Update(ossIndex); foreach (var vulnerability in componentReport.vulnerabilities) { // TODO // delete `[vulnuscloud].[dbo].[oss_index_vulnerabilities].[oss_index_id]` var ossIndexVulnerabilitiesModel = new OssIndexVulnerabilitiesModel() { Cve = vulnerability.cve, CvssScore = vulnerability.cvssScore, CvssVector = vulnerability.cvssVector, Description = vulnerability.description, InsertDate = DateTime.Now, OssId = vulnerability.id, OssIndexId = ossIndex.Id, Reference = vulnerability.reference, Title = vulnerability.title }; _ossIndexVulnerabilitiesRepository.Insert(ossIndexVulnerabilitiesModel); } } } } catch (WebException ex) { if (ex.Response is HttpWebResponse response) { if (response.StatusCode == HttpStatusCode.TooManyRequests) { ossIndex.HttpStatus = (int)HttpStatusCode.TooManyRequests; ossIndex.HttpStatusDate = DateTime.Now; _ossIndexRepository.Update(ossIndex); // TODO // Consider // 1. Throtteling at this point (this method is not async so the user wont know) // 2. Halt all API calls, defer them for later // 2 above would need an arcutectual change above // - a. the user's file content would be uploaded to `oss_index_queue` // - b. async process run to query for the data // - c. include this in the reports page so the user is aware the system is still `fetching data` } } } catch (Exception ex) { // TODO // 1. Consider that http_status would now be 0 for this record. // 2. logging } }