fix: add api_version with token

CodeThreat · Dec 19, 2024 · 334ac34 · 334ac34 · github-actions · Dec 19, 2024
1 parent bb4c2d4
commit 334ac34
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 5 deletions.
diff --git a/index.js b/index.js
@@ -13,7 +13,8 @@ const {
   start,
   status,
   result,
-  saveSarif
+  saveSarif,
+  getOrg
 } = require("./utils");
 
 let token = process.env.ACCESS_TOKEN;
@@ -71,6 +72,7 @@ console.log("------------------------------")
 const loginIn = async () => {
   if (token && (!username || !password)) {
     authToken = token;
+    await getOrg(ctServer, authToken, orgname)
   } else if (username && password) {
     authToken = await login(ctServer, username, password);
   } else {

diff --git a/utils.js b/utils.js
@@ -73,14 +73,43 @@ const login = async (ctServer, username, password) => {
       client_secret: password,
     });
   } catch (error) {
-    throw new Error(error.response.data.message);
+    if (error.response && error.response.data) {
+      throw new Error(JSON.stringify(error.response.data));
+    } else {
+      throw new Error(error);
+    }
   }
   console.log("[CodeThreat]: Login successful");
-  if (responseToken.headers["x-api-version"])
+  if (responseToken.headers["x-api-version"]) {
     apiVersion = responseToken.headers["x-api-version"];
+    console.log(`[CodeThreat]: Api Version: ${apiVersion}`);
+  }
+
   return responseToken.data.access_token;
 };
 
+const getOrg = async (ctServer, token, orgname) => {
+  let response;
+  try {
+    response = await axios.get(`${ctServer}/api/organization?key=${orgname}`, {
+      headers: {
+        Authorization: token,
+        "x-ct-organization": orgname,
+      },
+    });
+  } catch (error) {
+    if (error.response && error.response.data) {
+      throw new Error(JSON.stringify(error.response.data));
+    } else {
+      throw new Error(error);
+    }
+  }
+  if (response.headers["x-api-version"]) {
+    apiVersion = response.headers["x-api-version"];
+    console.log(`[CodeThreat]: Api Version: ${apiVersion}`);
+  }
+};
+
 const check = async (ctServer, repoName, authToken, orgname) => {
   let checkProject;
   const compareVersion = compareVersions("1.7.8", apiVersion);
@@ -135,7 +164,11 @@ const create = async (
       }
     );
   } catch (error) {
-    throw new Error(error.response.data.message);
+    if (error.response && error.response.data) {
+      throw new Error(JSON.stringify(error.response.data));
+    } else {
+      throw new Error(error);
+    }
   }
   console.log("Project Created.");
   return createProject;
@@ -213,7 +246,11 @@ const status = async (ctServer, sid, authToken, orgname) => {
       },
     });
   } catch (error) {
-    throw new Error(error.response.data.message);
+    if (error.response && error.response.data) {
+      throw new Error(JSON.stringify(error.response.data));
+    } else {
+      throw new Error(error);
+    }
   }
   severityLevels.forEach((level) => {
     severities[level] = scanProcess.data.sast_severities?.[level] || 0;
@@ -304,4 +341,5 @@ module.exports = {
   status,
   result,
   saveSarif,
+  getOrg
 };
Weakness Name	Severity	Count
Insecure Random Number Generator	High	3
Unsafe Dynamic Method Call	Critical	29
Prevent Prototype Pollution	Critical	8
Shell Execution Risks	High	1