Skip to content

Commit

Permalink
only run SCA scan if user has entitlement and get correct public key
Browse files Browse the repository at this point in the history
  • Loading branch information
@mattmurp
mattmurp committed Aug 2, 2024
1 parent 9751ac4 commit 869c966
Show file tree
Hide file tree
Showing 6 changed files with 140 additions and 100 deletions.
130 changes: 67 additions & 63 deletions src/main/java/com/hcl/appscan/sdk/CoreConstants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,14 @@ public interface CoreConstants {

String DEFAULT_SERVER = "https://cloud.appscan.com"; //$NON-NLS-1$

//Technologies
String DYNAMIC_TECH = "DynamicAnalyzer"; //$NON-NLS-1$
String SCA_TECH = "ScaAnalyzer"; //$NON-NLS-1$
String STATIC_TECH = "StaticAnalyzer"; //$NON-NLS-1$

String APP_ID = "AppId"; //$NON-NLS-1$
String EMAIL_NOTIFICATION = "EnableMailNotification"; //$NON-NLS-1$
String PERSONAL_SCAN = "Personal"; //$NON-NLS-1$
String PERSONAL_SCAN = "Personal"; //$NON-NLS-1$
String FILE_ID = "FileId"; //$NON-NLS-1$
String FILE_TO_UPLOAD = "fileToUpload"; //$NON-NLS-1$
String UPLOADED_FILE = "uploadedFile"; //$NON-NLS-1$
Expand All @@ -27,18 +32,18 @@ public interface CoreConstants {
String SCANNER_TYPE = "type"; //$NON-NLS-1$
String STATUS = "Status"; //$NON-NLS-1$
String TARGET = "target"; //$NON-NLS-1$
String OPEN_SOURCE_ONLY = "openSourceOnly"; //$NON-NLS-1$
String INCLUDE_SCA = "includeSCA"; //$NON-NLS-1$
String OPEN_SOURCE_ONLY = "openSourceOnly"; //$NON-NLS-1$
String INCLUDE_SCA = "includeSCA"; //$NON-NLS-1$
String VERSION_NUMBER = "VersionNumber"; //$NON-NLS-1$
String USER_MESSAGE = "UserMessage"; //$NON-NLS-1$
String IS_VALID = "IsValid"; //$NON-NLS-1$
String SOURCE_CODE_ONLY = "sourceCodeOnly"; //$NON-NLS-1$
String SOFTWARE_COMPOSITION_ANALYZER = "Software Composition Analyzer"; //$NON-NLS-1$
String SCA = "Sca"; //$NON-NLS-1$
String SOURCE_CODE_ONLY = "sourceCodeOnly"; //$NON-NLS-1$
String SOFTWARE_COMPOSITION_ANALYZER= "Software Composition Analyzer"; //$NON-NLS-1$
String SCA = "Sca"; //$NON-NLS-1$

String CREATE_IRX = "createIRX"; //$NON-NLS-1$
String UPLOAD_DIRECT = "uploadDirect"; //$NON-NLS-1$
String BINDING_ID = "Bindingid"; //$NON-NLS-1$
String CREATE_IRX = "createIRX"; //$NON-NLS-1$
String UPLOAD_DIRECT = "uploadDirect"; //$NON-NLS-1$
String BINDING_ID = "Bindingid"; //$NON-NLS-1$
String APPSCAN_OPTS = "APPSCAN_OPTS"; //$NON-NLS-1$
String BLUEMIX_SERVER = "BLUEMIX_SERVER"; //$NON-NLS-1$
String KEY_ID = "KeyId"; //$NON-NLS-1$
Expand All @@ -56,34 +61,34 @@ public interface CoreConstants {
String CLIENT_TYPE = "ClientType"; //$NON-NLS-1$

String API_ENV = "/api/v2"; //$NON-NLS-1$
String API_ENV_LATEST = "/api/v4"; //$NON-NLS-1$
String API_ENV_LATEST = "/api/v4"; //$NON-NLS-1$
String API_BLUEMIX = "Bluemix"; //$NON-NLS-1$
String API_BLUEMIX_LOGIN = API_ENV + "/Account/BluemixLogin"; //$NON-NLS-1$
String API_KEY_LOGIN = API_ENV_LATEST + "/Account/ApiKeyLogin"; //$NON-NLS-1$
String API_KEY_LOGIN = API_ENV_LATEST + "/Account/ApiKeyLogin"; //$NON-NLS-1$
String API_LOGOUT = API_ENV + "/Account/Logout"; //$NON-NLS-1$
String API_APPS = API_ENV_LATEST + "/Apps"; //$NON-NLS-1$
String API_PRESENCES = API_ENV_LATEST + "/Presences"; //$NON-NLS-1$
String API_PRESENCES_ID = API_ENV_LATEST + "/Presences/%s"; //$NON-NLS-1$
String API_PRESENCES_NEW_KEY = API_ENV_LATEST + "/Presences/%s/NewKey"; //$NON-NLS-1$
String API_BASIC_DETAILS = API_ENV_LATEST + "/Scans"; //$NON-NLS-1$
String API_PRESENCES = API_ENV_LATEST + "/Presences"; //$NON-NLS-1$
String API_PRESENCES_ID = API_ENV_LATEST + "/Presences/%s"; //$NON-NLS-1$
String API_PRESENCES_NEW_KEY = API_ENV_LATEST + "/Presences/%s/NewKey"; //$NON-NLS-1$
String API_BASIC_DETAILS = API_ENV_LATEST + "/Scans"; //$NON-NLS-1$
String API_SCANNER_DETAILS = API_ENV + "/Scans/&s/&s"; //$NON-NLS-1$
String API_FILE_UPLOAD = API_ENV_LATEST + "/FileUpload"; //$NON-NLS-1$
String API_FILE_UPLOAD = API_ENV_LATEST + "/FileUpload"; //$NON-NLS-1$
String API_SCAN = API_ENV + "/%s"; //$NON-NLS-1$
String API_SCANNER = API_ENV_LATEST + "/Scans/%s"; //$NON-NLS-1$
String API_SCANNER = API_ENV_LATEST + "/Scans/%s"; //$NON-NLS-1$
String API_SCANS = API_ENV + "/Scans"; //$NON-NLS-1$
String API_NONCOMPLIANT_ISSUES = API_ENV + "/Scans/%s/NonCompliantIssues"; //$NON-NLS-1$
String API_SCANS_REPORT = API_ENV_LATEST + "/Scans/%s/Report/%s"; //$NON-NLS-1$
String API_REPORT_SELECTED_ISSUES = API_ENV_LATEST + "/Reports/Security/%s/%s"; //$NON-NLS-1$
String API_DOWNLOAD_REPORT = API_ENV_LATEST + "/Reports/%s/Download"; //$NON-NLS-1$
String API_SACLIENT_DOWNLOAD = API_ENV_LATEST + "/Tools/SAClientUtil?os=%s"; //$NON-NLS-1$
String API_SACLIENT_VERSION = API_ENV_LATEST + "/Tools/SAClientUtil?os=%s&meta=%s"; //$NON-NLS-1$
String API_SCANS_REPORT = API_ENV_LATEST + "/Scans/%s/Report/%s"; //$NON-NLS-1$
String API_REPORT_SELECTED_ISSUES = API_ENV_LATEST + "/Reports/Security/%s/%s"; //$NON-NLS-1$
String API_DOWNLOAD_REPORT = API_ENV_LATEST + "/Reports/%s/Download"; //$NON-NLS-1$
String API_SACLIENT_DOWNLOAD = API_ENV_LATEST + "/Tools/SAClientUtil?os=%s"; //$NON-NLS-1$
String API_SACLIENT_VERSION = API_ENV_LATEST + "/Tools/SAClientUtil?os=%s&meta=%s"; //$NON-NLS-1$
String API_KEY_PATH = "/api/ideclientuilogin"; //$NON-NLS-1$
String API_REPORT_STATUS = API_ENV_LATEST + "/Reports"; //$NON-NLS-1$
String API_ISSUES_COUNT = API_ENV_LATEST + "/Issues/%s/%s"; //$NON-NLS-1$
String API_REGIONS = API_ENV_LATEST + "/Utils/Regions"; //$NON-NLS-1$
String API_IS_VALID_URL = API_ENV_LATEST + "/Scans/IsValidUrl"; //$NON-NLS-1$
String API_AUTHENTICATION = API_ENV_LATEST + "/Account/IsAuthenticated"; //$NON-NLS-1$
String API_TENANT_INFO = API_ENV_LATEST + "/Account/TenantInfo"; //$NON-NLS-1$
String API_REPORT_STATUS = API_ENV_LATEST + "/Reports"; //$NON-NLS-1$
String API_ISSUES_COUNT = API_ENV_LATEST + "/Issues/%s/%s"; //$NON-NLS-1$
String API_REGIONS = API_ENV_LATEST + "/Utils/Regions"; //$NON-NLS-1$
String API_IS_VALID_URL = API_ENV_LATEST + "/Scans/IsValidUrl"; //$NON-NLS-1$
String API_AUTHENTICATION = API_ENV_LATEST + "/Account/IsAuthenticated"; //$NON-NLS-1$
String API_TENANT_INFO = API_ENV_LATEST + "/Account/TenantInfo"; //$NON-NLS-1$

String DEFAULT_RESULT_NAME = "asoc_results"; //$NON-NLS-1$
String SACLIENT_INSTALL_DIR = "SAClientInstall"; //$NON-NLS-1$
Expand All @@ -99,16 +104,16 @@ public interface CoreConstants {
String PAUSED = "Paused"; //$NON-NLS-1$
String SUSPENDED = "Suspended"; //$NON-NLS-1$
String UNKNOWN = "Unknown"; //$NON-NLS-1$
String SERVER_URL = "serverURL"; //$NON-NLS-1$
String ACCEPT_INVALID_CERTS = "acceptInvalidCerts"; //$NON-NLS-1$
String SERVER_URL = "serverURL"; //$NON-NLS-1$
String ACCEPT_INVALID_CERTS = "acceptInvalidCerts"; //$NON-NLS-1$

String TOTAL_ISSUES = "NIssuesFound"; //$NON-NLS-1$
String CRITICAL_ISSUES = "NCriticalIssues"; //$NON-NLS-1$
String TOTAL_ISSUES = "NIssuesFound"; //$NON-NLS-1$
String CRITICAL_ISSUES = "NCriticalIssues"; //$NON-NLS-1$
String HIGH_ISSUES = "NHighIssues"; //$NON-NLS-1$
String MEDIUM_ISSUES = "NMediumIssues"; //$NON-NLS-1$
String LOW_ISSUES = "NLowIssues"; //$NON-NLS-1$
String INFO_ISSUES = "NInfoIssues"; //$NON-NLS-1$
String ITEMS = "Items"; //$NON-NLS-1$
String ITEMS = "Items"; //$NON-NLS-1$

String CREATE_SCAN_SUCCESS = "message.created.scan"; //$NON-NLS-1$
String SCAN_OVERVIEW = "message.scan.overview"; //$NON-NLS-1$
Expand All @@ -124,7 +129,7 @@ public interface CoreConstants {
String ERROR_AUTHENTICATING = "error.authenticating"; //$NON-NLS-1$
String ERROR_DOWNLOADING_CLIENT = "error.download.client"; //$NON-NLS-1$
String ERROR_GETTING_DETAILS = "error.getting.details"; //$NON-NLS-1$
String ERROR_GETTING_DETAILS_SCAN_ID = "error.getting.details.scan.id"; //$NON-NLS-1$
String ERROR_GETTING_DETAILS_SCAN_ID= "error.getting.details.scan.id"; //$NON-NLS-1$
String ERROR_GETTING_RESULT = "error.getting.result"; //$NON-NLS-1$
String ERROR_GENERATING_REPORT = "error.generating.report"; //$NON-NLS-1$
String ERROR_INVALID_APP = "error.invalid.app"; //$NON-NLS-1$
Expand All @@ -136,8 +141,7 @@ public interface CoreConstants {
String ERROR_UPLOADING_FILE = "error.upload.file"; //$NON-NLS-1$
String ERROR_GETTING_INFO = "error.getting.info"; //$NON-NLS-1$
String ERROR_URL_VALIDATION = "error.url.validation"; //$NON-NLS-1$
String FORMAT_PARAMS = "FormatParams"; //$NON-NLS-1$

String FORMAT_PARAMS = "FormatParams"; //$NON-NLS-1$
String ERROR_GETTING_SCANLOG = "error.getting.scanlog"; //$NON-NLS-1$

// ASE Status Messages
Expand All @@ -152,32 +156,32 @@ public interface CoreConstants {
String ERROR_INVALID_DETAILS = "error.invalid.details"; //$NON-NLS-1$

// ASE APIs
String ASE_API = "/api"; //$NON-NLS-1$
String ASE_APPS = ASE_API + "/applications"; //$NON-NLS-1$
String ASE_FOLDERS = ASE_API + "/folders"; //$NON-NLS-1$
String ASE_TEST_POLICIES = ASE_API + "/testPolicies"; //$NON-NLS-1$
String ASE_AGENT_SERVER = ASE_API + "/agentServer"; //$NON-NLS-1$
String ASE_UPDSCANT = ASE_API + "/jobs/%s/dastconfig/updatescant"; //$NON-NLS-1$
String ASE_UPDTRAFFIC = ASE_API + "/jobs/%s/dastconfig/updatetraffic/%s"; //$NON-NLS-1$
String ASE_UPDTAGENT = ASE_API + "/jobs/%s/designateAgentServer/%s"; //$NON-NLS-1$
String ASE_SCAN_TYPE = ASE_API + "/jobs/scantype"; //$NON-NLS-1$
String ASE_LOGIN_API = ASE_API + "/keylogin/apikeylogin"; //$NON-NLS-1$
String ASE_KEY_ID = "keyId"; //$NON-NLS-1$
String ASE_KEY_SECRET = "keySecret"; //$NON-NLS-1$
String ASE_NAME_ATTRIBUTE = "name"; //$NON-NLS-1$
String ASE_ID_ATTRIBUTE = "id"; //$NON-NLS-1$
String ASE_CREATEJOB_TEMPLATE_ID = ASE_API + "/jobs/%s/dastconfig/createjob"; //$NON-NLS-1$
String ASE_GET_JOB = ASE_API + "/jobs/%s"; //$NON-NLS-1$
String ASE_RUN_JOB_ACTION = ASE_API +"/jobs/%s/actions"; //$NON-NLS-1$
String ASE_REPORTPACK = ASE_API + "/folderitems/%s/reportPack"; //$NON-NLS-1$
String ASE_REPORTS = ASE_API + "/folderitems/%s/reports"; //$NON-NLS-1$
String ASE_GET_FOLDERITEMS = ASE_API + "/folderitems/%s"; //$NON-NLS-1$
String ASE_UPLOADED_FILE = "uploadedfile"; //$NON-NLS-1$
String ASE_CURRENTUSER_V2 = ASE_API + "/currentuser_v2"; //$NON-NLS-1$
String ASE_GET_FOLDER_ITEMS_STATISTICS = ASE_API + "/folderitems/%s/statistics"; //$NON-NLS-1$

String UNAUTHORIZED_ACTION = "UNAUTHORIZED_ACTION"; //$NON-NLS-1$

String API_SCANS_SCANLOGS = API_ENV_LATEST + "/Scans/ScanLogs/%s";
String ASE_API = "/api"; //$NON-NLS-1$
String ASE_APPS = ASE_API + "/applications"; //$NON-NLS-1$
String ASE_FOLDERS = ASE_API + "/folders"; //$NON-NLS-1$
String ASE_TEST_POLICIES = ASE_API + "/testPolicies"; //$NON-NLS-1$
String ASE_AGENT_SERVER = ASE_API + "/agentServer"; //$NON-NLS-1$
String ASE_UPDSCANT = ASE_API + "/jobs/%s/dastconfig/updatescant"; //$NON-NLS-1$
String ASE_UPDTRAFFIC = ASE_API + "/jobs/%s/dastconfig/updatetraffic/%s"; //$NON-NLS-1$
String ASE_UPDTAGENT = ASE_API + "/jobs/%s/designateAgentServer/%s"; //$NON-NLS-1$
String ASE_SCAN_TYPE = ASE_API + "/jobs/scantype"; //$NON-NLS-1$
String ASE_LOGIN_API = ASE_API + "/keylogin/apikeylogin"; //$NON-NLS-1$
String ASE_KEY_ID = "keyId"; //$NON-NLS-1$
String ASE_KEY_SECRET = "keySecret"; //$NON-NLS-1$
String ASE_NAME_ATTRIBUTE = "name"; //$NON-NLS-1$
String ASE_ID_ATTRIBUTE = "id"; //$NON-NLS-1$
String ASE_CREATEJOB_TEMPLATE_ID = ASE_API + "/jobs/%s/dastconfig/createjob"; //$NON-NLS-1$
String ASE_GET_JOB = ASE_API + "/jobs/%s"; //$NON-NLS-1$
String ASE_RUN_JOB_ACTION = ASE_API +"/jobs/%s/actions"; //$NON-NLS-1$
String ASE_REPORTPACK = ASE_API + "/folderitems/%s/reportPack"; //$NON-NLS-1$
String ASE_REPORTS = ASE_API + "/folderitems/%s/reports"; //$NON-NLS-1$
String ASE_GET_FOLDERITEMS = ASE_API + "/folderitems/%s"; //$NON-NLS-1$
String ASE_UPLOADED_FILE = "uploadedfile"; //$NON-NLS-1$
String ASE_CURRENTUSER_V2 = ASE_API + "/currentuser_v2"; //$NON-NLS-1$
String ASE_GET_FOLDER_ITEMS_STATISTICS = ASE_API + "/folderitems/%s/statistics"; //$NON-NLS-1$

String UNAUTHORIZED_ACTION = "UNAUTHORIZED_ACTION"; //$NON-NLS-1$

String API_SCANS_SCANLOGS = API_ENV_LATEST + "/Scans/ScanLogs/%s"; //$NON-NLS-1$

}
7 changes: 7 additions & 0 deletions src/main/java/com/hcl/appscan/sdk/scanners/sast/SAClient.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -358,6 +358,13 @@ private List<String> getClientArgs(Map<String, String> properties) {
if(properties.containsKey(SECRETS_ONLY) || System.getProperty(SECRETS_ONLY) != null) {
args.add(OPT_SECRETS_ONLY);
}
//For AppScan 360 support.
if(Boolean.parseBoolean(properties.getOrDefault(CoreConstants.ACCEPT_INVALID_CERTS, Boolean.toString(false)))) {
args.add(OPT_ACCEPTS_SSL);
}
if(properties.getOrDefault(CoreConstants.SERVER_URL, "").trim() != "") { //$NON-NLS-1$ //$NON-NLS-2$
args.add("-D" + CoreConstants.BLUEMIX_SERVER + "=" + properties.get(CoreConstants.SERVER_URL)); //$NON-NLS-1$ //$NON-NLS-2$
}

return args;
}
Expand Down
Loading

0 comments on commit 869c966

Please sign in to comment.