ASA 8404 (#158)

* include SCA implementation
* copyright changes

src/main/java/com/hcl/appscan/sdk/CoreConstants.java

@@ -27,12 +27,13 @@ public interface CoreConstants {
 	String SCANNER_TYPE					= "type";												//$NON-NLS-1$
 	String STATUS						= "Status";												//$NON-NLS-1$
 	String TARGET						= "target";												//$NON-NLS-1$
-	String OPEN_SOURCE_ONLY             = "openSourceOnly";                                     //$NON-NLS-1$
+	String INCLUDE_SCA					= "includeSCA";												//$NON-NLS-1$
 	String VERSION_NUMBER				= "VersionNumber";										//$NON-NLS-1$
 	String USER_MESSAGE					= "UserMessage";										//$NON-NLS-1$
 	String IS_VALID						= "IsValid";											//$NON-NLS-1$
 	String SOURCE_CODE_ONLY					= "sourceCodeOnly";										//$NON-NLS-1$
     	String SOFTWARE_COMPOSITION_ANALYZER 			= "Software Composition Analyzer";                     //$NON-NLS-1$
+    	String STATIC_ANALYZER 			                = "Static Analyzer";                                   //$NON-NLS-1$
     	String SCA                           			= "Sca";                                               //$NON-NLS-1$
 
     	String CREATE_IRX                     			= "createIRX";                                            					//$NON-NLS-1$

src/main/java/com/hcl/appscan/sdk/messages.properties

@@ -1,6 +1,6 @@
 #
 # \u00c2\u00a9 Copyright IBM Corporation 2016.
-# \u00c2\u00a9 Copyright HCL Technologies Ltd. 2017, 2020.
+# \u00c2\u00a9 Copyright HCL Technologies Ltd. 2017, 2020, 2024.
 # LICENSE: Apache License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0
 #
 # NLS_MESSAGEFORMAT_VAR
@@ -9,7 +9,7 @@
 transfer.progress={0}% transferred
 
 message.created.scan=Successfully submitted scan for analysis.
-message.running.scan=Creating and executing scan...
+message.running.scan=Creating and executing {0} scan...
 message.uploading.file=Uploading {0} to the analysis service...
 message.done=Done.
 message.downloading.client=Downloading the latest SAClientUtil package...

src/main/java/com/hcl/appscan/sdk/scan/CloudScanServiceProvider.java

@@ -55,20 +55,15 @@ public String createAndExecuteScan(String type, Map<String, String> params) {
             return null;
         }
 
-        m_progress.setStatus(new Message(Message.INFO, Messages.getMessage(EXECUTING_SCAN)));
+        m_progress.setStatus(new Message(Message.INFO, Messages.getMessage(EXECUTING_SCAN, params.get(CoreConstants.SCANNER_TYPE))));
         Map<String, String> request_headers = m_authProvider.getAuthorizationHeader(true);
         HttpClient client = new HttpClient(m_authProvider.getProxy(), m_authProvider.getacceptInvalidCerts());
 
         try {
             HttpResponse response;
                 request_headers.put("Content-Type", "application/json");
                 request_headers.put("accept", "application/json");
-                String request_url;
-                if(type.equals(SASTConstants.STATIC_ANALYZER) && !params.containsKey(UPLOAD_DIRECT) && params.containsKey(OPEN_SOURCE_ONLY)) {
-                    request_url = m_authProvider.getServer() + String.format(API_SCANNER, SCA);
-                } else {
-                    request_url = m_authProvider.getServer() + String.format(API_SCANNER, type);
-                }
+                String request_url = m_authProvider.getServer() + String.format(API_SCANNER, type);
                 response = client.post(request_url,request_headers,params);
 
             int status = response.getResponseCode();

src/main/java/com/hcl/appscan/sdk/scanners/ASoCScan.java

@@ -1,6 +1,6 @@
 /**
  * © Copyright IBM Corporation 2016.
- * © Copyright HCL Technologies Ltd. 2017. 
+ * © Copyright HCL Technologies Ltd. 2017, 2024.
  * LICENSE: Apache License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0
  */
 
@@ -33,7 +33,11 @@ public ASoCScan(Map<String, String> properties, IScanServiceProvider provider) {
 	}
 
 	public ASoCScan(Map<String, String> properties, IProgress progress, IScanServiceProvider provider) {
-		m_target = properties.remove(CoreConstants.TARGET);
+		if(properties.containsKey(CoreConstants.INCLUDE_SCA)) {
+			m_target = properties.get(CoreConstants.TARGET);
+		} else {
+			m_target = properties.remove(CoreConstants.TARGET);
+		}
 		m_properties = properties;
 		if(!m_properties.containsKey(CoreConstants.SCAN_NAME))
 			m_properties.put(CoreConstants.SCAN_NAME, getType() + SystemUtil.getTimeStamp());

src/main/java/com/hcl/appscan/sdk/scanners/sast/SAClient.java

@@ -326,16 +326,17 @@ private List<String> getClientArgs(Map<String, String> properties) {
 		if(properties.containsKey(VERBOSE)) {
 			args.add(OPT_VERBOSE);
 		}
-		if(properties.containsKey(THIRD_PARTY) || System.getProperty(THIRD_PARTY) != null) {
+		if(properties.containsKey(THIRD_PARTY) || System.getProperty(THIRD_PARTY) != null)
 			args.add(OPT_THIRD_PARTY);
-		}
-		if (properties.containsKey(OPEN_SOURCE_ONLY) || System.getProperty(OPEN_SOURCE_ONLY) != null || properties.getOrDefault(CoreConstants.SCANNER_TYPE, "").equals(CoreConstants.SOFTWARE_COMPOSITION_ANALYZER)) {
+		if (properties.containsKey(OPEN_SOURCE_ONLY) || System.getProperty(OPEN_SOURCE_ONLY) != null)
 			args.add(OPT_OPEN_SOURCE_ONLY);
-		}
-		if (properties.containsKey(SOURCE_CODE_ONLY) || System.getProperty(SOURCE_CODE_ONLY) != null) {
+		if (properties.containsKey(SOURCE_CODE_ONLY) || System.getProperty(SOURCE_CODE_ONLY) != null)
 			args.add(OPT_SOURCE_CODE_ONLY);
-		}
-		if(properties.containsKey(SCAN_SPEED)) {
+		if (!properties.containsKey(CoreConstants.INCLUDE_SCA) && properties.get(CoreConstants.SCANNER_TYPE).equals(CoreConstants.STATIC_ANALYZER))
+			args.add(OPT_STATIC_ANALYSIS_ONLY);
+		if (!properties.containsKey(CoreConstants.INCLUDE_SCA) && properties.get(CoreConstants.SCANNER_TYPE).equals(CoreConstants.SOFTWARE_COMPOSITION_ANALYZER))
+			args.add(OPT_OPEN_SOURCE_ONLY);
+		 if(properties.containsKey(SCAN_SPEED)){
 			args.add(OPT_SCAN_SPEED);
 			if(properties.get(SCAN_SPEED).equals(NORMAL)){
 				args.add(THOROUGH);

src/main/java/com/hcl/appscan/sdk/scanners/sast/SASTConstants.java

@@ -53,7 +53,8 @@ public interface SASTConstants {
 	String OPT_VERBOSE					= "-v";								//$NON-NLS-1$
 	String OPT_DEBUG					= "-X";								//$NON-NLS-1$
         String OPT_OPEN_SOURCE_ONLY                             = "-oso";                                                       //$NON-NLS-1$
-		String OPT_SOURCE_CODE_ONLY                             = "-sco"; 												   //$NON-NLS-1$
+        String OPT_SOURCE_CODE_ONLY                             = "-sco";                                                       //$NON-NLS-1$
+        String OPT_STATIC_ANALYSIS_ONLY                         = "-sao";                                                       //$NON-NLS-1$
 	String OPT_SECRETS_ENABLED                              = "-es";                                                       //$NON-NLS-1$
 	String OPT_SECRETS_ONLY                                 = "-so";                                                       //$NON-NLS-1$
 

src/main/java/com/hcl/appscan/sdk/scanners/sca/SCAScan.java

@@ -1,5 +1,5 @@
 /**
- * © Copyright HCL Technologies Ltd. 2023.
+ * © Copyright HCL Technologies Ltd. 2023, 2024.
  * LICENSE: Apache License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0
  */
 
@@ -34,8 +34,12 @@ public void run() throws ScannerException, InvalidTargetException {
             throw new InvalidTargetException(Messages.getMessage(TARGET_INVALID, target));
 
         try {
-            generateIR();
-            analyzeIR();
+            if(getProperties().containsKey(CoreConstants.INCLUDE_SCA) && getProperties().containsKey("ApplicationFileId")) {
+                submitScan();
+            } else {
+                generateIR();
+                analyzeIR();
+            }
         } catch(IOException e) {
             throw new ScannerException(Messages.getMessage(SCAN_FAILED, e.getLocalizedMessage()));
         }