Merge pull request #32 from checkmarx-ltd/august_integration_branch

August integration branch

pom.xml

@@ -5,7 +5,7 @@
     <groupId>checkmarx.com</groupId>
     <artifactId>com.checkmarx.sonar.cxplugin</artifactId>
     <packaging>sonar-plugin</packaging>
-    <version>2022.3.2</version>
+    <version>2023.3.4</version>
     <name>Checkmarx plugin</name>
     <description>Checkmarx plugin</description>
 
@@ -173,7 +173,7 @@
         <dependency>
             <groupId>org.json</groupId>
             <artifactId>json</artifactId>
-            <version>20210307</version>
+            <version>20230618</version>
         </dependency>
         <!--        <dependency>-->
         <!--            <groupId>com.sun.xml.ws</groupId>-->
@@ -241,7 +241,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.13.3</version>
+            <version>2.13.4.2</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-annotations -->
         <dependency>
@@ -331,6 +331,10 @@
                 <exclusion>
                     <groupId>commons-logging</groupId>
                     <artifactId>commons-logging-api</artifactId>
+                </exclusion>
+				<exclusion>
+                    <groupId>org.codehaus.plexus</groupId>
+                    <artifactId>plexus-archiver</artifactId>
                 </exclusion>
             </exclusions>
    			</dependency>		        
@@ -344,6 +348,11 @@
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-ext</artifactId>
             <version>1.8.0-beta2</version>
+        </dependency>
+		<dependency>
+            <groupId>org.codehaus.plexus</groupId>
+            <artifactId>plexus-archiver</artifactId>
+			<version>4.8.0</version>
         </dependency>
     </dependencies>
 

src/main/java/com/checkmarx/sonar/sensor/utils/CxConfigHelper.java

@@ -47,6 +47,7 @@ public class CxConfigHelper {
     public static final String SONAR_PROJECT_KEY = "sonar.projectKey";
     public static final String SONAR_LOGIN_KEY = "sonar.login";
     public static final String SONAR_PASSWORD_KEY = "sonar.password";
+    public static final String SONAR_TOKEN_KEY = "sonar.token";
 
     private static final String VALUE = "value";
 
@@ -185,17 +186,18 @@ private String getPropertyValue(String responseJson) {
         }
         return value;
     }
-       
+
     private ProjectDetails getProjectAndTeamDetails(String cxProject, CxFullCredentials cxFullCredentials) throws IOException {
-
-		  String teamName =  cxProject.substring(cxProject.indexOf("\\") + 1, cxProject.lastIndexOf("\\"));
-		  teamName = "/" + teamName ;
-
-        log.info("Team name parsed from the projectName: "+teamName);
+        log.info("Team/Project path: " + cxProject);
+
+        int lastIndex = Math.max(cxProject.lastIndexOf("\\"), cxProject.lastIndexOf("/"));
+        String teamName = cxProject.substring(1, lastIndex);
+        teamName = "/" + teamName;
+
         ProjectDetails projectDetails = new ProjectDetails();
         projectDetails.setTeamName(teamName);
         projectDetails.setTeamId(getTeamId(teamName, cxFullCredentials));
-        projectDetails.setProjectName(cxProject.substring(cxProject.lastIndexOf("\\") + 1));
+        projectDetails.setProjectName(cxProject.substring(lastIndex + 1));
         return projectDetails;
     }
 
@@ -228,7 +230,13 @@ private String getSonarPropertyHttp(String propertyName, Configuration config) {
                 String token;
                 String user;
                 String pass;
-                if (config.get(SONAR_LOGIN_KEY).isPresent() &&
+                //adding below condition for new versions of sonarqube including 10.1
+                if (config.get(SONAR_TOKEN_KEY).isPresent()) {
+                	log.info("sonar.token present");
+                    token = config.get(SONAR_TOKEN_KEY).get();
+                    auth = token + ":";
+                    auth = new String(Base64.encodeBase64(auth.getBytes(StandardCharsets.ISO_8859_1)));
+                }else if (config.get(SONAR_LOGIN_KEY).isPresent() &&
                         !config.get(SONAR_PASSWORD_KEY).isPresent()) {
                     token = config.get(SONAR_LOGIN_KEY).get();
                     auth = token + ":";
@@ -256,7 +264,7 @@ private String getSonarPropertyHttp(String propertyName, Configuration config) {
             }
             return "";
         } catch (IOException e) {
-        	log.warn("Error occured while retrieving property value for property: "+propertyName);
+            log.warn("Error occured while retrieving property value for property: " + propertyName);
             return null;
         } finally {
             if (response != null) {
@@ -288,8 +296,8 @@ private static String createStringFromResponse(org.apache.http.HttpResponse resp
         while ((line = rd.readLine()) != null) {
             result.append(line);
         }
-        
-        
+
+
         return result.toString();
     }
 

src/main/java/com/checkmarx/sonar/settings/PropertyApiClient.java

@@ -144,7 +144,13 @@ private HttpResponse getResponse(HttpUriRequest request) throws IOException {
     private void addAuthHeaders(HttpUriRequest request, CookieStore cookieStore) {
         try {
             if (sensorContext != null) {
-                if (sensorContext.config().get(CxConfigHelper.SONAR_LOGIN_KEY).isPresent() &&
+            	if (sensorContext.config().get(CxConfigHelper.SONAR_TOKEN_KEY).isPresent()) {
+                    logger.info("Sonar server token is provided in sonar.token");
+                    String auth = sensorContext.config().get(CxConfigHelper.SONAR_TOKEN_KEY).get() + ":";
+                    byte[] encodedAuth = Base64.encodeBase64(auth.getBytes(StandardCharsets.ISO_8859_1));
+                    String authHeader = "Basic " + new String(encodedAuth);
+                    request.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
+                }else if (sensorContext.config().get(CxConfigHelper.SONAR_LOGIN_KEY).isPresent() &&
                         !sensorContext.config().get(CxConfigHelper.SONAR_PASSWORD_KEY).isPresent()) {
                     logger.info("Sonar server token is provided");
                     String auth = sensorContext.config().get(CxConfigHelper.SONAR_LOGIN_KEY).get() + ":";

src/main/resources/static/cx_report.js

@@ -2,7 +2,14 @@ window.registerExtension('checkmarx/cx_report', function (options) {
 
   // let's create a flag telling if the static is still displayed
   var isDisplayed = true;
-  var staticUrl = window.baseUrl +'/static/checkmarx';
+   //Setting analysis date to resolve continuous page refresh issue.
+   //It is observeed that until a sonar analysis is done for a project, all the pages keeps on reloading.
+   //By setting analysisDate for the project resolves the issue for checkmarx pages without having to run sonar scan on the project.
+   if(!options.component.analysisDate)
+   {
+		options.component.analysisDate = 'tempAnalysisDate';
+	}
+   var staticUrl = window.baseUrl +'/static/checkmarx';
     var spanSpinner;
 
     //-------------------------- sast vars --------------------------------------
@@ -1531,6 +1538,12 @@ window.registerExtension('checkmarx/cx_report', function (options) {
 
 
           return function () {
+		//This is to reset value of analysisDate and reload the component and other pages will keep on refreshing as expected
+		if(options.component.analysisDate === 'tempAnalysisDate')
+        {
+			options.component.analysisDate = undefined;
+    		location.reload();
+		}
 
     // we unset the `isDisplayed` flag to ignore to Web API calls finished after the static is closed
     isDisplayed = false;