23 | under the terms of the GNU General Public License, version 3
24 | which accompanies this distriution, and is available at
25 | https://www.gnu.org/licenses/gpl-3.0.en.html
26 |
27 |
28 |
--------------------------------------------------------------------------------
/features/com.contrastsecurity.ide.eclipse.feature/feature.properties:
--------------------------------------------------------------------------------
1 | FEATURE_NAME = Contrast IDE plugin for Eclipse
2 | PROVIDER_NAME = Contrast Security
3 | LICENSE_URL = LICENSE
4 | DESCRIPTION = Instrument your applications with Contrast Security to gain real-time visibility to vulnerabilities in your application, and to defend them against attacks.\n\
5 | Contrast integrates with your existing SDLC processes to provide an easy way to view and fix vulnerabilities in your code, and protect your applications.\n\
6 | The Contrast for Eclipse plugin lists the vulnerabilities from your application directly in your Eclipse environment enabling developers to resolve issues faster.
7 | LICENSE = Copyright (c) 2017 Contrast Security. All rights reserved\n\
8 | This program and the accompanying materials\n\
9 | are made available under the terms of the GNU General Public License, version 3\n\
10 | which accompanies this distribution, and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 |
12 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/IContrastLabelProvider.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | public interface IContrastLabelProvider {
18 |
19 | String getName();
20 |
21 | }
22 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/StatusConstants.java:
--------------------------------------------------------------------------------
1 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
2 |
3 | import java.util.ResourceBundle;
4 |
5 | public class StatusConstants {
6 |
7 | static ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
8 |
9 | public final static String CONFIRMED = resource.getString("VULNERABILITY_STATUS_CONFIRMED_LABEL");
10 | public final static String SUSPICICIOUS = resource.getString("VULNERABILITY_STATUS_SUSPICIOUS_LABEL");
11 | public final static String NOT_A_PROBLEM = resource.getString("VULNERABILITY_STATUS_NOT_A_PROBLEM_STRING_LABEL");
12 | public final static String REMEDIATED = resource.getString("VULNERABILITY_STATUS_REMEDIATED_LABEL");
13 | public final static String REPORTED = resource.getString("VULNERABILITY_STATUS_REPORTED_LABEL");
14 | public final static String FIXED = resource.getString("VULNERABILITY_STATUS_FIXED_LABEL");
15 |
16 | }
17 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.rest.sdk/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | com.contrastsecurity.ide.rest.sdk
4 |
5 |
6 |
7 |
8 |
9 | org.eclipse.jdt.core.javabuilder
10 |
11 |
12 |
13 |
14 | org.eclipse.pde.ManifestBuilder
15 |
16 |
17 |
18 |
19 | org.eclipse.pde.SchemaBuilder
20 |
21 |
22 |
23 |
24 | org.eclipse.m2e.core.maven2Builder
25 |
26 |
27 |
28 |
29 |
30 | org.eclipse.m2e.core.maven2Nature
31 | org.eclipse.pde.PluginNature
32 | org.eclipse.jdt.core.javanature
33 |
34 |
35 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | com.contrastsecurity.ide.eclipse.ui
4 |
5 |
6 |
7 |
8 |
9 | org.eclipse.jdt.core.javabuilder
10 |
11 |
12 |
13 |
14 | org.eclipse.pde.ManifestBuilder
15 |
16 |
17 |
18 |
19 | org.eclipse.pde.SchemaBuilder
20 |
21 |
22 |
23 |
24 | org.eclipse.m2e.core.maven2Builder
25 |
26 |
27 |
28 |
29 |
30 | org.eclipse.m2e.core.maven2Nature
31 | org.eclipse.pde.PluginNature
32 | org.eclipse.jdt.core.javanature
33 |
34 |
35 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | com.contrastsecurity.ide.eclipse.core
4 |
5 |
6 |
7 |
8 |
9 | org.eclipse.jdt.core.javabuilder
10 |
11 |
12 |
13 |
14 | org.eclipse.pde.ManifestBuilder
15 |
16 |
17 |
18 |
19 | org.eclipse.pde.SchemaBuilder
20 |
21 |
22 |
23 |
24 | org.eclipse.m2e.core.maven2Builder
25 |
26 |
27 |
28 |
29 |
30 | org.eclipse.m2e.core.maven2Nature
31 | org.eclipse.pde.PluginNature
32 | org.eclipse.jdt.core.javanature
33 |
34 |
35 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core.tests/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | com.contrastsecurity.ide.eclipse.core.tests
4 |
5 |
6 |
7 |
8 |
9 | org.eclipse.jdt.core.javabuilder
10 |
11 |
12 |
13 |
14 | org.eclipse.pde.ManifestBuilder
15 |
16 |
17 |
18 |
19 | org.eclipse.pde.SchemaBuilder
20 |
21 |
22 |
23 |
24 | org.eclipse.m2e.core.maven2Builder
25 |
26 |
27 |
28 |
29 |
30 | org.eclipse.m2e.core.maven2Nature
31 | org.eclipse.pde.PluginNature
32 | org.eclipse.jdt.core.javanature
33 |
34 |
35 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/IFilterListener.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import com.contrastsecurity.models.Applications;
18 | import com.contrastsecurity.models.Servers;
19 |
20 | public interface IFilterListener {
21 | void onFilterLoad(Servers servers, Applications applications);
22 |
23 | }
24 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/SeverityFilterListener.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.util.EnumSet;
18 |
19 | import com.contrastsecurity.http.RuleSeverity;
20 |
21 | public interface SeverityFilterListener {
22 |
23 | void onSeverityFilterLoad(EnumSet severities);
24 |
25 | }
26 |
--------------------------------------------------------------------------------
/features/com.contrastsecurity.ide.eclipse.feature/feature.xml:
--------------------------------------------------------------------------------
1 |
2 |
8 |
9 | %DESCRIPTION
10 |
11 |
12 |
13 | %copyright
14 |
15 |
16 |
17 | %LICENSE
18 |
19 |
20 |
26 |
27 |
33 |
34 |
40 |
41 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui.tests/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 | com.contrastsecurity.ide.eclipse.ui.tests
17 | eclipse-test-plugin
18 |
19 | com.contrastsecurity.ide.eclipse
20 | plugins
21 | 3.0.5-SNAPSHOT
22 |
23 |
24 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core.tests/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 | com.contrastsecurity.ide.eclipse.core.tests
17 | eclipse-test-plugin
18 |
19 | com.contrastsecurity.ide.eclipse
20 | plugins
21 | 3.0.5-SNAPSHOT
22 |
23 |
24 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse
18 | plugins
19 | 3.0.5-SNAPSHOT
20 |
21 | com.contrastsecurity.ide.eclipse.plugins
22 | com.contrastsecurity.ide.eclipse.ui
23 | eclipse-plugin
24 |
25 |
--------------------------------------------------------------------------------
/updatesite/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse
18 | parent
19 | 3.0.5-SNAPSHOT
20 |
21 | com.contrastsecurity.ide.eclipse
22 | contrastide.updatesite
23 | Contrast IDE Update Site
24 |
25 | eclipse-repository
26 |
27 |
--------------------------------------------------------------------------------
/features/com.contrastsecurity.ide.eclipse.feature/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse
18 | features
19 | 3.0.5-SNAPSHOT
20 |
21 | com.contrastsecurity.ide.eclipse
22 | com.contrastsecurity.ide.eclipse.feature
23 | eclipse-feature
24 |
25 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse
18 | plugins
19 | 3.0.5-SNAPSHOT
20 |
21 | com.contrastsecurity.ide.eclipse.plugins
22 | com.contrastsecurity.ide.eclipse.core
23 | eclipse-plugin
24 |
25 |
--------------------------------------------------------------------------------
/targets/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse.target
18 | mars
19 | eclipse-target-definition
20 | Eclipse Mars Target Definition
21 |
22 |
23 | com.contrastsecurity.ide.eclipse
24 | parent
25 | 3.0.5-SNAPSHOT
26 |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/ContrastLabelProvider.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import org.eclipse.jface.viewers.LabelProvider;
18 |
19 | public class ContrastLabelProvider extends LabelProvider {
20 |
21 | @Override
22 | public String getText(Object element) {
23 | if (element instanceof IContrastLabelProvider) {
24 | return ((IContrastLabelProvider)element).getName();
25 | }
26 | return super.getText(element);
27 | }
28 |
29 | }
30 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/MainPage.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.net.MalformedURLException;
18 |
19 | import org.eclipse.swt.widgets.Composite;
20 |
21 | import com.contrastsecurity.ide.eclipse.ui.internal.views.VulnerabilitiesView;
22 |
23 | public class MainPage extends VulnerabilityPage {
24 |
25 | public MainPage(Composite parent, int style, VulnerabilitiesView vulnerabilitiesView) throws MalformedURLException {
26 | super(parent, style, vulnerabilitiesView);
27 | }
28 |
29 | }
30 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/AbstractPage.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import org.eclipse.swt.widgets.Composite;
18 |
19 | import com.contrastsecurity.ide.eclipse.ui.internal.views.VulnerabilitiesView;
20 |
21 | public class AbstractPage extends Composite {
22 |
23 | private VulnerabilitiesView vulnerabilitiesView;
24 |
25 | public AbstractPage(Composite parent, int style, VulnerabilitiesView vulnerabilitiesView) {
26 | super(parent, style);
27 | this.vulnerabilitiesView = vulnerabilitiesView;
28 | }
29 |
30 | public VulnerabilitiesView getVulnerabilitiesView() {
31 | return vulnerabilitiesView;
32 | }
33 |
34 | }
35 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/util/SystemUtils.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.util;
16 |
17 | public class SystemUtils {
18 |
19 | private final static String OS_SYSTEM = System.getProperty("os.name").toLowerCase();
20 |
21 | private final static String WINDOWS_OS = "win";
22 | private final static String MAC_OS = "mac";
23 | private final static String UNIX_OS = "unix";
24 |
25 | public static boolean isWindowsOS() {
26 | return OS_SYSTEM.contains(WINDOWS_OS);
27 | }
28 |
29 | public static boolean isUnixOS() {
30 | return OS_SYSTEM.contains(UNIX_OS);
31 | }
32 |
33 | public static boolean isMacOS() {
34 | return OS_SYSTEM.contains(MAC_OS);
35 | }
36 |
37 | }
38 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.rest.sdk/META-INF/MANIFEST.MF:
--------------------------------------------------------------------------------
1 | Manifest-Version: 1.0
2 | Bundle-ManifestVersion: 2
3 | Bundle-Name: Contrast Security
4 | Bundle-SymbolicName: com.contrastsecurity.ide.rest.sdk
5 | Bundle-Version: 3.0.5.qualifier
6 | Bundle-Vendor: Contrast REST API SDK
7 | Bundle-RequiredExecutionEnvironment: JavaSE-1.7
8 | Require-Bundle: com.google.gson;visibility:=reexport,
9 | org.slf4j.api;bundle-version="1.7.2",
10 | org.apache.commons.codec;visibility:=reexport,
11 | org.apache.commons.lang;bundle-version="2.6.0";visibility:=reexport,
12 | org.apache.commons.io;bundle-version="2.2.0";visibility:=reexport
13 | Bundle-ClassPath: lib/lombok-1.16.8.jar,
14 | .,
15 | lib/contrast-sdk-java-3.4.2.jar,
16 | lib/unbescape-1.1.3.RELEASE.jar,
17 | lib/concurrentlinkedhashmap-lru-1.4.2.jar
18 | Export-Package: com.contrastsecurity.exceptions,
19 | com.contrastsecurity.http,
20 | com.contrastsecurity.models,
21 | com.contrastsecurity.sdk,
22 | com.contrastsecurity.utils,
23 | com.googlecode.concurrentlinkedhashmap,
24 | lombok,
25 | lombok.delombok.ant,
26 | lombok.experimental,
27 | lombok.extern.apachecommons,
28 | lombok.extern.java,
29 | lombok.extern.log4j,
30 | lombok.extern.slf4j,
31 | lombok.javac.apt,
32 | lombok.launch,
33 | org.unbescape.css,
34 | org.unbescape.csv,
35 | org.unbescape.html,
36 | org.unbescape.java,
37 | org.unbescape.javascript,
38 | org.unbescape.json,
39 | org.unbescape.properties,
40 | org.unbescape.uri,
41 | org.unbescape.xml
42 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/plugin.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
7 |
10 |
11 |
17 |
18 |
19 |
21 |
23 |
27 |
28 |
29 |
30 |
31 |
32 |
36 |
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/plugins/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse
18 | parent
19 | 3.0.5-SNAPSHOT
20 |
21 | com.contrastsecurity.ide.eclipse
22 | plugins
23 |
24 | contrastide.plugins
25 | pom
26 |
27 | com.contrastsecurity.ide.eclipse.core
28 | com.contrastsecurity.ide.eclipse.core.tests
29 | com.contrastsecurity.ide.eclipse.ui
30 | com.contrastsecurity.ide.eclipse.ui.tests
31 | com.contrastsecurity.ide.rest.sdk
32 |
33 |
34 |
--------------------------------------------------------------------------------
/.github/workflows/publish.yml:
--------------------------------------------------------------------------------
1 | name: Upload to S3
2 |
3 | on:
4 | workflow_dispatch:
5 |
6 | jobs:
7 | build:
8 | runs-on: ubuntu-latest
9 | permissions: write-all
10 | steps:
11 | - uses: actions/checkout@v2
12 | with:
13 | fetch-depth: 0
14 | - name: Set up JDK 8
15 | uses: actions/setup-java@v2
16 | with:
17 | java-version: "8"
18 | distribution: "adopt"
19 | server-id: "ossrh"
20 | - name: Bump Version and Build Artifact
21 | env:
22 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
23 | run: mvn unleash:perform-tycho -B -Dunleash.releaseArgs="jarsigner.skip=true, skipTests=true" -Dunleash.versionUpgradeStrategy=DEFAULT -Dworkflow=customWorkflow -Dunleash.scmUsername=$GITHUB_ACTOR -Dunleash.scmPassword=$GITHUB_TOKEN
24 | - name: Configure AWS Credentials
25 | uses: aws-actions/configure-aws-credentials@v1
26 | with:
27 | aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_PROD }}
28 | aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PROD }}
29 | aws-region: us-east-1
30 | - name: Upload to s3 bucket
31 | run: |
32 | aws s3 sync ./updatesite/target/repository/plugins s3://contrast-eclipse-plugin/plugins
33 | aws s3 sync ./updatesite/target/repository/features s3://contrast-eclipse-plugin/features
34 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core/src/com/contrastsecurity/ide/eclipse/core/internal/preferences/OrganizationConfig.java:
--------------------------------------------------------------------------------
1 | package com.contrastsecurity.ide.eclipse.core.internal.preferences;
2 |
3 | public class OrganizationConfig {
4 |
5 | private String contrastUrl;
6 | private String username;
7 | private String serviceKey;
8 | private String apiKey;
9 | private String organizationUUID;
10 |
11 | public OrganizationConfig(final String contrastUrl, final String username, final String serviceKey,
12 | final String apiKey, final String organizationUUID) {
13 |
14 | this.contrastUrl = contrastUrl;
15 | this.username = username;
16 | this.serviceKey = serviceKey;
17 | this.apiKey = apiKey;
18 | this.organizationUUID = organizationUUID;
19 | }
20 |
21 | public String getContrastUrl() {
22 | return contrastUrl;
23 | }
24 |
25 | public void setContrastUrl(String contrastUrl) {
26 | this.contrastUrl = contrastUrl;
27 | }
28 |
29 | public String getUsername() {
30 | return username;
31 | }
32 |
33 | public void setUsername(String username) {
34 | this.username = username;
35 | }
36 |
37 | public String getServiceKey() {
38 | return serviceKey;
39 | }
40 |
41 | public void setServiceKey(String serviceKey) {
42 | this.serviceKey = serviceKey;
43 | }
44 |
45 | public String getApiKey() {
46 | return apiKey;
47 | }
48 |
49 | public void setApiKey(String apiKey) {
50 | this.apiKey = apiKey;
51 | }
52 |
53 | public String getOrganizationUUIDKey() {
54 | return organizationUUID;
55 | }
56 |
57 | public void setOrganizationUUIDKey(String organizationUUIDKey) {
58 | this.organizationUUID = organizationUUIDKey;
59 | }
60 | }
61 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core/src/com/contrastsecurity/ide/eclipse/core/internal/preferences/ContrastPreferencesInitializer.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.core.internal.preferences;
16 |
17 |
18 | import org.eclipse.core.runtime.preferences.AbstractPreferenceInitializer;
19 | import org.eclipse.core.runtime.preferences.DefaultScope;
20 | import org.eclipse.core.runtime.preferences.IEclipsePreferences;
21 |
22 | import com.contrastsecurity.ide.eclipse.core.Constants;
23 | import com.contrastsecurity.ide.eclipse.core.ContrastCoreActivator;
24 |
25 | public class ContrastPreferencesInitializer extends
26 | AbstractPreferenceInitializer {
27 |
28 | /* (non-Javadoc)
29 | * @see org.eclipse.core.runtime.preferences.AbstractPreferenceInitializer#initializeDefaultPreferences()
30 | */
31 | @Override
32 | public void initializeDefaultPreferences() {
33 | IEclipsePreferences preferences = DefaultScope.INSTANCE.getNode(ContrastCoreActivator.PLUGIN_ID);
34 | preferences.put(Constants.TEAM_SERVER_URL, Constants.TEAM_SERVER_URL_VALUE);
35 | }
36 |
37 | }
38 |
--------------------------------------------------------------------------------
/features/com.contrastsecurity.ide.eclipse.feature/feature_ja.properties:
--------------------------------------------------------------------------------
1 | FEATURE_NAME = Eclipse\u7528 Contrast IDE\u30d7\u30e9\u30b0\u30a4\u30f3
2 | PROVIDER_NAME = Contrast Security
3 | LICENSE_URL = LICENSE
4 | DESCRIPTION = Contrast Security\u3092\u4f7f\u7528\u3057\u3066\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u8a08\u6e2c\u3059\u308b\u3068\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u3067\u628a\u63e1\u3057\u3001\u653b\u6483\u304b\u3089\u4fdd\u8b77\u3067\u304d\u307e\u3059\u3002\n \
5 | Contrast\u3092\u65e2\u5b58\u306eSDLC\u30d7\u30ed\u30bb\u30b9\u306b\u7d71\u5408\u3059\u308b\u3053\u3068\u3067\u3001\u30b3\u30fc\u30c9\u306e\u8106\u5f31\u6027\u306e\u8868\u793a\u3084\u4fee\u6b63\u304c\u7c21\u5358\u306b\u3067\u304d\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u4fdd\u8b77\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\n \
6 | Eclipse\u7528\u306eContrast\u30d7\u30e9\u30b0\u30a4\u30f3\u306b\u3088\u308a\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u304c\u76f4\u63a5Eclipse\u74b0\u5883\u306b\u4e00\u89a7\u8868\u793a\u3055\u308c\u308b\u305f\u3081\u3001\u958b\u767a\u8005\u306f\u554f\u984c\u3092\u3088\u308a\u8fc5\u901f\u306b\u89e3\u6c7a\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002
7 | LICENSE = Copyright (c) 2017 Contrast Security. All rights reserved.\n \
8 | \u672c\u30d7\u30ed\u30b0\u30e9\u30e0\u3068\u4ed8\u5c5e\u8cc7\u6599\u306f\u3001\u672c\u914d\u5e03\u7269\u306b\u4ed8\u5c5e\u3059\u308b\n \
9 | GNU General Public License\u30d0\u30fc\u30b8\u30e7\u30f33\u306e\u6761\u4ef6\u306b\u57fa\u3065\u3044\u3066\u63d0\u4f9b\u3055\u308c\u3066\u304a\u308a\u3001\n \
10 | https\uff1a//www.gnu.org/licenses/gpl-3.0.en.html \u304b\u3089\u5165\u624b\u3067\u304d\u307e\u3059\u3002
11 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core/src/com/contrastsecurity/ide/eclipse/core/UrlConstants.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.core;
16 |
17 | public final class UrlConstants {
18 |
19 | public final static String EVENT_DETAILS = "/ng/%s/traces/%s/events/%s/details?expand=skip_links";
20 | public final static String EVENT_SUMMARY = "/ng/%s/traces/%s/events/summary?expand=skip_links";
21 | public final static String HTTP_REQUEST = "/ng/%s/traces/%s/httprequest?expand=skip_links";
22 | public final static String RECOMMENDATION = "/ng/%s/traces/%s/recommendation";
23 | public final static String TRACE = "/ng/%s/traces/%s/story?expand=skip_links";
24 | public final static String TRACE_TAGS = "/ng/%s/tags/traces/trace/%s";
25 | public final static String ORG_TAGS = "/ng/%s/tags/traces";
26 | public final static String TRACE_TAGS_DELETE = "/ng/%s/tags/trace/%s";
27 | public final static String MARK_STATUS = "/ng/%s/orgtraces/mark";
28 | public final static String GET_TRACE = "/ng/%s/orgtraces/filter/%s";
29 | public final static String APPLICATION_TRACE_FILTERS = "/ng/%s/traces/%s/filter/%s/listing";
30 |
31 | }
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/job/RefreshJob.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.job;
16 |
17 | import org.eclipse.core.runtime.IProgressMonitor;
18 | import org.eclipse.core.runtime.IStatus;
19 | import org.eclipse.core.runtime.Status;
20 | import org.eclipse.core.runtime.jobs.Job;
21 |
22 | import com.contrastsecurity.ide.eclipse.core.Constants;
23 | import com.contrastsecurity.ide.eclipse.ui.internal.views.VulnerabilitiesView;
24 |
25 | public class RefreshJob extends Job {
26 |
27 | private VulnerabilitiesView vulnerabilitiesView;
28 |
29 | public RefreshJob(String name, VulnerabilitiesView vulnerabilitiesView) {
30 | super(name);
31 | this.vulnerabilitiesView = vulnerabilitiesView;
32 | }
33 |
34 | @Override
35 | protected IStatus run(IProgressMonitor monitor) {
36 | if (monitor.isCanceled()) {
37 | return Status.CANCEL_STATUS;
38 | }
39 | vulnerabilitiesView.refreshTraces(true);
40 | if (monitor.isCanceled()) {
41 | return Status.CANCEL_STATUS;
42 | }
43 | schedule(Constants.REFRESH_DELAY);
44 | return Status.OK_STATUS;
45 | }
46 |
47 | }
48 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core.tests/src/com/contrastsecurity/ide/eclipse/core/unit/UtilTest.java:
--------------------------------------------------------------------------------
1 | package com.contrastsecurity.ide.eclipse.core.unit;
2 |
3 | import static org.junit.Assert.assertEquals;
4 |
5 | import org.junit.Test;
6 |
7 | import com.contrastsecurity.ide.eclipse.core.Util;
8 |
9 | public class UtilTest {
10 |
11 | private final static String NAME_LIST_STRING = "name1;name2;name3";
12 | private final static String[] NAME_ARRAY = {"name1", "name2", "name3"};
13 |
14 | @Test
15 | public void verifyListConversionToString() {
16 | String stringList = Util.getStringFromList(NAME_ARRAY);
17 | assertEquals(NAME_LIST_STRING, stringList);
18 | }
19 |
20 | @Test
21 | public void verifyStringConversionToList() {
22 | String[] list = Util.getListFromString(NAME_LIST_STRING);
23 |
24 | assertEquals(NAME_ARRAY.length, list.length);
25 |
26 | for(int i = 0; i < list.length; i++) {
27 | assertEquals(NAME_ARRAY[i], list[i]);
28 | }
29 | }
30 |
31 | @Test
32 | public void filterHeadersTest() {
33 | String authorizationString = "Authorization: Basic Z3Vl...Q6Z3Vlc3Q=";
34 | String tidString = "_tid: iasjdfjas9023423234lkj24";
35 | String tokenString = "token : afskjfasdfljljasdfljasdf";
36 |
37 | String goodString1 = "/plugin_extracted/plugin/DBCrossSiteScripting/jsp/EditProfile.jsp";
38 | String goodString2 = "/plugin_extracted/plugin/DBCrossSiteScripting/jsp/DBCrossSiteScripting.jsp";
39 | String goodString3 = "/plugin_extracted/plugin/SQLInjection/jsp/ViewProfile.jsp";
40 |
41 | String separator = "\n";
42 | String data = goodString1 + separator + authorizationString + separator + goodString2 + separator +
43 | tidString + separator + goodString3 + separator + tokenString;
44 |
45 | String filtered = Util.filterHeaders(data, separator);
46 | assertEquals(goodString1 + separator + goodString2 + separator + goodString3, filtered);
47 |
48 | }
49 |
50 | }
51 |
--------------------------------------------------------------------------------
/targets/mars.target:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.rest.sdk/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse
18 | plugins
19 | 3.0.5-SNAPSHOT
20 |
21 | com.contrastsecurity.ide.eclipse.plugins
22 | com.contrastsecurity.ide.rest.sdk
23 | eclipse-plugin
24 |
25 |
26 | com.contrastsecurity
27 | contrast-sdk-java
28 | 3.4.2
29 |
30 |
31 |
32 |
33 |
34 | org.apache.maven.plugins
35 | maven-dependency-plugin
36 | 2.5.1
37 |
38 |
39 | copy-dependencies
40 | package
41 |
42 | copy-dependencies
43 |
44 |
45 |
46 | ${project.build.directory}/lib/
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/LoadingPage.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import org.eclipse.swt.SWT;
18 | import org.eclipse.swt.layout.GridData;
19 | import org.eclipse.swt.layout.GridLayout;
20 | import org.eclipse.swt.widgets.Composite;
21 | import org.eclipse.swt.widgets.Label;
22 |
23 | import java.util.ResourceBundle;
24 |
25 | import com.contrastsecurity.ide.eclipse.ui.internal.views.VulnerabilitiesView;
26 |
27 | public class LoadingPage extends AbstractPage {
28 | ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
29 |
30 | public LoadingPage(Composite parent, int style, VulnerabilitiesView vulnerabilitiesView) {
31 | super(parent, style, vulnerabilitiesView);
32 | setLayout(new GridLayout());
33 | GridData gd = new GridData(SWT.FILL, SWT.FILL, true, true);
34 | setLayoutData(gd);
35 | Composite comboComposite = new Composite(this, SWT.NONE);
36 | comboComposite.setLayout(new GridLayout(2, false));
37 | gd = new GridData(SWT.FILL, SWT.FILL, true, false);
38 | comboComposite.setLayoutData(gd);
39 |
40 | Label imageLabel = new Label(comboComposite, SWT.NONE);
41 | gd = new GridData(SWT.FILL, SWT.FILL, false, false);
42 | imageLabel.setLayoutData(gd);
43 |
44 | Label textLabel = new Label(comboComposite, SWT.NONE);
45 | gd = new GridData(SWT.FILL, SWT.FILL, false, false);
46 | textLabel.setLayoutData(gd);
47 | textLabel.setText(resource.getString("LOADING"));
48 | }
49 |
50 | }
51 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/cache/Key.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.cache;
16 |
17 | public class Key {
18 | private String orgUuid;
19 | private String traceId;
20 |
21 | public String getOrgUuid() {
22 | return orgUuid;
23 | }
24 |
25 | public Key(String orgUuid, String traceId) {
26 | this.orgUuid = orgUuid;
27 | this.traceId = traceId;
28 | }
29 |
30 | public void setOrgUuid(String orgUuid) {
31 | this.orgUuid = orgUuid;
32 | }
33 |
34 | public String getTraceId() {
35 | return traceId;
36 | }
37 |
38 | public void setTraceId(String traceId) {
39 | this.traceId = traceId;
40 | }
41 |
42 | @Override
43 | public int hashCode() {
44 | final int prime = 31;
45 | int result = 1;
46 | result = prime * result + ((orgUuid == null) ? 0 : orgUuid.hashCode());
47 | result = prime * result + ((traceId == null) ? 0 : traceId.hashCode());
48 | return result;
49 | }
50 |
51 | @Override
52 | public boolean equals(Object obj) {
53 | if (this == obj)
54 | return true;
55 | if (obj == null)
56 | return false;
57 | if (getClass() != obj.getClass())
58 | return false;
59 | Key other = (Key) obj;
60 | if (orgUuid == null) {
61 | if (other.orgUuid != null)
62 | return false;
63 | } else if (!orgUuid.equals(other.orgUuid))
64 | return false;
65 | if (traceId == null) {
66 | if (other.traceId != null)
67 | return false;
68 | } else if (!traceId.equals(other.traceId))
69 | return false;
70 | return true;
71 | }
72 |
73 | }
74 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/ServerUIAdapter.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import com.contrastsecurity.ide.eclipse.core.Constants;
18 | import com.contrastsecurity.models.Server;
19 |
20 | public class ServerUIAdapter implements IContrastLabelProvider {
21 |
22 | private Server server;
23 | private String name;
24 |
25 | public ServerUIAdapter(Server server, String name) {
26 | this.server = server;
27 | this.name = name;
28 | }
29 |
30 | public Server getServer() {
31 | return server;
32 | }
33 |
34 | public void setServer(Server server) {
35 | this.server = server;
36 | }
37 |
38 | public String getName() {
39 | return name;
40 | }
41 |
42 | public void setName(String name) {
43 | this.name = name;
44 | }
45 |
46 | public String getText() {
47 | return name;
48 | }
49 |
50 | public long getId() {
51 | if (server != null) {
52 | return server.getServerId();
53 | }
54 | return Constants.ALL_SERVERS;
55 | }
56 |
57 | @Override
58 | public int hashCode() {
59 | final int prime = 31;
60 | int result = 1;
61 | result = prime * result + (int)getId();
62 | return result;
63 | }
64 |
65 | @Override
66 | public boolean equals(Object obj) {
67 | if (this == obj)
68 | return true;
69 | if (obj == null)
70 | return false;
71 | if (getClass() != obj.getClass())
72 | return false;
73 | ServerUIAdapter other = (ServerUIAdapter) obj;
74 | return getId() == other.getId();
75 | }
76 |
77 | }
78 |
--------------------------------------------------------------------------------
/features/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse
18 | parent
19 | 3.0.5-SNAPSHOT
20 |
21 | com.contrastsecurity.ide.eclipse
22 | features
23 |
24 | contrastide.features
25 | pom
26 |
27 | com.contrastsecurity.ide.eclipse.feature
28 |
29 |
30 |
31 |
32 | org.eclipse.tycho.extras
33 | tycho-source-feature-plugin
34 | ${tycho.version}
35 |
36 |
37 | source-feature
38 | package
39 |
40 | source-feature
41 |
42 |
43 |
44 |
45 |
46 |
47 | org.eclipse.tycho
48 | tycho-p2-plugin
49 | ${tycho.version}
50 |
51 |
52 | attach-p2-metadata
53 | package
54 |
55 | p2-metadata
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/EventContentProvider.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import org.eclipse.jface.viewers.ITreeContentProvider;
18 | import org.eclipse.jface.viewers.Viewer;
19 |
20 | import com.contrastsecurity.models.EventItem;
21 | import com.contrastsecurity.models.EventResource;
22 |
23 | public class EventContentProvider implements ITreeContentProvider {
24 | public void inputChanged(Viewer v, Object oldInput, Object newInput) {
25 | }
26 |
27 | @Override
28 | public void dispose() {
29 | }
30 |
31 | @Override
32 | public Object[] getElements(Object inputElement) {
33 | return (EventResource[]) inputElement;
34 | }
35 |
36 | @Override
37 | public Object[] getChildren(Object parentElement) {
38 | if (parentElement instanceof EventResource) {
39 | EventResource eventResource = (EventResource) parentElement;
40 |
41 | if(eventResource.getCollapsedEvents() != null && !eventResource.getCollapsedEvents().isEmpty())
42 | return eventResource.getCollapsedEvents().toArray();
43 |
44 | return eventResource.getItems();
45 | }
46 | return new Object[0];
47 | }
48 |
49 | @Override
50 | public Object getParent(Object element) {
51 | if (element instanceof EventItem) {
52 | return ((EventItem) element).getParent();
53 | }
54 | else if(element instanceof EventResource)
55 | return ((EventResource) element).getParent();
56 |
57 | return null;
58 | }
59 |
60 | @Override
61 | public boolean hasChildren(Object element) {
62 | if (element instanceof EventResource) {
63 | return true;
64 | }
65 | return false;
66 | }
67 |
68 | }
69 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | [](https://travis-ci.org/Contrast-Security-OSS/ide-plugin-eclipse2)
2 |
3 | # IDE plugin connecting to REST API
4 |
5 | ### Getting Started
6 |
7 | #### Build Plugin
8 |
9 | - Install Java JDK (minimal version 8) and maven 3.3.x
10 | - clone repository
11 | - `cd ide-plugin-eclipse`
12 | - `cd targets && mvn clean install`
13 | - `cd .. && mvn clean install -Djarsigner.skip=true -DskipTests`
14 |
15 | #### Install Plugin
16 |
17 | - open Eclipse
18 | - select Help>Install New Software>Add
19 | - click Archive...
20 | - select updatesite/target/contrastide.updatesite-(version)-SNAPSHOT.zip
21 | - select Contrast IDE
22 | - restart Eclipse
23 |
24 | ## Testing
25 |
26 | Project is currently configured to run tests with maven from project source using maven goal **integration-test**. This will
27 | run unit and integration tests together. In order to run successfully integration tests, it is required to pass some values as
28 | maven parameters:
29 |
30 | - username
31 | - apiKey
32 | - serviceKey
33 | - restApiUrl
34 | - organizationId
35 |
36 | Example command:
37 |
38 | mvn clean integration-test -Dusername=someone -DapiKey=youApiKeyForOrganization -DserviceKey=yourServiceKey -DrestApiUrl=tsApiUrl -DorganizationId=orgId1
39 |
40 | ### Development
41 |
42 | Requirements: Eclipse SDK Mars 4.5 or higher, recommended m2e and EGit
43 |
44 | - import all "Existing Projects"
45 | - create an Eclipse PDE Run/Debug configuration with included com.contrastsecurity.ide\* plugins
46 |
47 | ### Signing
48 |
49 | Plugin build makes use of [Apache Maven Jarsigner Plugin](http://maven.apache.org/plugins/maven-jarsigner-plugin/) to sign automatically during package phase.
50 | Sign required parameters are passed as maven build parameters as follow:
51 |
52 | - keystore.path : Path location of the keystore file (.jks).
53 | - keystore.storepass : Keystore password.
54 | - keystore.alias : Key alias.
55 | - keystore.keypass : Key password.
56 |
57 | Example maven command:
58 |
59 | mvn clean install -Dkeystore.path=/path/to/keystore -Dkeystore.storepass=keystorePass -Dkeystore.alias=alias -Dkeystore.keypass=keyPass
60 |
61 | To disable this behavior add this line at the end of your maven build command:
62 |
63 | mvn ... -Djarsigner.skip=true
64 |
65 | ### License
66 |
67 | GPL version 3
68 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/TagLabelProvider.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.net.MalformedURLException;
18 |
19 | import org.eclipse.jface.viewers.StyledCellLabelProvider;
20 | import org.eclipse.jface.viewers.ViewerCell;
21 | import org.eclipse.swt.graphics.Image;
22 |
23 | import com.contrastsecurity.ide.eclipse.ui.ContrastUIActivator;
24 |
25 | public class TagLabelProvider extends StyledCellLabelProvider {
26 |
27 | private Image getImage(int columnIndex) throws MalformedURLException {
28 | if (columnIndex == 1) {
29 | return ContrastUIActivator.getImage("/icons/remove.png");
30 | } else {
31 | return null;
32 | }
33 | }
34 |
35 | private String getText(Object element, int columnIndex) throws MalformedURLException {
36 | String elementToReturn = null;
37 | if (element instanceof String) {
38 | switch (columnIndex) {
39 | case 0:
40 | elementToReturn = (String) element;
41 | break;
42 | case 1:
43 | if (getImage(columnIndex) == null) {
44 | elementToReturn = "Remove";
45 | }
46 | default:
47 | break;
48 | }
49 | }
50 | return elementToReturn;
51 | }
52 |
53 | @Override
54 | public void update(ViewerCell cell) {
55 | Object element = cell.getElement();
56 |
57 | int index = cell.getColumnIndex();
58 | switch (index) {
59 | case 0:
60 | String title = null;
61 | try {
62 | title = getText(element, index);
63 | } catch (MalformedURLException e) {
64 | // TODO Auto-generated catch block
65 | e.printStackTrace();
66 | }
67 | cell.setText(title);
68 | break;
69 | case 1:
70 | // Image image = getImage(index);
71 | // cell.setImage(image);
72 | break;
73 | default:
74 | break;
75 | }
76 | super.update(cell);
77 | }
78 | }
79 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/ApplicationUIAdapter.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.util.ResourceBundle;
18 |
19 | import com.contrastsecurity.ide.eclipse.core.Constants;
20 | import com.contrastsecurity.models.Application;
21 |
22 | public class ApplicationUIAdapter implements IContrastLabelProvider {
23 |
24 | private Application application;
25 | private String name;
26 |
27 |
28 | ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
29 |
30 | public ApplicationUIAdapter(Application application, String name) {
31 | super();
32 | this.application = application;
33 | this.name = name;
34 | }
35 |
36 | public Application getApplication() {
37 | return application;
38 | }
39 |
40 | public void setApplication(Application application) {
41 | this.application = application;
42 | }
43 |
44 | public String getName() {
45 | return name;
46 | }
47 |
48 | public void setName(String name) {
49 | this.name = name;
50 | }
51 |
52 | public String getId() {
53 | if (application != null) {
54 | return application.getId();
55 | }
56 | return Constants.ALL_APPLICATIONS;
57 | }
58 |
59 | @Override
60 | public int hashCode() {
61 | final int prime = 31;
62 | int result = 1;
63 | result = prime * result + ((getId() == null) ? 0 : getId().hashCode());
64 | return result;
65 | }
66 |
67 | @Override
68 | public boolean equals(Object obj) {
69 | if (this == obj)
70 | return true;
71 | if (obj == null)
72 | return false;
73 | if (getClass() != obj.getClass())
74 | return false;
75 | ApplicationUIAdapter other = (ApplicationUIAdapter) obj;
76 | if (getId() == null) {
77 | if (other.getId() != null)
78 | return false;
79 | } else if (!getId().equals(other.getId()))
80 | return false;
81 | return true;
82 | }
83 |
84 |
85 |
86 | }
87 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/AbstractTab.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import org.eclipse.swt.SWT;
18 | import org.eclipse.swt.custom.ScrolledComposite;
19 | import org.eclipse.swt.events.ControlAdapter;
20 | import org.eclipse.swt.events.ControlEvent;
21 | import org.eclipse.swt.graphics.Point;
22 | import org.eclipse.swt.graphics.Rectangle;
23 | import org.eclipse.swt.layout.GridData;
24 | import org.eclipse.swt.layout.GridLayout;
25 | import org.eclipse.swt.widgets.Composite;
26 | import org.eclipse.swt.widgets.Control;
27 | import org.eclipse.swt.widgets.ScrollBar;
28 |
29 | public class AbstractTab extends Composite {
30 |
31 | private Composite control;
32 |
33 | public AbstractTab(Composite parent, int style) {
34 | super(parent, style);
35 | initialize();
36 | }
37 |
38 | private void initialize() {
39 | setLayout(new GridLayout());
40 | GridData gd = new GridData(SWT.FILL, SWT.FILL, true, true);
41 | setLayoutData(gd);
42 |
43 | final ScrolledComposite sc = new ScrolledComposite(this, SWT.V_SCROLL | SWT.H_SCROLL);
44 | sc.setLayout(new GridLayout());
45 | sc.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, true));
46 | sc.setAlwaysShowScrollBars(false);
47 | sc.setExpandVertical(true);
48 | sc.setExpandHorizontal(true);
49 |
50 | control = new Composite(sc, SWT.BORDER);
51 | control.setLayout(new GridLayout());
52 | gd = new GridData(SWT.FILL, SWT.FILL, true, false);
53 | control.setLayoutData(gd);
54 |
55 | sc.setContent(control);
56 | sc.setMinSize(control.computeSize(SWT.DEFAULT, SWT.DEFAULT));
57 | sc.addControlListener(new ControlAdapter() {
58 |
59 | @Override
60 | public void controlResized(ControlEvent e) {
61 | Rectangle r = sc.getClientArea();
62 | Control content = sc.getContent();
63 | if (content != null && r != null) {
64 | Point minSize = content.computeSize(r.width, SWT.DEFAULT);
65 | sc.setMinSize(minSize);
66 | ScrollBar vBar = sc.getVerticalBar();
67 | vBar.setPageIncrement(r.height);
68 | }
69 | }
70 | });
71 | }
72 |
73 | public Composite getControl() {
74 | return control;
75 | }
76 |
77 | }
78 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/ContrastTab.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import org.eclipse.swt.SWT;
18 | import org.eclipse.swt.custom.ScrolledComposite;
19 | import org.eclipse.swt.events.ControlAdapter;
20 | import org.eclipse.swt.events.ControlEvent;
21 | import org.eclipse.swt.graphics.Point;
22 | import org.eclipse.swt.graphics.Rectangle;
23 | import org.eclipse.swt.layout.GridData;
24 | import org.eclipse.swt.layout.GridLayout;
25 | import org.eclipse.swt.widgets.Composite;
26 | import org.eclipse.swt.widgets.Control;
27 | import org.eclipse.swt.widgets.ScrollBar;
28 |
29 | public class ContrastTab extends Composite {
30 |
31 | private Composite control;
32 |
33 | public ContrastTab(Composite parent, int style) {
34 | super(parent, style);
35 | initialize();
36 | }
37 |
38 | private void initialize() {
39 | setLayout(new GridLayout());
40 | GridData gd = new GridData(SWT.FILL, SWT.FILL, true, true);
41 | setLayoutData(gd);
42 |
43 | final ScrolledComposite sc = new ScrolledComposite(this, SWT.V_SCROLL | SWT.H_SCROLL);
44 | sc.setLayout(new GridLayout());
45 | sc.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, true));
46 | sc.setAlwaysShowScrollBars(false);
47 | sc.setExpandVertical(true);
48 | sc.setExpandHorizontal(true);
49 |
50 | control = new Composite(sc, SWT.BORDER);
51 | control.setLayout(new GridLayout());
52 | gd = new GridData(SWT.FILL, SWT.FILL, true, false);
53 | control.setLayoutData(gd);
54 |
55 | sc.setContent(control);
56 | sc.setMinSize(control.computeSize(SWT.DEFAULT, SWT.DEFAULT));
57 | sc.addControlListener(new ControlAdapter() {
58 |
59 | @Override
60 | public void controlResized(ControlEvent e) {
61 | Rectangle r = sc.getClientArea();
62 | Control content = sc.getContent();
63 | if (content != null && r != null) {
64 | Point minSize = content.computeSize(r.width, SWT.DEFAULT);
65 | sc.setMinSize(minSize);
66 | ScrollBar vBar = sc.getVerticalBar();
67 | vBar.setPageIncrement(r.height);
68 | }
69 | }
70 | });
71 | }
72 |
73 | public Composite getControl() {
74 | return control;
75 | }
76 |
77 | }
78 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/cache/ContrastCache.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.cache;
16 |
17 | import com.contrastsecurity.models.EventSummaryResponse;
18 | import com.contrastsecurity.models.HttpRequestResponse;
19 | import com.contrastsecurity.models.RecommendationResponse;
20 | import com.contrastsecurity.models.StoryResponse;
21 | import com.contrastsecurity.models.TagsResponse;
22 | import com.googlecode.concurrentlinkedhashmap.ConcurrentLinkedHashMap;
23 |
24 | public class ContrastCache {
25 | private static final int MAX_CACHE_SIZE = 50;
26 |
27 | private ConcurrentLinkedHashMap eventSummaryResources = new ConcurrentLinkedHashMap.Builder()
28 | .initialCapacity(MAX_CACHE_SIZE / 2).maximumWeightedCapacity(MAX_CACHE_SIZE).build();
29 | private ConcurrentLinkedHashMap storyResources = new ConcurrentLinkedHashMap.Builder()
30 | .initialCapacity(MAX_CACHE_SIZE / 2).maximumWeightedCapacity(MAX_CACHE_SIZE).build();
31 | private ConcurrentLinkedHashMap httpRequestResources = new ConcurrentLinkedHashMap.Builder()
32 | .initialCapacity(MAX_CACHE_SIZE / 2).maximumWeightedCapacity(MAX_CACHE_SIZE).build();
33 |
34 | private ConcurrentLinkedHashMap recommendationResources = new ConcurrentLinkedHashMap.Builder()
35 | .initialCapacity(MAX_CACHE_SIZE / 2).maximumWeightedCapacity(MAX_CACHE_SIZE).build();
36 |
37 | private ConcurrentLinkedHashMap tagsResources = new ConcurrentLinkedHashMap.Builder()
38 | .initialCapacity(MAX_CACHE_SIZE / 2).maximumWeightedCapacity(MAX_CACHE_SIZE).build();
39 |
40 | public ConcurrentLinkedHashMap getEventSummaryResources() {
41 | return eventSummaryResources;
42 | }
43 |
44 | public ConcurrentLinkedHashMap getStoryResources() {
45 | return storyResources;
46 | }
47 |
48 | public ConcurrentLinkedHashMap getHttpRequestResources() {
49 | return httpRequestResources;
50 | }
51 |
52 | public ConcurrentLinkedHashMap getRecommendationResources() {
53 | return recommendationResources;
54 | }
55 |
56 | public ConcurrentLinkedHashMap getTagsResources() {
57 | return tagsResources;
58 | }
59 |
60 | public void clear() {
61 | eventSummaryResources.clear();
62 | storyResources.clear();
63 | httpRequestResources.clear();
64 | recommendationResources.clear();
65 | tagsResources.clear();
66 | }
67 | }
68 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/ConfigurationPage.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.util.ResourceBundle;
18 |
19 | import org.eclipse.jface.preference.PreferenceDialog;
20 | import org.eclipse.swt.SWT;
21 | import org.eclipse.swt.events.MouseEvent;
22 | import org.eclipse.swt.events.MouseListener;
23 | import org.eclipse.swt.events.MouseTrackListener;
24 | import org.eclipse.swt.layout.GridData;
25 | import org.eclipse.swt.layout.GridLayout;
26 | import org.eclipse.swt.widgets.Composite;
27 | import org.eclipse.swt.widgets.Label;
28 | import org.eclipse.ui.dialogs.PreferencesUtil;
29 |
30 | import com.contrastsecurity.ide.eclipse.core.Constants;
31 | import com.contrastsecurity.ide.eclipse.ui.internal.preferences.ContrastPreferencesPage;
32 | import com.contrastsecurity.ide.eclipse.ui.internal.views.VulnerabilitiesView;
33 |
34 | public class ConfigurationPage extends AbstractPage {
35 |
36 | public ConfigurationPage(final Composite parent, final int style, final VulnerabilitiesView vulnerabilitiesView) {
37 | super(parent, style, vulnerabilitiesView);
38 | setLayout(new GridLayout());
39 | GridData gd = new GridData(SWT.FILL, SWT.FILL, true, true);
40 | setLayoutData(gd);
41 | Composite comboComposite = new Composite(this, SWT.NONE);
42 | comboComposite.setLayout(new GridLayout(2, false));
43 | gd = new GridData(SWT.FILL, SWT.FILL, true, false);
44 | comboComposite.setLayoutData(gd);
45 |
46 | ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
47 |
48 | Label textLabel = new Label(comboComposite, SWT.NONE);
49 | gd = new GridData(SWT.FILL, SWT.FILL, false, false);
50 | textLabel.setLayoutData(gd);
51 | textLabel.setText(resource.getString("CONTRAST_NOT_CONFIGURED"));
52 |
53 | final Label preferencesLink = new Label(comboComposite, SWT.NONE);
54 | gd = new GridData(SWT.END, SWT.FILL, false, false);
55 | preferencesLink.setLayoutData(gd);
56 | preferencesLink.setText(resource.getString("PREFERENCES_LABEL"));
57 | preferencesLink.setForeground(Constants.LINK_COLOR);
58 | preferencesLink.addMouseTrackListener(new MouseTrackListener() {
59 |
60 | @Override
61 | public void mouseHover(MouseEvent e) {
62 | //
63 | }
64 |
65 | @Override
66 | public void mouseExit(MouseEvent e) {
67 | preferencesLink.setForeground(Constants.LINK_COLOR);
68 | }
69 |
70 | @Override
71 | public void mouseEnter(MouseEvent e) {
72 | preferencesLink.setForeground(Constants.LINK_COLOR_HOVER);
73 | }
74 | });
75 | preferencesLink.addMouseListener(new MouseListener() {
76 |
77 | @Override
78 | public void mouseUp(MouseEvent e) {
79 | PreferenceDialog dialog = PreferencesUtil.createPreferenceDialogOn(
80 | getVulnerabilitiesView().getSite().getShell(), ContrastPreferencesPage.ID, null, null);
81 | dialog.open();
82 | vulnerabilitiesView.refreshSdk();
83 | vulnerabilitiesView.refreshTraces(true);
84 | }
85 |
86 | @Override
87 | public void mouseDown(MouseEvent e) {
88 | }
89 |
90 | @Override
91 | public void mouseDoubleClick(MouseEvent e) {
92 | }
93 | });
94 | }
95 |
96 | }
97 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/HttpRequestTab.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.net.URLDecoder;
18 |
19 | import org.eclipse.swt.SWT;
20 | import org.eclipse.swt.custom.StyleRange;
21 | import org.eclipse.swt.custom.StyledText;
22 | import org.eclipse.swt.layout.GridData;
23 | import org.eclipse.swt.layout.GridLayout;
24 | import org.eclipse.swt.widgets.Composite;
25 | import org.eclipse.swt.widgets.Display;
26 | import org.unbescape.html.HtmlEscape;
27 |
28 | import com.contrastsecurity.ide.eclipse.core.Constants;
29 | import com.contrastsecurity.ide.eclipse.core.Util;
30 | import com.contrastsecurity.ide.eclipse.ui.ContrastUIActivator;
31 | import com.contrastsecurity.models.HttpRequestResponse;
32 |
33 | public class HttpRequestTab extends Composite {
34 |
35 | private StyledText area;
36 | private HttpRequestResponse httpRequest;
37 |
38 | public HttpRequestTab(Composite parent, int style) {
39 | super(parent, style);
40 | setLayout(new GridLayout());
41 | GridData gd = new GridData(SWT.FILL, SWT.FILL, true, true);
42 | setLayoutData(gd);
43 | Composite control = new Composite(this, SWT.NONE);
44 | control.setLayout(new GridLayout());
45 | gd = new GridData(SWT.FILL, SWT.FILL, true, true);
46 | control.setLayoutData(gd);
47 | area = new StyledText(control, SWT.MULTI | SWT.V_SCROLL | SWT.H_SCROLL);
48 | gd = new GridData(SWT.FILL, SWT.FILL, true, true);
49 | area.setLayoutData(gd);
50 | area.setEditable(false);
51 | }
52 |
53 | public StyledText getArea() {
54 | return area;
55 | }
56 |
57 | public HttpRequestResponse getHttpRequest() {
58 | return httpRequest;
59 | }
60 |
61 | public void setHttpRequest(HttpRequestResponse httpRequest) {
62 | this.httpRequest = httpRequest;
63 | area.setText(Constants.BLANK);
64 | if (httpRequest != null && httpRequest.getHttpRequest() != null
65 | && httpRequest.getHttpRequest().getText() != null) {
66 |
67 | area.setText(Util.filterHeaders(httpRequest.getHttpRequest().getText(), "\n"));
68 | } else if (httpRequest != null && httpRequest.getReason() != null) {
69 | area.setText(httpRequest.getReason());
70 | }
71 | String text = area.getText();
72 | // text = StringEscapeUtils.unescapeHtml(text);
73 | text = HtmlEscape.unescapeHtml(text);
74 | try {
75 | text = URLDecoder.decode(text, "UTF-8");
76 | } catch (Exception e) {
77 | // ignore
78 | if (ContrastUIActivator.getDefault().isDebugging()) {
79 | ContrastUIActivator.log(e);
80 | }
81 | }
82 | if (text.contains(Constants.TAINT) && text.contains(Constants.TAINT_CLOSED)) {
83 |
84 | String currentString = text;
85 | int start = text.indexOf(Constants.TAINT);
86 | currentString = currentString.replace(Constants.TAINT, "");
87 | int end = currentString.indexOf(Constants.TAINT_CLOSED);
88 | if (end > start) {
89 | currentString = currentString.replace(Constants.TAINT_CLOSED, "");
90 | area.setText(currentString);
91 | StyleRange styleRange = new StyleRange();
92 | styleRange.start = start;
93 | styleRange.length = end - start;
94 | styleRange.foreground = Display.getCurrent().getSystemColor(SWT.COLOR_RED);
95 | area.setStyleRange(styleRange);
96 | }
97 | }
98 | }
99 |
100 | }
101 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core.tests/src/com/contrastsecurity/ide/eclipse/core/unit/ContrastCoreActivatorTest.java:
--------------------------------------------------------------------------------
1 | package com.contrastsecurity.ide.eclipse.core.unit;
2 |
3 | import org.apache.commons.lang.ArrayUtils;
4 | import org.eclipse.core.runtime.preferences.IEclipsePreferences;
5 | import org.junit.Test;
6 | import org.osgi.service.prefs.BackingStoreException;
7 |
8 | import com.contrastsecurity.ide.eclipse.core.ContrastCoreActivator;
9 | import com.contrastsecurity.ide.eclipse.core.internal.preferences.OrganizationConfig;
10 |
11 | import static org.junit.Assert.assertArrayEquals;
12 | import static org.junit.Assert.assertEquals;
13 | import static org.junit.Assert.assertTrue;
14 | import static org.junit.Assert.assertNull;;
15 |
16 | public class ContrastCoreActivatorTest {
17 |
18 | private final static String[] ORGANIZATION_ARRAY = {"org1", "org2", "org3"};
19 |
20 | private final static String EXTRA_ORGANIZATION = "extra org";
21 | private final static String API_KEY = "myDummyApiKey12421D";
22 | private final static String ORGANIZATION_UUID = "notReallyAServ1c3K3y234D";
23 | private final static String[] ALTERED_ORGANIZATION_ARRAY = {"org1", "org2", "org3", "extra org"};
24 |
25 | private final static String ORGANIZATION_TO_DELETE = "org2";
26 | private final static String[] SMALLER_ORGANIZATION_ARRAY = {"org1", "org3"};
27 |
28 | private final static String SERVICE_KEY = "thisIsAServiceKey";
29 | private final static String USERNAME = "someUser";
30 | private final static String TEAM_SERVER_URL = "http://somewhere.com/api";
31 |
32 | @Test
33 | public void saveAndGetOrganizationsAsListTest() {
34 | assertTrue(ContrastCoreActivator.saveOrganizationList(ORGANIZATION_ARRAY));
35 | String[] list = ContrastCoreActivator.getOrganizationList();
36 | assertArrayEquals(ORGANIZATION_ARRAY, list);
37 | }
38 |
39 | @Test
40 | public void addOrganizationTest() {
41 | assertTrue(ContrastCoreActivator.saveOrganizationList(ORGANIZATION_ARRAY));
42 | String[] orgArray = ContrastCoreActivator.getOrganizationList();
43 |
44 | orgArray = (String[]) ArrayUtils.add(orgArray, EXTRA_ORGANIZATION);
45 | assertTrue(ContrastCoreActivator.saveOrganizationList(orgArray));
46 |
47 | String[] newList = ContrastCoreActivator.getOrganizationList();
48 | assertArrayEquals(ALTERED_ORGANIZATION_ARRAY, newList);
49 | }
50 |
51 | @Test
52 | public void addOrganizationConfigTest() {
53 | assertTrue(ContrastCoreActivator.saveOrganizationList(ORGANIZATION_ARRAY));
54 | assertTrue(ContrastCoreActivator.saveNewOrganization(EXTRA_ORGANIZATION, TEAM_SERVER_URL, USERNAME,
55 | SERVICE_KEY, API_KEY, ORGANIZATION_UUID));
56 |
57 | String[] newList = ContrastCoreActivator.getOrganizationList();
58 | assertArrayEquals(ALTERED_ORGANIZATION_ARRAY, newList);
59 |
60 | OrganizationConfig config = ContrastCoreActivator.getOrganizationConfiguration(EXTRA_ORGANIZATION);
61 | assertEquals(config.getApiKey(), API_KEY);
62 | assertEquals(config.getOrganizationUUIDKey(), ORGANIZATION_UUID);
63 | }
64 |
65 | @Test
66 | public void removeOrganizationTest() throws BackingStoreException {
67 | assertTrue(ContrastCoreActivator.saveOrganizationList(ORGANIZATION_ARRAY));
68 | IEclipsePreferences prefs = ContrastCoreActivator.getPreferences();
69 | prefs.put(ORGANIZATION_TO_DELETE, API_KEY + ";" + ORGANIZATION_UUID);
70 | prefs.flush();
71 |
72 | ContrastCoreActivator.removeOrganization(1);
73 | String[] newList = ContrastCoreActivator.getOrganizationList();
74 | assertArrayEquals(SMALLER_ORGANIZATION_ARRAY, newList);
75 |
76 | assertNull(ContrastCoreActivator.getOrganizationConfiguration(ORGANIZATION_TO_DELETE));
77 | }
78 |
79 | @Test
80 | public void clearOrganizationListTest() {
81 | assertTrue(ContrastCoreActivator.saveOrganizationList(new String[0]));
82 | assertTrue(ContrastCoreActivator.saveNewOrganization(EXTRA_ORGANIZATION, TEAM_SERVER_URL, USERNAME,
83 | SERVICE_KEY, API_KEY, ORGANIZATION_UUID));
84 | ContrastCoreActivator.removeOrganization(0);
85 | assertEquals(0, ContrastCoreActivator.getOrganizationList().length);
86 | }
87 |
88 | @Test
89 | public void saveAndRetrieveSelectedPrefs() {
90 | assertTrue(ContrastCoreActivator.saveSelectedPreferences(EXTRA_ORGANIZATION));
91 | assertEquals(EXTRA_ORGANIZATION, ContrastCoreActivator.getSelectedOrganization());
92 | }
93 |
94 | }
95 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui.tests/src/com/contrastsecurity/ide/eclipse/ui/integration/ContrastCacheTest.java:
--------------------------------------------------------------------------------
1 | package com.contrastsecurity.ide.eclipse.ui.integration;
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import org.junit.Before;
7 | import org.junit.BeforeClass;
8 | import org.junit.Test;
9 |
10 | import com.contrastsecurity.ide.eclipse.ui.ContrastUIActivator;
11 | import com.contrastsecurity.ide.eclipse.ui.cache.ContrastCache;
12 | import com.contrastsecurity.ide.eclipse.ui.cache.Key;
13 | import com.contrastsecurity.models.EventSummaryResponse;
14 | import com.contrastsecurity.models.HttpRequestResponse;
15 | import com.contrastsecurity.models.StoryResponse;
16 | import com.googlecode.concurrentlinkedhashmap.ConcurrentLinkedHashMap;
17 |
18 |
19 | public class ContrastCacheTest {
20 |
21 | /**
22 | * Organization UUID. Required to run when testing retrieval of an event.
23 | */
24 | private static String ORGANIZATION_UUID;
25 | /**
26 | * Trace (vulnerability) UUID. Required to run when testing retrieval of an
27 | * event.
28 | */
29 | private static String TRACE_ID;
30 |
31 | Key key;
32 |
33 | private ContrastCache contrastCache;
34 |
35 | @BeforeClass
36 | public static void initRequiredParams() {
37 | ORGANIZATION_UUID = System.getProperty("organizationId");
38 | TRACE_ID = System.getProperty("traceId");
39 | }
40 |
41 | @Before
42 | public void init() {
43 | contrastCache = ContrastUIActivator.getContrastCache();
44 | key = new Key(ORGANIZATION_UUID, TRACE_ID);
45 | }
46 |
47 | @Test
48 | public void getEventSummaryResourcesTest() {
49 |
50 | EventSummaryResponse eventSummaryResource = new EventSummaryResponse();
51 |
52 | ConcurrentLinkedHashMap eventSummaryResources = contrastCache
53 | .getEventSummaryResources();
54 |
55 | eventSummaryResources.put(key, eventSummaryResource);
56 |
57 | assertTrue(contrastCache.getEventSummaryResources().size() == 1);
58 |
59 | EventSummaryResponse eventSummaryResourceNew = eventSummaryResources.get(key);
60 | assertEquals(eventSummaryResource, eventSummaryResourceNew);
61 | }
62 |
63 | @Test
64 | public void getStoryResourcesTest() {
65 |
66 | StoryResponse storyResource = new StoryResponse();
67 |
68 | ConcurrentLinkedHashMap storyResources = contrastCache.getStoryResources();
69 |
70 | storyResources.put(key, storyResource);
71 |
72 | assertTrue(contrastCache.getStoryResources().size() == 1);
73 |
74 | StoryResponse storyResourceNew = storyResources.get(key);
75 |
76 | assertEquals(storyResource, storyResourceNew);
77 |
78 | }
79 |
80 | @Test
81 | public void getHttpRequestResourcesTest() {
82 |
83 | HttpRequestResponse httpRequestResource = new HttpRequestResponse();
84 |
85 | ConcurrentLinkedHashMap httpRequestResources = contrastCache
86 | .getHttpRequestResources();
87 |
88 | httpRequestResources.put(key, httpRequestResource);
89 |
90 | assertTrue(contrastCache.getHttpRequestResources().size() == 1);
91 |
92 | HttpRequestResponse httpRequestResourceNew = httpRequestResources.get(key);
93 |
94 | assertEquals(httpRequestResource, httpRequestResourceNew);
95 |
96 | }
97 |
98 | @Test
99 | public void clearTest() {
100 |
101 | EventSummaryResponse eventSummaryResource = new EventSummaryResponse();
102 | ConcurrentLinkedHashMap eventSummaryResources = contrastCache
103 | .getEventSummaryResources();
104 | eventSummaryResources.put(key, eventSummaryResource);
105 |
106 | StoryResponse storyResource = new StoryResponse();
107 | ConcurrentLinkedHashMap storyResources = contrastCache.getStoryResources();
108 | storyResources.put(key, storyResource);
109 |
110 | HttpRequestResponse httpRequestResource = new HttpRequestResponse();
111 | ConcurrentLinkedHashMap httpRequestResources = contrastCache
112 | .getHttpRequestResources();
113 | httpRequestResources.put(key, httpRequestResource);
114 |
115 | contrastCache.clear();
116 | assertTrue(contrastCache.getEventSummaryResources().isEmpty());
117 | assertTrue(contrastCache.getStoryResources().isEmpty());
118 | assertTrue(contrastCache.getHttpRequestResources().isEmpty());
119 |
120 | }
121 |
122 | }
123 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/VulnerabilityLabelProvider.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.net.MalformedURLException;
18 |
19 | import org.eclipse.jface.viewers.StyledCellLabelProvider;
20 | import org.eclipse.jface.viewers.StyledString;
21 | import org.eclipse.jface.viewers.ViewerCell;
22 | import org.eclipse.swt.custom.StyleRange;
23 | import org.eclipse.swt.graphics.Image;
24 |
25 | import com.contrastsecurity.ide.eclipse.core.Constants;
26 | import com.contrastsecurity.ide.eclipse.ui.ContrastUIActivator;
27 | import com.contrastsecurity.models.Trace;
28 |
29 | public class VulnerabilityLabelProvider extends StyledCellLabelProvider {
30 | private static final String UNLICENSED_PREFIX = "UNLICENSED - ";
31 |
32 | private Image getImage(Object element, int columnIndex) throws MalformedURLException {
33 | if (element instanceof Trace) {
34 | switch (columnIndex) {
35 | case 0:
36 | return ContrastUIActivator.getSeverityImage((Trace) element);
37 | case 3:
38 | return ContrastUIActivator.getImage("/icons/externalLink.png");
39 |
40 | default:
41 | break;
42 | }
43 | }
44 | return null;
45 | }
46 |
47 | private String getText(Object element, int columnIndex) throws MalformedURLException {
48 | if (element instanceof Trace) {
49 | switch (columnIndex) {
50 | case 0:
51 | if (getImage(element, columnIndex) == null) {
52 | return ((Trace) element).getSeverity();
53 | }
54 | return null;
55 | case 1:
56 | String title = getTitle((Trace)element);
57 | return title;
58 | case 2: {
59 | boolean unlicensed = ((Trace)element).getTitle().contains(Constants.UNLICENSED);
60 | if (unlicensed) {
61 | return "Vulnerability not visible with current license";
62 | } else {
63 | return "View Details";
64 | }
65 | }
66 | default:
67 | break;
68 | }
69 |
70 | }
71 | return null;
72 | }
73 |
74 | private String getTitle(Trace trace) {
75 | String title = trace.getTitle();
76 | int index = title.indexOf(Constants.UNLICENSED);
77 | if (index > 0) {
78 | return UNLICENSED_PREFIX + title.substring(0, index);
79 | }
80 | return title;
81 | }
82 |
83 | @Override
84 | public void update(ViewerCell cell) {
85 | Object element = cell.getElement();
86 | if (element instanceof Trace) {
87 | int index = cell.getColumnIndex();
88 | switch (index) {
89 | case 0:
90 | case 3:
91 | Image image = null;
92 | try {
93 | image = getImage(element, index);
94 | } catch (MalformedURLException e) {
95 | // TODO Auto-generated catch block
96 | e.printStackTrace();
97 | }
98 | cell.setImage(image);
99 | break;
100 | case 1:
101 | String title = null;
102 | try {
103 | title = getText(element, index);
104 | } catch (MalformedURLException e) {
105 | // TODO Auto-generated catch block
106 | e.printStackTrace();
107 | }
108 | if (title.startsWith(UNLICENSED_PREFIX)) {
109 | StyledString text = new StyledString();
110 | StyleRange range = new StyleRange(0, UNLICENSED_PREFIX.length(), Constants.UNLICENSED_COLOR, null);
111 | text.append(title, StyledString.DECORATIONS_STYLER);
112 | StyleRange[] ranges = { range };
113 | cell.setStyleRanges(ranges);
114 | }
115 | cell.setText(title);
116 | break;
117 | case 2:
118 | String appName = ((Trace) element).getApplication().getName();
119 | cell.setText(appName);
120 | break;
121 | default:
122 | break;
123 | }
124 | if (index == 0) {
125 |
126 | }
127 | }
128 | super.update(cell);
129 | }
130 |
131 | }
132 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/OSGI-INF/l10n/bundle.properties:
--------------------------------------------------------------------------------
1 | #Properties file for com.contrastsecurity.ide.eclipse.ui
2 | Bundle-Vendor = Contrast Security
3 | Bundle-Name = Contrast IDE plugin for Eclipse - UI
4 |
5 | TRACE_STORY_HEADER_CHAPTERS = What Happened?
6 | TRACE_STORY_HEADER_RISK = What's the risk?
7 |
8 | CRITICAL_VULN_LABEL = Critical
9 | HIGH_VULN_LABEL = High
10 | MEDIUM_VULN_LABEL = Medium
11 | LOW_VULN_LABEL = Low
12 | NOTE_VULN_LABEL = Note
13 |
14 | CRITICAL_ICON = /icons/critical.png
15 | HIGH_ICON = /icons/high.png
16 | MEDIUM_ICON = /icons/medium.png
17 | LOW_ICON = /icons/low.png
18 | NOTE_ICON = /icons/note.png
19 |
20 | ADD_ORGANIZATION = Add organization
21 | USERNAME = Username:
22 | SERVICE_KEY = Service key:
23 | API_KEY = API key:
24 | ORG_ID = Organization ID:
25 | ADD = Add
26 | REMOVE = Remove
27 | INVALID_URL = Invalid URL
28 | UNKNOWN_ERROR = Unknown error
29 | ORGANIZATION = Organization
30 |
31 | VULNERABILITIES_LABEL = Vulnerabilities
32 | VULNERABILITY_LABEL = Vulnerability
33 | ZERO_VULNERABILITIES_LABEL = 0 Vulnerabilities
34 | APPLICATION_LABEL = Application
35 | SEVERITY_LABEL = Severity
36 | BUILD_NUMBER_LABEL = Build Number
37 | CLEAR_LABEL = Clear
38 | FROM_LABEL = From
39 | UNTIL_LABEL = Until
40 | FILTER_LABEL = Filter
41 | STATUS_LABEL = Status
42 | SERVER_LABEL = Server
43 |
44 | OVERVIEW_LABEL = Overview
45 | HOW_TO_FIX_LABEL = How to fix
46 | DETAILS_LABEL = Details
47 | HTTP_INFO_LABEL = HTTP info
48 |
49 | VULNERABILITY_STATUS_AUTO_REMEDIATED_LABEL = Remediated - Auto-verified
50 | VULNERABILITY_STATUS_CONFIRMED_LABEL = Confirmed
51 | VULNERABILITY_STATUS_SUSPICIOUS_LABEL = Suspicious
52 | VULNERABILITY_STATUS_REMEDIATED_LABEL = Remediated
53 | VULNERABILITY_STATUS_REPORTED_LABEL = Reported
54 | VULNERABILITY_STATUS_FIXED_LABEL = Fixed
55 | VULNERABILITY_STATUS_NOT_A_PROBLEM_STRING_LABEL = Not a problem
56 |
57 | REASON_LABEL= Reason
58 | TRUSTED_URL_LABEL = Url is only accessible by trusted powers
59 | FALSE_POSITIVE_LABEL = False Positive
60 | INTERNAL_CONTROL_LABEL = Goes through an internal security protocol
61 | EXTERNAL_CONTROL_LABEL = Attack is defended by an external control
62 | OTHER_LABEL = Other
63 |
64 | VULNERABILITY_STATUS_BEING_TRACKED_LABEL = Being tracked
65 | VULNERABILITY_STATUS_UNTRACKED_LABEL = Untracked
66 |
67 | LAST_DETECTED_LABEL = Last detected
68 | LAST_DETECTED_ALL = All
69 | LAST_DETECTED_HOUR = Last hour
70 | LAST_DETECTED_DAY = Last day
71 | LAST_DETECTED_WEEK = Last week
72 | LAST_DETECTED_MONTH = Last month
73 | LAST_DETECTED_YEAR = Last year
74 | LAST_DETECTED_CUSTOM = Custom...
75 |
76 | CWE_LABEL = CWE:
77 | OWASP_LABEL = OWASP:
78 | REFERENCES_LABEL = References
79 |
80 | PREFERENCES_LABEL = Contrast preferences
81 |
82 | TAG_VULNERABILITY = Tag vulnerability
83 | CREATE_TAG = Create tag
84 | REMOVE_TAG = Remove
85 |
86 | CONTRAST_NOT_CONFIGURED = Contrast is not configured to report to a Team Server
87 | SERVER_ERROR = Server error:
88 | APPLY_EXISTING_TAG = Apply existing tag
89 | APPLIED_TAGS = Applied Tags
90 | CREATE_AND_APPLY_NEW_TAG = Create and apply a new tag
91 | COMMENT_LABEL = Comment
92 | MARK_AS_LABEL = Mark as
93 | ALL_APPLICATIONS_LABEL = All applications
94 | ALL_SERVERS_LABEL = All servers
95 | PAGE_LABEL = Page
96 | REFRESH_TOOLTIP = Refresh vulnerabilities from server
97 | BACK_TO_RESULTS = Back to results
98 | REFRESH_LABEL = Refresh
99 | CONTRAST_PREFERENCES_LABEL = Contrast preferences page
100 | OPEN_CONTRAST_PREFERENCES_LABEL = Open Contrast preferences page
101 | NO_VULNERABILITIES_WERE_FOUND_LABEL = No vulnerabilities were found
102 | SECURITY_EVENT = INTERESTING SECURITY EVENT OCCURRED ON DATA
103 | ERROR = Error
104 | STACKTRACE_ERROR = Stacktrace error
105 | SEARCHING_FOR_CODE = Searching for code in workspace...
106 | SEARCH_COMPLETE = Search complete
107 | SOURCE_NOT_FOUND_FOR = Source not found for
108 | SOURCE_NOT_FOUND = Source not found
109 | INVALID_LINE = Invalid line number
110 | INVALID_LINE_FILE = is not valid line number in
111 | UNABLE_TO_PARSE = Unable to parse type name from stacktrace
112 | LOADING = Loading...
113 | NO_HTTP_REQUEST = Trace doesn't have http request
114 | NO_HTTP_REQUEST_LABEL = There isn't http request
115 | NO_EVENT_SUMMARY = Trace doesn't have event summary
116 | NOT_AUTHORIZED = You don't have authority to perform this operation
117 | REQUEST_FAILED = Request failed. If error persists, contact support
118 | URL_INFORMATION = This should be the address of your TeamServer from which vulnerability data should be retrieved. Ex: https://app.contrastsecurity.com/Contrast/api
119 | SERVICE_KEY_INFO = You can find your Service Key at the bottom of your Account Profile, under "Your Keys".
120 | EXCEPTION = Exception
121 | CONNECTION_FAILED = Connection failed
122 | INVALID_PROTOCOL = Invalid protocol
123 | NO_ORG_FOUND = Connection is correct, but no default organizations found.
124 | CONFIRMED_CONNECTION = Connection confirmed
125 | CONNECTION_ERROR = Connection error
126 | CONTRAST_ERROR = Could not connect to Contrast. Please verify that the URL is correct and try again.
127 | ACCESS_DENIED = Access denied
128 | VERIFY_CREDENTIALS_ERROR = Verify your credentials and make sure you have access to the selected organization.
129 | UNKNOWN_ERROR_INFO = Unknown exception. Please inform an admin about this.
130 | ORGANIZATION_EXISTS = Organization already exists
131 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core/src/com/contrastsecurity/ide/eclipse/core/Util.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.core;
16 |
17 | import java.io.IOException;
18 | import java.util.ArrayList;
19 | import java.util.List;
20 |
21 | import org.apache.commons.lang.StringUtils;
22 | import org.eclipse.core.runtime.preferences.IEclipsePreferences;
23 |
24 | import com.contrastsecurity.exceptions.UnauthorizedException;
25 | import com.contrastsecurity.http.TraceFilterForm;
26 | import com.contrastsecurity.ide.eclipse.core.internal.preferences.OrganizationConfig;
27 | import com.contrastsecurity.models.Organization;
28 | import com.contrastsecurity.models.Organizations;
29 | import com.contrastsecurity.sdk.ContrastSDK;
30 |
31 | public class Util {
32 |
33 | private final static String LIST_DELIMITATOR = ";";
34 |
35 | public static Organization getDefaultOrganization(ContrastSDK sdk) throws IOException, UnauthorizedException {
36 | if (sdk == null) {
37 | return null;
38 | }
39 | Organizations organizations = sdk.getProfileDefaultOrganizations();
40 | return organizations.getOrganization();
41 | }
42 |
43 | @Deprecated
44 | public static String getDefaultOrganizationUuid() throws IOException, UnauthorizedException {
45 | IEclipsePreferences prefs = ContrastCoreActivator.getPreferences();
46 | String uuid = ContrastCoreActivator.getSelectedOrganizationUuid();
47 | if (uuid == null) {
48 | Organization organization = getDefaultOrganization(ContrastCoreActivator.getContrastSDK());
49 | if (organization != null) {
50 | prefs.put(Constants.ORGNAME, organization.getName());
51 | return organization.getOrgUuid();
52 | }
53 | }
54 | return uuid;
55 | }
56 |
57 | public static boolean hasConfiguration() {
58 |
59 | OrganizationConfig organizationConfig = ContrastCoreActivator.getOrganizationConfiguration(ContrastCoreActivator.getSelectedOrganization());
60 |
61 | if (organizationConfig == null) {
62 | return false;
63 | }
64 |
65 | String apiKey = organizationConfig.getApiKey();
66 | String serviceKey = organizationConfig.getServiceKey();
67 | String username = organizationConfig.getUsername();
68 |
69 | return apiKey != null && serviceKey != null && username != null && !apiKey.isEmpty() && !serviceKey.isEmpty()
70 | && !username.isEmpty();
71 | }
72 |
73 | public static String[] extractOrganizationNames(List orgList) {
74 | String[] orgArray = new String[orgList.size()];
75 |
76 | for (int i = 0; i < orgList.size(); i++)
77 | orgArray[i] = orgList.get(i).getName();
78 |
79 | return orgArray;
80 | }
81 |
82 | public static TraceFilterForm getTraceFilterForm(final int offset, final int limit, String sort) {
83 | return getTraceFilterForm(null, offset, limit, sort);
84 | }
85 |
86 | public static TraceFilterForm getTraceFilterForm(final Long selectedServerId, final int offset, final int limit,
87 | String sort) {
88 | final TraceFilterForm form = new TraceFilterForm();
89 | if (selectedServerId != null) {
90 | final List serverIds = new ArrayList<>();
91 | serverIds.add(selectedServerId);
92 | form.setServerIds(serverIds);
93 | }
94 |
95 | form.setOffset(offset);
96 | form.setLimit(limit);
97 | form.setSort(sort);
98 |
99 | return form;
100 | }
101 |
102 | public static TraceFilterForm getTraceFilterForm(final int offset, final int limit) {
103 | return getTraceFilterForm(null, offset, limit);
104 | }
105 |
106 | public static TraceFilterForm getTraceFilterForm(final Long selectedServerId, final int offset, final int limit) {
107 | final TraceFilterForm form = new TraceFilterForm();
108 | if (selectedServerId != null) {
109 | final List serverIds = new ArrayList<>();
110 | serverIds.add(selectedServerId);
111 | form.setServerIds(serverIds);
112 | }
113 | form.setOffset(offset);
114 | form.setLimit(limit);
115 |
116 | return form;
117 | }
118 |
119 | public static String[] getListFromString(String list) {
120 | String[] orgList;
121 |
122 | if (StringUtils.isNotBlank(list))
123 | orgList = StringUtils.split(list, LIST_DELIMITATOR);
124 | else
125 | return new String[0];
126 |
127 | return orgList;
128 | }
129 |
130 | public static String getStringFromList(String[] list) {
131 | StringBuffer buffer = new StringBuffer();
132 |
133 | int size = list.length;
134 | for (int i = 0; i < size; i++) {
135 | buffer.append(list[i]);
136 |
137 | if (i < size - 1)
138 | buffer.append(LIST_DELIMITATOR);
139 | }
140 |
141 | return buffer.toString();
142 | }
143 |
144 | public static String filterHeaders(String data, String separator) {
145 | String[] lines = data.split(separator);
146 | String[] headers = { "authorization:", "_tid:", ":" };
147 |
148 | ArrayList filtered = new ArrayList<>();
149 |
150 | for (String line : lines) {
151 | boolean filteredLine = true;
152 |
153 | for (String header : headers) {
154 |
155 | if (line.toLowerCase().contains(header)) {
156 | if (!header.equals(":")) {
157 | filteredLine = false;
158 | } else {
159 | if (line.split(":")[0].toLowerCase().contains("token")) {
160 | filteredLine = false;
161 | }
162 | }
163 | }
164 | }
165 | if (filteredLine) {
166 | filtered.add(line);
167 | }
168 |
169 | }
170 |
171 | return String.join(separator, filtered);
172 | }
173 | }
174 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/EventLabelProvider.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.util.ResourceBundle;
18 |
19 | import org.eclipse.jface.viewers.OwnerDrawLabelProvider;
20 | import org.eclipse.jface.viewers.TreeViewer;
21 | import org.eclipse.swt.SWT;
22 | import org.eclipse.swt.graphics.Color;
23 | import org.eclipse.swt.graphics.Font;
24 | import org.eclipse.swt.graphics.FontData;
25 | import org.eclipse.swt.graphics.Point;
26 | import org.eclipse.swt.graphics.Rectangle;
27 | import org.eclipse.swt.widgets.Display;
28 | import org.eclipse.swt.widgets.Event;
29 | import org.unbescape.html.HtmlEscape;
30 |
31 | import com.contrastsecurity.ide.eclipse.core.Constants;
32 | import com.contrastsecurity.models.EventItem;
33 | import com.contrastsecurity.models.EventResource;
34 |
35 | public class EventLabelProvider extends OwnerDrawLabelProvider {
36 |
37 |
38 | static ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
39 |
40 | private static final String INTERESTING_SECURITY_EVENT_OCCURED_ON_DATA = resource.getString("SECURITY_EVENT");
41 | private TreeViewer viewer;
42 |
43 | public EventLabelProvider(TreeViewer viewer) {
44 | this.viewer = viewer;
45 | }
46 |
47 | @Override
48 | protected void measure(Event event, Object element) {
49 | // event.width = viewer.getTree().getColumn(event.index).getWidth();
50 | // if (event.width == 0)
51 | // return;
52 | // if (element instanceof EventItem) {
53 | // if ( EventResource.CONTENT.equals( ((EventItem)element).getType())) {
54 | // Point extent = event.gc.stringExtent("Test");
55 | // event.height = (int) (extent.y * 2);
56 | // }
57 | // }
58 | }
59 |
60 | @Override
61 | protected void paint(Event event, Object element) {
62 | if (element instanceof EventItem) {
63 | EventItem eventItem = (EventItem) element;
64 | Color background = event.gc.getBackground();
65 | Color foreground = event.gc.getForeground();
66 | Font font = event.gc.getFont();
67 | FontData[] fontData = font.getFontData();
68 | for (int i = 0; i < fontData.length; i++) {
69 | fontData[i].setStyle(SWT.BOLD);
70 | fontData[i].setHeight(fontData[i].getHeight() + 1);
71 | }
72 | Font boldFont = null;
73 | try {
74 | boldFont = new Font(Display.getCurrent(), fontData);
75 | int x = event.x + 15;
76 | switch (eventItem.getType()) {
77 | case EventResource.RED:
78 | x = x + 15;
79 | event.gc.setForeground(Constants.CREATION_COLOR);
80 | break;
81 | case EventResource.CONTENT:
82 | x = x + 15;
83 | event.gc.setForeground(Constants.CONTENT_COLOR);
84 | break;
85 | case EventResource.CODE:
86 | x = x + 15;
87 | event.gc.setForeground(Constants.CODE_COLOR);
88 | break;
89 | case EventResource.BOLD:
90 | event.gc.setFont(boldFont);
91 | break;
92 | default:
93 | break;
94 | }
95 | event.gc.setBackground(Constants.ITEM_BACKGROUND_COLOR);
96 | //Rectangle clipping = event.gc.getClipping();
97 | //event.gc.setClipping(clipping.x, clipping.y, viewer.getTree().getColumn(0).getWidth(), clipping.height + 5);
98 | Rectangle bounds = event.getBounds();
99 | bounds.width = viewer.getTree().getColumn(0).getWidth();
100 | bounds.height += 5;
101 | event.gc.fillRectangle(bounds);
102 | //event.gc.setClipping(clipping.x, clipping.y, clipping.width, clipping.height);
103 | String value = eventItem.getValue();
104 | if (value != null) {
105 | //value = StringEscapeUtils.unescapeHtml(value);
106 | value = HtmlEscape.unescapeHtml(value);
107 | }
108 | event.gc.drawString(eventItem.getValue(), x, event.y);
109 | } finally {
110 | if (boldFont != null) {
111 | boldFont.dispose();
112 | }
113 | }
114 | event.gc.setBackground(background);
115 | event.gc.setForeground(foreground);
116 | event.gc.setFont(font);
117 | } else {
118 | if (element instanceof EventResource) {
119 | EventResource eventResource = (EventResource) element;
120 | Color background = event.gc.getBackground();
121 | Color foreground = event.gc.getForeground();
122 | //Rectangle clipping = event.gc.getClipping(); //TODO Remove if not used
123 | // event.gc.setLineWidth(1);
124 | Point size = event.gc.stringExtent(INTERESTING_SECURITY_EVENT_OCCURED_ON_DATA);
125 | Color color = getColor(eventResource.getType());
126 | if (color != null) {
127 | event.gc.setBackground(color);
128 | } else {
129 | event.gc.setBackground(Display.getCurrent().getSystemColor(SWT.COLOR_WIDGET_BACKGROUND));
130 | }
131 | event.gc.fillOval(event.x + 8, event.y + size.y / 2 - 2, 10, 10);
132 | event.gc.setBackground(background);
133 | // if (color != null) {
134 | // event.gc.setForeground(color);
135 | // } else {
136 | // event.gc.setBackground(Display.getCurrent().getSystemColor(SWT.COLOR_WIDGET_FOREGROUND));
137 | // }
138 | String type = eventResource.getDescription().toUpperCase();
139 | event.gc.drawString(type, event.x + 30, event.y + 2);
140 | size = event.gc.stringExtent(INTERESTING_SECURITY_EVENT_OCCURED_ON_DATA);
141 | event.gc.setBackground(background);
142 | event.gc.setForeground(foreground);
143 | }
144 |
145 | }
146 | }
147 |
148 | private Color getColor(String type) {
149 |
150 | Color color = null;
151 | if (type != null) {
152 | switch (type.toLowerCase()) {
153 | case "creation":
154 | color = Constants.ICON_COLOR_CREATION;
155 | break;
156 | case "trigger":
157 | color = Constants.ICON_COLOR_TRIGGER;
158 | break;
159 | case "tag":
160 | color = Constants.TAG_COLOR;
161 | break;
162 | default:
163 | color = Constants.ICON_COLOR_PROPAGATION;
164 | break;
165 | }
166 | }
167 | return color;
168 | }
169 |
170 | @Override
171 | public void dispose() {
172 | super.dispose();
173 | }
174 |
175 | @Override
176 | protected void erase(Event event, Object element) {
177 | event.detail &= ~SWT.FOREGROUND;
178 | }
179 |
180 | }
181 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/OverviewTab.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.net.URLDecoder;
18 | import java.util.Iterator;
19 | import java.util.List;
20 | import java.util.ResourceBundle;
21 |
22 | import org.eclipse.swt.SWT;
23 | import org.eclipse.swt.custom.StyledText;
24 | import org.eclipse.swt.graphics.Font;
25 | import org.eclipse.swt.graphics.FontData;
26 | import org.eclipse.swt.layout.GridData;
27 | import org.eclipse.swt.widgets.Composite;
28 | import org.eclipse.swt.widgets.Control;
29 | import org.eclipse.swt.widgets.Display;
30 | import org.eclipse.swt.widgets.Label;
31 | import org.unbescape.html.HtmlEscape;
32 |
33 | import com.contrastsecurity.ide.eclipse.core.Constants;
34 | import com.contrastsecurity.ide.eclipse.core.Util;
35 | import com.contrastsecurity.ide.eclipse.ui.ContrastUIActivator;
36 | import com.contrastsecurity.models.StoryResponse;
37 | import com.contrastsecurity.models.Risk;
38 | import com.contrastsecurity.models.Chapter;
39 | import com.contrastsecurity.models.PropertyResource;
40 |
41 | public class OverviewTab extends AbstractTab {
42 |
43 | private StoryResponse story;
44 |
45 | public OverviewTab(Composite parent, int style) {
46 | super(parent, style);
47 | }
48 |
49 | public void setStory(StoryResponse story) {
50 |
51 | ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
52 |
53 |
54 | this.story = story;
55 | Composite control = getControl();
56 | Control[] children = control.getChildren();
57 | for (Control child : children) {
58 | child.dispose();
59 | }
60 | if (story != null && story.getStory() != null && story.getStory().getChapters() != null
61 | && story.getStory().getChapters().size() > 0) {
62 | // header label
63 | Label headerLabel = new Label(control, SWT.WRAP | SWT.LEFT);
64 | GridData gridData = new GridData(SWT.HORIZONTAL, SWT.TOP, true, false, 1, 1);
65 | headerLabel.setLayoutData(gridData);
66 | headerLabel.setText(resource.getString("TRACE_STORY_HEADER_CHAPTERS"));
67 |
68 | Font font = headerLabel.getFont();
69 | FontData[] fontDataArray = font.getFontData();
70 | for (FontData fontData : fontDataArray) {
71 | fontData.setStyle(SWT.BOLD);
72 | }
73 | Font newFont = new Font(Display.getDefault(), fontDataArray);
74 | headerLabel.setFont(newFont);
75 | //
76 | for (Chapter chapter : story.getStory().getChapters()) {
77 | String text = chapter.getIntroText() == null ? Constants.BLANK : chapter.getIntroText();
78 | String areaText = chapter.getBody() == null ? Constants.BLANK : chapter.getBody();
79 | if (areaText.isEmpty()) {
80 | List properties = chapter.getPropertyResources();
81 | if (properties != null && properties.size() > 0) {
82 | Iterator iter = properties.iterator();
83 | while (iter.hasNext()) {
84 | PropertyResource property = iter.next();
85 | areaText += property.getName() == null ? Constants.BLANK : property.getName();
86 | if (iter.hasNext()) {
87 | areaText += "\n";
88 | }
89 | }
90 | }
91 | }
92 |
93 | //new Label(control, SWT.NONE);
94 | Label label = new Label(control, SWT.WRAP | SWT.LEFT);
95 | GridData gd = new GridData(SWT.HORIZONTAL, SWT.TOP, true, false, 1, 1);
96 | label.setLayoutData(gd);
97 | text = parseMustache(text);
98 | label.setText(text);
99 | //new Label(control, SWT.NONE);
100 |
101 | if (!areaText.isEmpty()) {
102 | final StyledText textArea = new StyledText(control, SWT.WRAP);
103 | final int padding = 5;
104 | textArea.setLeftMargin(padding);
105 | textArea.setRightMargin(padding);
106 | textArea.setTopMargin(padding);
107 | textArea.setBottomMargin(padding);
108 | textArea.setWordWrap(true);
109 | textArea.setCaret(null);
110 | textArea.setEditable(false);
111 | gd = new GridData(SWT.FILL, SWT.FILL, true, false, 1, 1);
112 | textArea.setLayoutData(gd);
113 | textArea.setBackground(Display.getCurrent().getSystemColor(SWT.COLOR_GRAY));
114 | areaText = parseMustache(areaText);
115 | areaText = Util.filterHeaders(areaText, "\n");
116 | textArea.setText(areaText);
117 | //new Label(control, SWT.NONE);
118 | }
119 | }
120 | if (story.getStory().getRisk() != null) {
121 | Risk risk = story.getStory().getRisk();
122 | String riskText = risk.getText() == null ? Constants.BLANK : risk.getText();
123 | if (!riskText.isEmpty()) {
124 | // header label
125 | Label riskHeaderLabel = new Label(control, SWT.WRAP | SWT.LEFT);
126 | GridData riskGridData = new GridData(SWT.HORIZONTAL, SWT.TOP, true, false, 1, 1);
127 | riskHeaderLabel.setLayoutData(riskGridData);
128 | riskHeaderLabel.setText(resource.getString("TRACE_STORY_HEADER_RISK"));
129 |
130 | Font riskFont = riskHeaderLabel.getFont();
131 | FontData[] riskFontDataArray = riskFont.getFontData();
132 | for (FontData fontData : riskFontDataArray) {
133 | fontData.setStyle(SWT.BOLD);
134 | }
135 | Font riskNewFont = new Font(Display.getDefault(), riskFontDataArray);
136 | riskHeaderLabel.setFont(riskNewFont);
137 | //
138 |
139 | Label label = new Label(control, SWT.WRAP | SWT.LEFT);
140 | GridData gd = new GridData(SWT.HORIZONTAL, SWT.TOP, true, false, 1, 1);
141 | label.setLayoutData(gd);
142 | riskText = parseMustache(riskText);
143 | label.setText(riskText);
144 |
145 | //new Label(control, SWT.NONE);
146 | }
147 | }
148 | }
149 | }
150 |
151 | private String parseMustache(String text) {
152 | text = text.replace(Constants.MUSTACHE_NL, Constants.BLANK);
153 | //text = StringEscapeUtils.unescapeHtml(text);
154 | text = HtmlEscape.unescapeHtml(text);
155 | try {
156 | text = URLDecoder.decode(text, "UTF-8");
157 | } catch (Exception e) {
158 | // ignore
159 | if (ContrastUIActivator.getDefault().isDebugging()) {
160 | ContrastUIActivator.log(e);
161 | }
162 | }
163 | text = text.replace("<", "<");
164 | text = text.replace(">", ">");
165 | // FIXME
166 | text = text.replace("{{#code}}", "");
167 | text = text.replace("{{/code}}", "");
168 | text = text.replace("{{#p}}", "");
169 | text = text.replace("{{/p}}", "");
170 | return text;
171 | }
172 |
173 | public StoryResponse getStory() {
174 | return story;
175 | }
176 |
177 | }
178 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/ContrastUIActivator.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui;
16 | import org.eclipse.core.runtime.Platform;
17 |
18 | import org.eclipse.core.runtime.IStatus;
19 | import org.eclipse.core.runtime.Status;
20 | import org.eclipse.jface.dialogs.ErrorDialog;
21 | import org.eclipse.jface.dialogs.MessageDialog;
22 | import org.eclipse.jface.resource.ImageDescriptor;
23 | import org.eclipse.jface.resource.ImageRegistry;
24 | import org.eclipse.swt.graphics.Image;
25 | import org.eclipse.swt.widgets.Shell;
26 | import org.eclipse.ui.IWorkbenchPage;
27 | import org.eclipse.ui.IWorkbenchWindow;
28 | import org.eclipse.ui.plugin.AbstractUIPlugin;
29 | import org.osgi.framework.Bundle;
30 | import org.osgi.framework.BundleContext;
31 |
32 | import java.util.ResourceBundle;
33 | import java.net.MalformedURLException;
34 | import java.net.URL;
35 | import java.io.File;
36 |
37 | import com.contrastsecurity.ide.eclipse.core.ContrastCoreActivator;
38 | import com.contrastsecurity.ide.eclipse.ui.cache.ContrastCache;
39 | import com.contrastsecurity.models.Trace;
40 |
41 | /**
42 | * The activator class controls the plug-in life cycle
43 | */
44 | public class ContrastUIActivator extends AbstractUIPlugin {
45 |
46 | // The plug-in ID
47 | public static final String PLUGIN_ID = "com.contrastsecurity.ide.eclipse.ui"; //$NON-NLS-1$
48 |
49 | // The shared instance
50 | private static ContrastUIActivator plugin;
51 |
52 | private static ContrastCache contrastCache = new ContrastCache();
53 |
54 | static ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
55 |
56 | /**
57 | * The constructor
58 | */
59 | public ContrastUIActivator() {
60 | }
61 |
62 | /*
63 | * (non-Javadoc)
64 | * @see org.eclipse.ui.plugin.AbstractUIPlugin#start(org.osgi.framework.BundleContext)
65 | */
66 | public void start(BundleContext context) throws Exception {
67 | super.start(context);
68 | plugin = this;
69 | }
70 |
71 | /*
72 | * (non-Javadoc)
73 | * @see org.eclipse.ui.plugin.AbstractUIPlugin#stop(org.osgi.framework.BundleContext)
74 | */
75 | public void stop(BundleContext context) throws Exception {
76 | plugin = null;
77 | super.stop(context);
78 | }
79 |
80 | /**
81 | * Returns the shared instance
82 | *
83 | * @return the shared instance
84 | */
85 | public static ContrastUIActivator getDefault() {
86 | return plugin;
87 | }
88 |
89 | /**
90 | * Returns an image descriptor for the image file at the given
91 | * plug-in relative path
92 | *
93 | * @param path the path
94 | * @return the image descriptor
95 | * @throws MalformedURLException
96 | */
97 | public static ImageDescriptor getImageDescriptor(String path) throws MalformedURLException {
98 | Bundle bundle = Platform.getBundle(PLUGIN_ID);
99 | URL fileURL = bundle.getEntry(path); //$NON-NLS-1$
100 | ImageDescriptor createFromURL = ImageDescriptor.createFromURL(fileURL);
101 | return createFromURL;
102 | }
103 |
104 | public static Image getImage(String path) throws MalformedURLException {
105 | ImageRegistry registry = getDefault().getImageRegistry();
106 | Image image = registry.get(path);
107 | if (image == null) {
108 | image = getImageDescriptor(path).createImage();
109 | registry.put(path, image);
110 | }
111 | return image;
112 | }
113 |
114 | public static void log(Throwable e) {
115 | plugin.getLog().log(new Status(IStatus.ERROR, PLUGIN_ID, e.getMessage(), e ));
116 | }
117 |
118 | public static void logInfo(String message) {
119 | if (plugin.isDebugging()) {
120 | plugin.getLog().log(new Status(IStatus.INFO, PLUGIN_ID, message));
121 | }
122 | }
123 |
124 | public static void logWarning(String message) {
125 | plugin.getLog().log(new Status(IStatus.WARNING, PLUGIN_ID, message));
126 | }
127 |
128 | public static Image getSeverityImage(Trace element) throws MalformedURLException {
129 | String fileName = null;
130 | switch (element.getSeverity()) {
131 | case "Note":
132 | fileName = resource.getString("NOTE_ICON");
133 | return ContrastUIActivator.getImage(fileName);
134 | case "High":
135 | fileName = resource.getString("HIGH_ICON");
136 | return ContrastUIActivator.getImage(fileName);
137 | case "Medium":
138 | fileName = resource.getString("MEDIUM_ICON");
139 | return ContrastUIActivator.getImage(fileName);
140 | case "Low":
141 | fileName = resource.getString("LOW_ICON");
142 | return ContrastUIActivator.getImage(fileName);
143 | case "Critical":
144 | fileName = resource.getString("CRITICAL_ICON");
145 | return ContrastUIActivator.getImage(fileName);}
146 | return null;
147 | }
148 |
149 | public static String getOrgUuid() {
150 | return ContrastCoreActivator.getSelectedOrganizationUuid();
151 | }
152 |
153 | public static String removeHtmlMarkup(String html) {
154 | html = html.replace("", "");
155 | html = html.replace("", "");
156 | html = html.replace("", "");
157 | html = html.replace("", "");
158 | html = html.replace("", "");
159 | html = html.replaceAll("", "");
160 | return html;
161 | }
162 |
163 | public static IWorkbenchWindow getActiveWorkbenchWindow() {
164 | return getDefault().getWorkbench().getActiveWorkbenchWindow();
165 | }
166 |
167 | public static IWorkbenchPage getActivePage() {
168 | IWorkbenchWindow w = getActiveWorkbenchWindow();
169 | if (w != null) {
170 | return w.getActivePage();
171 | }
172 | return null;
173 | }
174 |
175 |
176 | /**
177 | * Returns the active workbench shell or null if none
178 | *
179 | * @return the active workbench shell or null if none
180 | */
181 | public static Shell getActiveWorkbenchShell() {
182 | IWorkbenchWindow window = getActiveWorkbenchWindow();
183 | if (window != null) {
184 | return window.getShell();
185 | }
186 | return null;
187 | }
188 |
189 | public static void statusDialog(String title, IStatus status) {
190 | Shell shell = getActiveWorkbenchShell();
191 | if (shell != null) {
192 | switch (status.getSeverity()) {
193 | case IStatus.ERROR:
194 | ErrorDialog.openError(shell, title, null, status);
195 | break;
196 | case IStatus.WARNING:
197 | MessageDialog.openWarning(shell, title, status.getMessage());
198 | break;
199 | case IStatus.INFO:
200 | MessageDialog.openInformation(shell, title, status.getMessage());
201 | break;
202 | }
203 | }
204 | }
205 |
206 | public static ContrastCache getContrastCache() {
207 | return contrastCache;
208 | }
209 |
210 | }
211 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/views/MarkStatusDialog.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.views;
16 |
17 | import java.util.ArrayList;
18 | import java.util.List;
19 | import java.util.ResourceBundle;
20 |
21 | import org.apache.commons.lang.StringUtils;
22 | import org.eclipse.jface.dialogs.Dialog;
23 | import org.eclipse.swt.SWT;
24 | import org.eclipse.swt.events.SelectionEvent;
25 | import org.eclipse.swt.events.SelectionListener;
26 | import org.eclipse.swt.layout.GridLayout;
27 | import org.eclipse.swt.widgets.Combo;
28 | import org.eclipse.swt.widgets.Composite;
29 | import org.eclipse.swt.widgets.Control;
30 | import org.eclipse.swt.widgets.Shell;
31 | import org.eclipse.swt.widgets.Text;
32 |
33 | import com.contrastsecurity.ide.eclipse.core.Constants;
34 | import com.contrastsecurity.ide.eclipse.ui.internal.model.StatusConstants;
35 | import com.contrastsecurity.ide.eclipse.ui.util.UIElementUtils;
36 | import com.contrastsecurity.models.StatusRequest;
37 |
38 |
39 | public class MarkStatusDialog extends Dialog {
40 |
41 | static ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
42 |
43 |
44 | private final static String TITLE_TEXT = resource.getString("MARK_AS_LABEL");
45 |
46 | private final static String NOT_A_PROBLEM = resource.getString("VULNERABILITY_STATUS_NOT_A_PROBLEM_STRING_LABEL");
47 | private final static String SUSPICIOUS = resource.getString("VULNERABILITY_STATUS_SUSPICIOUS_LABEL");
48 | private final static String CONFIRMED = resource.getString("VULNERABILITY_STATUS_CONFIRMED_LABEL");
49 | private final static String REMEDIATED = resource.getString("VULNERABILITY_STATUS_REMEDIATED_LABEL");
50 | private final static String REPORTED = resource.getString("VULNERABILITY_STATUS_REPORTED_LABEL");
51 | private final static String FIXED = resource.getString("VULNERABILITY_STATUS_FIXED_LABEL");
52 |
53 | private final static String URL = resource.getString("TRUSTED_URL_LABEL");
54 | private final static String FP = resource.getString("FALSE_POSITIVE_LABEL");
55 | private final static String IC= resource.getString("INTERNAL_CONTROL_LABEL");
56 | private final static String EC = resource.getString("EXTERNAL_CONTROL_LABEL");
57 | private final static String OT = resource.getString("OTHER_LABEL");
58 |
59 |
60 | //For combo box
61 | private final static String[] STATUS_LIST = {
62 | NOT_A_PROBLEM,
63 | SUSPICIOUS,
64 | CONFIRMED,
65 | REMEDIATED,
66 | REPORTED,
67 | FIXED
68 | };
69 |
70 |
71 | //For combo box
72 | private final static String[] REASON_LIST = {
73 | URL,
74 | FP,
75 | IC,
76 | EC,
77 | OT
78 | };
79 |
80 |
81 |
82 | private String traceId;
83 | private String status;
84 | private String visualStatus;
85 | private StatusRequest request;
86 |
87 | private Combo statusCombo;
88 | private Combo reasonCombo;
89 | private Text noteText;
90 |
91 | public MarkStatusDialog(Shell shell, String traceId) {
92 | super(shell);
93 | this.traceId = traceId;
94 | status = visualStatus = StatusConstants.CONFIRMED;
95 | }
96 |
97 | @Override
98 | protected Control createDialogArea(Composite parent) {
99 | Composite container = (Composite) super.createDialogArea(parent);
100 | Composite contentComposite = new Composite(container, SWT.NONE);
101 |
102 | contentComposite.setLayout(new GridLayout(2, false));
103 |
104 | UIElementUtils.createLabel(contentComposite, resource.getString("MARK_AS_LABEL"));
105 | statusCombo = UIElementUtils.createCombo(contentComposite, STATUS_LIST);
106 | UIElementUtils.createLabel(contentComposite, resource.getString("REASON_LABEL"));
107 | reasonCombo = UIElementUtils.createCombo(contentComposite, REASON_LIST);
108 | UIElementUtils.createLabel(contentComposite, resource.getString("COMMENT_LABEL"));
109 | noteText = UIElementUtils.createMultiText(contentComposite, 10);
110 |
111 | statusCombo.addSelectionListener(new SelectionListener() {
112 |
113 | @Override
114 | public void widgetSelected(SelectionEvent e) {
115 | status = visualStatus = statusCombo.getText();
116 |
117 | if (status.equals(NOT_A_PROBLEM) || status.equals(Constants.VULNERABILITY_STATUS_NOT_A_PROBLEM_API_REQUEST_STRING) || status.equals(Constants.VULNERABILITY_STATUS_NOT_A_PROBLEM)) {
118 | reasonCombo.setEnabled(true);
119 | status = Constants.VULNERABILITY_STATUS_NOT_A_PROBLEM_API_REQUEST_STRING;
120 | } else if (status.equals(CONFIRMED)) {
121 | reasonCombo.setEnabled(false);
122 | status = Constants.VULNERABILITY_STATUS_CONFIRMED;
123 | } else if (status.equals(SUSPICIOUS)) {
124 | reasonCombo.setEnabled(false);
125 | status = Constants.VULNERABILITY_STATUS_SUSPICIOUS;
126 | } else if (status.equals(REMEDIATED)) {
127 | reasonCombo.setEnabled(false);
128 | status = Constants.VULNERABILITY_STATUS_REMEDIATED;
129 | } else if (status.equals(REPORTED)) {
130 | reasonCombo.setEnabled(false);
131 | status = Constants.VULNERABILITY_STATUS_REPORTED;
132 | } else if (status.equals(FIXED)) {
133 | reasonCombo.setEnabled(false);
134 | status = Constants.VULNERABILITY_STATUS_FIXED;
135 | }
136 | }
137 |
138 | @Override
139 | public void widgetDefaultSelected(SelectionEvent e) {}
140 | });
141 |
142 | return container;
143 | }
144 |
145 | @Override
146 | public void create() {
147 | super.create();
148 |
149 | getShell().setText(TITLE_TEXT);
150 | reasonCombo.setEnabled(false);
151 | statusCombo.select(0);
152 | reasonCombo.select(0);
153 | }
154 |
155 | @Override
156 | protected void cancelPressed() {
157 | super.cancelPressed();
158 | }
159 |
160 | @Override
161 | protected void okPressed() {
162 | markStatus();
163 | }
164 |
165 | private void markStatus() {
166 | List traces = new ArrayList<>();
167 | traces.add(traceId);
168 |
169 | request = new StatusRequest();
170 | request.setTraces(traces);
171 | request.setStatus(status);
172 | if(StringUtils.isNotBlank(noteText.getText())) {
173 | request.setNote(noteText.getText());
174 | }
175 |
176 |
177 | if(Constants.VULNERABILITY_STATUS_NOT_A_PROBLEM_API_REQUEST_STRING.equals(status)) {
178 | String substatusRequest = "Other";
179 | if(reasonCombo.getText().equals(URL)) {
180 | substatusRequest = Constants.URL;
181 | }
182 | else if(reasonCombo.getText().equals(FP)) {
183 | substatusRequest = Constants.FP;
184 | }
185 | else if(reasonCombo.getText().equals(IC)) {
186 | substatusRequest = Constants.IC;
187 | }
188 | else if(reasonCombo.getText().equals(EC)) {
189 | substatusRequest = Constants.EC;
190 | } else {
191 | substatusRequest = Constants.OT;
192 | }
193 |
194 | request.setSubstatus(substatusRequest);
195 | }
196 |
197 |
198 | super.okPressed();
199 | }
200 |
201 | public StatusRequest getTraceStatusRequest() {
202 | return request;
203 | }
204 |
205 | public String getSelectedStatus() {
206 | return visualStatus;
207 | }
208 |
209 | }
210 |
--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
1 |
15 | 4.0.0
16 |
17 | com.contrastsecurity.ide.eclipse
18 | parent
19 | 3.0.5-SNAPSHOT
20 | pom
21 |
22 |
23 | 1.5.0
24 | 1.5.0
25 | https://oss.sonatype.org/content/groups/public/
26 |
27 |
28 |
29 | targets
30 | plugins
31 | features
32 | updatesite
33 |
34 |
35 |
36 | scm:git:https://github.com/Contrast-Security-OSS/ide-plugin-eclipse2.git
37 | scm:git:https://github.com/Contrast-Security-OSS/ide-plugin-eclipse2.git
38 | HEAD
39 |
40 |
41 |
42 |
43 |
44 | org.apache.maven.plugins
45 | maven-jarsigner-plugin
46 | 1.4
47 |
48 |
49 | sign
50 |
51 | sign
52 |
53 |
54 |
55 |
56 | ${keystore.path}
57 | ${keystore.alias}
58 | ${keystore.storepass}
59 | ${keystore.keypass}
60 |
61 |
62 |
63 | org.eclipse.tycho
64 | tycho-maven-plugin
65 | ${tycho.version}
66 | true
67 |
68 |
69 | org.eclipse.tycho
70 | target-platform-configuration
71 | ${tycho.version}
72 |
73 |
74 |
75 | com.contrastsecurity.ide.eclipse.target
76 | mars
77 | ${project.version}
78 |
79 |
80 |
81 |
82 | linux
83 | gtk
84 | x86_64
85 |
86 |
87 | win32
88 | win32
89 | x86_64
90 |
91 |
92 | macosx
93 | cocoa
94 | x86_64
95 |
96 |
97 |
98 |
99 |
100 | org.eclipse.tycho
101 | tycho-surefire-plugin
102 | ${tycho.version}
103 |
104 | false
105 | false
106 | -Xms512m -Xmx1024m -XX:MaxMetaspaceSize=256m -Dorg.eclipse.ui.testsDisableWorkbenchAutoSave=true
107 | org.eclipse.platform.ide
108 | org.eclipse.ui.ide.workbench
109 |
110 |
111 | p2-installable-unit
112 | org.eclipse.platform
113 | 0.0.0
114 |
115 |
116 |
117 | ${username}
118 | ${apiKey}
119 | ${serviceKey}
120 | ${restApiUrl}
121 | ${organizationId}
122 | ${traceId}
123 |
124 |
125 | **/AllTests.class
126 | **/*AllTests*.class
127 | **/*AllBotTests*.class
128 | **/*TestSuite*.class
129 |
130 |
131 | **/integration/**Test.class
132 |
133 |
134 |
135 |
136 | org.eclipse.tycho
137 | tycho-compiler-plugin
138 | ${tycho.version}
139 |
140 | UTF-8
141 | 1.7
142 | 1.7
143 |
144 |
145 |
146 | org.eclipse.tycho
147 | tycho-source-plugin
148 | ${tycho.version}
149 |
150 |
151 | plugin-source
152 |
153 | plugin-source
154 |
155 |
156 | ${project.artifactId}_${unqualifiedVersion}.${buildQualifier}
157 |
158 |
159 |
160 |
161 |
162 |
163 |
164 |
165 | com.itemis.maven.plugins
166 | unleash-maven-plugin
167 | 2.10.0
168 |
169 |
170 | com.itemis.maven.plugins
171 | unleash-scm-provider-git
172 | 2.3.0
173 |
174 |
175 |
176 |
177 | org.eclipse.tycho
178 | tycho-packaging-plugin
179 | ${tycho.version}
180 |
181 |
182 | org.eclipse.tycho.extras
183 | tycho-buildtimestamp-jgit
184 | ${tycho-extras.version}
185 |
186 |
187 |
188 | false
189 | 'v'yyyyMMdd-HHmm
190 | jgit
191 | ${project.artifactId}_${unqualifiedVersion}.${buildQualifier}
192 | warning
193 |
194 |
195 |
196 |
197 |
198 |
199 |
200 |
201 |
202 |
203 | mac
204 |
205 |
206 | mac
207 |
208 |
209 |
210 |
211 |
212 | org.eclipse.tycho
213 | tycho-surefire-plugin
214 | ${tycho.version}
215 |
216 | true
217 | -Xms512m -Xmx1024m -XX:MetaspaceSize=256m
218 | -Dorg.eclipse.ui.testsDisableWorkbenchAutoSave=true
219 | -XstartOnFirstThread
220 |
221 |
222 |
223 |
224 |
225 |
226 |
227 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/util/UIElementUtils.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.util;
16 |
17 | import org.eclipse.jface.dialogs.MessageDialog;
18 | import org.eclipse.jface.viewers.ArrayContentProvider;
19 | import org.eclipse.jface.viewers.ComboViewer;
20 | import org.eclipse.jface.viewers.LabelProvider;
21 | import org.eclipse.swt.SWT;
22 | import org.eclipse.swt.events.SelectionListener;
23 | import org.eclipse.swt.graphics.Image;
24 | import org.eclipse.swt.layout.GridData;
25 | import org.eclipse.swt.widgets.Button;
26 | import org.eclipse.swt.widgets.Combo;
27 | import org.eclipse.swt.widgets.Composite;
28 | import org.eclipse.swt.widgets.Display;
29 | import org.eclipse.swt.widgets.Label;
30 | import org.eclipse.swt.widgets.Menu;
31 | import org.eclipse.swt.widgets.MenuItem;
32 | import org.eclipse.swt.widgets.MessageBox;
33 | import org.eclipse.swt.widgets.Shell;
34 | import org.eclipse.swt.widgets.Text;
35 |
36 | public class UIElementUtils {
37 |
38 | //==================== Label ====================
39 |
40 | public static Label createLabel(Composite parent, String text) {
41 | return createLabel(parent, text, 1, 1);
42 | }
43 |
44 | public static Label createLabel(Composite parent, String text, int hSpan, int vSpan) {
45 | GridData gd = new GridData(SWT.FILL, SWT.CENTER, false, false, hSpan, vSpan);
46 | return createBasicLabel(parent, gd, text);
47 | }
48 |
49 | public static Label createBasicLabel(Composite parent, GridData gd, String text) {
50 | Label label = new Label(parent, SWT.NONE);
51 | label.setLayoutData(gd);
52 | label.setText(text);
53 |
54 | return label;
55 | }
56 |
57 | public static Label createLogoLabel(Composite composite, Image image) {
58 | GridData gd = new GridData(SWT.END, SWT.FILL, true, false);
59 | Label label = new Label(composite, SWT.NONE);
60 | label.setLayoutData(gd);
61 | label.setImage(image);
62 | return label;
63 | }
64 |
65 | //==================== ComboView ====================
66 |
67 | public static Combo createCombo(Composite parent, String[] items) {
68 | GridData gd = new GridData(SWT.FILL, SWT.CENTER, false, false);
69 |
70 | Combo combo = new Combo(parent, SWT.READ_ONLY);
71 | combo.setLayoutData(gd);
72 | combo.setItems(items);
73 |
74 | return combo;
75 | }
76 |
77 | public static Combo createCombo(Composite parent, String[] items, int horizontalSpan, int verticalSpan){
78 | GridData gd = new GridData(SWT.FILL, SWT.CENTER, false, false, horizontalSpan, verticalSpan);
79 |
80 | Combo combo = new Combo(parent, SWT.READ_ONLY);
81 | combo.setLayoutData(gd);
82 | combo.setItems(items);
83 |
84 | return combo;
85 | }
86 |
87 | public static ComboViewer createComboViewer(Composite composite) {
88 | ComboViewer comboViewer = new ComboViewer(composite, SWT.READ_ONLY);
89 | comboViewer.getControl().setFont(composite.getFont());
90 | comboViewer.setLabelProvider(new LabelProvider());
91 | comboViewer.setContentProvider(new ArrayContentProvider());
92 | return comboViewer;
93 | }
94 |
95 | //==================== Text ====================
96 |
97 | public static Text createMultiText(Composite parent, int verticalSpan) {
98 | return createMultiText(parent, verticalSpan, null);
99 | }
100 |
101 | public static Text createMultiText(Composite parent, int verticalSpan, Integer widthHint) {
102 | GridData gd = new GridData(SWT.FILL, SWT.FILL, true, true);
103 | gd.verticalSpan = verticalSpan;
104 | if(widthHint != null)
105 | gd.widthHint = widthHint;
106 |
107 | Text text = new Text(parent, SWT.BORDER | SWT.MULTI | SWT.V_SCROLL | SWT.WRAP);
108 | text.setLayoutData(gd);
109 |
110 | return text;
111 | }
112 |
113 | public static Text createText(Composite parent, int hSpan, int vSpan) {
114 | return createText(parent, hSpan, vSpan, SWT.BORDER);
115 | }
116 |
117 | public static Text createText(Composite parent, int hSpan, int vSpan, int style) {
118 | GridData gd = new GridData(SWT.FILL, SWT.FILL, true, false, hSpan, vSpan);
119 | return createBasicText(parent, gd, style);
120 | }
121 |
122 | public static Text createBasicText(Composite parent, GridData gd, int style) {
123 | Text text = new Text(parent, style);
124 | text.setLayoutData(gd);
125 | return text;
126 | }
127 |
128 | //==================== Button ====================
129 |
130 | public static Button createButton(Composite parent, String text) {
131 | return createButton(parent, text, null);
132 | }
133 |
134 | public static Button createButton(Composite parent, String text, Integer widthHint) {
135 | Button button = createBasicButton(parent, 1, 1, widthHint);
136 | button.setText(text);
137 | return button;
138 | }
139 |
140 | public static Button createButton(Composite parent, String text, int hSpan, int vSpan) {
141 | Button button = createBasicButton(parent, hSpan, vSpan, null);
142 | button.setText(text);
143 | return button;
144 | }
145 |
146 | public static Button createButton(Composite parent, Image image) {
147 | return createButton(parent, image, null);
148 | }
149 |
150 | public static Button createButton(Composite parent, Image image, Integer widthHint) {
151 | Button button = createBasicButton(parent, 1, 1, widthHint);
152 | button.setImage(image);
153 | return button;
154 | }
155 |
156 | public static Button createBasicButton(Composite parent, int hSpan, int vSpan, Integer widthHint) {
157 | GridData gd = new GridData(SWT.FILL, SWT.FILL, false, false, hSpan, vSpan);
158 | if(widthHint != null)
159 | gd.widthHint = widthHint;
160 |
161 | Button button = new Button(parent, SWT.PUSH);
162 | button.setLayoutData(gd);
163 |
164 | return button;
165 | }
166 |
167 | public static Button createButton(Composite parent, GridData gd, String text) {
168 | Button button = new Button(parent, SWT.PUSH);
169 | button.setLayoutData(gd);
170 | button.setText(text);
171 |
172 | return button;
173 | }
174 |
175 | //==================== MenuItem ====================
176 |
177 | public static MenuItem generateMenuItem(Menu parent, String text, int style, SelectionListener listener) {
178 | MenuItem item = new MenuItem(parent, style);
179 | item.setText(text);
180 | item.addSelectionListener(listener);
181 | return item;
182 | }
183 |
184 | //==================== MessageBox ====================
185 |
186 | /**
187 | * Instantiates and shows an error MessageBox with the given text.
188 | * @param shell Parent shell.
189 | * @param message The message to be displayed.
190 | */
191 | public static void ShowErrorMessage(Shell shell, String message) {
192 | MessageBox box = new MessageBox(shell, SWT.ICON_ERROR);
193 | box.setMessage(message);
194 | box.open();
195 | }
196 |
197 | /**
198 | * Shows an error message box with the given parameters. This method should be used when trying to show it from other thread than the UI one.
199 | * @param display Current SWT display.
200 | * @param shell Parent shell.
201 | * @param title Box title.
202 | * @param message The message to be displayed.
203 | */
204 | public static void ShowErrorMessageFromAnotherThread(Display display, Shell shell, String title, String message) {
205 | display.asyncExec(new Runnable() {
206 |
207 | @Override
208 | public void run() {
209 | MessageDialog.openError(shell, title, message);
210 | }
211 | });
212 | }
213 |
214 | }
215 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/OSGI-INF/l10n/bundle_ja.properties:
--------------------------------------------------------------------------------
1 | #Properties file for com.contrastsecurity.ide.eclipse.ui
2 | Bundle-Vendor = Contrast Security
3 | Bundle-Name = Contrast IDE plugin for Eclipse - UI
4 |
5 | TRACE_STORY_HEADER_CHAPTERS = \u4f55\u304c\u8d77\u3053\u3063\u305f\u304b\uff1f
6 | TRACE_STORY_HEADER_RISK = \u3069\u3093\u306a\u30ea\u30b9\u30af\u3067\u3042\u308b\u304b\uff1f
7 |
8 | CRITICAL_VULN_LABEL= \u91cd\u5927
9 | HIGH_VULN_LABEL = \u9ad8
10 | MEDIUM_VULN_LABEL = \u4e2d
11 | LOW_VULN_LABEL = \u4f4e
12 | NOTE_VULN_LABEL = \u6ce8\u610f
13 |
14 | CRITICAL_ICON = /icons/critical_ja.png
15 | HIGH_ICON = /icons/high_ja.png
16 | MEDIUM_ICON = /icons/medium_ja.png
17 | LOW_ICON = /icons/low_ja.png
18 | NOTE_ICON = /icons/note_ja.png
19 |
20 | ADD_ORGANIZATION = \u7d44\u7e54\u3092\u8ffd\u52a0
21 | USERNAME = \u30e6\u30fc\u30b6\u540d:
22 | SERVICE_KEY = \u30b5\u30fc\u30d3\u30b9\u30ad\u30fc:
23 | API_KEY = API\u30ad\u30fc:
24 | ORG_ID = \u7d44\u7e54ID:
25 | ADD = \u8ffd\u52a0
26 | REMOVE = \u524a\u9664
27 | INVALID_URL = \u7121\u52b9\u306aURL\u3067\u3059\u3002
28 | UNKNOWN_ERROR = \u4e0d\u660e\u306a\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u307e\u3057\u305f\u3002
29 | ORGANIZATION = \u7d44\u7e54
30 |
31 | VULNERABILITIES_LABEL = \u8106\u5f31\u6027
32 | VULNERABILITY_LABEL = \u8106\u5f31\u6027
33 | ZERO_VULNERABILITIES_LABEL = 0\u4ef6\u306e\u8106\u5f31\u6027
34 | APPLICATION_LABEL = \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3
35 | SEVERITY_LABEL = \u6df1\u523b\u5ea6
36 | BUILD_NUMBER_LABEL = \u30d3\u30eb\u30c9\u756a\u53f7
37 | CLEAR_LABEL = \u30af\u30ea\u30a2
38 | FROM_LABEL = \u958b\u59cb
39 | UNTIL_LABEL = \u7d42\u4e86
40 | FILTER_LABEL = \u30d5\u30a3\u30eb\u30bf
41 | STATUS_LABEL = \u30b9\u30c6\u30fc\u30bf\u30b9
42 | SERVER_LABEL = \u30b5\u30fc\u30d0
43 |
44 | OVERVIEW_LABEL = \u6982\u8981
45 | HOW_TO_FIX_LABEL = \u4fee\u6b63\u65b9\u6cd5
46 | DETAILS_LABEL = \u8a73\u7d30
47 | HTTP_INFO_LABEL = HTTP\u60c5\u5831
48 |
49 | VULNERABILITY_STATUS_AUTO_REMEDIATED_LABEL = \u4fee\u5fa9\u6e08 - \u81ea\u52d5\u691c\u8a3c
50 | VULNERABILITY_STATUS_CONFIRMED_LABEL = \u78ba\u8a8d\u6e08
51 | VULNERABILITY_STATUS_SUSPICIOUS_LABEL = \u7591\u308f\u3057\u3044
52 | VULNERABILITY_STATUS_REMEDIATED_LABEL = \u4fee\u5fa9\u6e08
53 | VULNERABILITY_STATUS_REPORTED_LABEL = \u5831\u544a\u6e08
54 | VULNERABILITY_STATUS_FIXED_LABEL = \u4fee\u6b63\u5b8c\u4e86
55 | VULNERABILITY_STATUS_NOT_A_PROBLEM_STRING_LABEL = \u554f\u984c\u7121\u3057
56 |
57 | REASON_LABEL = \u7406\u7531
58 | TRUSTED_URL_LABEL = \u4fe1\u983c\u3067\u304d\u308b\u30d1\u30ef\u30fc\u30e6\u30fc\u30b6\u306e\u307f\u304c\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308bURL
59 | FALSE_POSITIVE_LABEL = \u8aa4\u691c\u77e5
60 | INTERNAL_CONTROL_LABEL = \u5185\u90e8\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5236\u5fa1\u3092\u901a\u904e
61 | EXTERNAL_CONTROL_LABEL = \u5916\u90e8\u5236\u5fa1\u306b\u3088\u308a\u9632\u5fa1\u3055\u308c\u305f\u653b\u6483
62 | OTHER_LABEL = \u4e0a\u8a18\u4ee5\u5916
63 |
64 | VULNERABILITY_STATUS_BEING_TRACKED_LABEL = \u8ffd\u8de1\u4e2d
65 | VULNERABILITY_STATUS_UNTRACKED_LABEL = \u8ffd\u8de1\u306a\u3057
66 |
67 | LAST_DETECTED_LABEL = \u6700\u5f8c\u306e\u691c\u51fa
68 | LAST_DETECTED_ALL = \u5168\u3066
69 | LAST_DETECTED_HOUR = 1\u6642\u9593\u4ee5\u5185
70 | LAST_DETECTED_DAY = 24\u6642\u9593\u4ee5\u5185
71 | LAST_DETECTED_WEEK = \u904e\u53bb7\u65e5\u9593
72 | LAST_DETECTED_MONTH = \u904e\u53bb30\u65e5\u9593
73 | LAST_DETECTED_YEAR = \u904e\u53bb12\u304b\u6708\u9593
74 | LAST_DETECTED_CUSTOM = \u30ab\u30b9\u30bf\u30de\u30a4\u30ba...
75 |
76 | CWE_LABEL = CWE\uff1a
77 | OWASP_LABEL = OWASP\uff1a
78 | REFERENCES_LABEL = \u53c2\u7167\uff1a
79 |
80 | PREFERENCES_LABEL = Contrast\u306e\u8a2d\u5b9a
81 |
82 | TAG_VULNERABILITY = \u8106\u5f31\u6027\u306b\u30bf\u30b0\u3092\u4ed8\u3051\u308b
83 | CREATE_TAG = \u30bf\u30b0\u3092\u4f5c\u6210
84 | REMOVE_TAG = \u30bf\u30b0\u3092\u5916\u3059
85 |
86 | CONTRAST_NOT_CONFIGURED = Contrast\u304cTeamserver\u306b\u30ec\u30dd\u30fc\u30c8\u3059\u308b\u3088\u3046\u306b\u69cb\u6210\u3055\u308c\u3066\u3044\u307e\u305b\u3093
87 | SERVER_ERROR = \u30b5\u30fc\u30d0\u30a8\u30e9\u30fc\uff1a
88 | APPLY_EXISTING_TAG = \u65e2\u5b58\u306e\u30bf\u30b0\u3092\u9069\u7528
89 | APPLIED_TAGS = \u9069\u7528\u4e2d\u306e\u30bf\u30b0
90 | CREATE_AND_APPLY_NEW_TAG = \u65b0\u3057\u3044\u30bf\u30b0\u3092\u4f5c\u6210\u3057\u3066\u9069\u7528
91 | COMMENT_LABEL = \u30b3\u30e1\u30f3\u30c8
92 | MARK_AS_LABEL = \u30b9\u30c6\u30fc\u30bf\u30b9\u5909\u66f4
93 | ALL_APPLICATIONS_LABEL = \u5168\u3066\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3
94 | ALL_SERVERS_LABEL = \u5168\u3066\u306e\u30b5\u30fc\u30d0
95 | PAGE_LABEL = \u30da\u30fc\u30b8
96 | REFRESH_TOOLTIP = \u30b5\u30fc\u30d0\u304b\u3089\u8106\u5f31\u6027\u3092\u66f4\u65b0
97 | BACK_TO_RESULTS = \u7d50\u679c\u306b\u623b\u308b
98 | REFRESH_LABEL = \u30ea\u30d5\u30ec\u30c3\u30b7\u30e5
99 | CONTRAST_PREFERENCES_LABEL = Contrast\u306e\u8a2d\u5b9a\u30da\u30fc\u30b8
100 | OPEN_CONTRAST_PREFERENCES_LABEL = Contrast\u306e\u8a2d\u5b9a\u30da\u30fc\u30b8\u3092\u958b\u304f
101 | NO_VULNERABILITIES_WERE_FOUND_LABEL = \u8106\u5f31\u6027\u306f\u691c\u51fa\u3055\u308c\u307e\u305b\u3093\u3067\u3057\u305f
102 | SECURITY_EVENT = \u6ce8\u76ee\u3059\u3079\u304d\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30d9\u30f3\u30c8\u304c\u30c7\u30fc\u30bf\u3067\u767a\u751f
103 | ERROR = \u30a8\u30e9\u30fc
104 | STACKTRACE_ERROR = \u30b9\u30bf\u30c3\u30af\u30c8\u30ec\u30fc\u30b9\u30a8\u30e9\u30fc
105 | SEARCHING_FOR_CODE = \u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u3067\u30b3\u30fc\u30c9\u3092\u691c\u7d22\u3057\u3066\u3044\u307e\u3059...
106 | SEARCH_COMPLETE = \u691c\u7d22\u304c\u5b8c\u4e86\u3057\u307e\u3057\u305f
107 | SOURCE_NOT_FOUND_FOR = \u30bd\u30fc\u30b9\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093
108 | SOURCE_NOT_FOUND = \u30bd\u30fc\u30b9\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093
109 | INVALID_LINE = \u7121\u52b9\u306a\u884c\u756a\u53f7
110 | INVALID_LINE_FILE = \u306f\u6709\u52b9\u306a\u884c\u756a\u53f7\u3067\u306f\u3042\u308a\u307e\u305b\u3093
111 | UNABLE_TO_PARSE = \u30b9\u30bf\u30c3\u30af\u30c8\u30ec\u30fc\u30b9\u304b\u3089\u578b\u540d\u3092\u89e3\u6790\u3067\u304d\u307e\u305b\u3093
112 | LOADING = \u30ed\u30fc\u30c9\u4e2d\u3067\u3059...
113 | NO_HTTP_REQUEST = \u30c8\u30ec\u30fc\u30b9\u306bHTTP\u30ea\u30af\u30a8\u30b9\u30c8\u304c\u3042\u308a\u307e\u305b\u3093
114 | NO_HTTP_REQUEST_LABEL = HTTP\u30ea\u30af\u30a8\u30b9\u30c8\u304c\u3042\u308a\u307e\u305b\u3093
115 | NO_EVENT_SUMMARY = \u30c8\u30ec\u30fc\u30b9\u306b\u30a4\u30d9\u30f3\u30c8\u306e\u6982\u8981\u304c\u3042\u308a\u307e\u305b\u3093
116 | NOT_AUTHORIZED = \u3053\u306e\u64cd\u4f5c\u3092\u5b9f\u884c\u3059\u308b\u6a29\u9650\u304c\u3042\u308a\u307e\u305b\u3093
117 | REQUEST_FAILED = \u30ea\u30af\u30a8\u30b9\u30c8\u304c\u5931\u6557\u3057\u307e\u3057\u305f\u3002\u30a8\u30e9\u30fc\u304c\u7d9a\u304f\u5834\u5408\u306f\u3001\u30b5\u30dd\u30fc\u30c8\u306b\u9023\u7d61\u3057\u3066\u304f\u3060\u3055\u3044\u3002
118 | URL_INFORMATION = \u8106\u5f31\u6027\u30c7\u30fc\u30bf\u3092\u53d6\u5f97\u3059\u308bTeamServer\u306e\u30a2\u30c9\u30ec\u30b9\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002\u4f8b\uff1ahttps://app.contrastsecurity.com/Contrast/api
119 | SERVICE_KEY_INFO = \u30b5\u30fc\u30d3\u30b9\u30ad\u30fc\u306f\u3001\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u30da\u30fc\u30b8\u306e[\u3042\u306a\u305f\u306e\u30ad\u30fc]\u306e\u4e0b\u306b\u3042\u308a\u307e\u3059\u3002
120 | EXCEPTION = \u4f8b\u5916
121 | CONNECTION_FAILED = \u63a5\u7d9a\u306b\u5931\u6557\u3057\u307e\u3057\u305f
122 | INVALID_PROTOCOL = \u7121\u52b9\u306a\u30d7\u30ed\u30c8\u30b3\u30eb\u3067\u3059
123 | NO_ORG_FOUND = \u63a5\u7d9a\u306f\u6b63\u3057\u3044\u306e\u3067\u3059\u304c\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u306e\u7d44\u7e54\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093\u3002
124 | CONFIRMED_CONNECTION = \u63a5\u7d9a\u3092\u78ba\u8a8d\u3057\u307e\u3057\u305f
125 | CONNECTION_ERROR = \u63a5\u7d9a\u30a8\u30e9\u30fc
126 | CONTRAST_ERROR = Contrast\u306b\u63a5\u7d9a\u3067\u304d\u307e\u305b\u3093\u3067\u3057\u305f\u3002 URL\u304c\u6b63\u3057\u3044\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u3001\u3082\u3046\u4e00\u5ea6\u304a\u8a66\u3057\u304f\u3060\u3055\u3044\u3002
127 | ACCESS_DENIED = \u30a2\u30af\u30bb\u30b9\u304c\u62d2\u5426\u3055\u308c\u307e\u3057\u305f
128 | VERIFY_CREDENTIALS_ERROR = \u8cc7\u683c\u60c5\u5831\u3092\u78ba\u8a8d\u3057\u3001\u9078\u629e\u3057\u305f\u7d44\u7e54\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002
129 | UNKNOWN_ERROR_INFO = \u4e0d\u660e\u306a\u4f8b\u5916\u3067\u3059\u3002\u3053\u306e\u4ef6\u306b\u3064\u3044\u3066\u7ba1\u7406\u8005\u306b\u304a\u77e5\u3089\u305b\u304f\u3060\u3055\u3044\u3002
130 | ORGANIZATION_EXISTS = \u3059\u3067\u306b\u5b58\u5728\u3059\u308b\u7d44\u7e54\u3067\u3059
131 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.core/src/com/contrastsecurity/ide/eclipse/core/ContrastCoreActivator.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.core;
16 |
17 | import java.io.IOException;
18 | import java.net.URL;
19 | import java.net.URLClassLoader;
20 | import java.util.ResourceBundle;
21 | import java.util.jar.Attributes;
22 | import java.util.jar.Manifest;
23 |
24 | import org.apache.commons.lang.ArrayUtils;
25 | import org.apache.commons.lang.StringUtils;
26 | import org.eclipse.core.runtime.IStatus;
27 | import org.eclipse.core.runtime.Status;
28 | import org.eclipse.core.runtime.preferences.IEclipsePreferences;
29 | import org.eclipse.core.runtime.preferences.InstanceScope;
30 | import org.eclipse.ui.plugin.AbstractUIPlugin;
31 | import org.osgi.framework.BundleContext;
32 | import org.osgi.service.prefs.BackingStoreException;
33 |
34 | import com.contrastsecurity.ide.eclipse.core.internal.preferences.OrganizationConfig;
35 | import com.contrastsecurity.ide.eclipse.core.Util;
36 | import com.contrastsecurity.sdk.ContrastSDK;
37 | import com.contrastsecurity.sdk.UserAgentProduct;
38 |
39 | /**
40 | * The activator class controls the plug-in life cycle
41 | */
42 | public class ContrastCoreActivator extends AbstractUIPlugin {
43 |
44 | // The plug-in ID
45 | public static final String PLUGIN_ID = "com.contrastsecurity.ide.eclipse.core"; //$NON-NLS-1$
46 |
47 | // The shared instance
48 | private static ContrastCoreActivator plugin;
49 |
50 | private static IEclipsePreferences prefs;
51 |
52 | /**
53 | * The constructor
54 | */
55 | public ContrastCoreActivator() {
56 | }
57 |
58 | /*
59 | * (non-Javadoc)
60 | *
61 | * @see org.eclipse.ui.plugin.AbstractUIPlugin#start(org.osgi.framework.
62 | * BundleContext)
63 | */
64 | public void start(BundleContext context) throws Exception {
65 | super.start(context);
66 | plugin = this;
67 | }
68 |
69 | /*
70 | * (non-Javadoc)
71 | *
72 | * @see org.eclipse.ui.plugin.AbstractUIPlugin#stop(org.osgi.framework.
73 | * BundleContext)
74 | */
75 | public void stop(BundleContext context) throws Exception {
76 | plugin = null;
77 | super.stop(context);
78 | }
79 |
80 | /**
81 | * Returns the shared instance
82 | *
83 | * @return the shared instance
84 | */
85 | public static ContrastCoreActivator getDefault() {
86 | return plugin;
87 | }
88 |
89 | public static void log(Throwable e) {
90 | plugin.getLog().log(new Status(IStatus.ERROR, PLUGIN_ID, e.getMessage(), e));
91 | }
92 |
93 | public static void logInfo(String message) {
94 | if (plugin.isDebugging()) {
95 | plugin.getLog().log(new Status(IStatus.INFO, PLUGIN_ID, message));
96 | }
97 | }
98 |
99 | public static void logWarning(String message) {
100 | plugin.getLog().log(new Status(IStatus.WARNING, PLUGIN_ID, message));
101 | }
102 |
103 | public static IEclipsePreferences getPreferences() {
104 | return InstanceScope.INSTANCE.getNode(PLUGIN_ID);
105 | }
106 |
107 | public static void initPrefs() {
108 | if(prefs == null)
109 | prefs = getPreferences();
110 | }
111 |
112 | public static String[] getOrganizationList() {
113 | initPrefs();
114 | String orgListString = prefs.get(Constants.ORGANIZATION_LIST, "");
115 |
116 | return Util.getListFromString(orgListString);
117 | }
118 |
119 | public static String getDefaultOrganization() {
120 | initPrefs();
121 |
122 | return prefs.get(Constants.ORGNAME, null);
123 | }
124 |
125 | public static boolean saveOrganizationList(String[] list) {
126 | return saveOrganizationList(list, true);
127 | }
128 |
129 | public static boolean saveOrganizationList(String[] list, boolean shouldFlush) {
130 | initPrefs();
131 |
132 | String stringList = Util.getStringFromList(list);
133 |
134 | prefs.put(Constants.ORGANIZATION_LIST, stringList);
135 |
136 | if(shouldFlush)
137 | return flushPrefs();
138 |
139 | return true;
140 | }
141 |
142 | public static void removeOrganization(final int position) {
143 | String[] orgArray = getOrganizationList();
144 | String organization = orgArray[position];
145 | orgArray = (String[]) ArrayUtils.remove(orgArray, position);
146 | saveOrganizationList(orgArray, false);
147 |
148 | prefs.remove(organization);
149 |
150 | flushPrefs();
151 | }
152 |
153 | public static boolean saveNewOrganization(final String organizationName, final String contrastUrl, final String username,
154 | final String serviceKey, final String apiKey, final String organizationUuid) {
155 | initPrefs();
156 |
157 | String[] list = getOrganizationList();
158 | list = (String[]) ArrayUtils.add(list, organizationName);
159 | saveOrganizationList(list, false);
160 |
161 | prefs.put(organizationName, contrastUrl + ";" + username + ";" + serviceKey + ";" + apiKey + ";" + organizationUuid);
162 |
163 | return flushPrefs();
164 | }
165 |
166 | public static OrganizationConfig getOrganizationConfiguration(final String organization) {
167 | initPrefs();
168 |
169 | String config = prefs.get(organization, "");
170 |
171 | if(StringUtils.isBlank(config))
172 | return null;
173 |
174 | String[] configArray = Util.getListFromString(config);
175 |
176 | // Compatibility fix for the previous plugin version
177 | if (configArray.length == 2) {
178 | removeOrganization(ArrayUtils.indexOf(getOrganizationList(), organization));
179 |
180 | saveNewOrganization(organization, prefs.get(Constants.TEAM_SERVER_URL, ""),
181 | prefs.get(Constants.USERNAME, ""),
182 | prefs.get(Constants.SERVICE_KEY, ""), configArray[0], configArray[1]);
183 | config = prefs.get(organization, "");
184 | configArray = Util.getListFromString(config);
185 | }
186 |
187 | return new OrganizationConfig(configArray[0], configArray[1], configArray[2], configArray[3], configArray[4]);
188 | }
189 |
190 | public static String getSelectedOrganization() {
191 | initPrefs();
192 |
193 | return prefs.get(Constants.ORGNAME, "");
194 | }
195 |
196 | public static String getSelectedOrganizationUuid() {
197 | if (getOrganizationConfiguration(getSelectedOrganization()) != null) {
198 | return getOrganizationConfiguration(getSelectedOrganization()).getOrganizationUUIDKey();
199 | } else {
200 | return null;
201 | }
202 |
203 | }
204 |
205 | public static boolean editOrganization(final String organization, final String apiKey, final String organizationUuid) throws OrganizationNotFoundException {
206 | initPrefs();
207 |
208 | if(prefs.get(organization, null) == null)
209 | throw new OrganizationNotFoundException("Organization does not exists");
210 |
211 | prefs.put(organization, apiKey + ";" + organizationUuid);
212 |
213 | return flushPrefs();
214 | }
215 |
216 | public static boolean saveSelectedPreferences(final String orgName) {
217 | initPrefs();
218 |
219 | prefs.put(Constants.ORGNAME, orgName);
220 |
221 | return flushPrefs();
222 | }
223 |
224 | public static boolean flushPrefs() {
225 | if(prefs == null)
226 | return false;
227 |
228 | try {
229 | prefs.flush();
230 | return true;
231 | }
232 | catch(BackingStoreException e) {
233 | e.printStackTrace();
234 | return false;
235 | }
236 | }
237 |
238 | public static ContrastSDK getContrastSDK() {
239 |
240 | initPrefs();
241 |
242 | String organizationName = prefs.get(Constants.ORGNAME, "");
243 |
244 | if (organizationName == null || organizationName.isEmpty()) {
245 | return null;
246 | }
247 | return getContrastSDKByOrganization(organizationName);
248 | }
249 |
250 | public static ContrastSDK getContrastSDKByOrganization(final String organizationName) {
251 |
252 | if(StringUtils.isBlank(organizationName))
253 | return null;
254 |
255 | OrganizationConfig config = getOrganizationConfiguration(organizationName);
256 | if(config == null)
257 | return null;
258 |
259 | String url = config.getContrastUrl();
260 | if (url == null || url.isEmpty()) {
261 | return null;
262 | }
263 | String username = config.getUsername();
264 | if (username == null || username.isEmpty()) {
265 | return null;
266 | }
267 | String serviceKey = config.getServiceKey();
268 | if (serviceKey == null || serviceKey.isEmpty()) {
269 | return null;
270 | }
271 | String apiKey = config.getApiKey();
272 | if (apiKey == null || apiKey.isEmpty()) {
273 | return null;
274 | }
275 |
276 | return getContrastSDK(username, apiKey, serviceKey, url);
277 | }
278 |
279 | public static ContrastSDK getContrastSDK(final String username, final String apiKey,
280 | final String serviceKey, final String teamServerUrl) {
281 |
282 | URL url = ContrastCoreActivator.class.getClassLoader().getResource("META-INF/MANIFEST.MF");
283 | try {
284 | Manifest manifest = new Manifest(url.openStream());
285 | Attributes att = manifest.getMainAttributes();
286 |
287 | ContrastSDK sdk = new ContrastSDK.Builder(username, serviceKey, apiKey).withApiUrl(teamServerUrl)
288 | .withUserAgentProduct(UserAgentProduct.of("ECLIPSE_INTEGRATION", att.getValue("Bundle-Version")))
289 | .build();
290 |
291 | sdk.setReadTimeout(5000);
292 |
293 | return sdk;
294 |
295 | } catch (IOException e) {
296 | // TODO Auto-generated catch block
297 | e.printStackTrace();
298 | }
299 | return null;
300 | }
301 |
302 | }
303 |
--------------------------------------------------------------------------------
/plugins/com.contrastsecurity.ide.eclipse.ui/src/com/contrastsecurity/ide/eclipse/ui/internal/model/VulnerabilityPage.java:
--------------------------------------------------------------------------------
1 | /*******************************************************************************
2 | * Copyright (c) 2017 Contrast Security.
3 | * All rights reserved.
4 | *
5 | * This program and the accompanying materials are made available under
6 | * the terms of the GNU Lesser General Public License as published by
7 | * the Free Software Foundation; either version 3 of the License.
8 | *
9 | * The terms of the GNU GPL version 3 which accompanies this distribution
10 | * and is available at https://www.gnu.org/licenses/gpl-3.0.en.html
11 | *
12 | * Contributors:
13 | * Contrast Security - initial API and implementation
14 | *******************************************************************************/
15 | package com.contrastsecurity.ide.eclipse.ui.internal.model;
16 |
17 | import java.net.MalformedURLException;
18 | import java.util.EnumSet;
19 |
20 | import org.eclipse.core.runtime.preferences.IEclipsePreferences;
21 | import org.eclipse.swt.SWT;
22 | import org.eclipse.swt.events.SelectionEvent;
23 | import org.eclipse.swt.events.SelectionListener;
24 | import org.eclipse.swt.layout.GridData;
25 | import org.eclipse.swt.layout.GridLayout;
26 | import org.eclipse.swt.layout.RowData;
27 | import org.eclipse.swt.layout.RowLayout;
28 | import org.eclipse.swt.widgets.Button;
29 | import org.eclipse.swt.widgets.Combo;
30 | import org.eclipse.swt.widgets.Composite;
31 | import org.eclipse.swt.widgets.Event;
32 | import org.eclipse.swt.widgets.Label;
33 | import org.eclipse.swt.widgets.Listener;
34 | import java.util.ResourceBundle;
35 |
36 | import com.contrastsecurity.http.RuleSeverity;
37 | import com.contrastsecurity.http.ServerFilterForm;
38 | import com.contrastsecurity.http.TraceFilterForm;
39 | import com.contrastsecurity.ide.eclipse.core.Constants;
40 | import com.contrastsecurity.ide.eclipse.core.ContrastCoreActivator;
41 | import com.contrastsecurity.ide.eclipse.ui.ContrastUIActivator;
42 | import com.contrastsecurity.ide.eclipse.ui.internal.views.VulnerabilitiesView;
43 | import com.contrastsecurity.ide.eclipse.ui.util.SystemUtils;
44 | import com.contrastsecurity.ide.eclipse.ui.util.UIElementUtils;
45 | import com.contrastsecurity.models.Applications;
46 | import com.contrastsecurity.models.Server;
47 | import com.contrastsecurity.models.Servers;
48 | import com.contrastsecurity.sdk.ContrastSDK;
49 |
50 | public class VulnerabilityPage extends AbstractPage {
51 | private Label label;
52 |
53 | private Label pageLabel;
54 | private Combo pageCombo;
55 |
56 | private IPageLoaderListener pageLoaderListener;
57 |
58 | Servers retrievedServers = null;
59 | Applications retrievedApplications = null;
60 | IEclipsePreferences prefs = ContrastCoreActivator.getPreferences();
61 | TraceFilterForm currentTraceFilterForm;
62 | Button openFilterDialogButton;
63 | IFilterListener openFilterDialogButtonListener;
64 | SeverityFilterListener severityFilterListener;
65 |
66 | Button severityLevelNoteButton;
67 | Button severityLevelLowButton;
68 | Button severityLevelMediumButton;
69 | Button severityLevelHighButton;
70 | Button severityLevelCriticalButton;
71 |
72 | ResourceBundle resource = ResourceBundle.getBundle("OSGI-INF/l10n.bundle");
73 |
74 |
75 | public VulnerabilityPage(Composite parent, int style, VulnerabilitiesView vulnerabilitiesView) throws MalformedURLException {
76 | super(parent, style, vulnerabilitiesView);
77 | setLayout(new GridLayout());
78 | GridData gd = new GridData(SWT.FILL, SWT.FILL, true, true);
79 | setLayoutData(gd);
80 |
81 | UIElementUtils.createLogoLabel(this, ContrastUIActivator.getImage("/icons/contrastLogo.png"));
82 |
83 | Composite comboComposite = new Composite(this, SWT.NONE);
84 | comboComposite.setLayout(new GridLayout(5, false));
85 |
86 | label = new Label(comboComposite, SWT.NONE);
87 | gd = new GridData(SWT.FILL, SWT.CENTER, false, false);
88 | label.setLayoutData(gd);
89 | String orgUuid = getOrgUuid();
90 |
91 | getServers(orgUuid, true);
92 | getApplications(orgUuid, true, null);
93 |
94 | createPaginationUI(comboComposite);
95 |
96 | openFilterDialogButton = new Button(comboComposite, SWT.PUSH);
97 | openFilterDialogButton.setImage(ContrastUIActivator.getImage("/icons/filter.png"));
98 |
99 | openFilterDialogButton.addListener(SWT.Selection, new Listener() {
100 | @Override
101 | public void handleEvent(Event event) {
102 | openFilterDialogButtonListener.onFilterLoad(retrievedServers, retrievedApplications);
103 | }
104 | });
105 |
106 | Listener severityButtonListener = new Listener() {
107 | @Override
108 | public void handleEvent(Event event) {
109 | saveSeveritiesFilter();
110 | severityFilterListener.onSeverityFilterLoad(getSelectedSeverities());
111 | }
112 | };
113 |
114 | Composite severityComposite = new Composite(comboComposite, SWT.NONE);
115 |
116 | RowLayout rowLayout = new RowLayout();
117 | rowLayout.marginLeft = 20;
118 | severityComposite.setLayout(rowLayout);
119 |
120 | severityLevelNoteButton = createSeverityButton(severityComposite, resource.getString("NOTE_VULN_LABEL"), SWT.TOGGLE, severityButtonListener, SWT.Selection);
121 | severityLevelNoteButton.setSelection(prefs.getBoolean(Constants.SEVERITY_LEVEL_NOTE, false));
122 |
123 | severityLevelLowButton = createSeverityButton(severityComposite, resource.getString("LOW_VULN_LABEL"), SWT.TOGGLE, severityButtonListener, SWT.Selection);
124 | severityLevelLowButton.setSelection(prefs.getBoolean(Constants.SEVERITY_LEVEL_LOW, false));
125 |
126 | severityLevelMediumButton = createSeverityButton(severityComposite, resource.getString("MEDIUM_VULN_LABEL"), SWT.TOGGLE, severityButtonListener, SWT.Selection);
127 | severityLevelMediumButton.setSelection(prefs.getBoolean(Constants.SEVERITY_LEVEL_MEDIUM, false));
128 |
129 | severityLevelHighButton = createSeverityButton(severityComposite, resource.getString("HIGH_VULN_LABEL"), SWT.TOGGLE, severityButtonListener, SWT.Selection);
130 | severityLevelHighButton.setSelection(prefs.getBoolean(Constants.SEVERITY_LEVEL_HIGH, false));
131 |
132 | severityLevelCriticalButton = createSeverityButton(severityComposite, resource.getString("CRITICAL_VULN_LABEL"), SWT.TOGGLE, severityButtonListener, SWT.Selection);
133 | severityLevelCriticalButton.setSelection(prefs.getBoolean(Constants.SEVERITY_LEVEL_CRITICAL, false));
134 | }
135 |
136 | private EnumSet getSelectedSeverities() {
137 |
138 | EnumSet severities = EnumSet.noneOf(RuleSeverity.class);
139 | if (severityLevelNoteButton.getSelection()) {
140 | severities.add(RuleSeverity.NOTE);
141 | }
142 | if (severityLevelLowButton.getSelection()) {
143 | severities.add(RuleSeverity.LOW);
144 | }
145 | if (severityLevelMediumButton.getSelection()) {
146 | severities.add(RuleSeverity.MEDIUM);
147 | }
148 | if (severityLevelHighButton.getSelection()) {
149 | severities.add(RuleSeverity.HIGH);
150 | }
151 | if (severityLevelCriticalButton.getSelection()) {
152 | severities.add(RuleSeverity.CRITICAL);
153 | }
154 | return severities;
155 | }
156 |
157 | private void saveSeveritiesFilter() {
158 | prefs.putBoolean(Constants.SEVERITY_LEVEL_NOTE, severityLevelNoteButton.getSelection());
159 | prefs.putBoolean(Constants.SEVERITY_LEVEL_MEDIUM, severityLevelMediumButton.getSelection());
160 | prefs.putBoolean(Constants.SEVERITY_LEVEL_CRITICAL, severityLevelCriticalButton.getSelection());
161 | prefs.putBoolean(Constants.SEVERITY_LEVEL_LOW, severityLevelLowButton.getSelection());
162 | prefs.putBoolean(Constants.SEVERITY_LEVEL_HIGH, severityLevelHighButton.getSelection());
163 | }
164 |
165 | private Button createSeverityButton(Composite composite, String text, int style, Listener listener, int listenerType) {
166 | Button button = new Button(composite, style);
167 | button.setText(text);
168 | button.addListener(listenerType, listener);
169 | if(SystemUtils.isMacOS())
170 | button.setLayoutData(new RowData(90, 25));
171 | else
172 | button.setLayoutData(new RowData(60, 25));
173 |
174 | return button;
175 | }
176 |
177 | private String getOrgUuid() {
178 | String orgUuid = null;
179 | try {
180 | orgUuid = ContrastCoreActivator.getSelectedOrganizationUuid();
181 | } catch (Exception e) {
182 | ContrastUIActivator.log(e);
183 | }
184 | return orgUuid;
185 | }
186 |
187 | private ContrastSDK getSdk() {
188 | return getVulnerabilitiesView().getSdk();
189 | }
190 |
191 | private void createPaginationUI(Composite composite) {
192 | GridData gd;
193 |
194 | pageLabel = new Label(composite, SWT.NONE);
195 | gd = new GridData(SWT.FILL, SWT.CENTER, false, false);
196 | pageLabel.setLayoutData(gd);
197 | pageLabel.setText(resource.getString("PAGE_LABEL"));
198 |
199 | pageCombo = new Combo(composite, SWT.READ_ONLY);
200 | pageCombo.addSelectionListener(new SelectionListener() {
201 |
202 | @Override
203 | public void widgetSelected(SelectionEvent e) {
204 | pageLoaderListener.onPageLoad(Integer.parseInt(pageCombo.getText()));
205 | }
206 |
207 | @Override
208 | public void widgetDefaultSelected(SelectionEvent e) {
209 | /* Does nothing */ }
210 | });
211 | }
212 |
213 | public void getServers(final String orgUuid, final boolean setSavedDefaults) {
214 | if (orgUuid != null) {
215 | try {
216 | ServerFilterForm serverFilterForm = new ServerFilterForm();
217 | serverFilterForm.setExpand(EnumSet.of(ServerFilterForm.ServerExpandValue.APPLICATIONS));
218 | retrievedServers = getSdk().getServers(orgUuid, serverFilterForm);
219 |
220 | } catch (Exception e) {
221 | ContrastUIActivator.log(e);
222 | }
223 | }
224 | }
225 |
226 | public void getApplications(final String orgUuid, final boolean setSavedDefaults, Server server) {
227 |
228 | if (orgUuid != null) {
229 | if (server == null) {
230 | try {
231 | retrievedApplications = getSdk().getApplications(orgUuid);
232 | } catch (Exception e) {
233 | ContrastUIActivator.log(e);
234 | }
235 | }
236 | }
237 | }
238 |
239 | public void initializePageCombo(final int pageLimit, final int totalElements) {
240 | if (totalElements > pageLimit) {
241 | int pages;
242 |
243 | if (totalElements % pageLimit > 0)
244 | pages = totalElements / pageLimit + 1;
245 | else
246 | pages = totalElements / pageLimit;
247 |
248 | String[] pagesArray = new String[pages];
249 |
250 | for (int i = 0; i < pages; i++)
251 | pagesArray[i] = String.valueOf(i + 1);
252 |
253 | pageCombo.setItems(pagesArray);
254 | pageCombo.setEnabled(true);
255 | } else {
256 | pageCombo.setItems(new String[] { "1" });
257 | pageCombo.setEnabled(false);
258 | }
259 |
260 | pageCombo.select(0);
261 | }
262 |
263 | public void setPageLoaderListener(final IPageLoaderListener pageLoaderListener) {
264 | this.pageLoaderListener = pageLoaderListener;
265 | }
266 |
267 | public void setSeverityFilterListener(SeverityFilterListener severityFilterListener) {
268 | this.severityFilterListener = severityFilterListener;
269 | }
270 |
271 | public Label getLabel() {
272 | return label;
273 | }
274 |
275 | public void setOpenFilterDialogButtonListener(IFilterListener openFilterDialogButtonListener) {
276 | this.openFilterDialogButtonListener = openFilterDialogButtonListener;
277 | }
278 | }
279 |
--------------------------------------------------------------------------------