├── .idea
└── .gitignore
├── src
└── ContrastRestClient
│ ├── Http
│ ├── IntegrationName.cs
│ ├── OrganizationFilter.cs
│ ├── IHttpClient.cs
│ ├── IContrastRestClient.cs
│ ├── ServerFilter.cs
│ ├── ContrastRestClient.cs
│ ├── HttpClientWrapper.cs
│ └── TraceFilter.cs
│ ├── ContrastRestClient.csproj
│ ├── Model
│ ├── BaseApiResponse.cs
│ ├── Snippet.cs
│ ├── AgentType.cs
│ ├── Header.cs
│ ├── Parameter.cs
│ ├── Link.cs
│ ├── Card.cs
│ ├── CodeView.cs
│ ├── NgApplication.cs
│ ├── StoryChapter.cs
│ ├── TraceStatus.cs
│ ├── TraceStory.cs
│ ├── TraceRecommendation.cs
│ ├── Score.cs
│ ├── TraceFiltering.cs
│ ├── Request.cs
│ ├── TraceBreakdown.cs
│ ├── Profile.cs
│ ├── TraceTag.cs
│ ├── Library.cs
│ ├── TraceEventDetail.cs
│ ├── TraceEvent.cs
│ ├── Organization.cs
│ └── Server.cs
│ ├── ForbiddenException.cs
│ ├── ContrastApiException.cs
│ ├── ResourceNotFoundException.cs
│ ├── Serialization
│ ├── DateTimeConverter.cs
│ └── EpochDateTimeConverter.cs
│ └── NgEndpoints.cs
├── Contrast.ApiClient.v3.ncrunchsolution
├── examples
└── SampleContrastClient
│ ├── App.config
│ ├── SampleContrastClient.csproj
│ └── Program.cs
├── .github
└── workflows
│ └── build.yaml
├── tests
└── ContrastRestClient.Tests
│ ├── ContrastRestClient.Tests.csproj
│ ├── PostUtil.cs
│ ├── ConverterTest.cs
│ ├── ContrastRestClientTest.cs
│ ├── FilterTest.cs
│ ├── TeamServerClientOrganizationTest.cs
│ ├── TeamServerClientRemediationTest.cs
│ └── TeamServerClientTagsTest.cs
├── LICENSE.txt
├── Contrast.ApiClient.sln
├── .gitattributes
├── .gitignore
├── Contrast.ApiClient.sln.DotSettings
└── README.md
/.idea/.gitignore:
--------------------------------------------------------------------------------
1 | # Default ignored files
2 | /shelf/
3 | /workspace.xml
4 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Http/IntegrationName.cs:
--------------------------------------------------------------------------------
1 | namespace Contrast.Http
2 | {
3 | public enum IntegrationName
4 | {
5 | VISUAL_STUDIO_INTEGRATION,
6 | NONE
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/Contrast.ApiClient.v3.ncrunchsolution:
--------------------------------------------------------------------------------
1 |
2 |
3 | True
4 | True
5 |
6 |
--------------------------------------------------------------------------------
/examples/SampleContrastClient/App.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/examples/SampleContrastClient/SampleContrastClient.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net452
4 | false
5 |
6 | Exe
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/.github/workflows/build.yaml:
--------------------------------------------------------------------------------
1 | name: "Build"
2 | on:
3 | pull_request:
4 | push:
5 | branches:
6 | - master
7 |
8 | jobs:
9 | build:
10 | runs-on: windows-latest
11 | steps:
12 | - uses: actions/setup-dotnet@v1
13 | with:
14 | dotnet-version: '5.0.101'
15 | - uses: actions/checkout@v2
16 | - run: dotnet build -c Release
17 | - run: dotnet test -c Release
18 | - run: dotnet pack -c Release --output ${{ github.workspace }}\nuget
19 | - uses: actions/upload-artifact@v1
20 | with:
21 | name: nuget-packages
22 | path: ${{ github.workspace }}\nuget
23 |
--------------------------------------------------------------------------------
/tests/ContrastRestClient.Tests/ContrastRestClient.Tests.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net452
4 | false
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/ContrastRestClient.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net45;netstandard2.0
4 | Contrast REST API
5 | A .Net client for retrieving data from Contrast's REST API as C# objects.
6 |
7 | See http://www.contrastsecurity.com for more information on Contrast Security.
8 | Contrast Security, Inc.
9 | Contrast REST API
10 | Copyright © 2021
11 | 3.3.1
12 | true
13 | Contrast
14 | Contrast Security
15 | Contrast Security
16 | https://github.com/Contrast-Security-OSS/contrast-sdk-dotnet
17 | LICENSE.txt
18 |
19 |
20 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
1 | Copyright (c) 2021, Contrast Security, Inc.
2 | All rights reserved.
3 |
4 | Redistribution and use in source and binary forms, with or without modification, are
5 | permitted provided that the following conditions are met:
6 |
7 | Redistributions of source code must retain the above copyright notice, this list of
8 | conditions and the following disclaimer.
9 |
10 | Redistributions in binary form must reproduce the above copyright notice, this list of
11 | conditions and the following disclaimer in the documentation and/or other materials
12 | provided with the distribution.
13 |
14 | Neither the name of the Contrast Security, Inc. nor the names of its contributors may
15 | be used to endorse or promote products derived from this software without specific
16 | prior written permission.
17 |
18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
19 | EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
20 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21 | THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
23 | OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
25 | STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
26 | THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--------------------------------------------------------------------------------
/src/ContrastRestClient/Http/OrganizationFilter.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | namespace Contrast.Http
31 | {
32 | public enum OrganizationExpandValues
33 | {
34 | auto_license,
35 | freemium
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/BaseApiResponse.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 |
32 | using Newtonsoft.Json;
33 |
34 | namespace Contrast.Model
35 | {
36 | [JsonObject]
37 | public class BaseApiResponse
38 | {
39 | [JsonProperty(PropertyName = "success")]
40 | public bool Success { get; set; }
41 |
42 | [JsonProperty(PropertyName = "messages")]
43 | public List Messages { get; set; }
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/ForbiddenException.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 |
32 | namespace Contrast
33 | {
34 | ///
35 | /// Exception thrown when TeamServer sends an Forbidden response.
36 | ///
37 | [Serializable]
38 | public class ForbiddenException : Exception
39 | {
40 | ///
41 | /// Creates a ForbiddenException with the message populated.
42 | ///
43 | ///
44 | public ForbiddenException(string message) : base(message)
45 | { }
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/ContrastApiException.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 |
32 | namespace Contrast
33 | {
34 | ///
35 | /// Exception thrown when TeamServer sends an unrecognized response.
36 | ///
37 | [Serializable]
38 | public class ContrastApiException : Exception
39 | {
40 | ///
41 | /// Creates a ContrastApiException with the message populated.
42 | ///
43 | ///
44 | public ContrastApiException(string message) : base ( message )
45 | {}
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Snippet.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Model
34 | {
35 | [JsonObject]
36 | public class Snippet
37 | {
38 | [JsonProperty(PropertyName = "text")]
39 | public string Text { get; set; }
40 |
41 | [JsonProperty(PropertyName = "formattedText")]
42 | public string FormattedText { get; set; }
43 |
44 | [JsonProperty(PropertyName = "formattedTextVariables")]
45 | public Dictionary FormattedTextVariables { get; set; }
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/tests/ContrastRestClient.Tests/PostUtil.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.IO;
31 | using System.Text;
32 |
33 | namespace ContrastRestClient.Tests
34 | {
35 | public static class PostUtil
36 | {
37 | public static System.Net.Http.HttpResponseMessage GetPostResponse(System.Net.HttpStatusCode statusCode, string responseJson)
38 | {
39 | var response = new System.Net.Http.HttpResponseMessage(statusCode);
40 | response.Content = new System.Net.Http.StreamContent(new MemoryStream(Encoding.UTF8.GetBytes(responseJson)));
41 | return response;
42 | }
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/ResourceNotFoundException.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 |
32 | namespace Contrast
33 | {
34 | ///
35 | /// Exception thrown when TeamServer returns a 404 error.
36 | ///
37 | [Serializable]
38 | public class ResourceNotFoundException : ContrastApiException
39 | {
40 | ///
41 | /// Creates a new ResourceNotFoundException with the message populated.
42 | ///
43 | /// the error message
44 | public ResourceNotFoundException( string message ) : base ( message )
45 | {}
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/AgentType.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | namespace Contrast.Model
31 | {
32 | ///
33 | /// Enumerate the agent downloads.
34 | ///
35 | public enum AgentType
36 | {
37 | ///
38 | /// Java engine type
39 | ///
40 | Java,
41 | ///
42 | /// Java 1.5 engine type
43 | ///
44 | Java15,
45 | ///
46 | /// .NET engine type
47 | ///
48 | DotNet,
49 | ///
50 | /// NodeJS engine type
51 | ///
52 | Node
53 | }
54 | }
55 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Header.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using Newtonsoft.Json;
31 |
32 | namespace Contrast.Model
33 | {
34 | ///
35 | /// Name=value pair for HTTP headers.
36 | ///
37 | [JsonObject]
38 | public class Header
39 | {
40 | ///
41 | /// Gets the name of the header.
42 | ///
43 | [JsonProperty(PropertyName = "name")]
44 | public string Name { get; set; }
45 |
46 | ///
47 | /// Gets the value of the header.
48 | ///
49 | [JsonProperty(PropertyName = "value")]
50 | public string Value { get; set; }
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Parameter.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using Newtonsoft.Json;
31 |
32 | namespace Contrast.Model
33 | {
34 | ///
35 | /// The name=value pair for HTTP request parameters.
36 | ///
37 | [JsonObject]
38 | public class Parameter
39 | {
40 | ///
41 | /// Gets the name of the parameter.
42 | ///
43 | [JsonProperty(PropertyName = "name")]
44 | public string Name { get; set; }
45 |
46 | ///
47 | /// Gets the value of the parameter.
48 | ///
49 | [JsonProperty(PropertyName = "value")]
50 | public string Value { get; set; }
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Http/IHttpClient.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using System.Net.Http;
33 | using System.Threading.Tasks;
34 | namespace Contrast.Http
35 | {
36 | public interface IHttpClient : IDisposable
37 | {
38 | Task GetAsync(string endpoint);
39 | Task PostAsync(string endpoint, string requestBody, List> additionalHeaders);
40 | Task PutAsync(string endpoint, string requestBody, List> additionalHeaders);
41 |
42 | Task DeleteAsync(string endpoint);
43 | Task DeleteAsync(string endpoint, string requestBody);
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Http/IContrastRestClient.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using System.Net.Http;
33 |
34 | namespace Contrast.Http
35 | {
36 | public interface IContrastRestClient : IDisposable
37 | {
38 | System.IO.Stream GetResponseStream(string apiEndpoint);
39 | HttpResponseMessage PostApplicationSpecificMessage(string endpoint, string postBody, string application);
40 | HttpResponseMessage PostMessage(string endpoint, string postBody, List> additionalHeaders );
41 | HttpResponseMessage PutMessage(string endpoint, string requestBody, List> additionalHeaders);
42 | HttpResponseMessage DeleteMessage(string endpoint);
43 | HttpResponseMessage DeleteMessage(string endpoint, string requestBody);
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Link.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using Newtonsoft.Json;
31 |
32 | namespace Contrast.Model
33 | {
34 | ///
35 | /// A link containing a URL to a Contrast REST endpoint.
36 | ///
37 | [JsonObject]
38 | public class Link
39 | {
40 | ///
41 | /// Gets the name of the endpoint.
42 | ///
43 | [JsonProperty(PropertyName="rel")]
44 | public string Rel { get; set; }
45 |
46 | ///
47 | /// Gets the REST endpoint URL.
48 | ///
49 | [JsonProperty(PropertyName = "href")]
50 | public string Href { get; set; }
51 |
52 | ///
53 | /// Get the request method.
54 | ///
55 | [JsonProperty(PropertyName = "method")]
56 | public string Method { get; set; }
57 | }
58 | }
59 |
--------------------------------------------------------------------------------
/Contrast.ApiClient.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 15
4 | VisualStudioVersion = 15.0.27004.2005
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ContrastRestClient", "src\ContrastRestClient\ContrastRestClient.csproj", "{A03F8136-A1AB-4621-9D38-A47416C83EBE}"
7 | EndProject
8 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SampleContrastClient", "examples\SampleContrastClient\SampleContrastClient.csproj", "{1FDD7518-8C6F-4F53-86D4-E256D06A40B3}"
9 | EndProject
10 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ContrastRestClient.Tests", "tests\ContrastRestClient.Tests\ContrastRestClient.Tests.csproj", "{448EF756-4077-4072-8274-A2075B1C56A6}"
11 | EndProject
12 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{5700ED5C-D9E1-4049-8DA7-267FB3C113C1}"
13 | ProjectSection(SolutionItems) = preProject
14 | appveyor.yml = appveyor.yml
15 | README.md = README.md
16 | EndProjectSection
17 | EndProject
18 | Global
19 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
20 | Debug|Any CPU = Debug|Any CPU
21 | Release|Any CPU = Release|Any CPU
22 | EndGlobalSection
23 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
24 | {A03F8136-A1AB-4621-9D38-A47416C83EBE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
25 | {A03F8136-A1AB-4621-9D38-A47416C83EBE}.Debug|Any CPU.Build.0 = Debug|Any CPU
26 | {A03F8136-A1AB-4621-9D38-A47416C83EBE}.Release|Any CPU.ActiveCfg = Release|Any CPU
27 | {A03F8136-A1AB-4621-9D38-A47416C83EBE}.Release|Any CPU.Build.0 = Release|Any CPU
28 | {1FDD7518-8C6F-4F53-86D4-E256D06A40B3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
29 | {1FDD7518-8C6F-4F53-86D4-E256D06A40B3}.Debug|Any CPU.Build.0 = Debug|Any CPU
30 | {1FDD7518-8C6F-4F53-86D4-E256D06A40B3}.Release|Any CPU.ActiveCfg = Release|Any CPU
31 | {1FDD7518-8C6F-4F53-86D4-E256D06A40B3}.Release|Any CPU.Build.0 = Release|Any CPU
32 | {448EF756-4077-4072-8274-A2075B1C56A6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
33 | {448EF756-4077-4072-8274-A2075B1C56A6}.Debug|Any CPU.Build.0 = Debug|Any CPU
34 | {448EF756-4077-4072-8274-A2075B1C56A6}.Release|Any CPU.ActiveCfg = Release|Any CPU
35 | {448EF756-4077-4072-8274-A2075B1C56A6}.Release|Any CPU.Build.0 = Release|Any CPU
36 | EndGlobalSection
37 | GlobalSection(SolutionProperties) = preSolution
38 | HideSolutionNode = FALSE
39 | EndGlobalSection
40 | GlobalSection(ExtensibilityGlobals) = postSolution
41 | SolutionGuid = {1653D463-0EDA-453A-9205-CF793D6D9109}
42 | EndGlobalSection
43 | EndGlobal
44 |
--------------------------------------------------------------------------------
/tests/ContrastRestClient.Tests/ConverterTest.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using Contrast.Serialization;
32 | using Microsoft.VisualStudio.TestTools.UnitTesting;
33 |
34 | namespace ContrastRestClient.Tests
35 | {
36 | [TestClass]
37 | public class ConverterTest
38 | {
39 | const long TEST_TIME = 1509926400000;
40 | readonly DateTime TEST_DATE = new DateTime(2017, 11, 6, 0, 0, 0, DateTimeKind.Utc);
41 |
42 | [TestMethod]
43 | public void TestUnixTimeToDateTime()
44 | {
45 | DateTime output = DateTimeConverter.ConvertFromEpochTime(TEST_TIME);
46 | Assert.AreEqual(TEST_DATE, output);
47 | }
48 |
49 | [TestMethod]
50 | public void TestDateTimeToUnixTime()
51 | {
52 | long output = DateTimeConverter.ConvertToEpochTime(TEST_DATE);
53 | Assert.AreEqual(TEST_TIME, output);
54 | }
55 | }
56 | }
57 |
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | ###############################################################################
2 | # Set default behavior to automatically normalize line endings.
3 | ###############################################################################
4 | * text=auto
5 |
6 | ###############################################################################
7 | # Set default behavior for command prompt diff.
8 | #
9 | # This is need for earlier builds of msysgit that does not have it on by
10 | # default for csharp files.
11 | # Note: This is only used by command line
12 | ###############################################################################
13 | #*.cs diff=csharp
14 |
15 | ###############################################################################
16 | # Set the merge driver for project and solution files
17 | #
18 | # Merging from the command prompt will add diff markers to the files if there
19 | # are conflicts (Merging from VS is not affected by the settings below, in VS
20 | # the diff markers are never inserted). Diff markers may cause the following
21 | # file extensions to fail to load in VS. An alternative would be to treat
22 | # these files as binary and thus will always conflict and require user
23 | # intervention with every merge. To do so, just uncomment the entries below
24 | ###############################################################################
25 | #*.sln merge=binary
26 | #*.csproj merge=binary
27 | #*.vbproj merge=binary
28 | #*.vcxproj merge=binary
29 | #*.vcproj merge=binary
30 | #*.dbproj merge=binary
31 | #*.fsproj merge=binary
32 | #*.lsproj merge=binary
33 | #*.wixproj merge=binary
34 | #*.modelproj merge=binary
35 | #*.sqlproj merge=binary
36 | #*.wwaproj merge=binary
37 |
38 | ###############################################################################
39 | # behavior for image files
40 | #
41 | # image files are treated as binary by default.
42 | ###############################################################################
43 | #*.jpg binary
44 | #*.png binary
45 | #*.gif binary
46 |
47 | ###############################################################################
48 | # diff behavior for common document formats
49 | #
50 | # Convert binary document formats to text before diffing them. This feature
51 | # is only available from the command line. Turn it on by uncommenting the
52 | # entries below.
53 | ###############################################################################
54 | #*.doc diff=astextplain
55 | #*.DOC diff=astextplain
56 | #*.docx diff=astextplain
57 | #*.DOCX diff=astextplain
58 | #*.dot diff=astextplain
59 | #*.DOT diff=astextplain
60 | #*.pdf diff=astextplain
61 | #*.PDF diff=astextplain
62 | #*.rtf diff=astextplain
63 | #*.RTF diff=astextplain
64 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Card.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using Newtonsoft.Json;
31 |
32 | namespace Contrast.Model
33 | {
34 | [JsonObject]
35 | public class Card
36 | {
37 | ///
38 | /// Returns the body snippet as a Dictionary
39 | ///
40 | [JsonProperty(PropertyName = "body")]
41 | public object Body { get; set; }
42 |
43 | ///
44 | /// Returns the header snippet as a Dictionary
45 | ///
46 | [JsonProperty(PropertyName = "header")]
47 | public object Header { get; set; }
48 |
49 | ///
50 | /// Hidden status of Card.
51 | ///
52 | [JsonProperty(PropertyName = "is_hidden")]
53 | public bool IsHidden { get; set; }
54 |
55 | ///
56 | /// Severity level of card.
57 | ///
58 | [JsonProperty(PropertyName = "severity")]
59 | public string Severity { get; set; }
60 |
61 | ///
62 | /// Card title.
63 | ///
64 | [JsonProperty(PropertyName = "title")]
65 | public string Title { get; set; }
66 |
67 | ///
68 | /// Trace id the card belongs to.
69 | ///
70 | [JsonProperty(PropertyName = "traceId")]
71 | public string TraceId { get; set; }
72 | }
73 | }
74 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/CodeView.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Model
34 | {
35 | [JsonObject]
36 | public class CodeView
37 | {
38 | ///
39 | /// List of code lines.
40 | ///
41 | [JsonProperty(PropertyName = "lines")]
42 | public List Lines { get; set; }
43 |
44 | ///
45 | /// If the code view is nested.
46 | ///
47 | [JsonProperty(PropertyName = "nested")]
48 | public bool Nested { get; set; }
49 | }
50 |
51 | [JsonObject]
52 | public class CodeLine
53 | {
54 | ///
55 | /// Formatted fragments of code.
56 | ///
57 | [JsonProperty(PropertyName = "fragments")]
58 | public List Fragments { get; set; }
59 |
60 | ///
61 | /// Full line of code.
62 | ///
63 | [JsonProperty(PropertyName = "text")]
64 | public string Text { get; set; }
65 | }
66 |
67 | [JsonObject]
68 | public class LineFragment
69 | {
70 | ///
71 | /// Type of fragment.
72 | ///
73 | [JsonProperty(PropertyName = "type")]
74 | public string Type { get; set; }
75 |
76 | ///
77 | /// Fragment content.
78 | ///
79 | [JsonProperty(PropertyName = "value")]
80 | public string Value { get; set; }
81 | }
82 | }
83 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/NgApplication.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using Newtonsoft.Json;
31 |
32 | namespace Contrast.Model
33 | {
34 | [JsonObject]
35 | public class ApplicationModule
36 | {
37 | ///
38 | /// Application id.
39 | ///
40 | [JsonProperty(PropertyName = "app_id")]
41 | public string AppId { get; set; }
42 |
43 | ///
44 | /// If the application is archived.
45 | ///
46 | [JsonProperty(PropertyName = "archived")]
47 | public bool Archived { get; set; }
48 |
49 | ///
50 | /// Service level. Allowed values: Unlicensed, Enterprise.
51 | ///
52 | [JsonProperty(PropertyName = "level")]
53 | public string Level { get; set; }
54 |
55 | ///
56 | /// Application name.
57 | ///
58 | [JsonProperty(PropertyName = "name")]
59 | public string Name { get; set; }
60 |
61 | ///
62 | /// Application path.
63 | ///
64 | [JsonProperty(PropertyName = "path")]
65 | public string Path { get; set; }
66 |
67 | ///
68 | /// Total LoC shorthand.
69 | ///
70 | [JsonProperty(PropertyName = "size_shorthand")]
71 | public string SizeShorthand { get; set; }
72 |
73 | ///
74 | /// Short name.
75 | ///
76 | [JsonProperty(PropertyName = "short_name")]
77 | public string ShortName { get; set; }
78 | }
79 | }
80 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/StoryChapter.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 | using Newtonsoft.Json.Converters;
33 |
34 | namespace Contrast.Model
35 | {
36 | public enum ChapterType
37 | {
38 | recreation,
39 | location,
40 | configuration,
41 | dataflow,
42 | outcome,
43 | properties,
44 | request,
45 | risk,
46 | source
47 | }
48 |
49 | [JsonObject]
50 | public class Chapter
51 | {
52 | [JsonConverter(typeof(StringEnumConverter))]
53 | [JsonProperty(PropertyName = "type")]
54 | public ChapterType Type { get; set; }
55 |
56 | [JsonProperty(PropertyName = "introText")]
57 | public string IntroText { get; set; }
58 |
59 | [JsonProperty(PropertyName = "introTextFormat")]
60 | public string IntroTextFormat { get; set; }
61 |
62 | [JsonProperty(PropertyName = "introTextVariables")]
63 | public Dictionary IntroTextVariables { get; set; }
64 |
65 | [JsonProperty(PropertyName = "body")]
66 | public string Body { get; set; }
67 |
68 | [JsonProperty(PropertyName = "bodyFormat")]
69 | public string BodyFormat { get; set; }
70 |
71 | [JsonProperty(PropertyName = "bodyFormatVariables")]
72 | public Dictionary BodyFormatVariables { get; set; }
73 |
74 | [JsonProperty(PropertyName = "properties")]
75 | public Dictionary Properties { get; set; }
76 |
77 | [JsonProperty(PropertyName = "vector")]
78 | private string Vector { get; set; }
79 | }
80 | }
81 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/TraceStatus.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 |
32 | using Newtonsoft.Json;
33 |
34 | namespace Contrast.Model
35 | {
36 | ///
37 | /// Class that contains allowed trace status.
38 | ///
39 | public static class TraceStatus
40 | {
41 | public const string Confirmed = "Confirmed";
42 | public const string Suspicious = "Suspicious";
43 | public const string NotAProblem = "Not a Problem";
44 | public const string Remediated = "Remediated";
45 | public const string Reported = "Reported";
46 | public const string Fixed = "Fixed";
47 | }
48 |
49 | [JsonObject]
50 | public class TraceMarkStatusRequest
51 | {
52 | ///
53 | /// Array of traces
54 | ///
55 | [JsonProperty(PropertyName = "traces")]
56 | public List Traces { get; set; }
57 | ///
58 | /// New status.
59 | ///
60 | [JsonProperty(PropertyName = "status")]
61 | public string Status { get; set; }
62 |
63 | ///
64 | /// Subs status
65 | ///
66 | [JsonProperty(PropertyName = "substatus")]
67 | public string SubStatus { get; set; }
68 |
69 | ///
70 | /// Note
71 | ///
72 | [JsonProperty(PropertyName = "note")]
73 | public string Note { get; set; }
74 |
75 | ///
76 | /// Comment preference.
77 | ///
78 | [JsonProperty(PropertyName = "comment_preference")]
79 | public bool CommentPreference { get; set; }
80 | }
81 | }
82 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/TraceStory.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Model
34 | {
35 | [JsonObject]
36 | public class TraceStory
37 | {
38 | [JsonProperty(PropertyName = "traceId")]
39 | public string TraceId { get; set; }
40 |
41 | [JsonProperty(PropertyName = "chapters")]
42 | public List Chapters { get; set; }
43 |
44 | [JsonProperty(PropertyName = "risk")]
45 | public Snippet Risk { get; set; }
46 | }
47 |
48 | [JsonObject]
49 | public class Property
50 | {
51 | [JsonProperty(PropertyName = "name")]
52 | public string Name { get; set; }
53 |
54 | [JsonProperty(PropertyName = "value")]
55 | public string Value { get; set; }
56 | }
57 |
58 | [JsonObject]
59 | public class TraceStoryResponse
60 | {
61 | ///
62 | /// Custom risk.
63 | ///
64 | [JsonProperty(PropertyName = "custom_risk")]
65 | public Snippet CustomRisk { get; set; }
66 |
67 | ///
68 | /// List of messages.
69 | ///
70 | [JsonProperty(PropertyName = "messages")]
71 | public List Messages { get; set; }
72 |
73 | ///
74 | /// Trace story.
75 | ///
76 | [JsonProperty(PropertyName = "story")]
77 | public TraceStory Story { get; set; }
78 |
79 | ///
80 | /// Indicate whether API response was successful or not.
81 | ///
82 | [JsonProperty(PropertyName = "success")]
83 | public bool Success { get; set; }
84 | }
85 | }
86 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Serialization/DateTimeConverter.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 |
32 | namespace Contrast.Serialization
33 | {
34 | public static class DateTimeConverter
35 | {
36 | private static readonly long EpochMilliseconds = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).Ticks / TimeSpan.TicksPerMillisecond;
37 |
38 | ///
39 | /// Converts a Unix time (or epoch) representation to a DateTime object with UTC timezone.
40 | ///
41 | /// Unix time in milliseconds.
42 | /// A DateTime object for the given time.
43 | public static DateTime ConvertFromEpochTime(long epochTime)
44 | {
45 | long totalTicks = (EpochMilliseconds + epochTime) * TimeSpan.TicksPerMillisecond;
46 |
47 | return new DateTime(totalTicks, DateTimeKind.Utc);
48 | }
49 |
50 | ///
51 | /// Converts a DateTime object to Unix time representation in milliseconds.
52 | ///
53 | /// DateTime object to be converted.
54 | /// A milliseconds representation of Unix time.
55 | public static long ConvertToEpochTime(DateTime dateTime)
56 | {
57 | double mSecs = (dateTime.ToUniversalTime().Ticks / TimeSpan.TicksPerMillisecond) - EpochMilliseconds;
58 | long result;
59 |
60 | try
61 | {
62 | result = Convert.ToInt64(mSecs);
63 | }
64 | catch (OverflowException)
65 | {
66 | result = mSecs > 0 ? Int64.MaxValue : Int64.MinValue;
67 | }
68 |
69 | return result;
70 | }
71 | }
72 | }
73 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/TraceRecommendation.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using Newtonsoft.Json;
33 |
34 | namespace Contrast.Model
35 | {
36 | [JsonObject]
37 | public class TraceRecommendationResponse
38 | {
39 | ///
40 | /// Indicates whether API response was successful or not.
41 | ///
42 | [JsonProperty(PropertyName = "success")]
43 | public bool Success { get; set; }
44 |
45 | ///
46 | /// List of messages.
47 | ///
48 | [JsonProperty(PropertyName = "messages")]
49 | public List Messages { get; set; }
50 |
51 | ///
52 | /// Recommendation.
53 | ///
54 | [JsonProperty(PropertyName = "recommendation")]
55 | public Snippet Recommendation { get; set; }
56 |
57 | ///
58 | /// OWASP.
59 | ///
60 | [JsonProperty(PropertyName = "owasp")]
61 | public String Owasp { get; set; }
62 |
63 | ///
64 | /// CWE.
65 | ///
66 | [JsonProperty(PropertyName = "cwe")]
67 | public String Cwe { get; set; }
68 |
69 | ///
70 | /// Custom recommendation.
71 | ///
72 | [JsonProperty(PropertyName = "custom_recommendation")]
73 | public Snippet CustomRecommendation { get; set; }
74 |
75 | ///
76 | /// Rule references.
77 | ///
78 | [JsonProperty(PropertyName = "rule_references")]
79 | public Snippet RuleReferences { get; set; }
80 |
81 | ///
82 | /// Custom rule references.
83 | ///
84 | [JsonProperty(PropertyName = "custom_rule_references")]
85 | public Snippet CustomRuleReferences { get; set; }
86 | }
87 | }
88 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Score.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Model
34 | {
35 | [JsonObject]
36 | public class Score
37 | {
38 | ///
39 | /// Grade
40 | ///
41 | [JsonProperty(PropertyName = "grade")]
42 | public int? Grade { get; set; }
43 |
44 | ///
45 | /// Letter grade
46 | ///
47 | [JsonProperty(PropertyName = "letter_grade")]
48 | public string LetterGrade { get; set; }
49 |
50 | ///
51 | /// Library scoring type. Allowed values: DEFAULT, VULN
52 | ///
53 | [JsonProperty(PropertyName = "library_scoring_type")]
54 | public string LibraryScoringType { get; set; }
55 |
56 | [JsonProperty(PropertyName = "links")]
57 | public List Links { get; set; }
58 |
59 | ///
60 | /// Overall scoring type
61 | ///
62 | [JsonProperty(PropertyName = "overall_scoring_type")]
63 | public string OverallScoringType { get; set; }
64 |
65 | ///
66 | /// Platform score
67 | ///
68 | [JsonProperty(PropertyName = "platform")]
69 | public ScoreMetricResource Platform { get; set; }
70 |
71 | ///
72 | /// Security score
73 | ///
74 | [JsonProperty(PropertyName = "security")]
75 | public ScoreMetricResource Security { get; set; }
76 | }
77 |
78 | [JsonObject]
79 | public class ScoreMetricResource
80 | {
81 | ///
82 | /// Grade
83 | ///
84 | [JsonProperty(PropertyName = "grade")]
85 | public int? Grade { get; set; }
86 |
87 | ///
88 | /// Letter grade
89 | ///
90 | [JsonProperty(PropertyName = "letter_grade")]
91 | public string LetterGrade { get; set; }
92 |
93 | [JsonProperty(PropertyName = "links")]
94 | public List Links { get; set; }
95 | }
96 | }
97 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | ## Ignore Visual Studio temporary files, build results, and
2 | ## files generated by popular Visual Studio add-ons.
3 |
4 | # User-specific files
5 | *.suo
6 | *.user
7 | *.sln.docstates
8 |
9 | # Build results
10 | [Dd]ebug/
11 | [Dd]ebugPublic/
12 | [Rr]elease/
13 | x64/
14 | build/
15 | bld/
16 | [Bb]in/
17 | [Oo]bj/
18 |
19 | # Roslyn cache directories
20 | *.ide/
21 |
22 | # MSTest test Results
23 | [Tt]est[Rr]esult*/
24 | [Bb]uild[Ll]og.*
25 |
26 | #NUNIT
27 | *.VisualState.xml
28 | TestResult.xml
29 |
30 | # Build Results of an ATL Project
31 | [Dd]ebugPS/
32 | [Rr]eleasePS/
33 | dlldata.c
34 |
35 | *_i.c
36 | *_p.c
37 | *_i.h
38 | *.ilk
39 | *.meta
40 | *.obj
41 | *.pch
42 | *.pdb
43 | *.pgc
44 | *.pgd
45 | *.rsp
46 | *.sbr
47 | *.tlb
48 | *.tli
49 | *.tlh
50 | *.tmp
51 | *.tmp_proj
52 | *.log
53 | *.vspscc
54 | *.vssscc
55 | .builds
56 | *.pidb
57 | *.svclog
58 | *.scc
59 |
60 | # Chutzpah Test files
61 | _Chutzpah*
62 |
63 | # Visual C++ cache files
64 | ipch/
65 | *.aps
66 | *.ncb
67 | *.opensdf
68 | *.sdf
69 | *.cachefile
70 |
71 | # Visual Studio profiler
72 | *.psess
73 | *.vsp
74 | *.vspx
75 |
76 | # TFS 2012 Local Workspace
77 | $tf/
78 |
79 | # Guidance Automation Toolkit
80 | *.gpState
81 |
82 | # ReSharper is a .NET coding add-in
83 | _ReSharper*/
84 | *.[Rr]e[Ss]harper
85 | *.DotSettings.user
86 |
87 | # JustCode is a .NET coding addin-in
88 | .JustCode
89 |
90 | # TeamCity is a build add-in
91 | _TeamCity*
92 |
93 | # DotCover is a Code Coverage Tool
94 | *.dotCover
95 |
96 | # NCrunch
97 | _NCrunch_*
98 | .*crunch*.local.xml
99 |
100 | # MightyMoose
101 | *.mm.*
102 | AutoTest.Net/
103 |
104 | # Web workbench (sass)
105 | .sass-cache/
106 |
107 | # Installshield output folder
108 | [Ee]xpress/
109 |
110 | # DocProject is a documentation generator add-in
111 | DocProject/buildhelp/
112 | DocProject/Help/*.HxT
113 | DocProject/Help/*.HxC
114 | DocProject/Help/*.hhc
115 | DocProject/Help/*.hhk
116 | DocProject/Help/*.hhp
117 | DocProject/Help/Html2
118 | DocProject/Help/html
119 |
120 | # Click-Once directory
121 | publish/
122 |
123 | # Publish Web Output
124 | *.[Pp]ublish.xml
125 | *.azurePubxml
126 | ## TODO: Comment the next line if you want to checkin your
127 | ## web deploy settings but do note that will include unencrypted
128 | ## passwords
129 | #*.pubxml
130 |
131 | # NuGet Packages Directory
132 | packages/*
133 | ## TODO: If the tool you use requires repositories.config
134 | ## uncomment the next line
135 | #!packages/repositories.config
136 |
137 | # Enable "build/" folder in the NuGet Packages folder since
138 | # NuGet packages use it for MSBuild targets.
139 | # This line needs to be after the ignore of the build folder
140 | # (and the packages folder if the line above has been uncommented)
141 | !packages/build/
142 |
143 | # Windows Azure Build Output
144 | csx/
145 | *.build.csdef
146 |
147 | # Windows Store app package directory
148 | AppPackages/
149 |
150 | # Others
151 | sql/
152 | *.Cache
153 | ClientBin/
154 | [Ss]tyle[Cc]op.*
155 | ~$*
156 | *~
157 | *.dbmdl
158 | *.dbproj.schemaview
159 | *.pfx
160 | *.publishsettings
161 | node_modules/
162 |
163 | # RIA/Silverlight projects
164 | Generated_Code/
165 |
166 | # Backup & report files from converting an old project file
167 | # to a newer Visual Studio version. Backup files are not needed,
168 | # because we have git ;-)
169 | _UpgradeReport_Files/
170 | Backup*/
171 | UpgradeLog*.XML
172 | UpgradeLog*.htm
173 |
174 | # SQL Server files
175 | *.mdf
176 | *.ldf
177 |
178 | # Business Intelligence projects
179 | *.rdl.data
180 | *.bim.layout
181 | *.bim_*.settings
182 |
183 | # Microsoft Fakes
184 | FakesAssemblies/
185 |
186 | # LightSwitch generated files
187 | GeneratedArtifacts/
188 | _Pvt_Extensions/
189 | ModelManifest.xml
190 |
191 | #VSMAC
192 | .vs/
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/TraceFiltering.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using Newtonsoft.Json;
33 |
34 | namespace Contrast.Model
35 | {
36 | public enum TraceFilterType
37 | {
38 | tags,
39 | severity,
40 | status,
41 | vulntype,
42 | appversiontags,
43 | servers,
44 | serversEnvironment,
45 | url,
46 | modules,
47 | workflow,
48 | time,
49 | securityStandard
50 | }
51 |
52 | public class TraceFilterItem
53 | {
54 | ///
55 | /// Count
56 | ///
57 | [JsonProperty(PropertyName = "count")]
58 | public long Count { get; set; }
59 |
60 | ///
61 | /// Key code
62 | ///
63 | [JsonProperty(PropertyName = "keycode")]
64 | public String Keycode { get; set; }
65 |
66 | ///
67 | /// Label
68 | ///
69 | [JsonProperty(PropertyName = "label")]
70 | public string Label { get; set; }
71 |
72 | ///
73 | /// Add option to a new group
74 | ///
75 | [JsonProperty(PropertyName = "new_group")]
76 | public bool NewGroup { get; set; }
77 |
78 | ///
79 | /// Tooltip
80 | ///
81 | [JsonProperty(PropertyName = "tooltip")]
82 | public string Tooltip { get; set; }
83 | }
84 |
85 | [JsonObject]
86 | public class TraceFilterCatalogDetailsResponse
87 | {
88 | ///
89 | /// List of available filters for context.
90 | ///
91 | [JsonProperty(PropertyName = "filters")]
92 | public List Filters { get; set; }
93 |
94 | ///
95 | /// List of messages.
96 | ///
97 | [JsonProperty(PropertyName = "messages")]
98 | public List Messages { get; set; }
99 |
100 | ///
101 | /// Indicates whether API response was successful or not.
102 | ///
103 | [JsonProperty(PropertyName = "success")]
104 | public bool Success { get; set; }
105 | }
106 | }
107 |
--------------------------------------------------------------------------------
/tests/ContrastRestClient.Tests/ContrastRestClientTest.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.IO;
32 | using System.Net.Http;
33 | using System.Threading.Tasks;
34 | using Contrast;
35 | using Contrast.Http;
36 | using Microsoft.VisualStudio.TestTools.UnitTesting;
37 | using Moq;
38 |
39 | namespace ContrastRestClient.Tests
40 | {
41 | [TestClass]
42 | public class ContrastRestClientTest
43 | {
44 | private Contrast.Http.ContrastRestClient CreateClientThatReturnStatusCode(System.Net.HttpStatusCode statusCode)
45 | {
46 | var mockClient = new Mock();
47 | mockClient.Setup(c => c.GetAsync(It.IsAny())).Returns(
48 | Task.FromResult(new HttpResponseMessage(statusCode)
49 | {
50 | Content = new StreamContent( new MemoryStream() )
51 | })
52 | );
53 |
54 | var client = new Contrast.Http.ContrastRestClient(mockClient.Object);
55 | return client;
56 | }
57 |
58 | [TestMethod]
59 | public void GetResponseStream_OkResponse_NoException()
60 | {
61 | var client = CreateClientThatReturnStatusCode(System.Net.HttpStatusCode.OK);
62 |
63 | client.GetResponseStream("arbitrary");
64 | }
65 |
66 | [TestMethod, ExpectedException(typeof(ContrastApiException))]
67 | public void GetResponseStream_UnauthorizedResponse_ContrastApiExceptionThrown()
68 | {
69 | var client = CreateClientThatReturnStatusCode(System.Net.HttpStatusCode.Unauthorized);
70 |
71 | client.GetResponseStream("arbitrary");
72 | }
73 |
74 | [TestMethod, ExpectedException(typeof(ContrastApiException))]
75 | public void GetResponseStream_RedirectResponse_ContrastApiExceptionThrown()
76 | {
77 | var client = CreateClientThatReturnStatusCode(System.Net.HttpStatusCode.Redirect);
78 |
79 | client.GetResponseStream("arbitrary");
80 | }
81 |
82 | [TestMethod, ExpectedException(typeof(ResourceNotFoundException))]
83 | public void GetResponseStream_NotFoundResponse_ResourceNotFoundExceptionThrown()
84 | {
85 | var client = CreateClientThatReturnStatusCode(System.Net.HttpStatusCode.NotFound);
86 |
87 | client.GetResponseStream("arbitrary");
88 | }
89 | }
90 | }
91 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Serialization/EpochDateTimeConverter.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Serialization
34 | {
35 | public class EpochDateTimeConverter : JsonConverter
36 | {
37 | public override bool CanConvert(Type objectType)
38 | {
39 | return objectType == typeof(DateTime) || objectType == typeof(DateTime?) || objectType == typeof(DateTimeOffset) || objectType == typeof(DateTimeOffset?);
40 | }
41 |
42 | public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
43 | {
44 | if (reader.TokenType == JsonToken.Null)
45 | {
46 | if (objectType != typeof(DateTime?) && objectType != typeof(DateTimeOffset?))
47 | throw new JsonSerializationException($"Cannot convert null value to {objectType}");
48 | return null;
49 | }
50 | else if (reader.TokenType == JsonToken.Integer)
51 | {
52 | long epochTime = (long)reader.Value;
53 | DateTime dateTime = DateTimeConverter.ConvertFromEpochTime(epochTime);
54 |
55 | if (((objectType.IsGenericType && objectType.GetGenericTypeDefinition() == typeof(Nullable<>)) ? Nullable.GetUnderlyingType(objectType) : objectType) == typeof(DateTimeOffset))
56 | {
57 | return new DateTimeOffset(dateTime);
58 | }
59 |
60 | return dateTime;
61 | }
62 | else
63 | {
64 | throw new JsonSerializationException("Must be a long integer value");
65 | }
66 |
67 | }
68 |
69 | public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
70 | {
71 | if (value is DateTime time)
72 | {
73 | long epochTime = DateTimeConverter.ConvertToEpochTime(time);
74 | writer.WriteValue(epochTime);
75 | }
76 | else
77 | {
78 | if (!(value is DateTimeOffset))
79 | {
80 | throw new JsonSerializationException("Expected date object value.");
81 | }
82 | var datetime = ((DateTimeOffset)value).ToUniversalTime().UtcDateTime;
83 | writer.WriteValue(DateTimeConverter.ConvertToEpochTime(datetime));
84 | }
85 | }
86 | }
87 | }
88 |
--------------------------------------------------------------------------------
/tests/ContrastRestClient.Tests/FilterTest.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections;
32 | using System.Collections.Generic;
33 | using Contrast.Http;
34 | using Microsoft.VisualStudio.TestTools.UnitTesting;
35 |
36 | namespace ContrastRestClient.Tests
37 | {
38 | [TestClass]
39 | public class FilterTest
40 | {
41 | [TestMethod]
42 | public void TestServerFilter()
43 | {
44 | ServerFilter filter = new ServerFilter();
45 | filter.Limit = 10;
46 | filter.Expand = new List();
47 | filter.Expand.Add(ServerExpandValue.applications);
48 | filter.IncludeArchived = false;
49 | filter.Status = "Denied";
50 | filter.QueryParam = "any";
51 |
52 | string query = filter.ToString();
53 |
54 | Assert.IsTrue(query.Contains("includeArchived"));
55 | Assert.IsTrue(query.Contains("limit"));
56 | Assert.IsTrue(query.Contains("expand=applications"));
57 | Assert.IsTrue(query.Contains("status=Denied"));
58 | Assert.IsTrue(query.Contains("q=any"));
59 | Assert.IsFalse(query.Contains("applicationIds"));
60 | Assert.IsFalse(query.Contains("logLevels"));
61 | Assert.IsFalse(query.Contains("offset"));
62 | }
63 |
64 | [TestMethod]
65 | public void TestTraceFilter()
66 | {
67 | TraceFilter filter = new TraceFilter();
68 | filter.Offset = 0;
69 | filter.StartDate = DateTime.Now;
70 | filter.Urls = new List();
71 | filter.Urls.Add("http://dummytest");
72 | filter.Sort = "any";
73 | filter.Expand = new List();
74 | filter.Expand.Add(TraceExpandValue.application);
75 | filter.Untracked = true;
76 | filter.BeingTracked = true;
77 |
78 | string qs = filter.ToString();
79 |
80 | Assert.IsTrue(qs.Contains("offset=0"));
81 | Assert.IsTrue(qs.Contains("startDate"));
82 | Assert.IsTrue(qs.Contains("urls=http://dummytest"));
83 | Assert.IsTrue(qs.Contains("sort=any"));
84 | Assert.IsTrue(qs.Contains("expand=application"));
85 | Assert.IsTrue(qs.Contains("tracked=True"));
86 | Assert.IsTrue(qs.Contains("untracked=True"));
87 |
88 | Assert.IsFalse(qs.Contains("limit"));
89 | Assert.IsFalse(qs.Contains("endDate"));
90 | Assert.IsFalse(qs.Contains("filterTags"));
91 | Assert.IsFalse(qs.Contains("servers"));
92 | }
93 | }
94 | }
95 |
--------------------------------------------------------------------------------
/Contrast.ApiClient.sln.DotSettings:
--------------------------------------------------------------------------------
1 |
2 | <?xml version="1.0" encoding="utf-16"?><Profile name="Update File Header"><CppClangTidyCleanupDescriptor /><CSCodeStyleAttributes ArrangeTypeAccessModifier="False" ArrangeTypeMemberAccessModifier="False" SortModifiers="False" RemoveRedundantParentheses="False" AddMissingParentheses="False" ArrangeBraces="False" ArrangeAttributes="False" ArrangeArgumentsStyle="False" ArrangeCodeBodyStyle="False" ArrangeVarStyle="False" /><CSOptimizeUsings><OptimizeUsings>False</OptimizeUsings><EmbraceInRegion>False</EmbraceInRegion><RegionName></RegionName></CSOptimizeUsings><XAMLCollapseEmptyTags>False</XAMLCollapseEmptyTags><CSReorderTypeMembers>True</CSReorderTypeMembers><CSUpdateFileHeader>True</CSUpdateFileHeader></Profile>
3 | UseClrName
4 | LICENSE
5 | Copyright (c) $CURRENT_YEAR$, Contrast Security, Inc.
6 | All rights reserved.
7 |
8 | Redistribution and use in source and binary forms, with or without modification, are
9 | permitted provided that the following conditions are met:
10 |
11 | Redistributions of source code must retain the above copyright notice, this list of
12 | conditions and the following disclaimer.
13 |
14 | Redistributions in binary form must reproduce the above copyright notice, this list of
15 | conditions and the following disclaimer in the documentation and/or other materials
16 | provided with the distribution.
17 |
18 | Neither the name of the Contrast Security, Inc. nor the names of its contributors may
19 | be used to endorse or promote products derived from this software without specific
20 | prior written permission.
21 |
22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
23 | EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
24 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
25 | THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
27 | OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28 | INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 | STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
30 | THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 | True
32 | D:\Development\tmp\contrast-sdk-dotnet\Contrast.ApiClient.sln.DotSettings
33 |
34 | True
35 | 1
36 | True
37 | True
38 | True
39 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Request.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Model
34 | {
35 | ///
36 | /// An HTTP request associated with a trace.
37 | ///
38 | [JsonObject]
39 | public class Request
40 | {
41 | ///
42 | /// Gets the protocol of the request.
43 | ///
44 | [JsonProperty(PropertyName = "protocol")]
45 | public string Protocol { get; set; }
46 |
47 | ///
48 | /// Gets the protocol version number.
49 | ///
50 | [JsonProperty(PropertyName = "version")]
51 | public string Version { get; set; }
52 |
53 | ///
54 | /// Gets the URI of the request.
55 | ///
56 | [JsonProperty(PropertyName = "uri")]
57 | public string Uri { get; set; }
58 |
59 | ///
60 | /// Gets the request query string.
61 | ///
62 | [JsonProperty(PropertyName = "queryString")]
63 | public string QueryString { get; set; }
64 |
65 | ///
66 | /// Gets the HTTP method for the request.
67 | ///
68 | [JsonProperty(PropertyName = "method")]
69 | public string Method { get; set; }
70 |
71 | ///
72 | /// Gets the port the request used.
73 | ///
74 | [JsonProperty(PropertyName = "port")]
75 | public int Port { get; set; }
76 |
77 | ///
78 | /// Gets a list of HTTP headers for the request.
79 | ///
80 | [JsonProperty(PropertyName = "headers")]
81 | public List Headers { get; set; }
82 |
83 | ///
84 | /// Gets a list of parameters for the request.
85 | ///
86 | [JsonProperty(PropertyName = "parameters")]
87 | public List Parameters { get; set; }
88 |
89 | ///
90 | /// Gets a list of Contrast REST endpoint URLs for this request.
91 | ///
92 | [JsonProperty(PropertyName = "links")]
93 | public List Links { get; set; }
94 | }
95 |
96 | [JsonObject]
97 | public class TraceRequestResponse
98 | {
99 | [JsonProperty(PropertyName = "success")]
100 | public bool Success { get; set; }
101 |
102 | [JsonProperty(PropertyName = "messages")]
103 | public List Messages { get; set; }
104 |
105 | [JsonProperty(PropertyName = "http_request")]
106 | public Snippet HttpRequest { get; set; }
107 | }
108 | }
109 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/NgEndpoints.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | namespace Contrast
31 | {
32 | internal static class NgEndpoints
33 | {
34 | internal static string APPLICATIONS = "api/ng/{0}/applications/{1}";
35 | internal static string APPLICATION_LIBRARIES = "api/ng/{0}/applications/{1}/libraries";
36 | internal static string APPLICATION_SERVERS = "api/ng/{0}/applications/{1}/servers";
37 | internal static string APPLICATION_TRACES = "api/ng/{0}/traces/{1}/filter";
38 | internal static string APPLICATION_TRACE_TAGS = "api/ng/{0}/tags/traces/application/{1}";
39 | internal static string APPLICATION_TRACE_MARK_STATUS = "api/ng/{0}/traces/{1}/mark";
40 | internal static string RESET_APPLICATION = "api/ng/{0}/applications/{1}/reset";
41 | internal static string DEFAULT_ORGANIZATION = "api/ng/profile/organizations/default";
42 | internal static string ENGINE_DOTNET = "api/ng/{0}/agents/{1}/dotnet";
43 | internal static string ENGINE_JAVA1_5 = "api/ng/{0}/agents/{1}/java?jvm=1_5";
44 | internal static string ENGINE_JAVA = "api/ng/{0}/agents/{1}/java?jvm=1_6";
45 | internal static string ENGINE_NODE = "api/ng/{0}/agents/{1}/node";
46 | internal static string ORGANIZATIONS = "api/ng/profile/organizations/";
47 | internal static string ORGANIZATION_TRACES = "api/ng/{0}/orgtraces/filter";
48 | internal static string ORGANIZATION_INFORMATION = "api/ng/{0}/organizations";
49 | internal static string PROFILE = "api/ng/{0}/agents/profiles/{1}";
50 | internal static string PROFILES = "api/ng/{0}/agents/profiles";
51 | internal static string SERVERS = "api/ng/{0}/servers/{1}";
52 | internal static string SERVER_TRACES = "api/ng/{0}/servertraces/{1}/filter";
53 | internal static string SERVER_TRACE_TAGS = "api/ng/{0}/tags/traces/server/{1}";
54 | internal static string SERVER_TRACE_MARK_STATUS = "api/ng/{0}/servertraces/{1}/mark";
55 | internal static string TRACE = "api/ng/{0}/traces/{1}";
56 | internal static string TRACE_EVENTS_SUMMARY = "api/ng/{0}/traces/{1}/events/summary";
57 | internal static string TRACE_EVENT_DETAIL = "api/ng/{0}/traces/{1}/events/{2}/details";
58 | internal static string TRACE_HTTP_REQUEST = "api/ng/{0}/traces/{1}/httprequest";
59 | internal static string TRACE_STORY = "api/ng/{0}/traces/{1}/story";
60 | internal static string TRACE_RECOMMENDATION = "api/ng/{0}/traces/{1}/recommendation";//Aka how to fix
61 | internal static string TRACE_FILTERS = "api/ng/{0}/orgtraces/filter/{1}/listing";
62 | internal static string APPLICATION_TRACE_FILTERS = "api/ng/{0}/traces/{1}/filter/{2}/listing";
63 | internal static string SERVER_TRACE_FILTERS = "api/ng/{0}/servertraces/{1}/filter/{2}/listing";
64 | internal static string TRACE_TAGS = "api/ng/{0}/tags/traces/trace/{1}";
65 | internal static string DELETE_TRACE_TAG = "api/ng/{0}/tags/trace/{1}";
66 | internal static string TRACES_TAGS = "api/ng/{0}/tags/traces";
67 | internal static string TRACES_TAG_BULK = "api/ng/{0}/tags/traces/bulk";
68 | internal static string TRACE_MARK_STATUS = "api/ng/{0}/orgtraces/mark";
69 | internal static string MODULES = "api/ng/{0}/modules/{1}";
70 | }
71 | }
72 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Contrast REST Client
2 |
3 | 
4 |
5 | This library provides a simple REST client for retrieving data from Contrast Team Server's REST API as plain old C# objects.
6 |
7 | This library is also provided as a nuget package: https://www.nuget.org/packages/ContrastRestClient/.
8 |
9 | Please see http://www.contrastsecurity.com for more information about how Contrast can help secure your applications.
10 |
11 | ## 3.0 Changelog
12 |
13 | The 3.X line of packages has a few changes from the 2.X line that you might need to address in your code. You may need to reload your .sln file if you've worked with the package in the 2.X line.
14 |
15 | * Muti-Targeted `netstandard2.0` and `net45`.
16 | * Namespace changed from `contrast_rest_dotnet` to `Contrast`.
17 | * Removed the method `TeamServerClient.CheckForTrace`.
18 | * Renamed `TeamServerClient` to `Client`.
19 | * Removed deprecated `Endpoints` class.
20 | * Renamed the following symbols:
21 |
22 | ```
23 | AgentType.Java1_5 -> AgentType.Java15
24 |
25 | Client.GetApplicationTraceFilterSubfilters -> Client.GetApplicationTraceFilterSubFilters
26 | Client.GetServerTraceFilterSubfilters -> Client.GetServerTraceFilterSubFilters
27 |
28 | ContrastRestClient.PostApplicatonSpecificMessage -> ContrastRestClient.PostApplicationSpecificMessage
29 | IContrastRestClient.PostApplicatonSpecificMessage -> IContrastRestClient.PostApplicationSpecificMessage
30 |
31 | LineFragment.value -> LineFragment.Value
32 |
33 | ContrastApplication.AppID -> ContrastApplication.AppId
34 | ContrastApplication.Stauts -> ContrastApplication.Status
35 |
36 | Organization.name -> Organization.Name
37 | Organization.shortname -> Organization.ShortName
38 | Organization.timezone -> Organization.Timezone
39 | Organization.organization_uuid -> Organization.OrganizationId
40 | Organization.AppsOnboarded -> Organization.AppsOnBoarded
41 | Organization.IsSuperadmin -> Organization.IsSuperAdmin
42 | Organization.Superadmin -> Organization.SuperAdmin
43 |
44 | OrganizationResponse.success -> OrganizationResponse.Organizations
45 | OrganizationResponse.count -> OrganizationResponse.Count
46 | OrganizationResponse.org_disabled -> OrganizationResponse.OrganizationDisabled
47 |
48 | DefaultOrganizationResponse.org_disabled -> DefaultOrganizationResponse.Success
49 | DefaultOrganizationResponse.messages -> DefaultOrganizationResponse.Messages
50 | DefaultOrganizationResponse.organization -> DefaultOrganizationResponse.Organization
51 | DefaultOrganizationResponse.roles -> DefaultOrganizationResponse.Roles
52 | DefaultOrganizationResponse.enterprise -> DefaultOrganizationResponse.Enterprise
53 |
54 | Trace.Uuid -> Trace.Id
55 | TraceNote.CreatorUUID -> TraceNote.CreatorId
56 | TraceNote.LastUpdaterUUID -> TraceNote.LastUpdaterId
57 |
58 | TraceBreakdown.Confirmed -> TraceBreakdown.ConfirmedVulnerabilities
59 | TraceBreakdown.Criticals -> TraceBreakdown.CriticalVulnerabilities
60 | TraceBreakdown.Fixed -> TraceBreakdown.FixedVulnerabilities
61 | TraceBreakdown.HighVulns -> TraceBreakdown.HighVulnerabilities
62 | TraceBreakdown.LowVulns -> TraceBreakdown.LowVulnerabilities
63 | TraceBreakdown.Mediums -> TraceBreakdown.MediumVulnerabilities
64 | TraceBreakdown.NoProblemVulns -> TraceBreakdown.NoProblemVulnerabilities
65 | TraceBreakdown.notes -> TraceBreakdown.Notes
66 | TraceBreakdown.SafeVulns -> TraceBreakdown.SafeVulnerabilities
67 |
68 | TraceStatus.CONFIRMED_STATUS -> TraceStatus.Confirmed
69 | TraceStatus.SUSPICIOUS_STATUS -> TraceStatus.Suspicious
70 | TraceStatus.NOT_A_PROBLEM_STATUS -> TraceStatus.NotAProblem
71 | TraceStatus.REMEDIATED_STATUS -> TraceStatus.Remediated
72 | TraceStatus.REPORTED_STATUS -> TraceStatus.Reported
73 | TraceStatus.FIXED_STATUS -> TraceStatus.Fixed
74 |
75 | TraceMarkStatusRequest.Substatus -> TraceMarkStatusRequest.SubStatus
76 | ```
77 |
78 | ## Contrast API Credentials
79 | To access the API, you'll first need access Contrast (https://app.contrastsecurity.com/Contrast/login.html) or an on-premises installation of Contrast.
80 |
81 | Your API credentials can be found by following these steps:
82 |
83 | 1. Log in to Contrast
84 | 2. Click the down arrow next to your login name in the page header
85 | 3. Click on "Your Account"
86 | 4. Your API credentials will be listed under "YOUR KEYS"
87 |
88 | More API documentation can be found here: https://support.contrastsecurity.com/entries/24184140-Accessing-the-API
89 |
90 | ## Sample Client Application
91 | The SampleContrastClient uses the App.config to store API credentials. To use the sample application, copy the API values from above into the appropriate appSettings entries:
92 |
93 | ```
94 |
95 |
96 |
97 |
98 |
99 |
100 | ```
101 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/TraceBreakdown.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using Newtonsoft.Json;
31 |
32 | namespace Contrast.Model
33 | {
34 | [JsonObject]
35 | public class TraceBreakdown
36 | {
37 | ///
38 | /// Number of vulnerabilities with status Confirmed
39 | ///
40 | [JsonProperty(PropertyName = "confirmed")]
41 | public long? ConfirmedVulnerabilities { get; set; }
42 |
43 | ///
44 | /// Number of critical vulnerabilities
45 | ///
46 | [JsonProperty(PropertyName = "criticals")]
47 | public long? CriticalVulnerabilities { get; set; }
48 |
49 | ///
50 | /// Number of vulnerabilities with status Fixed
51 | ///
52 | [JsonProperty(PropertyName = "fixed")]
53 | public long? FixedVulnerabilities { get; set; }
54 |
55 | ///
56 | /// Number of high vulnerabilities
57 | ///
58 | [JsonProperty(PropertyName = "highs")]
59 | public long? HighVulnerabilities { get; set; }
60 |
61 | ///
62 | /// Number of low vulnerabilities
63 | ///
64 | [JsonProperty(PropertyName = "lows")]
65 | public long? LowVulnerabilities { get; set; }
66 |
67 | ///
68 | /// Number of medium vulnerabilities
69 | ///
70 | [JsonProperty(PropertyName = "meds")]
71 | public long? MediumVulnerabilities { get; set; }
72 |
73 | ///
74 | /// Number of vulnerabilities with status Not a problem
75 | ///
76 | [JsonProperty(PropertyName = "notProblem")]
77 | public long? NoProblemVulnerabilities { get; set; }
78 |
79 | ///
80 | /// Number of notes
81 | ///
82 | [JsonProperty(PropertyName = "notes")]
83 | public long? Notes { get; set; }
84 |
85 | ///
86 | /// Number of vulnerabilities with status Remediated
87 | ///
88 | [JsonProperty(PropertyName = "remediated")]
89 | public long? Remediated { get; set; }
90 |
91 | ///
92 | /// Number of vulnerabilities with status Reported
93 | ///
94 | [JsonProperty(PropertyName = "reported")]
95 | public long? Reported { get; set; }
96 |
97 | ///
98 | /// Number of vulnerabilities marked safe
99 | ///
100 | [JsonProperty(PropertyName = "safes")]
101 | public long? SafeVulnerabilities { get; set; }
102 |
103 | ///
104 | /// Number of vulnerabilities with status Suspicious
105 | ///
106 | [JsonProperty(PropertyName = "suspicious")]
107 | public long? Suspicious { get; set; }
108 |
109 | ///
110 | /// Number of vulnerabilities
111 | ///
112 | [JsonProperty(PropertyName = "traces")]
113 | public long? Traces { get; set; }
114 |
115 | ///
116 | /// Number of triaged vulnerabilities
117 | ///
118 | [JsonProperty(PropertyName = "triaged")]
119 | public long? Triaged { get; set; }
120 | }
121 | }
122 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Profile.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Model
34 | {
35 | ///
36 | /// A profile for agent downloads containing specifics for TeamServer URL, proxy settings, etc.
37 | ///
38 | [JsonObject]
39 | public class Profile
40 | {
41 | ///
42 | /// Gets the name of the profile.
43 | ///
44 | [JsonProperty(PropertyName = "name")]
45 | public string Name { get; set; }
46 |
47 | ///
48 | /// Gets the sampling baseline.
49 | ///
50 | [JsonProperty(PropertyName = "sampling_baseline")]
51 | public int SamplingBaseline { get; set; }
52 |
53 | ///
54 | /// Gets the sampling window.
55 | ///
56 | [JsonProperty(PropertyName = "sampling_window")]
57 | public int SamplingWindow { get; set; }
58 |
59 | ///
60 | /// Gets the sampling frequency.
61 | ///
62 | [JsonProperty(PropertyName = "sampling_frequency")]
63 | public int SamplingFrequency { get; set; }
64 |
65 | ///
66 | /// Gets the stack trace capture mode.
67 | ///
68 | [JsonProperty(PropertyName = "stacktrace_capture_mode")]
69 | public string StackTraceCaptureMode { get; set; }
70 |
71 | ///
72 | /// Gets whether this agent will use a proxy.
73 | ///
74 | [JsonProperty(PropertyName = "use_proxy")]
75 | public bool UseProxy { get; set; }
76 |
77 | ///
78 | /// Gets a list of Contrast REST endpoint URLs for this profile.
79 | ///
80 | [JsonProperty(PropertyName = "links")]
81 | public List Links { get; set; }
82 | }
83 |
84 | [JsonObject]
85 | public class ProfileResponse
86 | {
87 | ///
88 | /// List of messages
89 | ///
90 | [JsonProperty(PropertyName = "messages")]
91 | public List Messages { get; set; }
92 |
93 | ///
94 | /// Agent profile resource
95 | ///
96 | [JsonProperty(PropertyName = "property")]
97 | public Profile Profile { get; set; }
98 |
99 | ///
100 | /// Indicates whether API response was successful or not
101 | ///
102 | [JsonProperty(PropertyName = "success")]
103 | public bool Success { get; set; }
104 | }
105 |
106 | [JsonObject]
107 | public class ProfilesResponse
108 | {
109 | ///
110 | /// List of messages
111 | ///
112 | [JsonProperty(PropertyName = "messages")]
113 | public List Messages { get; set; }
114 |
115 | ///
116 | /// List of agent profile resources
117 | ///
118 | [JsonProperty(PropertyName = "profiles")]
119 | public List Profiles { get; set; }
120 |
121 | ///
122 | /// Indicates whether API response was successful or not
123 | ///
124 | [JsonProperty(PropertyName = "success")]
125 | public bool Success { get; set; }
126 | }
127 | }
128 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Http/ServerFilter.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using Contrast.Serialization;
33 |
34 | namespace Contrast.Http
35 | {
36 | public class ServerFilter
37 | {
38 | ///
39 | /// Name, Hostname or server path.
40 | ///
41 | public string QueryParam { get; set; }
42 | ///
43 | /// Include archived servers.
44 | ///
45 | public bool IncludeArchived { get; set; }
46 | public List ApplicationIds { get; set; }
47 | public List LogLevels { get; set; }
48 |
49 | public List Expand { get; set; }
50 | public DateTime? StartDate { get; set; }
51 | public DateTime? EndDate { get; set; }
52 | public List Severities { get; set; }
53 | public string Status { get; set; }
54 | public int Limit { get; set; }
55 | public int Offset { get; set; }
56 | public string Sort { get; set; }
57 |
58 | public ServerFilter()
59 | {
60 | QueryParam = "";
61 | IncludeArchived = false;
62 | ApplicationIds = null;
63 | LogLevels = null;
64 |
65 | StartDate = null;
66 | EndDate = null;
67 | Severities = null;
68 | Status = "";
69 | Expand = null;
70 | Limit = -1;
71 | Offset = -1;
72 | Sort = "";
73 | }
74 |
75 | public override string ToString()
76 | {
77 | List filters = new List();
78 |
79 | if (!String.IsNullOrEmpty(QueryParam))
80 | filters.Add("q=" + QueryParam);
81 |
82 | filters.Add("includeArchived=" + IncludeArchived);
83 |
84 | if (ApplicationIds != null && ApplicationIds.Count > 0)
85 | filters.Add("applicationIds=" + String.Join(",", ApplicationIds));
86 |
87 | if (LogLevels != null && LogLevels.Count > 0)
88 | filters.Add("logLevels=" + String.Join(",", LogLevels));
89 |
90 | if (Expand != null && Expand.Count > 0)
91 | filters.Add("expand=" + String.Join(",", Expand));
92 |
93 | if (StartDate != null)
94 | filters.Add("startDate=" + DateTimeConverter.ConvertToEpochTime(StartDate.Value));
95 |
96 | if (EndDate != null)
97 | filters.Add("endDate=" + DateTimeConverter.ConvertToEpochTime(EndDate.Value));
98 |
99 | if (Severities != null && Severities.Count > 0)
100 | filters.Add("severities=" + String.Join(",", Severities));
101 |
102 | if (!String.IsNullOrEmpty(Status))
103 | filters.Add("status=" + Status);
104 |
105 | if (!String.IsNullOrEmpty(Sort))
106 | filters.Add("sort=" + Sort);
107 |
108 | if (Limit > -1)
109 | filters.Add("limit=" + Limit);
110 |
111 | if (Offset > -1)
112 | filters.Add("offset=" + Offset);
113 |
114 | if (filters.Count > 0)
115 | return "?" + String.Join("&", filters);
116 | else
117 | return "";
118 | }
119 | }
120 |
121 | public enum ServerExpandValue
122 | {
123 | applications,
124 | num_apps
125 | }
126 | }
127 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/TraceTag.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 |
32 | using Newtonsoft.Json;
33 |
34 | namespace Contrast.Model
35 | {
36 | [JsonObject]
37 | public class FieldErrorItem
38 | {
39 | ///
40 | /// Field name.
41 | ///
42 | [JsonProperty(PropertyName = "field")]
43 | public string Field { get; set; }
44 |
45 | ///
46 | /// Error message.
47 | ///
48 | [JsonProperty(PropertyName = "message")]
49 | public string Message { get; set; }
50 | }
51 |
52 | [JsonObject]
53 | public class TagsServersResource
54 | {
55 | ///
56 | /// List of links.
57 | ///
58 | [JsonProperty(PropertyName = "links")]
59 | public List Links;
60 |
61 | ///
62 | /// List of tags
63 | ///
64 | [JsonProperty(PropertyName = "tags")]
65 | public List Tags;
66 |
67 | ///
68 | /// List of traces UUID
69 | ///
70 | [JsonProperty(PropertyName = "traces_id")]
71 | public List TracesId;
72 | }
73 |
74 | [JsonObject]
75 | public class TagRequest
76 | {
77 | [JsonProperty(PropertyName = "tag")]
78 | public string Tag { get; set; }
79 | }
80 |
81 | [JsonObject]
82 | public class TagsTraceRequest
83 | {
84 | ///
85 | /// List of links.
86 | ///
87 | [JsonProperty(PropertyName = "links")]
88 | public List Links { get; set; }
89 |
90 | ///
91 | /// List of traces UUID.
92 | ///
93 | [JsonProperty(PropertyName = "traces_uuid")]
94 | public List TracesId { get; set; }
95 | }
96 |
97 | [JsonObject]
98 | public class TagsTracesUpdateRequest
99 | {
100 | ///
101 | /// List of links.
102 | ///
103 | [JsonProperty(PropertyName = "links")]
104 | public List Links { get; set; }
105 |
106 | ///
107 | /// List of tags to add.
108 | ///
109 | [JsonProperty(PropertyName = "tags")]
110 | public List Tags { get; set; }
111 |
112 | ///
113 | /// List of traces UUID.
114 | ///
115 | [JsonProperty(PropertyName = "traces_uuid")]
116 | public List TracesId { get; set; }
117 |
118 | ///
119 | /// Lists of tags to remove.
120 | ///
121 | [JsonProperty(PropertyName = "tags_remove")]
122 | public List TagsRemove { get; set; }
123 | }
124 |
125 | [JsonObject]
126 | public class TagsResponse
127 | {
128 | ///
129 | /// List of errors.
130 | ///
131 | [JsonProperty(PropertyName = "errors")]
132 | public List Errors { get; set; }
133 |
134 | ///
135 | /// List of messages.
136 | ///
137 | [JsonProperty(PropertyName = "messages")]
138 | public List Messages { get; set; }
139 |
140 | ///
141 | /// Indicates whether API response was successful or not.
142 | ///
143 | [JsonProperty(PropertyName = "success")]
144 | public bool Success { get; set; }
145 |
146 | ///
147 | /// List of tags.
148 | ///
149 | [JsonProperty(PropertyName = "tags")]
150 | public List Tags { get; set; }
151 |
152 | ///
153 | /// Total number of library hashes.
154 | ///
155 | [JsonProperty(PropertyName = "totalLibraryHashes")]
156 | public int TotalLibraryHashes { get; set; }
157 | }
158 | }
159 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Library.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using Newtonsoft.Json;
33 |
34 | namespace Contrast.Model
35 | {
36 | ///
37 | /// An application library.
38 | ///
39 | [JsonObject]
40 | public class Library
41 | {
42 | ///
43 | /// Gets the ID of this library.
44 | ///
45 | [Obsolete("Not supported.")]
46 | [JsonProperty(PropertyName = "library_id")]
47 | public string LibraryId { get; set; }
48 |
49 | ///
50 | /// Gets the filename of this library.
51 | ///
52 | [JsonProperty(PropertyName = "file_name")]
53 | public string FileName { get; set; }
54 |
55 | [JsonProperty(PropertyName = "app_language")]
56 | public string AppLanguage { get; set; }
57 |
58 | ///
59 | /// If this library is custom.
60 | ///
61 | [JsonProperty(PropertyName = "custom")]
62 | public bool Custom { get; set; }
63 |
64 | ///
65 | /// Gets the number of classes in this library.
66 | ///
67 | [JsonProperty(PropertyName = "class_count")]
68 | public int ClassCount { get; set; }
69 |
70 | ///
71 | /// Gets the number of classes used by this library. Right now, this only
72 | /// returns the maximum number of classes used by any one instance of the
73 | /// running application. In the future, this will be changed to represent
74 | /// the total number of distinct classes used across all instances of the
75 | /// running application.
76 | ///
77 | [JsonProperty(PropertyName = "class_used")]
78 | public int UsedClassCount { get; set; }
79 |
80 | ///
81 | /// Gets the version of this library according to the library authority
82 | /// like Maven Central or NuGet.
83 | ///
84 | [JsonProperty(PropertyName = "file_version")]
85 | public string Version { get; set; }
86 |
87 | [JsonProperty(PropertyName = "grade")]
88 | public String Grade { get; set; }
89 |
90 | ///
91 | /// Library hash.
92 | ///
93 | [JsonProperty(PropertyName = "hash")]
94 | public string Hash { get; set; }
95 |
96 | ///
97 | /// Gets a list of Contrast REST endpoint URLs for this library.
98 | ///
99 | [JsonProperty(PropertyName = "links")]
100 | public List Links { get; set; }
101 |
102 | [JsonProperty(PropertyName = "latest_release_date")]
103 | public long? LatestReleaseDate { get; set; }
104 |
105 | [JsonProperty(PropertyName = "months_outdated")]
106 | public long? MonthsOutdated { get; set; }
107 |
108 | [JsonProperty(PropertyName = "release_date")]
109 | public long? ReleaseDate { get; set; }
110 |
111 | [JsonProperty(PropertyName = "total_vulnerabilities")]
112 | public long TotalVulnerabilities { get; set; }
113 | }
114 |
115 | [JsonObject]
116 | public class LibraryResponse
117 | {
118 | ///
119 | /// Average months
120 | ///
121 | [JsonProperty(PropertyName = "averageMonths")]
122 | public int? AverageMonths { get; set; }
123 |
124 | ///
125 | /// Average score.
126 | ///
127 | [JsonProperty(PropertyName = "averageScore")]
128 | public int? AverageScore { get; set; }
129 |
130 | ///
131 | /// Average score letter.
132 | ///
133 | [JsonProperty(PropertyName = "averageScoreLetter")]
134 | public string AverageScoreLetter { get; set; }
135 |
136 | [JsonProperty(PropertyName = "libraries")]
137 | public List Libraries { get; set; }
138 | }
139 | }
140 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/TraceEventDetail.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Model
34 | {
35 | [JsonObject]
36 | public class TraceEventDetail
37 | {
38 | ///
39 | /// [Optional] Class name
40 | ///
41 | [JsonProperty(PropertyName = "class")]
42 | public string ClassName { get; set; }
43 |
44 | ///
45 | /// Last custom frame.
46 | ///
47 | [JsonProperty(PropertyName = "lastCustomFrame")]
48 | public long? LastCustomFrame { get; set; }
49 |
50 | ///
51 | /// [Optional] Method
52 | ///
53 | [JsonProperty(PropertyName = "method")]
54 | public string Method { get; set; }
55 |
56 | ///
57 | /// [Optional] Object
58 | ///
59 | [JsonProperty(PropertyName = "object")]
60 | public string Object { get; set; }
61 |
62 | ///
63 | /// If the object is being tracked.
64 | ///
65 | [JsonProperty(PropertyName = "objectTracked")]
66 | public bool ObjectTracked { get; set; }
67 |
68 | ///
69 | /// List of parameters
70 | ///
71 | [JsonProperty(PropertyName = "parameters")]
72 | public List Parameters { get; set; }
73 |
74 | ///
75 | /// If the return is tracked.
76 | ///
77 | [JsonProperty(PropertyName = "returnTracked")]
78 | public bool ReturnTracked { get; set; }
79 |
80 | ///
81 | /// [Optional] Return value.
82 | ///
83 | [JsonProperty(PropertyName = "returnValue")]
84 | public string ReturnValue { get; set; }
85 |
86 | ///
87 | /// List of stack traces.
88 | ///
89 | [JsonProperty(PropertyName = "stacktraces")]
90 | public List StackTraces { get; set; }
91 | }
92 |
93 | [JsonObject]
94 | public class EventParameter
95 | {
96 | ///
97 | /// Parameter value.
98 | ///
99 | [JsonProperty(PropertyName = "parameter")]
100 | public string Parameter { get; set; }
101 |
102 | ///
103 | /// Whether the parameter is being tracked.
104 | ///
105 | [JsonProperty(PropertyName = "tracked")]
106 | public bool Tracked { get; set; }
107 | }
108 |
109 | [JsonObject]
110 | public class Stacktrace
111 | {
112 | ///
113 | /// StackTrace content.
114 | ///
115 | [JsonProperty(PropertyName = "description")]
116 | public string Description { get; set; }
117 |
118 | ///
119 | /// Stack trace type (e.g. custom, common)
120 | ///
121 | [JsonProperty(PropertyName = "type")]
122 | public string Type { get; set; }
123 |
124 | ///
125 | /// Line index
126 | ///
127 | [JsonProperty(PropertyName = "stackFrameIndex")]
128 | public long StackFrameIndex { get; set; }
129 | }
130 |
131 | [JsonObject]
132 | public class TraceEventDetailResponse
133 | {
134 | ///
135 | /// Event
136 | ///
137 | [JsonProperty(PropertyName = "event")]
138 | public TraceEventDetail Event { get; set; }
139 |
140 | ///
141 | /// List of messages
142 | ///
143 | [JsonProperty(PropertyName = "messages")]
144 | public List Messages { get; set; }
145 |
146 | ///
147 | /// Indicates whether API response was successful or not
148 | ///
149 | [JsonProperty(PropertyName = "succes")]
150 | public bool Success { get; set; }
151 | }
152 | }
153 |
--------------------------------------------------------------------------------
/tests/ContrastRestClient.Tests/TeamServerClientOrganizationTest.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using System.IO;
32 | using System.Text;
33 | using Contrast;
34 | using Contrast.Http;
35 | using Microsoft.VisualStudio.TestTools.UnitTesting;
36 | using Moq;
37 |
38 | namespace ContrastRestClient.Tests
39 | {
40 | [TestClass]
41 | public class TeamServerClientOrganizationTest
42 | {
43 | [TestMethod]
44 | public void GetOrganizationInfo_VerifySuccess()
45 | {
46 | string json = @"{
47 | ""success"": true,
48 | ""messages"": [
49 | ""Organization Information loaded successfully""
50 | ],
51 | ""organization"": {
52 | ""name"": ""Test organization"",
53 | ""timezone"": ""EST"",
54 | ""superadmin"": false,
55 | ""organization_uuid"": ""0c2a726b-af04-47b6-8be9-844058fbcdbd"",
56 | ""date_format"": ""MM/dd/yyyy"",
57 | ""time_format"": ""hh:mm a"",
58 | ""creation_time"": 1531430241000,
59 | ""protection_enabled"": true,
60 | ""auto_license_protection"": false,
61 | ""auto_license_assessment"": false,
62 | ""is_superadmin"": false,
63 | ""server_environments"": []
64 | },
65 | ""managed"": true
66 | }";
67 |
68 | var mockSdkHttpClient = new Mock();
69 | mockSdkHttpClient.Setup(client => client.GetResponseStream("api/ng/orgId/organizations")).Returns(
70 | new MemoryStream(Encoding.UTF8.GetBytes(json))
71 | );
72 | var teamServerClient = new Client(mockSdkHttpClient.Object);
73 | var response = teamServerClient.GetOrganizationInfo("orgId");
74 |
75 | Assert.IsTrue(response.Success);
76 | Assert.AreEqual(response.Organization.Name, "Test organization");
77 | }
78 |
79 | [TestMethod]
80 | public void GetOrganizationInfoWithExpand_VerifySuccess()
81 | {
82 | string json = @"{
83 | ""success"": true,
84 | ""messages"": [
85 | ""Organization Information loaded successfully""
86 | ],
87 | ""organization"": {
88 | ""name"": ""Test organization"",
89 | ""timezone"": ""EST"",
90 | ""freemium"": false,
91 | ""superadmin"": false,
92 | ""organization_uuid"": ""0c2a726b-af04-47b6-8be9-844058fbcdbd"",
93 | ""date_format"": ""MM/dd/yyyy"",
94 | ""time_format"": ""hh:mm a"",
95 | ""creation_time"": 1531430241000,
96 | ""protection_enabled"": true,
97 | ""auto_license_protection"": false,
98 | ""auto_license_assessment"": false,
99 | ""is_superadmin"": false,
100 | ""server_environments"": []
101 | },
102 | ""managed"": true
103 | }";
104 |
105 | var mockSdkHttpClient = new Mock();
106 | mockSdkHttpClient.Setup(client => client.GetResponseStream("api/ng/orgId/organizations?expand=freemium")).Returns(
107 | new MemoryStream(Encoding.UTF8.GetBytes(json))
108 | );
109 | var teamServerClient = new Client(mockSdkHttpClient.Object);
110 | var response = teamServerClient.GetOrganizationInfo("orgId", new List{ OrganizationExpandValues.freemium });
111 |
112 | Assert.IsTrue(response.Success);
113 | Assert.AreEqual(response.Organization.Name, "Test organization");
114 | }
115 | }
116 | }
117 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/TraceEvent.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System.Collections.Generic;
31 | using Newtonsoft.Json;
32 |
33 | namespace Contrast.Model
34 | {
35 | ///
36 | /// A collection of TraceEvents make up a vulnerability, or, "trace". They
37 | /// represent a method invocation that Contrast monitored.
38 | ///
39 | [JsonObject]
40 | public class TraceEvent
41 | {
42 | ///
43 | /// Gets the event ID.
44 | ///
45 | [JsonProperty(PropertyName="eventId")]
46 | public string EventId { get; set; }
47 |
48 | ///
49 | /// Gets the event type.
50 | ///
51 | [JsonProperty(PropertyName = "type")]
52 | public string EventType { get; set; }
53 |
54 | ///
55 | /// Gets the code context for the event.
56 | ///
57 | [JsonProperty(PropertyName = "codeContext")]
58 | public object CodeContext { get; set; }
59 | }
60 |
61 | [JsonObject]
62 | public class TraceEventSummary
63 | {
64 | ///
65 | /// Raw code creation.
66 | ///
67 | [JsonProperty(PropertyName = "codeView")]
68 | public CodeView CodeView { get; set; }
69 |
70 | ///
71 | /// List of collapsed events
72 | ///
73 | [JsonProperty(PropertyName = "collapsedEvents")]
74 | public List CollapsedEvents { get; set; }
75 |
76 | ///
77 | /// Data snapshot
78 | ///
79 | [JsonProperty(PropertyName = "dataView")]
80 | public CodeView DataView { get; set; }
81 |
82 | ///
83 | /// Event description
84 | ///
85 | [JsonProperty(PropertyName = "description")]
86 | public string Description { get; set; }
87 |
88 | ///
89 | /// Number of duplicated events collapsed.
90 | ///
91 | [JsonProperty(PropertyName = "dupes")]
92 | public int? Dupes { get; set; }
93 |
94 | ///
95 | /// Event extra details.
96 | ///
97 | [JsonProperty(PropertyName = "extraDetails")]
98 | public string ExtraDetails { get; set; }
99 |
100 | ///
101 | /// Event id.
102 | ///
103 | [JsonProperty(PropertyName = "id")]
104 | public string Id { get; set; }
105 |
106 | ///
107 | /// If this event is important.
108 | ///
109 | [JsonProperty(PropertyName = "important")]
110 | public bool Important { get; set; }
111 |
112 | ///
113 | /// Probable start location
114 | ///
115 | [JsonProperty(PropertyName = "probableStartLocationView")]
116 | public CodeView ProbableStartLocationView { get; set; }
117 |
118 | ///
119 | /// Event type.
120 | ///
121 | [JsonProperty(PropertyName = "type")]
122 | public string Type { get; set; }
123 | }
124 |
125 | [JsonObject]
126 | public class TraceEventSummaryResponse
127 | {
128 | ///
129 | /// List of events
130 | ///
131 | [JsonProperty(PropertyName = "events")]
132 | public List Events { get; set; }
133 |
134 | ///
135 | /// Evidence
136 | ///
137 | [JsonProperty(PropertyName = "evidence")]
138 | public string Evidence { get; set; }
139 |
140 | ///
141 | /// List of messages
142 | ///
143 | [JsonProperty(PropertyName = "messages")]
144 | public List Messages { get; set; }
145 |
146 | ///
147 | /// If events are shown.
148 | ///
149 | [JsonProperty(PropertyName = "showEvents")]
150 | public bool ShowEvents { get; set; }
151 |
152 | ///
153 | /// If evidence is shown.
154 | ///
155 | [JsonProperty(PropertyName = "showEvidence")]
156 | public bool ShowEvidence { get; set; }
157 |
158 | ///
159 | /// Indicates whether API response was successful or not
160 | ///
161 | [JsonProperty(PropertyName = "success")]
162 | public bool Success { get; set; }
163 | }
164 | }
165 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Http/ContrastRestClient.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using System.IO;
33 | using System.Linq;
34 |
35 | namespace Contrast.Http
36 | {
37 | public class ContrastRestClient : IContrastRestClient
38 | {
39 | IHttpClient _httpClient;
40 |
41 | public ContrastRestClient(IHttpClient httpClient)
42 | {
43 | _httpClient = httpClient;
44 | }
45 |
46 | public Stream GetResponseStream(string apiEndpoint)
47 | {
48 | var responseTask = _httpClient.GetAsync(apiEndpoint);
49 | responseTask.Wait();
50 |
51 | CheckResponse(apiEndpoint, responseTask.Result);
52 |
53 | var responseStreamTask = responseTask.Result.Content.ReadAsStreamAsync();
54 | responseStreamTask.Wait();
55 |
56 | return responseStreamTask.Result;
57 | }
58 |
59 | private static void CheckResponse(string apiEndpoint, System.Net.Http.HttpResponseMessage result)
60 | {
61 | if ((int)result.StatusCode >= 300)
62 | {
63 | if (result.StatusCode == System.Net.HttpStatusCode.NotFound)
64 | {
65 | throw new ResourceNotFoundException($"Resource: '{apiEndpoint}' not found.");
66 | }
67 | else if (result.StatusCode == System.Net.HttpStatusCode.Found
68 | && result.Headers.Contains("Location")
69 | && result.Headers.GetValues("Location").First().EndsWith("/Contrast/unauthorized.html") )
70 | {
71 | // ok, Contrast technically told us Found: /Contrast/unauthorized.html, not an actual
72 | // Forbidden response, but unauthorized really means Forbidden.
73 | throw new ForbiddenException($"Resource: '{apiEndpoint}' is unauthorized with current credentials.");
74 | }
75 | else
76 | {
77 | throw new ContrastApiException($"Team Server returned unexpected response code '{result.StatusCode}' for resource: '{apiEndpoint}'");
78 | }
79 | }
80 | }
81 |
82 | public System.Net.Http.HttpResponseMessage PostApplicationSpecificMessage(string endpoint, string postBody, string application )
83 | {
84 | var headers = new List>();
85 | headers.Add( new Tuple( "Application", application ) );
86 |
87 | return PostMessage(endpoint, postBody, headers);
88 | }
89 |
90 | private System.Net.Http.HttpResponseMessage ProcessRequestTask(System.Threading.Tasks.Task responseTask, string endpoint)
91 | {
92 | responseTask.Wait();
93 |
94 | var statusCode = responseTask.Result.StatusCode;
95 | if ((int)statusCode >= 300)
96 | {
97 | if (statusCode != System.Net.HttpStatusCode.NotFound)
98 | {
99 | throw new ContrastApiException($"Team Server returned unexpected response code '{statusCode}' for resource: '{endpoint}'");
100 | }
101 | }
102 |
103 | return responseTask.Result;
104 | }
105 |
106 | public System.Net.Http.HttpResponseMessage PostMessage(string endpoint, string postBody, List> headers )
107 | {
108 | var responseTask = _httpClient.PostAsync(endpoint, postBody, headers);
109 | return ProcessRequestTask(responseTask, endpoint);
110 | }
111 |
112 | public System.Net.Http.HttpResponseMessage PutMessage(string endpoint, string requestBody, List> headers)
113 | {
114 | var responseTask = _httpClient.PutAsync(endpoint, requestBody, headers);
115 | return ProcessRequestTask(responseTask, endpoint);
116 | }
117 |
118 | public System.Net.Http.HttpResponseMessage DeleteMessage(string endpoint)
119 | {
120 | return _httpClient.DeleteAsync(endpoint).Result;
121 | }
122 |
123 | public System.Net.Http.HttpResponseMessage DeleteMessage(string endpoint, string requestBody)
124 | {
125 | var responseTask = _httpClient.DeleteAsync(endpoint, requestBody);
126 | return ProcessRequestTask(responseTask, endpoint);
127 | }
128 |
129 | private bool _disposed;
130 | protected virtual void Dispose(bool disposing)
131 | {
132 | if (_disposed)
133 | return;
134 |
135 | if (disposing)
136 | {
137 | if (_httpClient != null)
138 | {
139 | _httpClient.Dispose();
140 | _httpClient = null;
141 | }
142 | }
143 |
144 | _disposed = true;
145 | }
146 |
147 | public void Dispose()
148 | {
149 | Dispose(true);
150 | GC.SuppressFinalize(this);
151 | }
152 | }
153 | }
154 |
--------------------------------------------------------------------------------
/tests/ContrastRestClient.Tests/TeamServerClientRemediationTest.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using Contrast;
33 | using Contrast.Http;
34 | using Contrast.Model;
35 | using Microsoft.VisualStudio.TestTools.UnitTesting;
36 | using Moq;
37 | using Newtonsoft.Json;
38 |
39 | namespace ContrastRestClient.Tests
40 | {
41 | [TestClass]
42 | public class TeamServerClientRemediationTest
43 | {
44 | [TestMethod]
45 | public void MarkTraceStatus_VerifySuccess()
46 | {
47 | string json = @"{
48 | ""success"": true,
49 | ""messages"": [
50 | ""1 Vulnerability successfully marked as Reported""
51 | ]
52 | }";
53 | TraceMarkStatusRequest request = new TraceMarkStatusRequest();
54 | request.Traces = new List { "traceId" };
55 | request.Note = "This is my note.";
56 | request.Status = "";
57 |
58 | var mockSdkHttpClient = new Mock();
59 | mockSdkHttpClient.Setup(client => client.PutMessage("api/ng/orgId/orgtraces/mark", JsonConvert.SerializeObject(request), null)).Returns(
60 | PostUtil.GetPostResponse(System.Net.HttpStatusCode.OK, json)
61 | );
62 | var teamServerClient = new Client(mockSdkHttpClient.Object);
63 | var response = teamServerClient.MarkTraceStatus("orgId", request);
64 |
65 | Assert.IsTrue(response.Success);
66 | }
67 |
68 | [TestMethod]
69 | public void MarkTraceStatusByServer_VerifySuccess()
70 | {
71 | string json = @"{
72 | ""success"": true,
73 | ""messages"": [
74 | ""1 Vulnerability successfully marked as Reported""
75 | ]
76 | }";
77 | TraceMarkStatusRequest request = new TraceMarkStatusRequest();
78 | request.Traces = new List { "traceId" };
79 | request.Note = "This is my note.";
80 | request.Status = "";
81 |
82 | var mockSdkHttpClient = new Mock();
83 | mockSdkHttpClient.Setup(client => client.PutMessage("api/ng/orgId/servertraces/1/mark", JsonConvert.SerializeObject(request), null)).Returns(
84 | PostUtil.GetPostResponse(System.Net.HttpStatusCode.OK, json)
85 | );
86 | var teamServerClient = new Client(mockSdkHttpClient.Object);
87 | var response = teamServerClient.MarkTraceStatus("orgId", 1, request);
88 |
89 | Assert.IsTrue(response.Success);
90 | }
91 |
92 | [TestMethod]
93 | public void MarkTraceStatusByApplication_VerifySuccess()
94 | {
95 | string json = @"{
96 | ""success"": true,
97 | ""messages"": [
98 | ""1 Vulnerability successfully marked as Reported""
99 | ]
100 | }";
101 | TraceMarkStatusRequest request = new TraceMarkStatusRequest();
102 | request.Traces = new List { "traceId" };
103 | request.Note = "This is my note.";
104 | request.Status = "";
105 |
106 | var mockSdkHttpClient = new Mock();
107 | mockSdkHttpClient.Setup(client => client.PutMessage("api/ng/orgId/traces/appId/mark", JsonConvert.SerializeObject(request), null)).Returns(
108 | PostUtil.GetPostResponse(System.Net.HttpStatusCode.OK, json)
109 | );
110 | var teamServerClient = new Client(mockSdkHttpClient.Object);
111 | var response = teamServerClient.MarkTraceStatus("orgId", "appId", request);
112 |
113 | Assert.IsTrue(response.Success);
114 | }
115 |
116 | [TestMethod]
117 | public void MarkTraceStatus_VerifyException()
118 | {
119 | string json = @"{
120 | ""success"": false,
121 | ""messages"": [
122 | ""Forbidden access?""
123 | ]
124 | }";
125 | TraceMarkStatusRequest request = new TraceMarkStatusRequest();
126 | request.Traces = new List { "traceId" };
127 | request.Note = "This is my note.";
128 | request.Status = "";
129 |
130 | var mockSdkHttpClient = new Mock();
131 | mockSdkHttpClient.Setup(client => client.PutMessage("api/ng/orgId/orgtraces/mark", JsonConvert.SerializeObject(request), null)).Returns(
132 | PostUtil.GetPostResponse(System.Net.HttpStatusCode.Forbidden, json)
133 | );
134 | var teamServerClient = new Client(mockSdkHttpClient.Object);
135 |
136 | try
137 | {
138 | var response = teamServerClient.MarkTraceStatus("orgId", request);
139 | Assert.Fail();
140 | }
141 | catch(Exception e)
142 | {
143 | Assert.IsInstanceOfType(e, typeof(ForbiddenException));
144 | }
145 | }
146 | }
147 | }
148 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Http/HttpClientWrapper.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using System.Net.Http;
33 | using System.Text;
34 | using System.Threading.Tasks;
35 |
36 | namespace Contrast.Http
37 | {
38 | public class HttpClientWrapper : IHttpClient
39 | {
40 | private string _teamServerUrl;
41 | private HttpClient _httpClient;
42 |
43 | public HttpClientWrapper(string user, string serviceKey, string apiKey, string teamServerUrl, IntegrationName integrationName, string version)
44 | {
45 | ValidateParameters(user, serviceKey);
46 | Uri uriCreateResult = ValidateAndCreateUri(teamServerUrl);
47 |
48 | byte[] tokenBytes = Encoding.ASCII.GetBytes(user + ":" + serviceKey);
49 | string authorizationToken = Convert.ToBase64String(tokenBytes);
50 |
51 | _httpClient = new HttpClient(new HttpClientHandler() { UseCookies = false, AllowAutoRedirect = false });
52 | _httpClient.BaseAddress = uriCreateResult;
53 | _httpClient.DefaultRequestHeaders.TryAddWithoutValidation("Authorization", authorizationToken);
54 | _httpClient.DefaultRequestHeaders.Add("API-Key", apiKey);
55 | _httpClient.DefaultRequestHeaders.Add("Accept", "application/json");
56 |
57 | //Optional Telemetry Headers
58 | if (!integrationName.Equals(IntegrationName.NONE))
59 | {
60 | _httpClient.DefaultRequestHeaders.Add("Telemetry-Integration-Name", integrationName.ToString());
61 | }
62 | if (version != null)
63 | {
64 | _httpClient.DefaultRequestHeaders.Add("Telemetry-Integration-Version", version);
65 | }
66 |
67 | }
68 |
69 | private static void ValidateParameters(string user, string serviceKey)
70 | {
71 | if (String.IsNullOrEmpty(user))
72 | {
73 | throw new ArgumentException("Username null/empty.", nameof(user));
74 | }
75 |
76 | if (String.IsNullOrEmpty(serviceKey))
77 | {
78 | throw new ArgumentException("serviceKey null/empty.", nameof(serviceKey));
79 | }
80 | }
81 |
82 | private Uri ValidateAndCreateUri(string teamServerUrl)
83 | {
84 | bool isValidUri = Uri.TryCreate(teamServerUrl, UriKind.Absolute, out var uriCreateResult);
85 | if (!isValidUri)
86 | {
87 | throw new ArgumentException("Rest API URL provided is not a valid URI: '" + teamServerUrl + "'", nameof(teamServerUrl));
88 | }
89 | _teamServerUrl = teamServerUrl;
90 | return uriCreateResult;
91 | }
92 |
93 | public Task GetAsync(string endpoint)
94 | {
95 | return _httpClient.GetAsync(endpoint);
96 | }
97 |
98 | private Task RequestAsync(string endpoint, string postBody, List> additionalHeaders, HttpMethod method)
99 | {
100 | var request = new HttpRequestMessage()
101 | {
102 | RequestUri = new Uri(_teamServerUrl + endpoint),
103 | Method = method,
104 | Content = new StringContent(postBody, Encoding.UTF8, "application/json")
105 | };
106 |
107 | if (additionalHeaders != null)
108 | {
109 | foreach (var header in additionalHeaders)
110 | request.Headers.Add(header.Item1, header.Item2);
111 | }
112 |
113 | return _httpClient.SendAsync(request);
114 | }
115 |
116 | public Task PostAsync(string endpoint, string postBody, List> additionalHeaders)
117 | {
118 | return RequestAsync(endpoint, postBody, additionalHeaders, HttpMethod.Post);
119 | }
120 |
121 | public Task PutAsync(string endpoint, string postBody, List> additionalHeaders)
122 | {
123 | return RequestAsync(endpoint, postBody, additionalHeaders, HttpMethod.Put);
124 | }
125 |
126 | public Task DeleteAsync(string endpoint)
127 | {
128 | var request = new HttpRequestMessage()
129 | {
130 | RequestUri = new Uri(_teamServerUrl + endpoint),
131 | Method = HttpMethod.Delete
132 | };
133 |
134 | return _httpClient.SendAsync(request);
135 | }
136 |
137 | public Task DeleteAsync(string endpoint, string postBody)
138 | {
139 | return RequestAsync(endpoint, postBody, null, HttpMethod.Delete);
140 | }
141 |
142 | private bool _disposed;
143 | protected virtual void Dispose(bool disposing)
144 | {
145 | if (_disposed)
146 | return;
147 |
148 | if (disposing)
149 | {
150 | if (_httpClient != null)
151 | {
152 | _httpClient.Dispose();
153 | _httpClient = null;
154 | }
155 | }
156 |
157 | _disposed = true;
158 | }
159 |
160 | public void Dispose()
161 | {
162 | Dispose(true);
163 | GC.SuppressFinalize(this);
164 | }
165 | }
166 | }
167 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Http/TraceFilter.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using System;
31 | using System.Collections.Generic;
32 | using Contrast.Serialization;
33 |
34 | namespace Contrast.Http
35 | {
36 | public class TraceFilter
37 | {
38 | ///
39 | /// Filter text.
40 | ///
41 | public string FilterText { get; set; }
42 | public DateTime? StartDate { get; set; }
43 | public DateTime? EndDate { get; set; }
44 | public List FilterTags { get; set; }
45 | public List Severities { get; set; }
46 | public List Status { get; set; }
47 | public List VulnTypes { get; set; }
48 | public List AppVersionTags { get; set; }
49 | public List ServerIds { get; set; }
50 | public Boolean BeingTracked { get; set; }
51 | public Boolean Untracked { get; set; }
52 | ///
53 | /// Server environments.
54 | ///
55 | public List Environments { get; set; }
56 | public List Urls { get; set; }
57 | public List Modules { get; set; }
58 | ///
59 | /// Load additional data. Allowed values: card, events, notes, request, application.
60 | ///
61 | public List Expand { get; set; }
62 | ///
63 | /// Limit the number of traces to receive.
64 | ///
65 | public int Limit { get; set; }
66 | ///
67 | /// Offset
68 | ///
69 | public int Offset { get; set; }
70 | ///
71 | /// Sort by. Allowed values: lastTimeSeen, status, title, application, name, severity.
72 | /// Append "-" to the value to indicate descending direction.
73 | ///
74 | public string Sort { get; set; }
75 |
76 | public TraceFilter()
77 | {
78 | FilterText = "";
79 | StartDate = null;
80 | EndDate = null;
81 | FilterTags = null;
82 | Severities = null;
83 | Status = null;
84 | VulnTypes = null;
85 | AppVersionTags = null;
86 | ServerIds = null;
87 | Environments = null;
88 | Urls = null;
89 | Modules = null;
90 | Expand = null;
91 | Limit = -1;
92 | Offset = -1;
93 | Sort = "";
94 | BeingTracked = false;
95 | Untracked = false;
96 | }
97 |
98 | public override string ToString()
99 | {
100 | List filters = new List();
101 |
102 | if (!String.IsNullOrEmpty(FilterText))
103 | filters.Add(FilterText);
104 |
105 | if (Expand != null && Expand.Count > 0)
106 | filters.Add("expand=" + String.Join(",", Expand));
107 |
108 | if (StartDate != null)
109 | filters.Add("startDate=" + DateTimeConverter.ConvertToEpochTime(StartDate.Value));
110 |
111 | if(EndDate != null)
112 | filters.Add("endDate=" + DateTimeConverter.ConvertToEpochTime(EndDate.Value));
113 |
114 | if (FilterTags != null && FilterTags.Count > 0)
115 | filters.Add("filterTags=" + String.Join(",", FilterTags));
116 |
117 | if (Severities != null && Severities.Count > 0)
118 | filters.Add("severities=" + String.Join(",", Severities));
119 |
120 | if (Status != null && Status.Count > 0)
121 | filters.Add("status=" + String.Join(",", Status));
122 |
123 | if (VulnTypes != null && VulnTypes.Count > 0)
124 | filters.Add("vulnTypes=" + String.Join(",", VulnTypes));
125 |
126 | if (AppVersionTags != null && AppVersionTags.Count > 0)
127 | filters.Add("appVersionTags=" + String.Join(",", AppVersionTags));
128 |
129 | if (Environments != null && Environments.Count > 0)
130 | filters.Add("environments=" + String.Join(",", Environments));
131 |
132 | if (ServerIds != null && ServerIds.Count > 0)
133 | filters.Add("servers=" + String.Join(",", ServerIds));
134 |
135 | if (Urls != null && Urls.Count > 0)
136 | filters.Add("urls=" + String.Join(",", Urls));
137 |
138 | if (Modules != null && Modules.Count > 0)
139 | filters.Add("modules=" + String.Join(",", Modules));
140 |
141 | if (!String.IsNullOrEmpty(Sort))
142 | filters.Add("sort=" + Sort);
143 |
144 | if (Limit > -1)
145 | filters.Add("limit=" + Limit);
146 |
147 | if (Offset > -1)
148 | filters.Add("offset=" + Offset);
149 |
150 | filters.Add("tracked=" + BeingTracked);
151 | filters.Add("untracked=" + Untracked);
152 |
153 | if (filters.Count > 0)
154 | return "?" + String.Join("&", filters);
155 | else
156 | return "";
157 | }
158 | }
159 |
160 | public enum RuleSeverity
161 | {
162 | NOTE,
163 | LOW,
164 | MEDIUM,
165 | HIGH,
166 | CRITICAL
167 | }
168 |
169 | public enum ServerEnvironment
170 | {
171 | Development,
172 | QA,
173 | Production
174 | }
175 |
176 | public enum ApplicationExpandValues
177 | {
178 | scores,
179 | trace_breakdown,
180 | license
181 | }
182 |
183 | public enum LibrariesExpandValues
184 | {
185 | vulns
186 | }
187 |
188 | public enum TraceExpandValue
189 | {
190 | card,
191 | events,
192 | notes,
193 | request,
194 | application,
195 | servers
196 | }
197 | }
198 |
--------------------------------------------------------------------------------
/examples/SampleContrastClient/Program.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using Contrast;
31 | using Contrast.Http;
32 | using Contrast.Model;
33 | using System;
34 | using System.Collections.Generic;
35 | using System.Configuration;
36 | using System.Linq;
37 |
38 | namespace SampleContrastClient
39 | {
40 | class Program
41 | {
42 | private static string _organizationId;
43 |
44 | static void Main(string[] args)
45 | {
46 | Console.WriteLine("SampleContrastClient Started. Reading configuration...");
47 |
48 | string user = ConfigurationManager.AppSettings["TeamServerUserName"];
49 | string serviceKey = ConfigurationManager.AppSettings["TeamServerServiceKey"];
50 | string apiKey = ConfigurationManager.AppSettings["TeamServerApiKey"];
51 | string url = ConfigurationManager.AppSettings["TeamServerUrl"];
52 | string version = ConfigurationManager.AppSettings["IntegrationVersion"];
53 | string integrationName = ConfigurationManager.AppSettings["IntegrationName"];
54 |
55 |
56 | using (Client client = new Client(user, serviceKey, apiKey, url, version, (IntegrationName) Enum.Parse(typeof(IntegrationName), integrationName)))
57 | {
58 | Console.WriteLine("Connecting to Contrast Team Server: '{0}' as user: '{1}'", url, user);
59 |
60 | var orgs = client.GetOrganizations();
61 | Console.WriteLine("User is associated with {0} orgs. {1}", orgs.Count,
62 | (orgs.Count > 0 ? "First Organization: " + orgs[0].Name : string.Empty));
63 |
64 | if (orgs.Count > 0)
65 | {
66 | _organizationId = orgs[0].OrganizationId;
67 | }
68 |
69 | var defaultOrg = client.GetDefaultOrganization();
70 | Console.WriteLine("User's default org is:{0}({1})", defaultOrg.Name, defaultOrg.OrganizationId);
71 |
72 | var serverResponse = client.GetServers(_organizationId);
73 | if (serverResponse != null)
74 | Console.WriteLine("Found {0} servers.", serverResponse.Servers.Count);
75 | else
76 | Console.WriteLine("No servers found.");
77 |
78 | var appsResponse = client.GetApplications(_organizationId);
79 | if (appsResponse != null)
80 | Console.WriteLine("Found {0} applications.", appsResponse.Applications.Count);
81 | else
82 | Console.WriteLine("No applications found.");
83 |
84 | if (appsResponse != null && appsResponse.Applications.Count > 0)
85 | {
86 | var apps = appsResponse.Applications;
87 | string appId = apps[0].AppId;
88 | string appName = apps[0].Name;
89 | Console.WriteLine("Retrieving traces for the first application: {0} ({1}", appName, appId);
90 |
91 | var traceResponse = client.GetTraces(_organizationId);
92 |
93 | if (traceResponse != null)
94 | Console.WriteLine("Found {0} traces for application.", traceResponse.Traces.Count);
95 | else
96 | Console.WriteLine("No traces found for application.");
97 |
98 | if (traceResponse != null && traceResponse.Traces.Count > 0)
99 | {
100 | var traces = traceResponse.Traces;
101 | WriteFirstTenTraces(traces);
102 |
103 | //foreach (Trace trace in traces)
104 | //{
105 | // Console.WriteLine("Trace Exists:{0}", DoesTraceExist(client, traces.Uuid, _organizationId));
106 | //}
107 | }
108 | }
109 |
110 | // DownloadAgentToDesktop(client);
111 | }
112 |
113 | Console.WriteLine("SampleContrastClient Finished.");
114 | Console.ReadLine();
115 | }
116 |
117 | private static void WriteFirstTenTraces(List traces)
118 | {
119 | var traceSelection = (from t in traces select t).Take(10).ToList();
120 |
121 | Console.WriteLine("The First " + traceSelection.Count + " Traces:");
122 | Console.WriteLine("---------------------------------------");
123 |
124 | foreach (var trace in traceSelection)
125 | {
126 | Console.WriteLine("{0} (found: {1}, lastSeen: {2}", GetTitle(trace), trace.FirstTimeSeen, trace.LastTimeSeen);
127 | }
128 | Console.WriteLine("---------------------------------------");
129 | }
130 |
131 | private static string GetTitle(Trace trace)
132 | {
133 | string title = trace.Title;
134 |
135 | if (String.IsNullOrEmpty(title))
136 | {
137 | title = trace.RuleName;
138 | }
139 |
140 | return title;
141 | }
142 |
143 | // Example usage of GetAgent method
144 | private static void DownloadAgentToDesktop(Client client)
145 | {
146 | string filename = Environment.GetFolderPath(Environment.SpecialFolder.DesktopDirectory) + "\\dotnetagent.zip";
147 | using (var agentStream = client.GetAgent(AgentType.DotNet, _organizationId))
148 | {
149 | using (var fs = new System.IO.FileStream(filename, System.IO.FileMode.Create, System.IO.FileAccess.Write))
150 | {
151 | agentStream.CopyTo(fs);
152 | }
153 | }
154 | }
155 |
156 | // Example usage of DoesTraceExist method
157 | private static bool DoesTraceExist(Client client, string traceUuid, string organizationId)
158 | {
159 | var traces = client.GetTracesByUuid(organizationId, traceUuid)?.Traces;
160 |
161 | return (traces != null && traces.Count > 0);
162 | }
163 | }
164 | }
165 |
--------------------------------------------------------------------------------
/src/ContrastRestClient/Model/Organization.cs:
--------------------------------------------------------------------------------
1 | #region LICENSE
2 | // Copyright (c) 2019, Contrast Security, Inc.
3 | // All rights reserved.
4 | //
5 | // Redistribution and use in source and binary forms, with or without modification, are
6 | // permitted provided that the following conditions are met:
7 | //
8 | // Redistributions of source code must retain the above copyright notice, this list of
9 | // conditions and the following disclaimer.
10 | //
11 | // Redistributions in binary form must reproduce the above copyright notice, this list of
12 | // conditions and the following disclaimer in the documentation and/or other materials
13 | // provided with the distribution.
14 | //
15 | // Neither the name of the Contrast Security, Inc. nor the names of its contributors may
16 | // be used to endorse or promote products derived from this software without specific
17 | // prior written permission.
18 | //
19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
20 | // EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 | // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
22 | // THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
24 | // OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 | // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
27 | // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 | #endregion
29 |
30 | using Contrast.Serialization;
31 | using System;
32 | using System.Collections.Generic;
33 | using Newtonsoft.Json;
34 |
35 | namespace Contrast.Model
36 | {
37 | public enum ServerEnvironment
38 | {
39 | DEVELOPMENT,
40 | QA,
41 | PRODUCTION
42 | }
43 |
44 | public class Organization
45 | {
46 | ///
47 | /// Organization name
48 | ///
49 | [JsonProperty(PropertyName = "name")]
50 | public string Name { get; set; }
51 |
52 | [JsonProperty(PropertyName = "shortname")]
53 | public string ShortName { get; set; }
54 |
55 | ///
56 | /// Organization time zone
57 | ///
58 | [JsonProperty(PropertyName = "timezone")]
59 | public string Timezone { get; set; }
60 |
61 | [JsonProperty(PropertyName = "links")]
62 | public List Links { get; set; }
63 |
64 | ///
65 | /// Organization ID
66 | ///
67 | [JsonProperty(PropertyName = "organization_uuid")]
68 | public string OrganizationId { get; set; }
69 |
70 | ///
71 | /// Account ID
72 | ///
73 | [JsonProperty(PropertyName = "account_id")]
74 | public String AccountId { get; set; }
75 |
76 | ///
77 | /// Number of applications on-boarded
78 | ///
79 | [JsonProperty(PropertyName = "apps_onboarded")]
80 | public long? AppsOnBoarded { get; set; }
81 |
82 | ///
83 | /// Auto license assessment
84 | ///
85 | [JsonProperty(PropertyName = "auto_license_assessment")]
86 | public bool AutoLicenseAssessment { get; set; }
87 |
88 | ///
89 | /// Auto license protection
90 | ///
91 | [JsonProperty(PropertyName = "auto_license_protection")]
92 | public bool AutoLicenseProtection { get; set; }
93 |
94 | ///
95 | /// Organization creation time
96 | ///
97 | [JsonConverter(typeof(EpochDateTimeConverter))]
98 | [JsonProperty(PropertyName = "creation_time")]
99 | public DateTime? CreationTime { get; set; }
100 |
101 | ///
102 | /// Is this organization freemium?
103 | ///
104 | [JsonProperty(PropertyName = "freemium")]
105 | public bool? IsFreemium { get; set; }
106 |
107 | ///
108 | /// Is user guest in this organization
109 | ///
110 | [JsonProperty(PropertyName = "guest")]
111 | public bool? IsGuest { get; set; }
112 |
113 | ///
114 | /// Is a SuperAdmin Organization
115 | ///
116 | [JsonProperty(PropertyName = "is_superadmin")]
117 | public bool? IsSuperAdmin { get; set; }
118 |
119 | ///
120 | /// Has user protect enabled in this organization?
121 | ///
122 | [JsonProperty(PropertyName = "protect")]
123 | public bool? IsProtect { get; set; }
124 |
125 | ///
126 | /// Protection enabled
127 | ///
128 | [JsonProperty(PropertyName = "protection_enabled")]
129 | public bool IsProtectionEnabled { get; set; }
130 |
131 | ///
132 | /// Sample application ID
133 | ///
134 | [JsonProperty(PropertyName = "sample_application_id")]
135 | public String SampleAppId { get; set; }
136 |
137 | ///
138 | /// Sample server ID
139 | ///
140 | [JsonProperty(PropertyName = "sample_server_id")]
141 | public long? SampleServerId { get; set; }
142 |
143 | ///
144 | /// List of server environments
145 | ///
146 | [JsonProperty(PropertyName = "server_environments")]
147 | public List ServerEnvironments { get; set; }
148 |
149 | [JsonProperty(PropertyName = "superadmin")]
150 | public bool? SuperAdmin { get; set; }
151 |
152 | ///
153 | /// Organization date format
154 | ///
155 | [JsonProperty(PropertyName = "date_format")]
156 | public string DateFormat { get; set; }
157 |
158 | ///
159 | /// Organization time format
160 | ///
161 | [JsonProperty(PropertyName = "time_format")]
162 | public string TimeFormat { get; set; }
163 | }
164 |
165 | public class OrganizationResponse
166 | {
167 | [JsonProperty(PropertyName = "organizations")]
168 | public List Organizations { get; set; }
169 |
170 | [JsonProperty(PropertyName = "count")]
171 | public int Count { get; set; }
172 |
173 | [JsonProperty(PropertyName = "org_disabled")]
174 | public List