├── .gitattributes
├── .gitignore
├── .mvn
└── wrapper
│ ├── maven-wrapper.jar
│ └── maven-wrapper.properties
├── LICENSE
├── README.md
├── gpt3 api
└── handler.py
├── mvnw
├── mvnw.cmd
├── pom.xml
└── src
├── main
├── java
│ └── tech
│ │ └── noetzold
│ │ └── APItester
│ │ ├── ApiTesterApplication.java
│ │ ├── adapter
│ │ └── RAWebMvcConfigurer.java
│ │ ├── controller
│ │ ├── AutomatedRequestsController.java
│ │ ├── FullPerformanceTestController.java
│ │ ├── TestDeleteRequisitionController.java
│ │ ├── TestGetRequisitionController.java
│ │ ├── TestPostRequisitionController.java
│ │ ├── TestPutRequisitionController.java
│ │ └── UserController.java
│ │ ├── data
│ │ └── DetalheUsuarioData.java
│ │ ├── model
│ │ ├── CompleteRequest.java
│ │ ├── DefaultRequest.java
│ │ ├── FullPerformanceTest.java
│ │ ├── PerformanceResult.java
│ │ ├── Result.java
│ │ ├── TestDeleteRequisition.java
│ │ ├── TestGetRequisition.java
│ │ ├── TestPostRequisition.java
│ │ ├── TestPutRequisition.java
│ │ └── User.java
│ │ ├── repository
│ │ ├── CompleteRequestRepository.java
│ │ ├── FullPerformanceTestRepository.java
│ │ ├── ResultRepository.java
│ │ ├── TestDeleteRequisitionRepository.java
│ │ ├── TestGetRequisitionRepository.java
│ │ ├── TestPostRequisitionRepository.java
│ │ ├── TestPutRequisitionRepository.java
│ │ └── UserRepository.java
│ │ ├── security
│ │ ├── JWTAutenticarFilter.java
│ │ ├── JWTConfiguracao.java
│ │ └── JWTValidarFilter.java
│ │ ├── service
│ │ ├── CompleteRequestService.java
│ │ ├── DetalheUsuarioServiceImpl.java
│ │ ├── FullPerformanceTestService.java
│ │ ├── ResultService.java
│ │ ├── TestDeleteRequisitionService.java
│ │ ├── TestGetRequisitionService.java
│ │ ├── TestPostRequisitionService.java
│ │ ├── TestPutRequisitionService.java
│ │ └── UserService.java
│ │ ├── tests
│ │ ├── BaseTest.java
│ │ ├── CommandInjectionTest.java
│ │ ├── DataValidationTest.java
│ │ ├── PerformanceTest.java
│ │ ├── SecurityTest.java
│ │ ├── SendToGPT3.java
│ │ ├── SqlInjectionTest.java
│ │ └── XssTest.java
│ │ └── util
│ │ ├── QueryStringParser.java
│ │ ├── TEST_TYPE.java
│ │ └── TokenApp.java
└── resources
│ └── application.properties
└── test
└── java
└── tech
└── noetzold
└── APItester
└── ApiTesterApplicationTests.java
/.gitattributes:
--------------------------------------------------------------------------------
1 | # Auto detect text files and perform LF normalization
2 | * text=auto
3 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | HELP.md
2 | target/
3 | !.mvn/wrapper/maven-wrapper.jar
4 | !**/src/main/**/target/
5 | !**/src/test/**/target/
6 |
7 | ### STS ###
8 | .apt_generated
9 | .classpath
10 | .factorypath
11 | .project
12 | .settings
13 | .springBeans
14 | .sts4-cache
15 |
16 | ### IntelliJ IDEA ###
17 | .idea
18 | *.iws
19 | *.iml
20 | *.ipr
21 |
22 | ### NetBeans ###
23 | /nbproject/private/
24 | /nbbuild/
25 | /dist/
26 | /nbdist/
27 | /.nb-gradle/
28 | build/
29 | !**/src/main/**/build/
30 | !**/src/test/**/build/
31 |
32 | ### VS Code ###
33 | .vscode/
34 |
--------------------------------------------------------------------------------
/.mvn/wrapper/maven-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/DarlanNoetzold/API-tester/ec4541b72bf18e84420562ab229e3ef3b2f07985/.mvn/wrapper/maven-wrapper.jar
--------------------------------------------------------------------------------
/.mvn/wrapper/maven-wrapper.properties:
--------------------------------------------------------------------------------
1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.6/apache-maven-3.8.6-bin.zip
2 | wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar
3 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2023 Darlan Noetzold
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # API-tester
2 | This application is an API created to test other APIs, with security, performance and automated tests.
3 |
4 | ## Development:
5 | * Java was used with SpringBoot;
6 | * For security, a token system was implemented as a login;
7 | * There are individual tests for POST, GET, DELETE and PUT requests;
8 | * Each test request made will be saved in a PostgreSQL database;
9 | * RestAssured was used to make requests with a Web Template.
10 |
11 | ## Project:
12 | * The project has some features related to request testing;
13 | * For security testing there are SQL Injection, Command Injection, XSS Injection, weak passwords and data validation tests;
14 | * There is an integration with GPT-3 to check for API problems;
15 | * It is possible to carry out performance tests with several parallel requests;
16 | * It is also possible to automate tests, causing the application to send several requests to different endpoints;
17 | * In these automated tests it is possible to define variables that are fed with responses from other requests, facilitating automation.
18 |
19 | ## Postman documentation:
20 | [Click here](https://documenter.getpostman.com/view/16000387/2s93XsZnC7) to view an initial doc of requests for the API.
21 |
22 | ---
23 | ⭐️ From [DarlanNoetzold](https://github.com/DarlanNoetzold)
24 |
--------------------------------------------------------------------------------
/gpt3 api/handler.py:
--------------------------------------------------------------------------------
1 | from flask import Flask, request
2 | import openai
3 | import os
4 |
5 | app = Flask(__name__)
6 |
7 |
8 | @app.route('/gptTest', methods=['POST'])
9 | def gpt_tests():
10 | test_json = request.get_json()
11 | url = test_json['url']
12 | typeReq = test_json['typeReq']
13 | body = test_json['body']
14 | params = test_json['params']
15 | headers = test_json['headers']
16 | openai.api_key = test_json['apyKey']
17 |
18 | text = 'Teste a API com a url ' + url + ' com o tipo de requisição ' + typeReq
19 |
20 | if body != '':
21 | text += ' com o body ' + body
22 | if params != '':
23 | text += ' com os parametros ' + params
24 | if headers != '':
25 | text += ' com os headers ' + headers
26 |
27 | response = openai.Completion.create(model="text-davinci-003", prompt=text, temperature=0.6, max_tokens=4000)
28 |
29 | for i in response.choices:
30 | response[i] = i.text
31 |
32 | return response.to_json(orient='records')
33 |
34 |
35 | if __name__ == '__main__':
36 | port = os.environ.get('PORT', 5000)
37 | app.run(host='0.0.0.0', port=port)
38 |
--------------------------------------------------------------------------------
/mvnw:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # ----------------------------------------------------------------------------
3 | # Licensed to the Apache Software Foundation (ASF) under one
4 | # or more contributor license agreements. See the NOTICE file
5 | # distributed with this work for additional information
6 | # regarding copyright ownership. The ASF licenses this file
7 | # to you under the Apache License, Version 2.0 (the
8 | # "License"); you may not use this file except in compliance
9 | # with the License. You may obtain a copy of the License at
10 | #
11 | # https://www.apache.org/licenses/LICENSE-2.0
12 | #
13 | # Unless required by applicable law or agreed to in writing,
14 | # software distributed under the License is distributed on an
15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 | # KIND, either express or implied. See the License for the
17 | # specific language governing permissions and limitations
18 | # under the License.
19 | # ----------------------------------------------------------------------------
20 |
21 | # ----------------------------------------------------------------------------
22 | # Maven Start Up Batch script
23 | #
24 | # Required ENV vars:
25 | # ------------------
26 | # JAVA_HOME - location of a JDK home dir
27 | #
28 | # Optional ENV vars
29 | # -----------------
30 | # M2_HOME - location of maven2's installed home dir
31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven
32 | # e.g. to debug Maven itself, use
33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files
35 | # ----------------------------------------------------------------------------
36 |
37 | if [ -z "$MAVEN_SKIP_RC" ] ; then
38 |
39 | if [ -f /usr/local/etc/mavenrc ] ; then
40 | . /usr/local/etc/mavenrc
41 | fi
42 |
43 | if [ -f /etc/mavenrc ] ; then
44 | . /etc/mavenrc
45 | fi
46 |
47 | if [ -f "$HOME/.mavenrc" ] ; then
48 | . "$HOME/.mavenrc"
49 | fi
50 |
51 | fi
52 |
53 | # OS specific support. $var _must_ be set to either true or false.
54 | cygwin=false;
55 | darwin=false;
56 | mingw=false
57 | case "`uname`" in
58 | CYGWIN*) cygwin=true ;;
59 | MINGW*) mingw=true;;
60 | Darwin*) darwin=true
61 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
62 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html
63 | if [ -z "$JAVA_HOME" ]; then
64 | if [ -x "/usr/libexec/java_home" ]; then
65 | export JAVA_HOME="`/usr/libexec/java_home`"
66 | else
67 | export JAVA_HOME="/Library/Java/Home"
68 | fi
69 | fi
70 | ;;
71 | esac
72 |
73 | if [ -z "$JAVA_HOME" ] ; then
74 | if [ -r /etc/gentoo-release ] ; then
75 | JAVA_HOME=`java-config --jre-home`
76 | fi
77 | fi
78 |
79 | if [ -z "$M2_HOME" ] ; then
80 | ## resolve links - $0 may be a link to maven's home
81 | PRG="$0"
82 |
83 | # need this for relative symlinks
84 | while [ -h "$PRG" ] ; do
85 | ls=`ls -ld "$PRG"`
86 | link=`expr "$ls" : '.*-> \(.*\)$'`
87 | if expr "$link" : '/.*' > /dev/null; then
88 | PRG="$link"
89 | else
90 | PRG="`dirname "$PRG"`/$link"
91 | fi
92 | done
93 |
94 | saveddir=`pwd`
95 |
96 | M2_HOME=`dirname "$PRG"`/..
97 |
98 | # make it fully qualified
99 | M2_HOME=`cd "$M2_HOME" && pwd`
100 |
101 | cd "$saveddir"
102 | # echo Using m2 at $M2_HOME
103 | fi
104 |
105 | # For Cygwin, ensure paths are in UNIX format before anything is touched
106 | if $cygwin ; then
107 | [ -n "$M2_HOME" ] &&
108 | M2_HOME=`cygpath --unix "$M2_HOME"`
109 | [ -n "$JAVA_HOME" ] &&
110 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
111 | [ -n "$CLASSPATH" ] &&
112 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
113 | fi
114 |
115 | # For Mingw, ensure paths are in UNIX format before anything is touched
116 | if $mingw ; then
117 | [ -n "$M2_HOME" ] &&
118 | M2_HOME="`(cd "$M2_HOME"; pwd)`"
119 | [ -n "$JAVA_HOME" ] &&
120 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
121 | fi
122 |
123 | if [ -z "$JAVA_HOME" ]; then
124 | javaExecutable="`which javac`"
125 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
126 | # readlink(1) is not available as standard on Solaris 10.
127 | readLink=`which readlink`
128 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
129 | if $darwin ; then
130 | javaHome="`dirname \"$javaExecutable\"`"
131 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
132 | else
133 | javaExecutable="`readlink -f \"$javaExecutable\"`"
134 | fi
135 | javaHome="`dirname \"$javaExecutable\"`"
136 | javaHome=`expr "$javaHome" : '\(.*\)/bin'`
137 | JAVA_HOME="$javaHome"
138 | export JAVA_HOME
139 | fi
140 | fi
141 | fi
142 |
143 | if [ -z "$JAVACMD" ] ; then
144 | if [ -n "$JAVA_HOME" ] ; then
145 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
146 | # IBM's JDK on AIX uses strange locations for the executables
147 | JAVACMD="$JAVA_HOME/jre/sh/java"
148 | else
149 | JAVACMD="$JAVA_HOME/bin/java"
150 | fi
151 | else
152 | JAVACMD="`\\unset -f command; \\command -v java`"
153 | fi
154 | fi
155 |
156 | if [ ! -x "$JAVACMD" ] ; then
157 | echo "Error: JAVA_HOME is not defined correctly." >&2
158 | echo " We cannot execute $JAVACMD" >&2
159 | exit 1
160 | fi
161 |
162 | if [ -z "$JAVA_HOME" ] ; then
163 | echo "Warning: JAVA_HOME environment variable is not set."
164 | fi
165 |
166 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
167 |
168 | # traverses directory structure from process work directory to filesystem root
169 | # first directory with .mvn subdirectory is considered project base directory
170 | find_maven_basedir() {
171 |
172 | if [ -z "$1" ]
173 | then
174 | echo "Path not specified to find_maven_basedir"
175 | return 1
176 | fi
177 |
178 | basedir="$1"
179 | wdir="$1"
180 | while [ "$wdir" != '/' ] ; do
181 | if [ -d "$wdir"/.mvn ] ; then
182 | basedir=$wdir
183 | break
184 | fi
185 | # workaround for JBEAP-8937 (on Solaris 10/Sparc)
186 | if [ -d "${wdir}" ]; then
187 | wdir=`cd "$wdir/.."; pwd`
188 | fi
189 | # end of workaround
190 | done
191 | echo "${basedir}"
192 | }
193 |
194 | # concatenates all lines of a file
195 | concat_lines() {
196 | if [ -f "$1" ]; then
197 | echo "$(tr -s '\n' ' ' < "$1")"
198 | fi
199 | }
200 |
201 | BASE_DIR=`find_maven_basedir "$(pwd)"`
202 | if [ -z "$BASE_DIR" ]; then
203 | exit 1;
204 | fi
205 |
206 | ##########################################################################################
207 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
208 | # This allows using the maven wrapper in projects that prohibit checking in binary data.
209 | ##########################################################################################
210 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then
211 | if [ "$MVNW_VERBOSE" = true ]; then
212 | echo "Found .mvn/wrapper/maven-wrapper.jar"
213 | fi
214 | else
215 | if [ "$MVNW_VERBOSE" = true ]; then
216 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..."
217 | fi
218 | if [ -n "$MVNW_REPOURL" ]; then
219 | jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
220 | else
221 | jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
222 | fi
223 | while IFS="=" read key value; do
224 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;;
225 | esac
226 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties"
227 | if [ "$MVNW_VERBOSE" = true ]; then
228 | echo "Downloading from: $jarUrl"
229 | fi
230 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar"
231 | if $cygwin; then
232 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"`
233 | fi
234 |
235 | if command -v wget > /dev/null; then
236 | if [ "$MVNW_VERBOSE" = true ]; then
237 | echo "Found wget ... using wget"
238 | fi
239 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
240 | wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
241 | else
242 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
243 | fi
244 | elif command -v curl > /dev/null; then
245 | if [ "$MVNW_VERBOSE" = true ]; then
246 | echo "Found curl ... using curl"
247 | fi
248 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
249 | curl -o "$wrapperJarPath" "$jarUrl" -f
250 | else
251 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f
252 | fi
253 |
254 | else
255 | if [ "$MVNW_VERBOSE" = true ]; then
256 | echo "Falling back to using Java to download"
257 | fi
258 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java"
259 | # For Cygwin, switch paths to Windows format before running javac
260 | if $cygwin; then
261 | javaClass=`cygpath --path --windows "$javaClass"`
262 | fi
263 | if [ -e "$javaClass" ]; then
264 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
265 | if [ "$MVNW_VERBOSE" = true ]; then
266 | echo " - Compiling MavenWrapperDownloader.java ..."
267 | fi
268 | # Compiling the Java class
269 | ("$JAVA_HOME/bin/javac" "$javaClass")
270 | fi
271 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
272 | # Running the downloader
273 | if [ "$MVNW_VERBOSE" = true ]; then
274 | echo " - Running MavenWrapperDownloader.java ..."
275 | fi
276 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR")
277 | fi
278 | fi
279 | fi
280 | fi
281 | ##########################################################################################
282 | # End of extension
283 | ##########################################################################################
284 |
285 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
286 | if [ "$MVNW_VERBOSE" = true ]; then
287 | echo $MAVEN_PROJECTBASEDIR
288 | fi
289 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
290 |
291 | # For Cygwin, switch paths to Windows format before running java
292 | if $cygwin; then
293 | [ -n "$M2_HOME" ] &&
294 | M2_HOME=`cygpath --path --windows "$M2_HOME"`
295 | [ -n "$JAVA_HOME" ] &&
296 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
297 | [ -n "$CLASSPATH" ] &&
298 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
299 | [ -n "$MAVEN_PROJECTBASEDIR" ] &&
300 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
301 | fi
302 |
303 | # Provide a "standardized" way to retrieve the CLI args that will
304 | # work with both Windows and non-Windows executions.
305 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@"
306 | export MAVEN_CMD_LINE_ARGS
307 |
308 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
309 |
310 | exec "$JAVACMD" \
311 | $MAVEN_OPTS \
312 | $MAVEN_DEBUG_OPTS \
313 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
314 | "-Dmaven.home=${M2_HOME}" \
315 | "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
316 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"
317 |
--------------------------------------------------------------------------------
/mvnw.cmd:
--------------------------------------------------------------------------------
1 | @REM ----------------------------------------------------------------------------
2 | @REM Licensed to the Apache Software Foundation (ASF) under one
3 | @REM or more contributor license agreements. See the NOTICE file
4 | @REM distributed with this work for additional information
5 | @REM regarding copyright ownership. The ASF licenses this file
6 | @REM to you under the Apache License, Version 2.0 (the
7 | @REM "License"); you may not use this file except in compliance
8 | @REM with the License. You may obtain a copy of the License at
9 | @REM
10 | @REM https://www.apache.org/licenses/LICENSE-2.0
11 | @REM
12 | @REM Unless required by applicable law or agreed to in writing,
13 | @REM software distributed under the License is distributed on an
14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 | @REM KIND, either express or implied. See the License for the
16 | @REM specific language governing permissions and limitations
17 | @REM under the License.
18 | @REM ----------------------------------------------------------------------------
19 |
20 | @REM ----------------------------------------------------------------------------
21 | @REM Maven Start Up Batch script
22 | @REM
23 | @REM Required ENV vars:
24 | @REM JAVA_HOME - location of a JDK home dir
25 | @REM
26 | @REM Optional ENV vars
27 | @REM M2_HOME - location of maven2's installed home dir
28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
31 | @REM e.g. to debug Maven itself, use
32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
34 | @REM ----------------------------------------------------------------------------
35 |
36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
37 | @echo off
38 | @REM set title of command window
39 | title %0
40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO%
42 |
43 | @REM set %HOME% to equivalent of $HOME
44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
45 |
46 | @REM Execute a user defined script before this one
47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending
49 | if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
50 | if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
51 | :skipRcPre
52 |
53 | @setlocal
54 |
55 | set ERROR_CODE=0
56 |
57 | @REM To isolate internal variables from possible post scripts, we use another setlocal
58 | @setlocal
59 |
60 | @REM ==== START VALIDATION ====
61 | if not "%JAVA_HOME%" == "" goto OkJHome
62 |
63 | echo.
64 | echo Error: JAVA_HOME not found in your environment. >&2
65 | echo Please set the JAVA_HOME variable in your environment to match the >&2
66 | echo location of your Java installation. >&2
67 | echo.
68 | goto error
69 |
70 | :OkJHome
71 | if exist "%JAVA_HOME%\bin\java.exe" goto init
72 |
73 | echo.
74 | echo Error: JAVA_HOME is set to an invalid directory. >&2
75 | echo JAVA_HOME = "%JAVA_HOME%" >&2
76 | echo Please set the JAVA_HOME variable in your environment to match the >&2
77 | echo location of your Java installation. >&2
78 | echo.
79 | goto error
80 |
81 | @REM ==== END VALIDATION ====
82 |
83 | :init
84 |
85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
86 | @REM Fallback to current working directory if not found.
87 |
88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
90 |
91 | set EXEC_DIR=%CD%
92 | set WDIR=%EXEC_DIR%
93 | :findBaseDir
94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound
95 | cd ..
96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound
97 | set WDIR=%CD%
98 | goto findBaseDir
99 |
100 | :baseDirFound
101 | set MAVEN_PROJECTBASEDIR=%WDIR%
102 | cd "%EXEC_DIR%"
103 | goto endDetectBaseDir
104 |
105 | :baseDirNotFound
106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
107 | cd "%EXEC_DIR%"
108 |
109 | :endDetectBaseDir
110 |
111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
112 |
113 | @setlocal EnableExtensions EnableDelayedExpansion
114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
116 |
117 | :endReadAdditionalConfig
118 |
119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
122 |
123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
124 |
125 | FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
127 | )
128 |
129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data.
131 | if exist %WRAPPER_JAR% (
132 | if "%MVNW_VERBOSE%" == "true" (
133 | echo Found %WRAPPER_JAR%
134 | )
135 | ) else (
136 | if not "%MVNW_REPOURL%" == "" (
137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
138 | )
139 | if "%MVNW_VERBOSE%" == "true" (
140 | echo Couldn't find %WRAPPER_JAR%, downloading it ...
141 | echo Downloading from: %DOWNLOAD_URL%
142 | )
143 |
144 | powershell -Command "&{"^
145 | "$webclient = new-object System.Net.WebClient;"^
146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
148 | "}"^
149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^
150 | "}"
151 | if "%MVNW_VERBOSE%" == "true" (
152 | echo Finished downloading %WRAPPER_JAR%
153 | )
154 | )
155 | @REM End of extension
156 |
157 | @REM Provide a "standardized" way to retrieve the CLI args that will
158 | @REM work with both Windows and non-Windows executions.
159 | set MAVEN_CMD_LINE_ARGS=%*
160 |
161 | %MAVEN_JAVA_EXE% ^
162 | %JVM_CONFIG_MAVEN_PROPS% ^
163 | %MAVEN_OPTS% ^
164 | %MAVEN_DEBUG_OPTS% ^
165 | -classpath %WRAPPER_JAR% ^
166 | "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
167 | %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
168 | if ERRORLEVEL 1 goto error
169 | goto end
170 |
171 | :error
172 | set ERROR_CODE=1
173 |
174 | :end
175 | @endlocal & set ERROR_CODE=%ERROR_CODE%
176 |
177 | if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
178 | @REM check for post script, once with legacy .bat ending and once with .cmd ending
179 | if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
180 | if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
181 | :skipRcPost
182 |
183 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
184 | if "%MAVEN_BATCH_PAUSE%"=="on" pause
185 |
186 | if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
187 |
188 | cmd /C exit /B %ERROR_CODE%
189 |
--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.springframework.boot
7 | spring-boot-starter-parent
8 | 2.6.4
9 |
10 |
11 | tech.noetzold
12 | API-tester
13 | 0.0.1-SNAPSHOT
14 | API-tester
15 | Demo project for Spring Boot
16 |
17 | 11
18 |
19 |
20 |
21 | javax.servlet
22 | javax.servlet-api
23 | 3.0.1
24 | provided
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-data-jpa
29 |
30 |
31 | org.springframework.boot
32 | spring-boot-starter-web
33 |
34 |
35 |
36 | org.springframework.boot
37 | spring-boot-devtools
38 | runtime
39 | true
40 |
41 |
42 | org.projectlombok
43 | lombok
44 | true
45 |
46 |
47 | org.postgresql
48 | postgresql
49 | runtime
50 |
51 |
52 | com.auth0
53 | java-jwt
54 | 3.16.0
55 |
56 |
57 | org.springframework.boot
58 | spring-boot-starter-test
59 | test
60 |
61 |
62 | org.junit.jupiter
63 | junit-jupiter
64 | RELEASE
65 |
66 |
67 | javax.validation
68 | validation-api
69 | 2.0.1.Final
70 |
71 |
72 | org.springframework.boot
73 | spring-boot-starter-security
74 |
75 |
76 | org.springdoc
77 | springdoc-openapi-ui
78 | 1.6.6
79 |
80 |
81 | org.springdoc
82 | springdoc-openapi-security
83 | 1.6.6
84 |
85 |
86 | org.springframework.amqp
87 | spring-amqp
88 | 2.1.9.RELEASE
89 |
90 |
91 |
92 | com.rabbitmq
93 | amqp-client
94 | 5.15.0
95 |
96 |
97 | org.springframework.boot
98 | spring-boot-starter-data-redis-reactive
99 |
100 |
101 | org.springdoc
102 | springdoc-openapi-data-rest
103 | 1.6.6
104 |
105 |
106 | io.rest-assured
107 | rest-assured
108 | 4.4.0
109 |
110 |
111 | org.springframework.boot
112 | spring-boot-starter-test
113 | test
114 |
115 |
116 | org.junit.vintage
117 | junit-vintage-engine
118 |
119 |
120 |
121 |
122 | io.rest-assured
123 | spring-mock-mvc
124 | test
125 |
126 |
127 |
128 |
129 |
130 |
131 | org.springframework.boot
132 | spring-boot-maven-plugin
133 |
134 |
135 |
136 | org.projectlombok
137 | lombok
138 |
139 |
140 |
141 |
142 |
143 |
144 |
145 |
146 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/ApiTesterApplication.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.context.annotation.Bean;
6 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
7 | import org.springframework.security.crypto.password.PasswordEncoder;
8 |
9 | @SpringBootApplication
10 | public class ApiTesterApplication {
11 |
12 | public static void main(String[] args) {
13 | SpringApplication.run(ApiTesterApplication.class, args);
14 | }
15 |
16 | @Bean
17 | public PasswordEncoder getPasswordEncoder() {
18 | BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
19 | return encoder;
20 | }
21 |
22 | }
23 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/adapter/RAWebMvcConfigurer.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.adapter;
2 |
3 | import org.springframework.context.annotation.Configuration;
4 | import org.springframework.data.domain.PageRequest;
5 | import org.springframework.data.web.PageableHandlerMethodArgumentResolver;
6 | import org.springframework.web.method.support.HandlerMethodArgumentResolver;
7 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
8 |
9 | import java.util.List;
10 |
11 | @Configuration
12 | public class RAWebMvcConfigurer implements WebMvcConfigurer {
13 | @Override
14 | public void addArgumentResolvers(List resolvers) {
15 | PageableHandlerMethodArgumentResolver pageHandler = new PageableHandlerMethodArgumentResolver();
16 | pageHandler.setFallbackPageable(PageRequest.of(0,5));
17 | resolvers.add(pageHandler);
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/controller/AutomatedRequestsController.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.controller;
2 |
3 | import io.restassured.RestAssured;
4 | import io.restassured.path.json.JsonPath;
5 | import io.restassured.response.Response;
6 | import io.restassured.specification.RequestSpecification;
7 | import org.springframework.beans.factory.annotation.Autowired;
8 | import org.springframework.web.bind.annotation.PostMapping;
9 | import org.springframework.web.bind.annotation.RequestBody;
10 | import org.springframework.web.bind.annotation.RequestMapping;
11 | import org.springframework.web.bind.annotation.RestController;
12 | import tech.noetzold.APItester.model.CompleteRequest;
13 | import tech.noetzold.APItester.service.CompleteRequestService;
14 | import tech.noetzold.APItester.service.ResultService;
15 | import tech.noetzold.APItester.service.UserService;
16 | import tech.noetzold.APItester.util.QueryStringParser;
17 |
18 | import java.util.HashMap;
19 | import java.util.List;
20 | import java.util.Map;
21 | import java.util.regex.Matcher;
22 | import java.util.regex.Pattern;
23 |
24 | @RestController
25 | @RequestMapping("/automated")
26 | public class AutomatedRequestsController {
27 |
28 | @Autowired
29 | CompleteRequestService completeRequestService;
30 |
31 | @Autowired
32 | ResultService resultService;
33 |
34 | @Autowired
35 | UserService userService;
36 |
37 | @PostMapping("/test/list")
38 | public void testPerformanceEndpointList(@RequestBody List fullPerformanceTests) {
39 | Map variableMap = new HashMap<>();
40 |
41 | for (CompleteRequest fullPerformanceTest : fullPerformanceTests) {
42 | String requestBody = replaceVariables(fullPerformanceTest.getBody(), variableMap);
43 | String requestHeaders = replaceVariables(fullPerformanceTest.getHeaders(), variableMap);
44 | Map headers = QueryStringParser.parseQueryString(requestHeaders);
45 |
46 | String requestUrl = replaceVariables(fullPerformanceTest.getUrl(), variableMap);
47 |
48 | RequestSpecification requestSpec = RestAssured.given()
49 | .headers(headers)
50 | .body(requestBody);
51 |
52 | Response response;
53 | String method = fullPerformanceTest.getMethod();
54 | if (method.equalsIgnoreCase("get")) {
55 | response = requestSpec.when().get(requestUrl);
56 | } else if (method.equalsIgnoreCase("post")) {
57 | response = requestSpec.when().post(requestUrl);
58 | } else if (method.equalsIgnoreCase("put")) {
59 | response = requestSpec.when().put(requestUrl);
60 | } else if (method.equalsIgnoreCase("delete")) {
61 | response = requestSpec.when().delete(requestUrl);
62 | }else{
63 | response = requestSpec.when().post(requestUrl);
64 | }
65 |
66 | String responseBody = response.getBody().asString();
67 | try {
68 | variableMap.putAll(new JsonPath(responseBody).getMap(""));
69 | }catch (Exception exception){
70 | variableMap.put("token", responseBody);
71 | }
72 | }
73 | }
74 |
75 | private static T replaceVariables(T input, Map variableMap) {
76 | if (input == null) {
77 | return null;
78 | }
79 | String str = input.toString();
80 | if (str.isEmpty()) {
81 | return input;
82 | }
83 |
84 | Pattern pattern = Pattern.compile("\\{\\{([^}]+)\\}\\}");
85 | Matcher matcher = pattern.matcher(str);
86 |
87 | StringBuffer sb = new StringBuffer();
88 | while (matcher.find()) {
89 | String varName = matcher.group(1);
90 | Object varValue = variableMap.get(varName);
91 | String replacement = (varValue != null) ? varValue.toString() : "";
92 | matcher.appendReplacement(sb, Matcher.quoteReplacement(replacement));
93 | }
94 | matcher.appendTail(sb);
95 | return (T) sb.toString();
96 | }
97 |
98 |
99 | }
100 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/controller/FullPerformanceTestController.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.controller;
2 |
3 | import com.fasterxml.jackson.core.type.TypeReference;
4 | import com.fasterxml.jackson.databind.ObjectMapper;
5 | import org.springframework.beans.factory.annotation.Autowired;
6 | import org.springframework.data.domain.Page;
7 | import org.springframework.data.domain.Pageable;
8 | import org.springframework.http.*;
9 | import org.springframework.security.core.context.SecurityContextHolder;
10 | import org.springframework.web.bind.annotation.*;
11 | import tech.noetzold.APItester.model.*;
12 | import tech.noetzold.APItester.service.FullPerformanceTestService;
13 | import tech.noetzold.APItester.service.ResultService;
14 | import tech.noetzold.APItester.service.UserService;
15 | import tech.noetzold.APItester.tests.*;
16 | import tech.noetzold.APItester.util.QueryStringParser;
17 |
18 | import javax.servlet.http.HttpServletRequest;
19 | import javax.servlet.http.HttpServletResponse;
20 | import java.util.*;
21 |
22 | @RestController
23 | @RequestMapping("/performance")
24 | public class FullPerformanceTestController {
25 |
26 | @Autowired
27 | FullPerformanceTestService fullPerformanceTestService;
28 |
29 | @Autowired
30 | ResultService resultService;
31 |
32 | @Autowired
33 | UserService userService;
34 |
35 | @GetMapping("/getByUser/{login}")
36 | public ResponseEntity> getAllByUser(HttpServletRequest request, HttpServletResponse response, Pageable pageable, @PathVariable("login") String login) {
37 | return new ResponseEntity<>(fullPerformanceTestService.findByUser(pageable, login), HttpStatus.OK);
38 | }
39 |
40 | @DeleteMapping("remove/{id}")
41 | public void remove(HttpServletRequest request, HttpServletResponse response, @PathVariable("id") Integer id) {
42 | fullPerformanceTestService.deleteFullPerformanceById(id);
43 | }
44 |
45 | @PostMapping("/test")
46 | public ResponseEntity testPerformanceEndpoint(@RequestBody FullPerformanceTest fullPerformanceTest) {
47 |
48 | fullPerformanceTest.setResult(callPerformanceTestByRequestType(fullPerformanceTest));
49 |
50 | fullPerformanceTest.setDate_request(Calendar.getInstance());
51 |
52 | fullPerformanceTest.setUser(userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()));
53 |
54 | FullPerformanceTest fullPerformanceTestResponse = fullPerformanceTestService.saveService(fullPerformanceTest);
55 |
56 | return ResponseEntity.status(HttpStatus.OK).body(fullPerformanceTestResponse);
57 | }
58 |
59 | private List callPerformanceTestByRequestType(FullPerformanceTest fullPerformanceTest){
60 | List testsResults = new ArrayList<>();
61 | try {
62 | Map headers = QueryStringParser.parseQueryString(fullPerformanceTest.getHeaders());
63 |
64 | fullPerformanceTest.setMethod(fullPerformanceTest.getMethod().toUpperCase());
65 | if("POST".equals(fullPerformanceTest.getMethod())){
66 | TestPostRequisition testPostRequisition = new TestPostRequisition();
67 | testPostRequisition.setBody(fullPerformanceTest.getBody());
68 | testPostRequisition.setUrl(fullPerformanceTest.getUrl());
69 | testPostRequisition.setHeaders(fullPerformanceTest.getHeaders());
70 | testPostRequisition.setUser(userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()));
71 |
72 | PerformanceTest performanceTest = new PerformanceTest(testPostRequisition);
73 | TypeReference> typeRef = new TypeReference<>() {};
74 | ObjectMapper objectMapper = new ObjectMapper();
75 | Map body = objectMapper.readValue(fullPerformanceTest.getBody(), typeRef);
76 |
77 | List performanceTestResults = performanceTest.runPostTests(1, fullPerformanceTest.getNumReq(), body, headers);
78 | for (Result result: performanceTestResults) testsResults.add(resultService.saveService(result));
79 | }else if("GET".equals(fullPerformanceTest.getMethod())){
80 | TestGetRequisition testGetRequisition = new TestGetRequisition();
81 | testGetRequisition.setUser(userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()));
82 | testGetRequisition.setHeaders(fullPerformanceTest.getHeaders());
83 | testGetRequisition.setParameters(fullPerformanceTest.getParameters());
84 | testGetRequisition.setUrl(fullPerformanceTest.getUrl());
85 | PerformanceTest performanceTest = new PerformanceTest(testGetRequisition);
86 |
87 | Map parameters = QueryStringParser.parseQueryString(testGetRequisition.getParameters());
88 |
89 | List performanceTestResults = performanceTest.runGetTests(1, fullPerformanceTest.getNumReq(),parameters, headers);
90 | for (Result result: performanceTestResults) testsResults.add(resultService.saveService(result));
91 | }else if("PUT".equals(fullPerformanceTest.getMethod())){
92 | TestPutRequisition testPutRequisition = new TestPutRequisition();
93 | testPutRequisition.setBody(fullPerformanceTest.getBody());
94 | testPutRequisition.setUrl(fullPerformanceTest.getUrl());
95 | testPutRequisition.setHeaders(fullPerformanceTest.getHeaders());
96 | testPutRequisition.setUser(userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()));
97 |
98 | PerformanceTest performanceTest = new PerformanceTest(testPutRequisition);
99 | TypeReference> typeRef = new TypeReference<>() {};
100 | ObjectMapper objectMapper = new ObjectMapper();
101 | Map body = objectMapper.readValue(fullPerformanceTest.getBody(), typeRef);
102 |
103 | List performanceTestResults = performanceTest.runPutTests(1, fullPerformanceTest.getNumReq(), body, headers);
104 | for (Result result: performanceTestResults) testsResults.add(resultService.saveService(result));
105 | }else if("DELETE".equals(fullPerformanceTest.getMethod())){
106 | TestDeleteRequisition testDeleteRequisition = new TestDeleteRequisition();
107 | testDeleteRequisition.setUser(userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()));
108 | testDeleteRequisition.setHeaders(fullPerformanceTest.getHeaders());
109 | testDeleteRequisition.setParameters(fullPerformanceTest.getParameters());
110 | testDeleteRequisition.setUrl(fullPerformanceTest.getUrl());
111 | PerformanceTest performanceTest = new PerformanceTest(testDeleteRequisition);
112 |
113 | Map parameters = QueryStringParser.parseQueryString(testDeleteRequisition.getParameters());
114 |
115 | List performanceTestResults = performanceTest.runGetTests(1, fullPerformanceTest.getNumReq(),parameters, headers);
116 | for (Result result: performanceTestResults) testsResults.add(resultService.saveService(result));
117 | }
118 |
119 | return testsResults;
120 | }catch (Exception e){
121 | e.printStackTrace();
122 | }
123 |
124 | return testsResults;
125 | }
126 | }
127 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/controller/TestDeleteRequisitionController.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.controller;
2 |
3 | import io.restassured.RestAssured;
4 | import io.restassured.specification.RequestSpecification;
5 | import org.springframework.beans.factory.annotation.Autowired;
6 | import org.springframework.data.domain.Page;
7 | import org.springframework.data.domain.Pageable;
8 | import org.springframework.http.HttpStatus;
9 | import org.springframework.http.ResponseEntity;
10 | import org.springframework.security.core.context.SecurityContextHolder;
11 | import org.springframework.web.bind.annotation.*;
12 | import tech.noetzold.APItester.model.Result;
13 | import tech.noetzold.APItester.model.TestDeleteRequisition;
14 | import tech.noetzold.APItester.service.ResultService;
15 | import tech.noetzold.APItester.service.TestDeleteRequisitionService;
16 | import tech.noetzold.APItester.service.UserService;
17 | import tech.noetzold.APItester.tests.*;
18 | import tech.noetzold.APItester.util.QueryStringParser;
19 |
20 | import javax.servlet.http.HttpServletRequest;
21 | import javax.servlet.http.HttpServletResponse;
22 | import java.util.ArrayList;
23 | import java.util.List;
24 | import java.util.Map;
25 |
26 | @RestController
27 | @RequestMapping("/delete")
28 | public class TestDeleteRequisitionController {
29 | @Autowired
30 | TestDeleteRequisitionService testDeleteRequisitionService;
31 |
32 | @Autowired
33 | ResultService resultService;
34 |
35 | @Autowired
36 | UserService userService;
37 |
38 | @DeleteMapping("/getByUser/{login}")
39 | public ResponseEntity> getAllByUser(HttpServletRequest request, HttpServletResponse response, Pageable pageable, @PathVariable("login") String login) {
40 | return new ResponseEntity<>(testDeleteRequisitionService.findByUser(pageable, login), HttpStatus.OK);
41 | }
42 |
43 | @DeleteMapping("remove/{id}")
44 | public void remove(HttpServletRequest request, HttpServletResponse response, @PathVariable("id") Integer id) {
45 | testDeleteRequisitionService.deleteDeleteRequisitionById(id);
46 | }
47 |
48 | @PostMapping("/test")
49 | public ResponseEntity testDeleteEndpoint(
50 | @RequestBody TestDeleteRequisition testDeleteRequisition) {
51 | String url = testDeleteRequisition.getUrl();
52 | Map parameters = QueryStringParser.parseQueryString(testDeleteRequisition.getParameters());
53 | Map headers = QueryStringParser.parseQueryString(testDeleteRequisition.getHeaders());
54 |
55 | RequestSpecification request = RestAssured.given()
56 | .urlEncodingEnabled(false);
57 |
58 | if (!headers.isEmpty()) {
59 | request.headers(headers);
60 | }
61 |
62 | if (!parameters.isEmpty()) {
63 | request.params(parameters);
64 | }
65 |
66 | testDeleteRequisition.setResult(callTestsAndReturnResults(request,url,parameters, testDeleteRequisition, headers));
67 |
68 | testDeleteRequisition.setUser(userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()));
69 |
70 | testDeleteRequisitionService.saveService(testDeleteRequisition);
71 |
72 | return ResponseEntity.status(HttpStatus.OK).body(testDeleteRequisition);
73 | }
74 |
75 | private List callTestsAndReturnResults(RequestSpecification request, String url, Map params, TestDeleteRequisition testDeleteRequisition, Map headers){
76 | List testsResults = new ArrayList<>();
77 |
78 | SecurityTest securityTest = new SecurityTest();
79 | testsResults.add(resultService.saveService(securityTest.testDeleteSecureResponse(request, url)));
80 |
81 | SqlInjectionTest sqlInjectionTest = new SqlInjectionTest();
82 | testsResults.add(resultService.saveService(sqlInjectionTest.testDeleteSqlInjection(url, request, params)));
83 |
84 | CommandInjectionTest commandInjectionTest = new CommandInjectionTest();
85 | testsResults.add(resultService.saveService(commandInjectionTest.testDeleteCommandInjection(url, request, params)));
86 |
87 | XssTest xssTest = new XssTest();
88 | testsResults.add(resultService.saveService(xssTest.testDeleteXss(url, request, params)));
89 |
90 | DataValidationTest dataValidationTest = new DataValidationTest();
91 | testsResults.add(resultService.saveService(dataValidationTest.testDeleteDataValidation(url, request, params)));
92 |
93 | SendToGPT3 sendToGPT3Test = new SendToGPT3(testDeleteRequisition);
94 | testsResults.add(resultService.saveService(sendToGPT3Test.doGptDeleteTest()));
95 |
96 | PerformanceTest performanceTest = new PerformanceTest(testDeleteRequisition);
97 | List performanceTestResults = performanceTest.runDeleteTests(1, 100, params, headers);
98 | for (Result result: performanceTestResults) testsResults.add(resultService.saveService(result));
99 |
100 | return testsResults;
101 |
102 | }
103 | }
104 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/controller/TestGetRequisitionController.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.controller;
2 |
3 |
4 | import io.restassured.RestAssured;
5 | import io.restassured.specification.RequestSpecification;
6 | import org.springframework.beans.factory.annotation.Autowired;
7 | import org.springframework.data.domain.Page;
8 | import org.springframework.data.domain.Pageable;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.security.core.context.SecurityContextHolder;
12 | import org.springframework.web.bind.annotation.*;
13 |
14 | import java.util.*;
15 |
16 | import tech.noetzold.APItester.model.TestGetRequisition;
17 | import tech.noetzold.APItester.model.Result;
18 | import tech.noetzold.APItester.service.TestGetRequisitionService;
19 | import tech.noetzold.APItester.service.ResultService;
20 | import tech.noetzold.APItester.service.UserService;
21 | import tech.noetzold.APItester.tests.*;
22 | import tech.noetzold.APItester.util.QueryStringParser;
23 |
24 | import javax.servlet.http.HttpServletRequest;
25 | import javax.servlet.http.HttpServletResponse;
26 |
27 | @RestController
28 | @RequestMapping("/get")
29 | public class TestGetRequisitionController {
30 |
31 | @Autowired
32 | TestGetRequisitionService testGetRequisitionService;
33 |
34 | @Autowired
35 | ResultService resultService;
36 |
37 | @Autowired
38 | UserService userService;
39 |
40 | @GetMapping("/getByUser/{login}")
41 | public ResponseEntity> getAllByUser(HttpServletRequest request, HttpServletResponse response, Pageable pageable, @PathVariable("login") String login) {
42 | return new ResponseEntity<>(testGetRequisitionService.findByUser(pageable, login), HttpStatus.OK);
43 | }
44 |
45 | @DeleteMapping("remove/{id}")
46 | public void remove(HttpServletRequest request, HttpServletResponse response, @PathVariable("id") Integer id) {
47 | testGetRequisitionService.deleteGetRequisitionById(id);
48 | }
49 |
50 | @PostMapping("/test")
51 | public ResponseEntity testGetEndpoint(
52 | @RequestBody TestGetRequisition testGetRequisition) {
53 | String url = testGetRequisition.getUrl();
54 | Map parameters = QueryStringParser.parseQueryString(testGetRequisition.getParameters());
55 | Map headers = QueryStringParser.parseQueryString(testGetRequisition.getHeaders());
56 |
57 | RequestSpecification request = RestAssured.given()
58 | .urlEncodingEnabled(false);
59 |
60 | if (!headers.isEmpty()) {
61 | request.headers(headers);
62 | }
63 |
64 | if (!parameters.isEmpty()) {
65 | request.params(parameters);
66 | }
67 |
68 | testGetRequisition.setResult(callTestsAndReturnResults(request,url,parameters, testGetRequisition, headers));
69 |
70 | testGetRequisition.setUser(userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()));
71 |
72 | testGetRequisitionService.saveService(testGetRequisition);
73 |
74 | return ResponseEntity.status(HttpStatus.OK).body(testGetRequisition);
75 | }
76 |
77 | private List callTestsAndReturnResults(RequestSpecification request, String url, Map params, TestGetRequisition testGetRequisition, Map headers){
78 | List testsResults = new ArrayList<>();
79 |
80 | SecurityTest securityTest = new SecurityTest();
81 | testsResults.add(resultService.saveService(securityTest.testGetSecureResponse(request, url)));
82 |
83 | SqlInjectionTest sqlInjectionTest = new SqlInjectionTest();
84 | testsResults.add(resultService.saveService(sqlInjectionTest.testGetSqlInjection(url, request, params)));
85 |
86 | CommandInjectionTest commandInjectionTest = new CommandInjectionTest();
87 | testsResults.add(resultService.saveService(commandInjectionTest.testGetCommandInjection(url, request, params)));
88 |
89 | XssTest xssTest = new XssTest();
90 | testsResults.add(resultService.saveService(xssTest.testGetXss(url, request, params)));
91 |
92 | DataValidationTest dataValidationTest = new DataValidationTest();
93 | testsResults.add(resultService.saveService(dataValidationTest.testGetDataValidation(url, request, params)));
94 |
95 | SendToGPT3 sendToGPT3Test = new SendToGPT3(testGetRequisition);
96 | testsResults.add(resultService.saveService(sendToGPT3Test.doGptGetTest()));
97 |
98 | PerformanceTest performanceTest = new PerformanceTest(testGetRequisition);
99 | List performanceTestResults = performanceTest.runGetTests(1, 100, params, headers);
100 | for (Result result: performanceTestResults) testsResults.add(resultService.saveService(result));
101 |
102 | return testsResults;
103 |
104 | }
105 | }
106 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/controller/TestPostRequisitionController.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.controller;
2 |
3 | import com.fasterxml.jackson.core.JsonProcessingException;
4 | import com.fasterxml.jackson.core.type.TypeReference;
5 | import com.fasterxml.jackson.databind.ObjectMapper;
6 | import io.restassured.RestAssured;
7 | import io.restassured.specification.RequestSpecification;
8 | import org.springframework.beans.factory.annotation.Autowired;
9 | import org.springframework.data.domain.Page;
10 | import org.springframework.data.domain.Pageable;
11 | import org.springframework.http.HttpStatus;
12 | import org.springframework.http.ResponseEntity;
13 | import org.springframework.security.core.context.SecurityContextHolder;
14 | import org.springframework.web.bind.annotation.*;
15 | import tech.noetzold.APItester.model.Result;
16 | import tech.noetzold.APItester.model.TestPostRequisition;
17 | import tech.noetzold.APItester.model.User;
18 | import tech.noetzold.APItester.service.ResultService;
19 | import tech.noetzold.APItester.service.TestPostRequisitionService;
20 | import tech.noetzold.APItester.service.UserService;
21 | import tech.noetzold.APItester.tests.*;
22 | import tech.noetzold.APItester.util.QueryStringParser;
23 |
24 | import javax.servlet.http.HttpServletRequest;
25 | import javax.servlet.http.HttpServletResponse;
26 | import java.util.ArrayList;
27 | import java.util.Calendar;
28 | import java.util.List;
29 | import java.util.Map;
30 |
31 | @RestController
32 | @RequestMapping("/post")
33 | public class TestPostRequisitionController {
34 |
35 | @Autowired
36 | TestPostRequisitionService testPostRequisitionService;
37 |
38 | @Autowired
39 | ResultService resultService;
40 |
41 | @Autowired
42 | UserService userService;
43 |
44 | @GetMapping("/getByUser/{login}")
45 | public ResponseEntity> getAllByUser(HttpServletRequest request, HttpServletResponse response, Pageable pageable, @PathVariable("login") String login) {
46 | return new ResponseEntity<>(testPostRequisitionService.findByUser(pageable, login), HttpStatus.OK);
47 | }
48 |
49 | @DeleteMapping("remove/{id}")
50 | public void remove(HttpServletRequest request, HttpServletResponse response, @PathVariable("id") Integer id) {
51 | testPostRequisitionService.deleteGetRequisitionById(id);
52 | }
53 |
54 | @PostMapping("/test")
55 | public ResponseEntity testPostRequest(@RequestBody TestPostRequisition testPostRequisition) {
56 | ObjectMapper objectMapper = new ObjectMapper();
57 | TypeReference> typeRef = new TypeReference<>() {};
58 | try {
59 | Map body = objectMapper.readValue(testPostRequisition.getBody(), typeRef);
60 | Map headers = QueryStringParser.parseQueryString(testPostRequisition.getHeaders());
61 |
62 | RequestSpecification request = RestAssured.given();
63 |
64 | List testsResults = callTestsAndReturnResults(request, testPostRequisition.getUrl(), body, headers, testPostRequisition);
65 |
66 | User user = userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
67 |
68 | TestPostRequisition req = testPostRequisitionService.saveService(new TestPostRequisition(body, Calendar.getInstance(), testsResults, user));
69 |
70 | return ResponseEntity.status(HttpStatus.OK).body(req);
71 |
72 | } catch (JsonProcessingException e) {
73 | e.printStackTrace();
74 | return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(testPostRequisition);
75 | }
76 |
77 | }
78 |
79 | private List callTestsAndReturnResults(RequestSpecification request, String url, Map body, Map headers, TestPostRequisition testPostRequisition){
80 | List testsResults = new ArrayList<>();
81 |
82 | SecurityTest securityTest = new SecurityTest();
83 | testsResults.add(resultService.saveService(securityTest.testPostSecureResponse(request, url, body, headers)));
84 |
85 | SqlInjectionTest sqlInjectionTest = new SqlInjectionTest();
86 | testsResults.add(resultService.saveService(sqlInjectionTest.testPostSqlInjection(request, url, body, headers)));
87 |
88 | CommandInjectionTest commandInjectionTest = new CommandInjectionTest();
89 | testsResults.add(resultService.saveService(commandInjectionTest.testPostCommandInjection(request, url, body, headers)));
90 |
91 | XssTest xssTest = new XssTest();
92 | testsResults.add(resultService.saveService(xssTest.testPostXss(request, url, body, headers)));
93 |
94 | DataValidationTest dataValidationTest = new DataValidationTest();
95 | testsResults.add(resultService.saveService(dataValidationTest.testPostDataValidation(request, url, body, headers)));
96 | if(testPostRequisition.isOnline()) {
97 | SendToGPT3 sendToGPT3Test = new SendToGPT3(testPostRequisition);
98 | testsResults.add(resultService.saveService(sendToGPT3Test.doGptPostTest()));
99 | }
100 | PerformanceTest performanceTest = new PerformanceTest(testPostRequisition);
101 | List performanceTestResults = performanceTest.runPostTests(1, 1, body, headers);
102 | for (Result result: performanceTestResults) testsResults.add(resultService.saveService(result));
103 |
104 | return testsResults;
105 |
106 | }
107 | }
108 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/controller/TestPutRequisitionController.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.controller;
2 |
3 | import com.fasterxml.jackson.core.JsonProcessingException;
4 | import com.fasterxml.jackson.core.type.TypeReference;
5 | import com.fasterxml.jackson.databind.ObjectMapper;
6 | import io.restassured.RestAssured;
7 | import io.restassured.specification.RequestSpecification;
8 | import org.springframework.beans.factory.annotation.Autowired;
9 | import org.springframework.data.domain.Page;
10 | import org.springframework.data.domain.Pageable;
11 | import org.springframework.http.HttpStatus;
12 | import org.springframework.http.ResponseEntity;
13 | import org.springframework.security.core.context.SecurityContextHolder;
14 | import org.springframework.web.bind.annotation.*;
15 | import tech.noetzold.APItester.model.Result;
16 | import tech.noetzold.APItester.model.TestPutRequisition;
17 | import tech.noetzold.APItester.model.User;
18 | import tech.noetzold.APItester.service.ResultService;
19 | import tech.noetzold.APItester.service.TestPutRequisitionService;
20 | import tech.noetzold.APItester.service.UserService;
21 | import tech.noetzold.APItester.tests.*;
22 | import tech.noetzold.APItester.util.QueryStringParser;
23 |
24 | import javax.servlet.http.HttpServletRequest;
25 | import javax.servlet.http.HttpServletResponse;
26 | import java.util.ArrayList;
27 | import java.util.Calendar;
28 | import java.util.List;
29 | import java.util.Map;
30 |
31 | @RestController
32 | @RequestMapping("/put")
33 | public class TestPutRequisitionController {
34 |
35 | @Autowired
36 | TestPutRequisitionService testPutRequisitionService;
37 |
38 | @Autowired
39 | ResultService resultService;
40 |
41 | @Autowired
42 | UserService userService;
43 |
44 | @GetMapping("/getByUser/{login}")
45 | public ResponseEntity> getAllByUser(HttpServletRequest request, HttpServletResponse response, Pageable pageable, @PathVariable("login") String login) {
46 | return new ResponseEntity<>(testPutRequisitionService.findByUser(pageable, login), HttpStatus.OK);
47 | }
48 |
49 | @DeleteMapping("remove/{id}")
50 | public void remove(HttpServletRequest request, HttpServletResponse response, @PathVariable("id") Integer id) {
51 | testPutRequisitionService.deleteGetRequisitionById(id);
52 | }
53 |
54 | @PutMapping("/test")
55 | public ResponseEntity testPutRequest(@RequestBody TestPutRequisition testPutRequisition) {
56 | ObjectMapper objectMapper = new ObjectMapper();
57 | TypeReference> typeRef = new TypeReference<>() {};
58 | try {
59 | Map body = objectMapper.readValue(testPutRequisition.getBody(), typeRef);
60 | Map headers = QueryStringParser.parseQueryString(testPutRequisition.getHeaders());
61 |
62 | RequestSpecification request = RestAssured.given();
63 |
64 | List testsResults = callTestsAndReturnResults(request, testPutRequisition.getUrl(), body, headers, testPutRequisition);
65 |
66 | User user = userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
67 |
68 | TestPutRequisition req = testPutRequisitionService.saveService(new TestPutRequisition(body, Calendar.getInstance(), testsResults, user));
69 |
70 | return ResponseEntity.status(HttpStatus.OK).body(req);
71 |
72 | } catch (JsonProcessingException e) {
73 | e.printStackTrace();
74 | return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(testPutRequisition);
75 | }
76 |
77 | }
78 |
79 | private List callTestsAndReturnResults(RequestSpecification request, String url, Map body, Map headers, TestPutRequisition testPutRequisition){
80 | List testsResults = new ArrayList<>();
81 |
82 | SecurityTest securityTest = new SecurityTest();
83 | testsResults.add(resultService.saveService(securityTest.testPutSecureResponse(request, url, body, headers)));
84 |
85 | SqlInjectionTest sqlInjectionTest = new SqlInjectionTest();
86 | testsResults.add(resultService.saveService(sqlInjectionTest.testPutSqlInjection(request, url, body, headers)));
87 |
88 | CommandInjectionTest commandInjectionTest = new CommandInjectionTest();
89 | testsResults.add(resultService.saveService(commandInjectionTest.testPutCommandInjection(request, url, body, headers)));
90 |
91 | XssTest xssTest = new XssTest();
92 | testsResults.add(resultService.saveService(xssTest.testPutXss(request, url, body, headers)));
93 |
94 | DataValidationTest dataValidationTest = new DataValidationTest();
95 | testsResults.add(resultService.saveService(dataValidationTest.testPutDataValidation(request, url, body, headers)));
96 | if(testPutRequisition.isOnline()) {
97 | SendToGPT3 sendToGPT3Test = new SendToGPT3(testPutRequisition);
98 | testsResults.add(resultService.saveService(sendToGPT3Test.doGptPutTest()));
99 | }
100 | PerformanceTest performanceTest = new PerformanceTest(testPutRequisition);
101 | List performanceTestResults = performanceTest.runPutTests(1,1, body, headers);
102 | for (Result result: performanceTestResults) testsResults.add(resultService.saveService(result));
103 |
104 | return testsResults;
105 |
106 | }
107 | }
108 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/controller/UserController.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.controller;
2 |
3 | import org.springframework.http.HttpStatus;
4 | import org.springframework.http.ResponseEntity;
5 | import org.springframework.security.core.context.SecurityContextHolder;
6 | import org.springframework.security.crypto.password.PasswordEncoder;
7 | import org.springframework.web.bind.annotation.*;
8 | import tech.noetzold.APItester.model.User;
9 | import tech.noetzold.APItester.service.UserService;
10 |
11 | import java.util.List;
12 | import java.util.Optional;
13 |
14 | @RestController
15 | @RequestMapping("/user")
16 | public class UserController {
17 |
18 | private final UserService userService;
19 | private final PasswordEncoder encoder;
20 |
21 | public UserController(UserService userService, PasswordEncoder encoder) {
22 | this.userService = userService;
23 | this.encoder = encoder;
24 | }
25 |
26 | @GetMapping("/listAll")
27 | public ResponseEntity> listarTodos() {
28 | return ResponseEntity.ok(userService.findAllUsuarios());
29 | }
30 |
31 | @PostMapping("/save")
32 | public ResponseEntity salvar(@RequestBody User user) {
33 | user.setPassword(encoder.encode(user.getPassword()));
34 | return ResponseEntity.ok(userService.saveUsuario(user));
35 | }
36 | @GetMapping("/getLogedUser")
37 | public ResponseEntity getLogedUser() {
38 | User user = userService.findUserByLogin(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString());
39 | return ResponseEntity.ok(user);
40 | }
41 |
42 | @GetMapping("/validatePass")
43 | public ResponseEntity validarSenha(@RequestParam String login,
44 | @RequestParam String password) {
45 |
46 | Optional optUsuario = userService.validateLogin(login);
47 | if (!optUsuario.isPresent()) {
48 | return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(false);
49 | }
50 |
51 | User user = optUsuario.get();
52 | boolean valid = encoder.matches(password, user.getPassword());
53 |
54 | HttpStatus status = (valid) ? HttpStatus.OK : HttpStatus.UNAUTHORIZED;
55 | return ResponseEntity.status(status).body(valid);
56 | }
57 | }
58 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/data/DetalheUsuarioData.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.data;
2 |
3 | import org.springframework.security.core.GrantedAuthority;
4 | import org.springframework.security.core.userdetails.UserDetails;
5 | import tech.noetzold.APItester.model.User;
6 |
7 | import java.util.ArrayList;
8 | import java.util.Collection;
9 | import java.util.Optional;
10 |
11 | public class DetalheUsuarioData implements UserDetails {
12 |
13 | private final Optional usuario;
14 |
15 | public DetalheUsuarioData(Optional usuario) {
16 | this.usuario = usuario;
17 | }
18 |
19 | @Override
20 | public Collection getAuthorities() {
21 | return new ArrayList<>();
22 | }
23 |
24 | @Override
25 | public String getPassword() {
26 | return usuario.orElse(new User()).getPassword();
27 | }
28 |
29 | @Override
30 | public String getUsername() {
31 | return usuario.orElse(new User()).getLogin();
32 | }
33 |
34 | @Override
35 | public boolean isAccountNonExpired() {
36 | return true;
37 | }
38 |
39 | @Override
40 | public boolean isAccountNonLocked() {
41 | return true;
42 | }
43 |
44 | @Override
45 | public boolean isCredentialsNonExpired() {
46 | return true;
47 | }
48 |
49 | @Override
50 | public boolean isEnabled() {
51 | return true;
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/CompleteRequest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 | import lombok.AllArgsConstructor;
4 | import lombok.Data;
5 | import lombok.NoArgsConstructor;
6 |
7 | import javax.persistence.*;
8 | import java.io.Serializable;
9 |
10 | @Data
11 | @NoArgsConstructor
12 | @AllArgsConstructor
13 | @Entity(name="complete_request")
14 | public class CompleteRequest extends DefaultRequest implements Serializable {
15 |
16 | @Id
17 | @GeneratedValue(strategy = GenerationType.IDENTITY)
18 | private Integer id;
19 |
20 | @Column(name = "parameters", nullable = true)
21 | private String parameters;
22 |
23 | @Column(name = "body", nullable = true)
24 | private String body;
25 |
26 | @Column(name = "method", nullable = true)
27 | private String method;
28 |
29 | }
30 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/DefaultRequest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 | import lombok.AllArgsConstructor;
4 | import lombok.Data;
5 | import lombok.NoArgsConstructor;
6 |
7 | import javax.persistence.*;
8 | import java.io.Serializable;
9 | import java.util.Calendar;
10 | import java.util.List;
11 |
12 | @Data
13 | @NoArgsConstructor
14 | @AllArgsConstructor
15 | @Entity(name="default_request")
16 | public class DefaultRequest implements Serializable {
17 | private String headers;
18 |
19 | private String url;
20 |
21 | @Temporal(TemporalType.DATE)
22 | @Column(name = "date_request", nullable = false)
23 | private Calendar date_request;
24 |
25 | @ManyToOne
26 | private User user;
27 |
28 | @OneToMany(cascade=CascadeType.PERSIST)
29 | private List result;
30 | }
31 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/FullPerformanceTest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 | import lombok.AllArgsConstructor;
4 | import lombok.Data;
5 | import lombok.NoArgsConstructor;
6 |
7 | import javax.persistence.*;
8 | import java.io.Serializable;
9 |
10 | @Data
11 | @NoArgsConstructor
12 | @AllArgsConstructor
13 | @Entity(name="test_performance")
14 | public class FullPerformanceTest extends DefaultRequest implements Serializable {
15 |
16 | @Id
17 | @GeneratedValue(strategy = GenerationType.IDENTITY)
18 | private Integer id;
19 |
20 | @Column(name = "parameters", nullable = true)
21 | private String parameters;
22 |
23 | @Column(name = "body", nullable = true)
24 | private String body;
25 |
26 | @Column(name = "method", nullable = true)
27 | private String method;
28 |
29 | @Column(name = "num_req", nullable = true)
30 | private int numReq;
31 | }
32 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/PerformanceResult.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 | public class PerformanceResult {
3 | private final long responseTime;
4 | private final int maxResponseSize;
5 | private final double requestsPerSecond;
6 |
7 | public PerformanceResult(long responseTime, int maxResponseSize, double requestsPerSecond) {
8 | this.responseTime = responseTime;
9 | this.maxResponseSize = maxResponseSize;
10 | this.requestsPerSecond = requestsPerSecond;
11 | }
12 |
13 | public long getResponseTime() {
14 | return responseTime;
15 | }
16 |
17 | public int getMaxResponseSize() {
18 | return maxResponseSize;
19 | }
20 |
21 | public double getRequestsPerSecond() {
22 | return requestsPerSecond;
23 | }
24 |
25 | @Override
26 | public String toString() {
27 | return "PerformanceResult{" +
28 | "responseTime=" + responseTime +
29 | ", maxResponseSize=" + maxResponseSize +
30 | ", requestsPerSecond=" + requestsPerSecond +
31 | '}';
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/Result.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 | import lombok.AllArgsConstructor;
4 | import lombok.Data;
5 | import lombok.NoArgsConstructor;
6 | import tech.noetzold.APItester.util.TEST_TYPE;
7 |
8 | import javax.persistence.*;
9 | import javax.validation.constraints.NotNull;
10 | import java.io.Serializable;
11 |
12 | @Data
13 | @NoArgsConstructor
14 | @AllArgsConstructor
15 | @Entity(name="Result")
16 | public class Result implements Serializable {
17 |
18 | @Id
19 | @GeneratedValue(strategy = GenerationType.IDENTITY)
20 | private Integer id;
21 |
22 | @NotNull
23 | private TEST_TYPE test_type;
24 |
25 | @NotNull
26 | @Lob
27 | private String details;
28 |
29 |
30 |
31 | public Result(TEST_TYPE test_type, String message) {
32 | this.test_type = test_type;
33 | this.details = message;
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/TestDeleteRequisition.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 | import lombok.AllArgsConstructor;
4 | import lombok.Data;
5 | import lombok.NoArgsConstructor;
6 |
7 | import javax.persistence.*;
8 | import java.io.Serializable;
9 | import java.util.Calendar;
10 | import java.util.List;
11 | import java.util.Map;
12 |
13 | @Data
14 | @NoArgsConstructor
15 | @AllArgsConstructor
16 | @Entity(name="test_delete_requisition")
17 | public class TestDeleteRequisition extends DefaultRequest implements Serializable{
18 |
19 | @Id
20 | @GeneratedValue(strategy = GenerationType.IDENTITY)
21 | private Integer id;
22 |
23 | private String parameters;
24 |
25 | @Column(name = "is_online", nullable = true)
26 | private boolean isOnline;
27 |
28 | @Column(name = "gpt_key", nullable = true)
29 | private String gptKey;
30 |
31 | public TestDeleteRequisition(Map parameters, Calendar date_request, List result, User user) {
32 | this.parameters = parameters.toString();
33 | this.setDate_request(date_request);
34 | this.setResult(result);
35 | this.setUser(user);
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/TestGetRequisition.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 | import lombok.AllArgsConstructor;
4 | import lombok.Data;
5 | import lombok.NoArgsConstructor;
6 |
7 | import javax.persistence.*;
8 | import java.io.Serializable;
9 | import java.util.Calendar;
10 | import java.util.List;
11 | import java.util.Map;
12 |
13 | @Data
14 | @NoArgsConstructor
15 | @AllArgsConstructor
16 | @Entity(name="test_get_requisition")
17 | public class TestGetRequisition extends DefaultRequest implements Serializable {
18 |
19 | @Id
20 | @GeneratedValue(strategy = GenerationType.IDENTITY)
21 | private Integer id;
22 |
23 | private String parameters;
24 |
25 | @Column(name = "is_online", nullable = true)
26 | private boolean isOnline;
27 |
28 | @Column(name = "gpt_key", nullable = true)
29 | private String gptKey;
30 |
31 | public TestGetRequisition(Map parameters, Calendar date_request, List result, User user) {
32 | this.parameters = parameters.toString();
33 | this.setDate_request(date_request);
34 | this.setResult(result);
35 | this.setUser(user);
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/TestPostRequisition.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 | import lombok.AllArgsConstructor;
4 | import lombok.Data;
5 | import lombok.NoArgsConstructor;
6 |
7 | import javax.persistence.*;
8 | import java.util.Calendar;
9 | import java.util.List;
10 | import java.util.Map;
11 |
12 | @Data
13 | @NoArgsConstructor
14 | @AllArgsConstructor
15 | @Entity(name="test_post_requisition")
16 | public class TestPostRequisition extends DefaultRequest {
17 | @Id
18 | @GeneratedValue(strategy = GenerationType.IDENTITY)
19 | private Integer id;
20 | private String body;
21 |
22 | @Column(name = "is_online", nullable = true)
23 | private boolean isOnline;
24 |
25 | @Column(name = "gpt_key", nullable = true)
26 | private String gptKey;
27 |
28 | public TestPostRequisition(Map body, Calendar date_request, List result, User user) {
29 | this.body = body.toString();
30 | this.setDate_request(date_request);
31 | this.setResult(result);
32 | this.setUser(user);
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/TestPutRequisition.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 | import lombok.AllArgsConstructor;
4 | import lombok.Data;
5 | import lombok.NoArgsConstructor;
6 |
7 | import javax.persistence.*;
8 | import java.io.Serializable;
9 | import java.util.Calendar;
10 | import java.util.List;
11 | import java.util.Map;
12 |
13 | @Data
14 | @NoArgsConstructor
15 | @AllArgsConstructor
16 | @Entity(name="test_put_requisition")
17 | public class TestPutRequisition extends DefaultRequest implements Serializable {
18 | @Id
19 | @GeneratedValue(strategy = GenerationType.IDENTITY)
20 | private Integer id;
21 | private String body;
22 |
23 | @Column(name = "is_online", nullable = true)
24 | private boolean isOnline;
25 |
26 | @Column(name = "gpt_key", nullable = true)
27 | private String gptKey;
28 |
29 | public TestPutRequisition(Map body, Calendar date_request, List result, User user) {
30 | this.body = body.toString();
31 | this.setDate_request(date_request);
32 | this.setResult(result);
33 | this.setUser(user);
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/model/User.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.model;
2 |
3 |
4 | import lombok.AllArgsConstructor;
5 | import lombok.Data;
6 | import lombok.NoArgsConstructor;
7 | import javax.persistence.*;
8 | import java.io.Serializable;
9 |
10 | @Data
11 | @NoArgsConstructor
12 | @AllArgsConstructor
13 | @Entity(name="user_test")
14 | public class User implements Serializable {
15 |
16 | @Id
17 | @GeneratedValue(strategy = GenerationType.IDENTITY)
18 | private Integer id;
19 | @Column(unique = true)
20 | private String login;
21 | private String password;
22 | }
23 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/repository/CompleteRequestRepository.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.repository;
2 |
3 | import org.springframework.data.domain.Page;
4 | import org.springframework.data.domain.Pageable;
5 | import org.springframework.data.jpa.repository.JpaRepository;
6 | import tech.noetzold.APItester.model.CompleteRequest;
7 | import tech.noetzold.APItester.model.User;
8 |
9 | public interface CompleteRequestRepository extends JpaRepository {
10 | Page findByUser(Pageable pageable, User user);
11 | }
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/repository/FullPerformanceTestRepository.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.repository;
2 |
3 | import org.springframework.data.domain.Page;
4 | import org.springframework.data.domain.Pageable;
5 | import org.springframework.data.jpa.repository.JpaRepository;
6 | import tech.noetzold.APItester.model.FullPerformanceTest;
7 | import tech.noetzold.APItester.model.User;
8 |
9 | public interface FullPerformanceTestRepository extends JpaRepository {
10 | Page findByUser(Pageable pageable, User user);
11 | }
12 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/repository/ResultRepository.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.repository;
2 |
3 | import org.springframework.data.jpa.repository.JpaRepository;
4 | import tech.noetzold.APItester.model.Result;
5 |
6 | public interface ResultRepository extends JpaRepository {
7 | }
8 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/repository/TestDeleteRequisitionRepository.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.repository;
2 |
3 | import org.springframework.data.domain.Page;
4 | import org.springframework.data.domain.Pageable;
5 | import org.springframework.data.jpa.repository.JpaRepository;
6 | import tech.noetzold.APItester.model.TestDeleteRequisition;
7 | import tech.noetzold.APItester.model.User;
8 |
9 | public interface TestDeleteRequisitionRepository extends JpaRepository {
10 |
11 | Page findByUser(Pageable pageable, User user);
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/repository/TestGetRequisitionRepository.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.repository;
2 |
3 | import org.springframework.data.domain.Page;
4 | import org.springframework.data.domain.Pageable;
5 | import org.springframework.data.jpa.repository.JpaRepository;
6 | import tech.noetzold.APItester.model.TestGetRequisition;
7 | import tech.noetzold.APItester.model.User;
8 |
9 | public interface TestGetRequisitionRepository extends JpaRepository {
10 | Page findByUser(Pageable pageable, User user);
11 | }
12 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/repository/TestPostRequisitionRepository.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.repository;
2 |
3 | import org.springframework.data.domain.Page;
4 | import org.springframework.data.domain.Pageable;
5 | import org.springframework.data.jpa.repository.JpaRepository;
6 | import tech.noetzold.APItester.model.TestPostRequisition;
7 |
8 | public interface TestPostRequisitionRepository extends JpaRepository {
9 | Page findByUser(Pageable pageable, String login);
10 | }
11 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/repository/TestPutRequisitionRepository.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.repository;
2 |
3 | import org.springframework.data.domain.Page;
4 | import org.springframework.data.domain.Pageable;
5 | import org.springframework.data.jpa.repository.JpaRepository;
6 | import tech.noetzold.APItester.model.TestPutRequisition;
7 |
8 | public interface TestPutRequisitionRepository extends JpaRepository {
9 | Page findByUser(Pageable pageable, String login);
10 | }
11 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/repository/UserRepository.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.repository;
2 |
3 | import org.springframework.data.jpa.repository.JpaRepository;
4 | import tech.noetzold.APItester.model.User;
5 |
6 | import java.util.Optional;
7 |
8 | public interface UserRepository extends JpaRepository {
9 | public Optional findByLogin(String login);
10 |
11 | }
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/security/JWTAutenticarFilter.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.security;
2 |
3 | import com.auth0.jwt.JWT;
4 | import com.auth0.jwt.algorithms.Algorithm;
5 | import com.fasterxml.jackson.databind.ObjectMapper;
6 | import org.springframework.security.authentication.AuthenticationManager;
7 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
8 | import org.springframework.security.core.Authentication;
9 | import org.springframework.security.core.AuthenticationException;
10 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
11 | import tech.noetzold.APItester.data.DetalheUsuarioData;
12 | import tech.noetzold.APItester.model.User;
13 | import tech.noetzold.APItester.util.TokenApp;
14 |
15 | import javax.servlet.FilterChain;
16 | import javax.servlet.ServletException;
17 | import javax.servlet.http.HttpServletRequest;
18 | import javax.servlet.http.HttpServletResponse;
19 | import java.io.IOException;
20 | import java.util.ArrayList;
21 | import java.util.Date;
22 |
23 | public class JWTAutenticarFilter extends UsernamePasswordAuthenticationFilter {
24 |
25 | public static final int TOKEN_EXPIRACAO = 600_000;
26 | public static final String TOKEN_SENHA = TokenApp.getTokenPass();
27 |
28 | private final AuthenticationManager authenticationManager;
29 |
30 | public JWTAutenticarFilter(AuthenticationManager authenticationManager) {
31 | this.authenticationManager = authenticationManager;
32 | }
33 |
34 |
35 | @Override
36 | public Authentication attemptAuthentication(HttpServletRequest request,
37 | HttpServletResponse response) throws AuthenticationException {
38 | try {
39 | User user = new ObjectMapper()
40 | .readValue(request.getInputStream(), User.class);
41 |
42 | return authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(
43 | user.getLogin(),
44 | user.getPassword(),
45 | new ArrayList<>()
46 | ));
47 |
48 | } catch (IOException e) {
49 | throw new RuntimeException("Falha ao autenticar usuario", e);
50 | }
51 |
52 | }
53 |
54 | @Override
55 | protected void successfulAuthentication(HttpServletRequest request,
56 | HttpServletResponse response,
57 | FilterChain chain,
58 | Authentication authResult) throws IOException, ServletException {
59 |
60 | DetalheUsuarioData usuarioData = (DetalheUsuarioData) authResult.getPrincipal();
61 |
62 | String token = JWT.create().
63 | withSubject(usuarioData.getUsername())
64 | .withExpiresAt(new Date(System.currentTimeMillis() + TOKEN_EXPIRACAO))
65 | .sign(Algorithm.HMAC512(TOKEN_SENHA));
66 |
67 | response.getWriter().write(token);
68 | response.getWriter().flush();
69 | }
70 | }
71 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/security/JWTConfiguracao.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.security;
2 |
3 | import org.springframework.context.annotation.Bean;
4 | import org.springframework.http.HttpMethod;
5 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
6 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
7 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
8 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
9 | import org.springframework.security.config.http.SessionCreationPolicy;
10 | import org.springframework.security.crypto.password.PasswordEncoder;
11 | import org.springframework.web.cors.CorsConfiguration;
12 | import org.springframework.web.cors.CorsConfigurationSource;
13 | import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
14 | import tech.noetzold.APItester.service.DetalheUsuarioServiceImpl;
15 |
16 |
17 | @EnableWebSecurity
18 | public class JWTConfiguracao extends WebSecurityConfigurerAdapter {
19 |
20 | private final DetalheUsuarioServiceImpl usuarioService;
21 | private final PasswordEncoder passwordEncoder;
22 |
23 | public JWTConfiguracao(DetalheUsuarioServiceImpl usuarioService, PasswordEncoder passwordEncoder) {
24 | this.usuarioService = usuarioService;
25 | this.passwordEncoder = passwordEncoder;
26 | }
27 |
28 | @Override
29 | protected void configure(AuthenticationManagerBuilder auth) throws Exception {
30 | auth.userDetailsService(usuarioService).passwordEncoder(passwordEncoder);
31 | }
32 |
33 | @Override
34 | protected void configure(HttpSecurity http) throws Exception {
35 | http.csrf().disable().authorizeRequests()
36 | .antMatchers(HttpMethod.POST, "/login").permitAll()
37 | .antMatchers(HttpMethod.GET, "/swagger-ui/*").permitAll()
38 | .antMatchers("/v3/*").permitAll()
39 | .antMatchers("/v3/api-docs/swagger-config").permitAll()
40 | .antMatchers("/get/*").permitAll()
41 | .antMatchers("/post/*").permitAll()
42 | .antMatchers("/user/*").permitAll()
43 | .anyRequest().authenticated()
44 | .and()
45 | .addFilter(new JWTAutenticarFilter(authenticationManager()))
46 | .addFilter(new JWTValidarFilter(authenticationManager()))
47 | .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
48 | }
49 |
50 | @Bean
51 | CorsConfigurationSource corsConfigurationSource() {
52 | final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
53 |
54 | CorsConfiguration corsConfiguration = new CorsConfiguration().applyPermitDefaultValues();
55 | source.registerCorsConfiguration("/**", corsConfiguration);
56 | return source;
57 | }
58 |
59 | }
60 |
61 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/security/JWTValidarFilter.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.security;
2 |
3 | import com.auth0.jwt.JWT;
4 | import com.auth0.jwt.algorithms.Algorithm;
5 | import org.springframework.security.authentication.AuthenticationManager;
6 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
7 | import org.springframework.security.core.context.SecurityContextHolder;
8 | import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
9 |
10 | import javax.servlet.FilterChain;
11 | import javax.servlet.ServletException;
12 | import javax.servlet.http.HttpServletRequest;
13 | import javax.servlet.http.HttpServletResponse;
14 | import java.io.IOException;
15 | import java.util.ArrayList;
16 |
17 | public class JWTValidarFilter extends BasicAuthenticationFilter {
18 |
19 | public static final String HEADER_ATRIBUTO = "Authorization";
20 | public static final String ATRIBUTO_PREFIXO = "Bearer ";
21 |
22 | public JWTValidarFilter(AuthenticationManager authenticationManager) {
23 | super(authenticationManager);
24 | }
25 |
26 | @Override
27 | protected void doFilterInternal(HttpServletRequest request,
28 | HttpServletResponse response,
29 | FilterChain chain) throws IOException, ServletException {
30 |
31 | String atributo = request.getHeader(HEADER_ATRIBUTO);
32 |
33 | if (atributo == null) {
34 | chain.doFilter(request, response);
35 | return;
36 | }
37 |
38 | if (!atributo.startsWith(ATRIBUTO_PREFIXO)) {
39 | chain.doFilter(request, response);
40 | return;
41 | }
42 |
43 | String token = atributo.replace(ATRIBUTO_PREFIXO, "");
44 | UsernamePasswordAuthenticationToken authenticationToken = getAuthenticationToken(token);
45 |
46 | SecurityContextHolder.getContext().setAuthentication(authenticationToken);
47 | chain.doFilter(request, response);
48 | }
49 |
50 | private UsernamePasswordAuthenticationToken getAuthenticationToken(String token) {
51 |
52 | String usuario = JWT.require(Algorithm.HMAC512(JWTAutenticarFilter.TOKEN_SENHA))
53 | .build()
54 | .verify(token)
55 | .getSubject();
56 |
57 | if (usuario == null) {
58 | return null;
59 | }
60 |
61 | return new UsernamePasswordAuthenticationToken(usuario,null, new ArrayList<>());
62 | }
63 | }
64 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/CompleteRequestService.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.data.domain.Page;
5 | import org.springframework.data.domain.Pageable;
6 | import tech.noetzold.APItester.model.CompleteRequest;
7 | import tech.noetzold.APItester.model.User;
8 | import tech.noetzold.APItester.repository.CompleteRequestRepository;
9 | import tech.noetzold.APItester.repository.UserRepository;
10 |
11 |
12 | public class CompleteRequestService {
13 | @Autowired
14 | CompleteRequestRepository completeRequestRepository;
15 |
16 | @Autowired
17 | UserRepository userRepository;
18 |
19 | public CompleteRequest saveService(CompleteRequest completeRequest){
20 | return completeRequestRepository.save(completeRequest);
21 | }
22 |
23 | public Page findByUser(Pageable pageable, String login){
24 | User user = userRepository.findByLogin(login).get();
25 | return completeRequestRepository.findByUser(pageable, user);
26 | }
27 |
28 | public Page findAll(Pageable pageable){
29 | return completeRequestRepository.findAll(pageable);
30 | }
31 |
32 | public void deleteFullPerformanceById(Integer id) {
33 | completeRequestRepository.deleteById(id);
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/DetalheUsuarioServiceImpl.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.security.core.userdetails.UserDetails;
4 | import org.springframework.security.core.userdetails.UserDetailsService;
5 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
6 | import org.springframework.stereotype.Component;
7 | import tech.noetzold.APItester.data.DetalheUsuarioData;
8 | import tech.noetzold.APItester.model.User;
9 | import tech.noetzold.APItester.repository.UserRepository;
10 |
11 | import java.util.Optional;
12 |
13 | @Component
14 | public class DetalheUsuarioServiceImpl implements UserDetailsService {
15 |
16 | private final UserRepository service;
17 |
18 | public DetalheUsuarioServiceImpl(UserRepository service) {
19 | this.service = service;
20 | }
21 |
22 | @Override
23 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
24 | Optional usuario = service.findByLogin(username);
25 |
26 | if (!usuario.isPresent()){
27 | throw new UsernameNotFoundException("Usuario [" + username + "] não encontrado");
28 | }
29 |
30 | return new DetalheUsuarioData(usuario);
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/FullPerformanceTestService.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.data.domain.Page;
5 | import org.springframework.data.domain.Pageable;
6 | import org.springframework.stereotype.Component;
7 | import org.springframework.stereotype.Service;
8 | import tech.noetzold.APItester.model.FullPerformanceTest;
9 | import tech.noetzold.APItester.model.User;
10 | import tech.noetzold.APItester.repository.FullPerformanceTestRepository;
11 | import tech.noetzold.APItester.repository.UserRepository;
12 |
13 | @Service
14 | public class FullPerformanceTestService {
15 |
16 | @Autowired
17 | FullPerformanceTestRepository fullPerformanceTestRepository;
18 |
19 | @Autowired
20 | UserRepository userRepository;
21 |
22 | public FullPerformanceTest saveService(FullPerformanceTest fullPerformanceTest){
23 | return fullPerformanceTestRepository.save(fullPerformanceTest);
24 | }
25 |
26 | public Page findByUser(Pageable pageable, String login){
27 | User user = userRepository.findByLogin(login).get();
28 | return fullPerformanceTestRepository.findByUser(pageable, user);
29 | }
30 |
31 | public Page findAll(Pageable pageable){
32 | return fullPerformanceTestRepository.findAll(pageable);
33 | }
34 |
35 | public void deleteFullPerformanceById(Integer id) {
36 | fullPerformanceTestRepository.deleteById(id);
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/ResultService.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.stereotype.Service;
5 | import tech.noetzold.APItester.model.Result;
6 | import tech.noetzold.APItester.repository.ResultRepository;
7 |
8 | @Service
9 | public class ResultService {
10 |
11 | @Autowired
12 | ResultRepository resultRepository;
13 |
14 | public Result saveService(Result result){
15 | return resultRepository.save(result);
16 | }
17 |
18 | }
19 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/TestDeleteRequisitionService.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.data.domain.Page;
5 | import org.springframework.data.domain.Pageable;
6 | import org.springframework.stereotype.Service;
7 | import tech.noetzold.APItester.model.TestDeleteRequisition;
8 | import tech.noetzold.APItester.model.User;
9 | import tech.noetzold.APItester.repository.TestDeleteRequisitionRepository;
10 | import tech.noetzold.APItester.repository.UserRepository;
11 |
12 | @Service
13 | public class TestDeleteRequisitionService {
14 |
15 | @Autowired
16 | TestDeleteRequisitionRepository testDeleteRequisitionRepository;
17 |
18 | @Autowired
19 | UserRepository userRepository;
20 |
21 | public TestDeleteRequisition saveService(TestDeleteRequisition testDeleteRequisition){
22 | return testDeleteRequisitionRepository.save(testDeleteRequisition);
23 | }
24 |
25 | public Page findByUser(Pageable pageable, String login){
26 | User user = userRepository.findByLogin(login).get();
27 | return testDeleteRequisitionRepository.findByUser(pageable, user);
28 | }
29 |
30 | public Page findAll(Pageable pageable){
31 | return testDeleteRequisitionRepository.findAll(pageable);
32 | }
33 |
34 | public void deleteDeleteRequisitionById(Integer id) {
35 | testDeleteRequisitionRepository.deleteById(id);
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/TestGetRequisitionService.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.data.domain.Page;
5 | import org.springframework.data.domain.Pageable;
6 | import org.springframework.stereotype.Service;
7 | import tech.noetzold.APItester.model.TestGetRequisition;
8 | import tech.noetzold.APItester.model.TestPostRequisition;
9 | import tech.noetzold.APItester.model.User;
10 | import tech.noetzold.APItester.repository.TestGetRequisitionRepository;
11 | import tech.noetzold.APItester.repository.UserRepository;
12 |
13 | @Service
14 | public class TestGetRequisitionService {
15 |
16 | @Autowired
17 | TestGetRequisitionRepository testGetRequisitionRepository;
18 |
19 | @Autowired
20 | UserRepository userRepository;
21 |
22 | public TestGetRequisition saveService(TestGetRequisition testGetRequisition){
23 | return testGetRequisitionRepository.save(testGetRequisition);
24 | }
25 |
26 | public Page findByUser(Pageable pageable, String login){
27 | User user = userRepository.findByLogin(login).get();
28 | return testGetRequisitionRepository.findByUser(pageable, user);
29 | }
30 |
31 | public Page findAll(Pageable pageable){
32 | return testGetRequisitionRepository.findAll(pageable);
33 | }
34 |
35 | public void deleteGetRequisitionById(Integer id) {
36 | testGetRequisitionRepository.deleteById(id);
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/TestPostRequisitionService.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.data.domain.Page;
5 | import org.springframework.data.domain.Pageable;
6 | import org.springframework.stereotype.Service;
7 | import tech.noetzold.APItester.model.TestPostRequisition;
8 | import tech.noetzold.APItester.repository.TestPostRequisitionRepository;
9 |
10 | @Service
11 | public class TestPostRequisitionService {
12 |
13 | @Autowired
14 | TestPostRequisitionRepository testPostRequisitionRepository;
15 |
16 | public TestPostRequisition saveService(TestPostRequisition testPostRequisition){
17 | return testPostRequisitionRepository.save(testPostRequisition);
18 | }
19 |
20 | public Page findAll(Pageable pageable){
21 | return testPostRequisitionRepository.findAll(pageable);
22 | }
23 |
24 | public Page findByUser(Pageable pageable, String login){
25 | return testPostRequisitionRepository.findByUser(pageable, login);
26 | }
27 |
28 | public void deleteGetRequisitionById(Integer id) {
29 | testPostRequisitionRepository.deleteById(id);
30 | }
31 | }
32 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/TestPutRequisitionService.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.data.domain.Page;
5 | import org.springframework.data.domain.Pageable;
6 | import org.springframework.stereotype.Service;
7 | import tech.noetzold.APItester.model.TestPutRequisition;
8 | import tech.noetzold.APItester.repository.TestPutRequisitionRepository;
9 |
10 | @Service
11 | public class TestPutRequisitionService {
12 |
13 | @Autowired
14 | TestPutRequisitionRepository testPutRequisitionRepository;
15 |
16 | @Autowired
17 | UserService userService;
18 |
19 | public TestPutRequisition saveService(TestPutRequisition testPutRequisition){
20 | return testPutRequisitionRepository.save(testPutRequisition);
21 | }
22 |
23 | public Page findAll(Pageable pageable){
24 | return testPutRequisitionRepository.findAll(pageable);
25 | }
26 |
27 | public Page findByUser(Pageable pageable, String login){
28 | return testPutRequisitionRepository.findByUser(pageable, login);
29 | }
30 |
31 | public void deleteGetRequisitionById(Integer id) {
32 | testPutRequisitionRepository.deleteById(id);
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/service/UserService.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.service;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.stereotype.Service;
5 | import tech.noetzold.APItester.model.User;
6 | import tech.noetzold.APItester.repository.UserRepository;
7 |
8 | import java.util.List;
9 | import java.util.Optional;
10 |
11 | @Service
12 | public class UserService {
13 |
14 | @Autowired
15 | UserRepository userRepository;
16 |
17 | public List findAllUsuarios(){
18 | return userRepository.findAll();
19 | }
20 |
21 | public User findUserByLogin(String login){
22 | return userRepository.findByLogin(login).get();
23 | }
24 |
25 | public User saveUsuario(User user){
26 | return userRepository.save(user);
27 | }
28 |
29 | public Optional validateLogin(String login){
30 | return userRepository.findByLogin(login);
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/tests/BaseTest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.tests;
2 |
3 | import tech.noetzold.APItester.model.Result;
4 | import tech.noetzold.APItester.util.TEST_TYPE;
5 | public class BaseTest {
6 |
7 | public Result fail(TEST_TYPE test_type, String message){
8 | return new Result(test_type, message);
9 | }
10 |
11 | public Result success(TEST_TYPE test_type){
12 | return new Result(test_type, "Success");
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/tests/CommandInjectionTest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.tests;
2 |
3 | import io.restassured.response.Response;
4 | import io.restassured.specification.RequestSpecification;
5 | import tech.noetzold.APItester.model.Result;
6 | import tech.noetzold.APItester.util.TEST_TYPE;
7 |
8 | import java.util.Map;
9 |
10 | public class CommandInjectionTest extends BaseTest{
11 |
12 | public Result testGetCommandInjection(String url, RequestSpecification request, Map params) {
13 | if(params == null) return null;
14 | String payload = "||ls";
15 | for (Map.Entry pair : params.entrySet())
16 | pair.setValue(payload);
17 | Response response = request
18 | .params(params)
19 | .when()
20 | .get(url)
21 | .then()
22 | .extract()
23 | .response();
24 |
25 | String responseBody = response.getBody().asString();
26 | int statusCode = response.getStatusCode();
27 | if (responseBody.contains(payload)) {
28 | return fail(TEST_TYPE.COMMAND_INJECTION, "Command injection vulnerability found in parameter " + params.toString() + " with payload " + payload);
29 | }
30 | if (statusCode >= 500) {
31 | return fail(TEST_TYPE.COMMAND_INJECTION, "Server error: " + statusCode);
32 | }
33 |
34 | return success(TEST_TYPE.COMMAND_INJECTION);
35 | }
36 |
37 | public Result testPostCommandInjection(RequestSpecification request, String url, Map body, Map headers) {
38 | if (body == null) return null;
39 | String payload = "||ls";
40 |
41 | for (Map.Entry pair : body.entrySet()){
42 | pair.setValue(payload);
43 | Response response = request
44 | .when()
45 | .body(body)
46 | .headers(headers)
47 | .post(url)
48 | .then()
49 | .extract()
50 | .response();
51 |
52 | String responseBody = response.getBody().asString();
53 | int statusCode = response.getStatusCode();
54 | if (responseBody.contains(payload)) {
55 | return fail(TEST_TYPE.COMMAND_INJECTION, "Command injection vulnerability found in parameter " + body.toString() + " with payload " + payload);
56 | }
57 | if (statusCode >= 500) {
58 | return fail(TEST_TYPE.COMMAND_INJECTION, "Server error: " + statusCode);
59 | }
60 | }
61 |
62 | return success(TEST_TYPE.COMMAND_INJECTION);
63 | }
64 |
65 | public Result testPutCommandInjection(RequestSpecification request, String url, Map body, Map headers) {
66 | if (body == null) return null;
67 | String payload = "||ls";
68 |
69 | for (Map.Entry pair : body.entrySet()){
70 | pair.setValue(payload);
71 | Response response = request
72 | .when()
73 | .body(body)
74 | .headers(headers)
75 | .put(url)
76 | .then()
77 | .extract()
78 | .response();
79 |
80 | String responseBody = response.getBody().asString();
81 | int statusCode = response.getStatusCode();
82 | if (responseBody.contains(payload)) {
83 | return fail(TEST_TYPE.COMMAND_INJECTION, "Command injection vulnerability found in parameter " + body.toString() + " with payload " + payload);
84 | }
85 | if (statusCode >= 500) {
86 | return fail(TEST_TYPE.COMMAND_INJECTION, "Server error: " + statusCode);
87 | }
88 | }
89 |
90 | return success(TEST_TYPE.COMMAND_INJECTION);
91 | }
92 |
93 | public Result testDeleteCommandInjection(String url, RequestSpecification request, Map params) {
94 | if(params == null) return null;
95 | String payload = "||ls";
96 | for (Map.Entry pair : params.entrySet())
97 | pair.setValue(payload);
98 | Response response = request
99 | .params(params)
100 | .when()
101 | .delete(url)
102 | .then()
103 | .extract()
104 | .response();
105 |
106 | String responseBody = response.getBody().asString();
107 | int statusCode = response.getStatusCode();
108 | if (responseBody.contains(payload)) {
109 | return fail(TEST_TYPE.COMMAND_INJECTION, "Command injection vulnerability found in parameter " + params.toString() + " with payload " + payload);
110 | }
111 | if (statusCode >= 500) {
112 | return fail(TEST_TYPE.COMMAND_INJECTION, "Server error: " + statusCode);
113 | }
114 |
115 | return success(TEST_TYPE.COMMAND_INJECTION);
116 | }
117 | }
118 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/tests/DataValidationTest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.tests;
2 |
3 | import io.restassured.response.Response;
4 | import io.restassured.specification.RequestSpecification;
5 | import tech.noetzold.APItester.model.Result;
6 | import tech.noetzold.APItester.util.TEST_TYPE;
7 |
8 | import java.util.Map;
9 |
10 | public class DataValidationTest extends BaseTest {
11 |
12 | public Result testGetDataValidation(String url, RequestSpecification request, Map params) {
13 | if(params == null) return null;
14 | String payload = "foo";
15 | for (Map.Entry pair : params.entrySet())
16 | pair.setValue(payload);
17 |
18 | Response response = request
19 | .params(params)
20 | .when()
21 | .get(url)
22 | .then()
23 | .extract()
24 | .response();
25 |
26 | String responseBody = response.getBody().asString();
27 | int statusCode = response.getStatusCode();
28 | if (!responseBody.contains(payload)) {
29 | return fail(TEST_TYPE.DATA_VALIDATION, "Data validation failed in parameter " + params.toString() + " with payload " + payload);
30 | }
31 | if (statusCode >= 500) {
32 | return fail(TEST_TYPE.DATA_VALIDATION,"Server error: " + statusCode);
33 | }
34 | return success(TEST_TYPE.DATA_VALIDATION);
35 | }
36 |
37 | public Result testPostDataValidation(RequestSpecification request, String url, Map body, Map headers) {
38 | if(body == null) return null;
39 | String payload = "foo";
40 |
41 | for (Map.Entry pair : body.entrySet()) {
42 | pair.setValue(payload);
43 |
44 | Response response = request
45 | .when()
46 | .body(body)
47 | .headers(headers)
48 | .post(url)
49 | .then()
50 | .extract()
51 | .response();
52 |
53 | String responseBody = response.getBody().asString();
54 | int statusCode = response.getStatusCode();
55 | if (!responseBody.contains(payload)) {
56 | return fail(TEST_TYPE.DATA_VALIDATION, "Data validation failed in parameter " + body.toString() + " with payload " + payload);
57 | }
58 | if (statusCode >= 500) {
59 | return fail(TEST_TYPE.DATA_VALIDATION, "Server error: " + statusCode);
60 | }
61 | }
62 | return success(TEST_TYPE.DATA_VALIDATION);
63 | }
64 |
65 | public Result testPutDataValidation(RequestSpecification request, String url, Map body, Map headers) {
66 | if(body == null) return null;
67 | String payload = "foo";
68 |
69 | for (Map.Entry pair : body.entrySet()) {
70 | pair.setValue(payload);
71 |
72 | Response response = request
73 | .when()
74 | .body(body)
75 | .headers(headers)
76 | .put(url)
77 | .then()
78 | .extract()
79 | .response();
80 |
81 | String responseBody = response.getBody().asString();
82 | int statusCode = response.getStatusCode();
83 | if (!responseBody.contains(payload)) {
84 | return fail(TEST_TYPE.DATA_VALIDATION, "Data validation failed in parameter " + body.toString() + " with payload " + payload);
85 | }
86 | if (statusCode >= 500) {
87 | return fail(TEST_TYPE.DATA_VALIDATION, "Server error: " + statusCode);
88 | }
89 | }
90 | return success(TEST_TYPE.DATA_VALIDATION);
91 | }
92 |
93 | public Result testDeleteDataValidation(String url, RequestSpecification request, Map params) {
94 | if(params == null) return null;
95 | String payload = "foo";
96 | for (Map.Entry pair : params.entrySet())
97 | pair.setValue(payload);
98 |
99 | Response response = request
100 | .params(params)
101 | .when()
102 | .delete(url)
103 | .then()
104 | .extract()
105 | .response();
106 |
107 | String responseBody = response.getBody().asString();
108 | int statusCode = response.getStatusCode();
109 | if (!responseBody.contains(payload)) {
110 | return fail(TEST_TYPE.DATA_VALIDATION, "Data validation failed in parameter " + params.toString() + " with payload " + payload);
111 | }
112 | if (statusCode >= 500) {
113 | return fail(TEST_TYPE.DATA_VALIDATION,"Server error: " + statusCode);
114 | }
115 | return success(TEST_TYPE.DATA_VALIDATION);
116 | }
117 | }
118 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/tests/PerformanceTest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.tests;
2 | import io.restassured.RestAssured;
3 | import io.restassured.response.Response;
4 | import tech.noetzold.APItester.model.*;
5 | import tech.noetzold.APItester.util.TEST_TYPE;
6 |
7 | import java.util.ArrayList;
8 | import java.util.List;
9 | import java.util.Map;
10 |
11 | public class PerformanceTest {
12 | private TestPostRequisition testPostRequisition;
13 | private TestGetRequisition testGetRequisition;
14 |
15 | private TestPutRequisition testPutRequisition;
16 |
17 | private TestDeleteRequisition testDeleteRequisition;
18 |
19 | public PerformanceTest(TestPostRequisition testPostRequisition) {
20 | this.testPostRequisition = testPostRequisition;
21 | }
22 |
23 | public PerformanceTest(TestGetRequisition testGetRequisition) {
24 | this.testGetRequisition = testGetRequisition;
25 | }
26 |
27 | public PerformanceTest(TestPutRequisition testPutRequisition) {
28 | this.testPutRequisition = testPutRequisition;
29 | }
30 |
31 | public PerformanceTest(TestDeleteRequisition testDeleteRequisition) {
32 | this.testDeleteRequisition = testDeleteRequisition;
33 | }
34 |
35 |
36 | public List runPostTests(int numTests, int numRequestsPerTest, Map body, Map headers) {
37 | List results = new ArrayList<>();
38 |
39 | for (int i = 0; i < numTests; i++) {
40 | Result result = runPostTest(numRequestsPerTest, body, headers);
41 | results.add(result);
42 | }
43 |
44 | return results;
45 | }
46 |
47 | private Result runPostTest(int numRequests, Map body, Map headers) {
48 |
49 | Response response = RestAssured.given()
50 | .headers(headers)
51 | .body(body)
52 | .when()
53 | .post(testPostRequisition.getUrl());
54 |
55 | if (response.getStatusCode() < 200 || response.getStatusCode() >= 300) {
56 | return new Result(TEST_TYPE.PERFORMANCE, "Error " + response.getStatusCode() + " by header " + response.getHeaders() + " by body " + response.getBody());
57 | }
58 |
59 | long responseTime = response.getTime();
60 |
61 | int maxResponseSize = response.getBody().asByteArray().length;
62 |
63 | long start = System.currentTimeMillis();
64 | for (int i = 0; i < numRequests; i++) {
65 | RestAssured.given().headers(headers).body(body).when().post(testPostRequisition.getUrl());
66 | }
67 | long end = System.currentTimeMillis();
68 | double requestsPerSecond = numRequests / ((end - start) / 1000.0);
69 |
70 | return new Result(TEST_TYPE.PERFORMANCE, new PerformanceResult(responseTime, maxResponseSize, requestsPerSecond).toString());
71 | }
72 |
73 | public List runGetTests(int numTests, int numRequestsPerTest, Map params, Map headers) {
74 | List results = new ArrayList<>();
75 |
76 | for (int i = 0; i < numTests; i++) {
77 | Result result = runGetTest(numRequestsPerTest, params, headers);
78 | results.add(result);
79 | }
80 |
81 | return results;
82 | }
83 |
84 | private Result runGetTest(int numRequests, Map params, Map headers) {
85 |
86 | Response response = RestAssured.given()
87 | .headers(headers)
88 | .params(params)
89 | .when()
90 | .post(testGetRequisition.getUrl());
91 |
92 | if (response.getStatusCode() < 200 || response.getStatusCode() >= 300) {
93 | return new Result(TEST_TYPE.PERFORMANCE, "Error " + response.getStatusCode() + " by header " + response.getHeaders() + " by body " + response.getBody());
94 | }
95 |
96 | long responseTime = response.getTime();
97 |
98 | int maxResponseSize = response.getBody().asByteArray().length;
99 |
100 | long start = System.currentTimeMillis();
101 | for (int i = 0; i < numRequests; i++) {
102 | RestAssured.given().headers(headers).params(params).when().post(testGetRequisition.getUrl());
103 | }
104 | long end = System.currentTimeMillis();
105 | double requestsPerSecond = numRequests / ((end - start) / 1000.0);
106 |
107 | return new Result(TEST_TYPE.PERFORMANCE, new PerformanceResult(responseTime, maxResponseSize, requestsPerSecond).toString());
108 | }
109 |
110 | public List runPutTests(int numTests, int numRequestsPerTest, Map body, Map headers) {
111 | List results = new ArrayList<>();
112 |
113 | for (int i = 0; i < numTests; i++) {
114 | Result result = runPutTest(numRequestsPerTest, body, headers);
115 | results.add(result);
116 | }
117 |
118 | return results;
119 | }
120 |
121 | public Result runPutTest(int numRequests, Map body, Map headers) {
122 | Response response = RestAssured.given()
123 | .headers(headers)
124 | .body(body)
125 | .when()
126 | .put(testPutRequisition.getUrl());
127 |
128 | if (response.getStatusCode() < 200 || response.getStatusCode() >= 300) {
129 | return new Result(TEST_TYPE.PERFORMANCE, "Error " + response.getStatusCode() + " by header " + response.getHeaders() + " by body " + response.getBody());
130 | }
131 |
132 | long responseTime = response.getTime();
133 |
134 | int maxResponseSize = response.getBody().asByteArray().length;
135 |
136 | long start = System.currentTimeMillis();
137 | for (int i = 0; i < numRequests; i++) {
138 | RestAssured.given().headers(headers).body(body).when().post(testPutRequisition.getUrl());
139 | }
140 | long end = System.currentTimeMillis();
141 | double requestsPerSecond = numRequests / ((end - start) / 1000.0);
142 |
143 | return new Result(TEST_TYPE.PERFORMANCE, new PerformanceResult(responseTime, maxResponseSize, requestsPerSecond).toString());
144 | }
145 |
146 | public List runDeleteTests(int numTests, int numRequestsPerTest, Map params, Map headers) {
147 | List results = new ArrayList<>();
148 |
149 | for (int i = 0; i < numTests; i++) {
150 | Result result = runDeleteTest(numRequestsPerTest, params, headers);
151 | results.add(result);
152 | }
153 |
154 | return results;
155 | }
156 |
157 | private Result runDeleteTest(int numRequestsPerTest, Map params, Map headers) {
158 | Response response = RestAssured.given()
159 | .headers(headers)
160 | .params(params)
161 | .when()
162 | .delete(testDeleteRequisition.getUrl());
163 |
164 | if (response.getStatusCode() < 200 || response.getStatusCode() >= 300) {
165 | return new Result(TEST_TYPE.PERFORMANCE, "Error " + response.getStatusCode() + " by header " + response.getHeaders() + " by body " + response.getBody());
166 | }
167 |
168 | long responseTime = response.getTime();
169 |
170 | int maxResponseSize = response.getBody().asByteArray().length;
171 |
172 | long start = System.currentTimeMillis();
173 | for (int i = 0; i < numRequestsPerTest; i++) {
174 | RestAssured.given().headers(headers).params(params).when().post(testDeleteRequisition.getUrl());
175 | }
176 | long end = System.currentTimeMillis();
177 | double requestsPerSecond = numRequestsPerTest / ((end - start) / 1000.0);
178 |
179 | return new Result(TEST_TYPE.PERFORMANCE, new PerformanceResult(responseTime, maxResponseSize, requestsPerSecond).toString());
180 | }
181 | }
182 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/tests/SecurityTest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.tests;
2 |
3 | import io.restassured.response.Response;
4 | import io.restassured.specification.RequestSpecification;
5 | import tech.noetzold.APItester.model.Result;
6 | import tech.noetzold.APItester.util.TEST_TYPE;
7 |
8 | import java.util.Arrays;
9 | import java.util.Base64;
10 |
11 | import java.util.List;
12 | import java.util.Map;
13 |
14 | public class SecurityTest extends BaseTest{
15 |
16 | private String username;
17 | List weakPasswords;
18 |
19 | public SecurityTest() {
20 | createUserAttributes();;
21 | }
22 |
23 | public Result testGetSecureResponse(RequestSpecification request, String url) {
24 |
25 | for(String weakPassword: this.weakPasswords) {
26 | String token = Base64.getEncoder().encodeToString((this.username + ":" + weakPassword).getBytes());
27 | Response responseBasic = request.header("Authorization", "Basic " + token)
28 | .when()
29 | .get(url);
30 |
31 | Result resultBasicTests = testStatusCode(responseBasic.getStatusCode());
32 |
33 | if(!("Success".equals(resultBasicTests.getDetails()))){
34 | return resultBasicTests;
35 | }
36 |
37 | Response responseBearer = request.header("Authorization", "Bearer " + token)
38 | .when()
39 | .get(url);
40 |
41 | return testStatusCode(responseBearer.getStatusCode());
42 |
43 | }
44 |
45 | return new Result(TEST_TYPE.SECURITY, "Success");
46 | }
47 |
48 | public Result testPostSecureResponse(RequestSpecification request, String url, Map body, Map headers) {
49 |
50 | for(String weakPassword: this.weakPasswords) {
51 | String token = Base64.getEncoder().encodeToString((this.username + ":" + weakPassword).getBytes());
52 | Response responseBasic = request.header("Authorization", "Basic " + token)
53 | .when()
54 | .post(url);
55 |
56 | Result resultBasicTests = testStatusCode(responseBasic.getStatusCode());
57 |
58 | if(!("Success".equals(resultBasicTests.getDetails()))){
59 | return resultBasicTests;
60 | }
61 |
62 | Response responseBearer = request.header("Authorization", "Bearer " + token)
63 | .when()
64 | .post(url);
65 |
66 | return testStatusCode(responseBearer.getStatusCode());
67 |
68 | }
69 |
70 | return new Result(TEST_TYPE.SECURITY, "Success");
71 | }
72 |
73 | private Result testStatusCode(int statusCode){
74 | if (statusCode <= 300) {
75 | return fail(TEST_TYPE.SECURITY, "Security failed in token by weak password");
76 | } else if (statusCode >= 500) {
77 | return fail(TEST_TYPE.SECURITY, "Server error: " + statusCode);
78 | }
79 | return success(TEST_TYPE.SECURITY);
80 | }
81 |
82 | private void createUserAttributes(){
83 | this.username = "user";
84 | this.weakPasswords = Arrays.asList("123456", "password", "12345678", "qwerty", "12345", "123456789", "letmein", "1234567", "football", "iloveyou", "admin", "welcome", "monkey", "login", "abc123", "starwars", "123123", "dragon", "passw0rd", "master", "hello", "freedom", "whatever", "qazwsx", "trustno1", "654321", "jordan23", "harley", "password1", "1234");
85 | }
86 |
87 | public Result testPutSecureResponse(RequestSpecification request, String url, Map body, Map headers) {
88 | for(String weakPassword: this.weakPasswords) {
89 | String token = Base64.getEncoder().encodeToString((this.username + ":" + weakPassword).getBytes());
90 | Response responseBasic = request.header("Authorization", "Basic " + token)
91 | .when()
92 | .put(url);
93 |
94 | Result resultBasicTests = testStatusCode(responseBasic.getStatusCode());
95 |
96 | if(!("Success".equals(resultBasicTests.getDetails()))){
97 | return resultBasicTests;
98 | }
99 |
100 | Response responseBearer = request.header("Authorization", "Bearer " + token)
101 | .when()
102 | .post(url);
103 |
104 | return testStatusCode(responseBearer.getStatusCode());
105 |
106 | }
107 |
108 | return new Result(TEST_TYPE.SECURITY, "Success");
109 | }
110 |
111 | public Result testDeleteSecureResponse(RequestSpecification request, String url) {
112 | for(String weakPassword: this.weakPasswords) {
113 | String token = Base64.getEncoder().encodeToString((this.username + ":" + weakPassword).getBytes());
114 | Response responseBasic = request.header("Authorization", "Basic " + token)
115 | .when()
116 | .delete(url);
117 |
118 | Result resultBasicTests = testStatusCode(responseBasic.getStatusCode());
119 |
120 | if(!("Success".equals(resultBasicTests.getDetails()))){
121 | return resultBasicTests;
122 | }
123 |
124 | Response responseBearer = request.header("Authorization", "Bearer " + token)
125 | .when()
126 | .get(url);
127 |
128 | return testStatusCode(responseBearer.getStatusCode());
129 |
130 | }
131 |
132 | return new Result(TEST_TYPE.SECURITY, "Success");
133 | }
134 | }
135 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/tests/SendToGPT3.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.tests;
2 |
3 | import io.restassured.RestAssured;
4 | import io.restassured.response.Response;
5 | import tech.noetzold.APItester.model.*;
6 | import tech.noetzold.APItester.util.TEST_TYPE;
7 |
8 | import java.util.HashMap;
9 | import java.util.Map;
10 |
11 |
12 | public class SendToGPT3 {
13 |
14 | private TestPostRequisition testPostRequisition;
15 |
16 | private TestGetRequisition testGetRequisition;
17 |
18 | private TestPutRequisition testPutRequisition;
19 |
20 | private TestDeleteRequisition testDeleteRequisition;
21 |
22 | public SendToGPT3(TestPostRequisition testPostRequisition) {
23 | this.testPostRequisition = testPostRequisition;
24 | }
25 |
26 | public SendToGPT3(TestGetRequisition testGetRequisition) {
27 | this.testGetRequisition = testGetRequisition;
28 | }
29 |
30 | public SendToGPT3(TestPutRequisition testPutRequisition) {
31 | this.testPutRequisition = testPutRequisition;
32 | }
33 |
34 | public SendToGPT3(TestDeleteRequisition testDeleteRequisition) {
35 | this.testDeleteRequisition = testDeleteRequisition;
36 | }
37 |
38 |
39 | public Result doGptGetTest(){
40 | Map bodyToSendRequest = new HashMap<>();
41 |
42 | bodyToSendRequest.put("url", this.testGetRequisition.getUrl());
43 | bodyToSendRequest.put("typeReq", "GET");
44 | bodyToSendRequest.put("params", this.testGetRequisition.getParameters());
45 | bodyToSendRequest.put("headers", this.testGetRequisition.getHeaders());
46 | bodyToSendRequest.put("apyKey", this.testGetRequisition.getGptKey());
47 |
48 |
49 |
50 | Response responseTestGetGPT = RestAssured.given().body(bodyToSendRequest).post("http://localhost:5000/gptTest").then()
51 | .extract()
52 | .response();
53 |
54 | return new Result(TEST_TYPE.GPT3, responseTestGetGPT.getBody().toString());
55 | }
56 |
57 | public Result doGptPostTest(){
58 | Map bodyToSendRequest = new HashMap<>();
59 |
60 | bodyToSendRequest.put("url", this.testPostRequisition.getUrl());
61 | bodyToSendRequest.put("typeReq", "POST");
62 | bodyToSendRequest.put("headers", this.testPostRequisition.getHeaders());
63 | bodyToSendRequest.put("body", this.testPostRequisition.getBody());
64 | bodyToSendRequest.put("apyKey", this.testPostRequisition.getGptKey());
65 |
66 |
67 |
68 | Response responseTestGetGPT = RestAssured.given().body(bodyToSendRequest).post("http://localhost:5000/gptTest").then()
69 | .extract()
70 | .response();
71 |
72 | return new Result(TEST_TYPE.GPT3, responseTestGetGPT.getBody().toString());
73 | }
74 |
75 | public Result doGptPutTest() {
76 | Map bodyToSendRequest = new HashMap<>();
77 |
78 | bodyToSendRequest.put("url", this.testPostRequisition.getUrl());
79 | bodyToSendRequest.put("typeReq", "PUT");
80 | bodyToSendRequest.put("headers", this.testPostRequisition.getHeaders());
81 | bodyToSendRequest.put("body", this.testPostRequisition.getBody());
82 | bodyToSendRequest.put("apyKey", this.testPostRequisition.getGptKey());
83 |
84 |
85 |
86 | Response responseTestGetGPT = RestAssured.given().body(bodyToSendRequest).post("http://localhost:5000/gptTest").then()
87 | .extract()
88 | .response();
89 |
90 | return new Result(TEST_TYPE.GPT3, responseTestGetGPT.getBody().toString());
91 | }
92 |
93 | public Result doGptDeleteTest() {
94 | Map bodyToSendRequest = new HashMap<>();
95 |
96 | bodyToSendRequest.put("url", this.testPostRequisition.getUrl());
97 | bodyToSendRequest.put("typeReq", "DELETE");
98 | bodyToSendRequest.put("headers", this.testPostRequisition.getHeaders());
99 | bodyToSendRequest.put("body", this.testPostRequisition.getBody());
100 | bodyToSendRequest.put("apyKey", this.testPostRequisition.getGptKey());
101 |
102 |
103 |
104 | Response responseTestGetGPT = RestAssured.given().body(bodyToSendRequest).post("http://localhost:5000/gptTest").then()
105 | .extract()
106 | .response();
107 |
108 | return new Result(TEST_TYPE.GPT3, responseTestGetGPT.getBody().toString());
109 | }
110 | }
111 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/tests/SqlInjectionTest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.tests;
2 |
3 | import io.restassured.http.ContentType;
4 | import io.restassured.response.Response;
5 | import io.restassured.specification.RequestSpecification;
6 | import org.springframework.web.util.UriComponentsBuilder;
7 | import tech.noetzold.APItester.model.Result;
8 | import tech.noetzold.APItester.util.TEST_TYPE;
9 |
10 | import java.io.UnsupportedEncodingException;
11 | import java.net.URLEncoder;
12 | import java.nio.charset.StandardCharsets;
13 | import java.util.Map;
14 |
15 | public class SqlInjectionTest extends BaseTest {
16 |
17 | public Result testGetSqlInjection(String url, RequestSpecification request, Map params) {
18 | if (params == null) return null;
19 | String payload = "' or 1=1 --";
20 | try {
21 | payload = URLEncoder.encode(payload, "UTF-8");
22 | } catch (UnsupportedEncodingException e) {
23 | throw new RuntimeException(e);
24 | }
25 |
26 | UriComponentsBuilder uriBuilder = UriComponentsBuilder.fromHttpUrl(url);
27 | for (Map.Entry pair : params.entrySet()) {
28 | uriBuilder.queryParam(pair.getKey(), payload);
29 | }
30 |
31 | Response response = request
32 | .get(uriBuilder.toUriString())
33 | .then()
34 | .extract()
35 | .response();
36 |
37 | String responseBody = response.getBody().asString();
38 | int statusCode = response.getStatusCode();
39 | if (responseBody.contains(payload)) {
40 | return fail(TEST_TYPE.SQL_INJECTION, "SQL injection vulnerability found in parameter " + params.toString() + " with payload " + payload);
41 | }
42 | if (statusCode >= 500) {
43 | return fail(TEST_TYPE.SQL_INJECTION, "Server error: " + statusCode);
44 | }
45 |
46 | return success(TEST_TYPE.SQL_INJECTION);
47 | }
48 |
49 | public Result testPostSqlInjection(RequestSpecification request, String url, Map body, Map headers) {
50 | if (body == null) return null;
51 | String payload = "' or 1=1 --";
52 |
53 | UriComponentsBuilder uriBuilder = UriComponentsBuilder.fromHttpUrl(url);
54 |
55 | for (Map.Entry pair : body.entrySet()) {
56 | if (pair.getValue() instanceof String) {
57 | String encodedValue = URLEncoder.encode(pair.getValue().toString(), StandardCharsets.UTF_8);
58 | uriBuilder.queryParam(pair.getKey(), encodedValue);
59 | }
60 | }
61 |
62 | String requestBody = uriBuilder.build().getQuery();
63 |
64 | Response response = request.body(requestBody)
65 | .contentType(ContentType.URLENC)
66 | .headers(headers)
67 | .when()
68 | .post(url)
69 | .then()
70 | .extract()
71 | .response();
72 |
73 | String responseBody = response.getBody().asString();
74 | int statusCode = response.getStatusCode();
75 | if (responseBody.contains(payload)) {
76 | return fail(TEST_TYPE.SQL_INJECTION, "SQL injection vulnerability found in parameter " + body.toString() + " with payload " + payload);
77 | }
78 | if (statusCode >= 500) {
79 | return fail(TEST_TYPE.SQL_INJECTION, "Server error: " + statusCode);
80 | }
81 |
82 | return success(TEST_TYPE.SQL_INJECTION);
83 | }
84 |
85 |
86 | public Result testPutSqlInjection(RequestSpecification request, String url, Map body, Map headers) {
87 | if (body == null) return null;
88 | String payload = "' or 1=1 --";
89 |
90 | UriComponentsBuilder uriBuilder = UriComponentsBuilder.fromHttpUrl(url);
91 |
92 | for (Map.Entry pair : body.entrySet()) {
93 | if (pair.getValue() instanceof String) {
94 | String encodedValue = URLEncoder.encode(pair.getValue().toString(), StandardCharsets.UTF_8);
95 | uriBuilder.queryParam(pair.getKey(), encodedValue);
96 | }
97 | }
98 |
99 | String requestBody = uriBuilder.build().getQuery();
100 |
101 | Response response = request.body(requestBody)
102 | .contentType(ContentType.URLENC)
103 | .headers(headers)
104 | .when()
105 | .put(url)
106 | .then()
107 | .extract()
108 | .response();
109 |
110 | String responseBody = response.getBody().asString();
111 | int statusCode = response.getStatusCode();
112 | if (responseBody.contains(payload)) {
113 | return fail(TEST_TYPE.SQL_INJECTION, "SQL injection vulnerability found in parameter " + body.toString() + " with payload " + payload);
114 | }
115 | if (statusCode >= 500) {
116 | return fail(TEST_TYPE.SQL_INJECTION, "Server error: " + statusCode);
117 | }
118 |
119 | return success(TEST_TYPE.SQL_INJECTION);
120 | }
121 |
122 | public Result testDeleteSqlInjection(String url, RequestSpecification request, Map params) {
123 | if (params == null) return null;
124 | String payload = "' or 1=1 --";
125 | try {
126 | payload = URLEncoder.encode(payload, "UTF-8");
127 | } catch (UnsupportedEncodingException e) {
128 | throw new RuntimeException(e);
129 | }
130 |
131 | UriComponentsBuilder uriBuilder = UriComponentsBuilder.fromHttpUrl(url);
132 | for (Map.Entry pair : params.entrySet()) {
133 | uriBuilder.queryParam(pair.getKey(), payload);
134 | }
135 |
136 | Response response = request
137 | .delete(uriBuilder.toUriString())
138 | .then()
139 | .extract()
140 | .response();
141 |
142 | String responseBody = response.getBody().asString();
143 | int statusCode = response.getStatusCode();
144 | if (responseBody.contains(payload)) {
145 | return fail(TEST_TYPE.SQL_INJECTION, "SQL injection vulnerability found in parameter " + params.toString() + " with payload " + payload);
146 | }
147 | if (statusCode >= 500) {
148 | return fail(TEST_TYPE.SQL_INJECTION, "Server error: " + statusCode);
149 | }
150 |
151 | return success(TEST_TYPE.SQL_INJECTION);
152 | }
153 | }
154 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/tests/XssTest.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.tests;
2 |
3 | import io.restassured.response.Response;
4 | import io.restassured.specification.RequestSpecification;
5 | import tech.noetzold.APItester.model.Result;
6 | import tech.noetzold.APItester.util.TEST_TYPE;
7 |
8 | import java.util.HashMap;
9 | import java.util.Map;
10 |
11 | public class XssTest extends BaseTest {
12 |
13 | public Result testGetXss(String url, RequestSpecification request, Map params) {
14 | if(params == null) return null;
15 | String payload = "";
16 | for (Map.Entry pair : params.entrySet())
17 | pair.setValue(payload);
18 | Response response = request
19 | .params(params)
20 | .when()
21 | .get(url)
22 | .then()
23 | .extract()
24 | .response();
25 |
26 | String responseBody = response.getBody().asString();
27 | int statusCode = response.getStatusCode();
28 | if (responseBody.contains(payload)) {
29 | return fail(TEST_TYPE.XSS_INJECTION,"XSS vulnerability found in parameter " + params.toString() + " with payload " + payload);
30 | }
31 | if (statusCode >= 500) {
32 | return fail(TEST_TYPE.XSS_INJECTION,"Server error: " + statusCode);
33 | }
34 |
35 | return success(TEST_TYPE.XSS_INJECTION);
36 | }
37 |
38 | public Result testPostXss(RequestSpecification request, String url, Map body, Map headers) {
39 | if(body == null) return null;
40 | String payload = "";
41 |
42 | for (String key : body.keySet()) {
43 | Map modifiedBody = new HashMap<>(body);
44 | modifiedBody.put(key, payload);
45 |
46 | Response response = request
47 | .when()
48 | .headers(headers)
49 | .body(modifiedBody)
50 | .post(url)
51 | .then()
52 | .extract()
53 | .response();
54 |
55 | String responseBody = response.getBody().asString();
56 | int statusCode = response.getStatusCode();
57 | if (responseBody.contains(payload)) {
58 | return fail(TEST_TYPE.XSS_INJECTION,"XSS vulnerability found in parameter " + key + " with payload " + payload);
59 | }
60 | if (statusCode >= 500) {
61 | return fail(TEST_TYPE.XSS_INJECTION,"Server error: " + statusCode);
62 | }
63 | }
64 |
65 | return success(TEST_TYPE.XSS_INJECTION);
66 | }
67 |
68 | public Result testPutXss(RequestSpecification request, String url, Map body, Map headers) {
69 | if(body == null) return null;
70 | String payload = "";
71 |
72 | for (String key : body.keySet()) {
73 | Map modifiedBody = new HashMap<>(body);
74 | modifiedBody.put(key, payload);
75 |
76 | Response response = request
77 | .when()
78 | .headers(headers)
79 | .body(modifiedBody)
80 | .put(url)
81 | .then()
82 | .extract()
83 | .response();
84 |
85 | String responseBody = response.getBody().asString();
86 | int statusCode = response.getStatusCode();
87 | if (responseBody.contains(payload)) {
88 | return fail(TEST_TYPE.XSS_INJECTION,"XSS vulnerability found in parameter " + key + " with payload " + payload);
89 | }
90 | if (statusCode >= 500) {
91 | return fail(TEST_TYPE.XSS_INJECTION,"Server error: " + statusCode);
92 | }
93 | }
94 |
95 | return success(TEST_TYPE.XSS_INJECTION);
96 | }
97 |
98 | public Result testDeleteXss(String url, RequestSpecification request, Map params) {
99 | if(params == null) return null;
100 | String payload = "";
101 | for (Map.Entry pair : params.entrySet())
102 | pair.setValue(payload);
103 | Response response = request
104 | .params(params)
105 | .when()
106 | .delete(url)
107 | .then()
108 | .extract()
109 | .response();
110 |
111 | String responseBody = response.getBody().asString();
112 | int statusCode = response.getStatusCode();
113 | if (responseBody.contains(payload)) {
114 | return fail(TEST_TYPE.XSS_INJECTION,"XSS vulnerability found in parameter " + params.toString() + " with payload " + payload);
115 | }
116 | if (statusCode >= 500) {
117 | return fail(TEST_TYPE.XSS_INJECTION,"Server error: " + statusCode);
118 | }
119 |
120 | return success(TEST_TYPE.XSS_INJECTION);
121 | }
122 | }
123 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/util/QueryStringParser.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.util;
2 | import java.net.URLDecoder;
3 | import java.util.HashMap;
4 | import java.util.Map;
5 |
6 | public class QueryStringParser {
7 | public static Map parseQueryString(String queryString) {
8 | Map parameters = new HashMap<>();
9 |
10 | if (queryString != null && !queryString.isEmpty()) {
11 | String[] pairs = queryString.split("&");
12 | for (String pair : pairs) {
13 | int idx = pair.indexOf("=");
14 | try {
15 | String key = URLDecoder.decode(pair.substring(0, idx), "UTF-8");
16 | String value = URLDecoder.decode(pair.substring(idx + 1), "UTF-8");
17 | parameters.put(key, value);
18 | } catch (Exception e) {
19 | e.printStackTrace();
20 | // Handle exception
21 | }
22 | }
23 | }
24 |
25 | return parameters;
26 | }
27 | }
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/util/TEST_TYPE.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.util;
2 |
3 | public enum TEST_TYPE {
4 | COMMAND_INJECTION, DATA_VALIDATION, SQL_INJECTION, XSS_INJECTION, SECURITY, GPT3, PERFORMANCE
5 |
6 | }
7 |
--------------------------------------------------------------------------------
/src/main/java/tech/noetzold/APItester/util/TokenApp.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester.util;
2 |
3 | import java.io.FileInputStream;
4 | import java.io.FileNotFoundException;
5 | import java.io.IOException;
6 | import java.util.Properties;
7 |
8 | public class TokenApp {
9 |
10 | public static String getTokenPass() {
11 | Properties props = new Properties();
12 | FileInputStream file = null;
13 | try {
14 | file = new FileInputStream(
15 | "./src/main/resources/application.properties");
16 | props.load(file);
17 | } catch (IOException e) {
18 | throw new RuntimeException(e);
19 | }
20 |
21 | return props.getProperty("app.token");
22 |
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true
2 |
3 | spring.datasource.url=jdbc:postgresql://localhost:5432/api-testes
4 | spring.datasource.username=postgres
5 | spring.datasource.password=postgres
6 | spring.jpa.hibernate.ddl-auto=update
7 | spring.jpa.show-sql=true
8 | spring.jpa.generate-ddl=true
9 |
10 | server.port = 8092
11 | app.token=06315036-6214-43e8-a173-b766de200c24
--------------------------------------------------------------------------------
/src/test/java/tech/noetzold/APItester/ApiTesterApplicationTests.java:
--------------------------------------------------------------------------------
1 | package tech.noetzold.APItester;
2 |
3 | import org.junit.jupiter.api.Test;
4 | import org.springframework.boot.test.context.SpringBootTest;
5 |
6 | @SpringBootTest
7 | class ApiTesterApplicationTests {
8 |
9 | @Test
10 | void contextLoads() {
11 | }
12 |
13 | }
14 |
--------------------------------------------------------------------------------