com.denimgroup.threadfix.remote.ThreadFixRestClient Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of threadfix-cli-lib Show documentation

This module contains library classes for accessing the ThreadFix REST API. The ThreadFix IDE plugins use this library to retrieve application and vulnerability marker information, and in the ThreadFix scanner plugins to get endpoint information and upload scans to ThreadFix applications. The easiest way to start using the library is with the PluginClient or ThreadFixRestClient classes. Both have constructors that take a PropertiesManager instance, which holds the ThreadFix API key and url information. The default PropertiesManager implementation stores these properties in threadfix.properties, but the ThreadFix plugins extend the default PropertiesManager class to override this behavior for the target platform.

The newest version!

////////////////////////////////////////////////////////////////////////
//
//     Copyright (c) 2009-2015 Denim Group, Ltd.
//
//     The contents of this file are subject to the Mozilla Public License
//     Version 2.0 (the "License"); you may not use this file except in
//     compliance with the License. You may obtain a copy of the License at
//     http://www.mozilla.org/MPL/
//
//     Software distributed under the License is distributed on an "AS IS"
//     basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
//     License for the specific language governing rights and limitations
//     under the License.
//
//     The Original Code is ThreadFix.
//
//     The Initial Developer of the Original Code is Denim Group, Ltd.
//     Portions created by Denim Group, Ltd. are Copyright (C)
//     Denim Group, Ltd. All Rights Reserved.
//
//     Contributor(s): Denim Group, Ltd.
//
////////////////////////////////////////////////////////////////////////

package com.denimgroup.threadfix.remote;

import com.denimgroup.threadfix.VulnerabilityInfo;
import com.denimgroup.threadfix.data.entities.*;
import com.denimgroup.threadfix.remote.response.RestResponse;
import com.denimgroup.threadfix.viewmodels.DynamicFormField;

import java.util.Date;
import java.util.List;
import java.util.Map;

/**
 * Created with IntelliJ IDEA.
 * User: stran
 * Date: 11/19/13
 * Time: 3:27 PM
 * To change this template use File | Settings | File Templates.
 */
public interface ThreadFixRestClient {

    public RestResponse getRules(String wafId, String appId);
    public RestResponse searchForWafByName(String name);
    public RestResponse searchForWafById(String wafId);
    public RestResponse createWaf(String name, String type);

    public RestResponse addWaf(String appId, String wafId);
    public RestResponse createApplication(String teamId, String name, String url);
    public RestResponse setParameters(String appId, String frameworkType, String repositoryUrl);
    public RestResponse searchForApplicationById(String id);
    public RestResponse searchForApplicationByName(String name, String teamName);
    public RestResponse searchForApplicationInTeamByUniqueId(String uniqueId, String teamName);

    public RestResponse getAllTeams();
    public RestResponse createTeam(String name);
    public RestResponse getAllTeamsPrettyPrint();
    public RestResponse searchForTeamById(String id);
    public RestResponse searchForTeamByName(String name);

    // Information about these methods can be found on the wiki.
    // https://github.com/denimgroup/threadfix/wiki/Command-Line-Interface
    public RestResponse searchVulnerabilities(List genericVulnerabilityIds,
               List teamIds, List applicationIds,
               List scannerNames, List genericSeverityValues, Integer numberVulnerabilities,
               String parameter, String path, Date startDate, Date endDate, Boolean showOpen, Boolean showClosed,
               Boolean showFalsePositive, Boolean showHidden, Integer numberMerged, Boolean showDefectPresent,
               Boolean showDefectNotPresent, Boolean showDefectOpen, Boolean showDefectClosed,
               Boolean showInconsistentClosedDefectNeedsScan, Boolean showInconsistentClosedDefectOpenInScan,
               Boolean showInconsistentOpenDefect
    );

    public void setKey(String key);
    public void setUrl(String url);
    public void setMemoryKey(String key);
    public void setMemoryUrl(String url);

    public RestResponse uploadScan(String applicationId, String filePath);
    public RestResponse addAppUrl(String appId, String url);

    public RestResponse queueScan(String applicationId, String scannerType);
    public RestResponse queueScan(String applicationId, String scannerType, String scanConfigId);
    public RestResponse setTaskConfig(String appId, String scannerType, String filePath);

    public RestResponse addDynamicFinding(String applicationId, String vulnType, String severity,
                                    String nativeId, String parameter, String longDescription,
                                    String fullUrl, String path);
    public RestResponse addStaticFinding(String applicationId, String vulnType, String severity,
                                   String nativeId, String parameter, String longDescription,
                                   String filePath, String column, String lineText, String lineNumber);

    public RestResponse createTag(String name, String tagType);
    public RestResponse searchTagById(String id);
    public RestResponse searchTagsByName(String name);
    public RestResponse getAllTags();
    public RestResponse addAppTag(String appId, String tagId);
    public RestResponse removeAppTag(String appId, String tagId);

    public RestResponse updateTag(String tagId, String name);

    public RestResponse removeTag(String tagId);

    void setUnsafeFlag(boolean unsafeFlag);

//    public RestResponse