[backend] feat(stix): artifact management (#3511)

[gabriel-peze]

Proposed changes

• Add artifacts management on stix bundle

Testing Instructions

1. On OCTI, linked to OAEV, create a security coverage from a report with artifacts
2. On OAEV, you should see a scenario created from the report information
3. Play with the report artifacts, changes on report on OCTI should be handle on OAEV

Related issues

• Closes Parse artifacts from StixBundle #3511

Checklist

• I consider the submitted work as finished
• I tested the code for its functionality
• I wrote test cases for the relevant uses case
• I added/update the relevant documentation (either on github or on notion)
• Where necessary I refactored code to improve the overall quality

[codecov]

Codecov Report

❌ Patch coverage is 80.46647% with 67 lines in your changes missing coverage. Please review.
✅ Project coverage is 58.38%. Comparing base (b73ffaf) to head (d8e7b73).

Files with missing lines	Patch %	Lines
...ev/service/stix/SecurityCoverageInjectService.java	80.55%	17 Missing and 4 partials ⚠️
.../openaev/service/stix/SecurityCoverageService.java	36.66%	17 Missing and 2 partials ⚠️
...n/java/io/openaev/utils/SecurityCoverageUtils.java	80.39%	0 Missing and 10 partials ⚠️
...ava/io/openaev/opencti/service/OpenCTIService.java	80.95%	3 Missing and 1 partial ⚠️
...ain/java/io/openaev/rest/document/DocumentApi.java	55.55%	4 Missing ⚠️
...java/io/openaev/rest/document/DocumentService.java	93.54%	0 Missing and 4 partials ⚠️
.../java/io/openaev/opencti/client/OpenCTIClient.java	88.88%	0 Missing and 2 partials ⚠️
.../io/openaev/rest/inject/service/InjectService.java	0.00%	2 Missing ⚠️
.../java/io/openaev/opencti/config/OpenCTIConfig.java	0.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@                  Coverage Diff                  @@
##             release/current    #4950      +/-   ##
=====================================================
+ Coverage              58.04%   58.38%   +0.33%     
- Complexity              4891     4932      +41     
=====================================================
  Files                   1022     1023       +1     
  Lines                  31107    31342     +235     
  Branches                2331     2353      +22     
=====================================================
+ Hits                   18057    18299     +242     
+ Misses                 12030    12001      -29     
- Partials                1020     1042      +22     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

This pull request adds artifact management functionality to OpenAEV's STIX bundle processing system. When threat actors are referenced with artifacts (executable files or other attachments) in OpenCTI reports, these files can now be imported as FileDrop payloads in OpenAEV scenarios. The implementation includes automatic file download from OpenCTI, document creation, FileDrop payload generation, and inject creation for each injector contract supporting file drops.

Changes:

• Extended STIX parsing to support artifact objects and extract file metadata (URI, name, mime_type)
• Implemented file download and document upsert functionality with OpenCTI integration
• Added database migration to change StixRefToExternalRef from single external_ref to list of external_refs
• Created inject management for file drop payloads based on artifacts in security coverage

Reviewed changes

Copilot reviewed 29 out of 29 changed files in this pull request and generated 9 comments.

Show a summary per file

File	Description
openaev-model/.../ObjectFactory.java	Registered ARTIFACT object type in STIX object factory
openaev-model/.../ObjectTypes.java	Added ARTIFACT enum value for STIX object types
openaev-model/.../CommonProperties.java	Added URI and MIME_TYPE properties for artifact metadata
openaev-model/.../PayloadRepository.java	Added query to find FileDrop by document ID
openaev-model/.../InjectRepository.java	Added delete query for injects with FileDrop contracts
openaev-model/.../DocumentRepository.java	Added query to find documents linked to scenario injects
openaev-model/.../StixRefToExternalRef.java	Changed from single external_ref to list of external_refs
openaev-model/.../SecurityCoverage.java	Added artifactsRefs field for artifact references
openaev-api/.../SecurityCoverageUtils.java	Converted to Spring component, added artifact processing logic
openaev-api/.../StixService.java	Minor refactoring to remove redundant variable
openaev-api/.../SecurityCoverageService.java	Integrated artifact coverage processing and reporting
openaev-api/.../SecurityCoverageInjectService.java	Implemented inject creation/deletion for artifacts
openaev-api/.../PayloadService.java	Added FileDrop payload creation from documents
openaev-api/.../DocumentService.java	Added upsert method for document creation/update
openaev-api/.../DocumentApi.java	Refactored to use DocumentService.upsert
openaev-api/.../AttackPatternService.java	Updated to use SecurityCoverageUtils component
openaev-api/.../OpenCTIService.java	Added file download and document creation functionality
openaev-api/.../OpenCTIConfig.java	Added getFormattedUrl helper method
openaev-api/.../OpenCTIClient.java	Implemented HTTP download method
openaev-api/.../File.java	New response model for file downloads
openaev-api/.../V4_73__Add_artifacts_column_to_security_coverage.java	Database migration for artifacts and external_refs refactoring
openaev-api/test/.../SecurityCoverageFixture.java	Updated fixture to use List for external refs
openaev-api/test/.../SecurityCoverageServiceTest.java	Updated tests for external_refs list
openaev-api/test/.../DocumentApiTest.java	Added tests for document upsert functionality
openaev-api/test/.../StixApiTest.java	Added tests for artifact processing with mock server
openaev-api/test/resources/stix-bundles/*.json	Added test STIX bundles with artifacts
openaev-api/test/resources/stix-bundles/artifact-file-test.txt	Test artifact file content

[savacano28]

Tests: OK

• Repport with artifacts
• Update artifacts
• Execution scenario
• Creation documents
• Creation payload drops the file (no recreation if the file already exists).

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.