Skip to content

Commit a1bad8c

Browse files
Q3 2024 integration branch (#51)
VS Plugin release version - 9.00.31
1 parent d95c427 commit a1bad8c

21 files changed

Lines changed: 388 additions & 106 deletions

CxActionShared/CxActionShared.projitems

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,7 @@
106106
<Compile Include="$(MSBuildThisFileDirectory)Services\EnvDTEConstants.cs" />
107107
<Compile Include="$(MSBuildThisFileDirectory)Services\RESTApi\CxRESTApi.cs" />
108108
<Compile Include="$(MSBuildThisFileDirectory)Services\RESTApi\CxRESTApiCommon.cs" />
109+
<Compile Include="$(MSBuildThisFileDirectory)services\restapi\CxRESTApiNoneConfiguration.cs" />
109110
<Compile Include="$(MSBuildThisFileDirectory)Services\RESTApi\CxRESTApiPortalConfiguration.cs" />
110111
<Compile Include="$(MSBuildThisFileDirectory)Services\RESTApi\CxRESTApiWebRequestBase.cs" />
111112
<Compile Include="$(MSBuildThisFileDirectory)Services\WinCookieHelper.cs" />
@@ -114,6 +115,8 @@
114115
<Compile Include="$(MSBuildThisFileDirectory)ValueObjects\RESTApi\CxProjectDetails.cs" />
115116
<Compile Include="$(MSBuildThisFileDirectory)ValueObjects\RESTApi\CxQueryDescription.cs" />
116117
<Compile Include="$(MSBuildThisFileDirectory)ValueObjects\RESTApi\CxRESTApiLoginResponse.cs" />
118+
<Compile Include="$(MSBuildThisFileDirectory)valueobjects\restapi\enum\ResultStates.cs" />
119+
<Compile Include="$(MSBuildThisFileDirectory)valueobjects\restapi\CxVersionInfo.cs" />
117120
<Compile Include="$(MSBuildThisFileDirectory)ValueObjects\Results.cs" />
118121
<Compile Include="$(MSBuildThisFileDirectory)ValueObjects\WebPortal\Models\CxPortalConfiguration.cs" />
119122
<Compile Include="$(MSBuildThisFileDirectory)Views\BindingPrjList.cs">
@@ -365,4 +368,7 @@
365368
<EmbeddedResource Include="$(MSBuildThisFileDirectory)Resources\NormalNode.png" />
366369
<EmbeddedResource Include="$(MSBuildThisFileDirectory)Resources\NormalSelected.png" />
367370
</ItemGroup>
371+
<ItemGroup>
372+
<Folder Include="$(MSBuildThisFileDirectory)ValueObjects\RESTApi\Enum\" />
373+
</ItemGroup>
368374
</Project>

CxActionShared/Entities/WebServiceEntity/ReportQueryResult.cs

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ public enum ReportQuerySeverityType
1212
Information = 0,
1313
Low = 1,
1414
Medium = 2,
15-
High = 3
15+
High = 3,
16+
Critical = 4
1617
}
1718

1819
public enum ViewerTreeNodeType
@@ -456,6 +457,7 @@ public static ReportQuerySeverityType SeverityTypeFromString(string str)
456457
case "Low": type = ReportQuerySeverityType.Low; break;
457458
case "Medium": type = ReportQuerySeverityType.Medium; break;
458459
case "High": type = ReportQuerySeverityType.High; break;
460+
case "Critical": type = ReportQuerySeverityType.Critical; break;
459461
default: type = ReportQuerySeverityType.None; break;
460462
}
461463

CxActionShared/Entities/WebServiceEntity/ReportResult.cs

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,11 @@ public Dictionary<ReportQuerySeverityType, List<ReportQueryResult>> Tree
4949
tepmTree[problem.Severity].Add(problem);
5050
}
5151

52+
if (tepmTree.ContainsKey(ReportQuerySeverityType.Critical))
53+
{
54+
_tree.Add(ReportQuerySeverityType.Critical, tepmTree[ReportQuerySeverityType.Critical]);
55+
}
56+
5257
if (tepmTree.ContainsKey(ReportQuerySeverityType.High))
5358
{
5459
_tree.Add(ReportQuerySeverityType.High, tepmTree[ReportQuerySeverityType.High]);

CxActionShared/Helpers/LoginHelper.cs

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -434,8 +434,16 @@ public static bool DolLogin(LoginData login, CxWebServiceClient client)
434434
//Add logs for print Server url and AccessToken
435435
Logger.Create().Debug("Server URL: " + login.ServerBaseUri);
436436
cxRestApi = new CxRESTApi(login);
437-
string accessToken = cxRestApi.Login(oidcLoginResult.Code);
438-
cxRestApi.GetPermissions(accessToken);
437+
try
438+
{
439+
string accessToken = cxRestApi.Login(oidcLoginResult.Code);
440+
cxRestApi.GetPermissions(accessToken);
441+
}
442+
catch(Exception ex)
443+
{
444+
Logger.Create().Debug("Failed to get accesstoken. Error: " + ex.ToString());
445+
}
446+
439447
}
440448

441449
loginSucceeded = true;

CxActionShared/Helpers/PerspectiveHelper.cs

Lines changed: 41 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,10 @@
1212
using CxViewerAction.Entities.WebServiceEntity;
1313
using System.Collections.Generic;
1414
using Common;
15+
using System.Net;
16+
using System.Text;
17+
using System.Web.Script.Serialization;
18+
using CxViewerAction.ValueObjects;
1519

1620
namespace CxViewerAction.Helpers
1721
{
@@ -26,7 +30,7 @@ public class PerspectiveHelper
2630
/// Perspective not exist message
2731
/// </summary>
2832
private const string _perspectiveNotExist = "Current project perspective not exist";
29-
33+
private static string _apiSASTVersionDetails = "system/version";
3034
#endregion [ Constants ]
3135

3236
/// <summary>
@@ -310,6 +314,7 @@ public static void ShowStored(CxWSQueryVulnerabilityData[] queries, LoginData lo
310314
List<CxWSQueryVulnerabilityData> sev1 = new List<CxWSQueryVulnerabilityData>();
311315
List<CxWSQueryVulnerabilityData> sev2 = new List<CxWSQueryVulnerabilityData>();
312316
List<CxWSQueryVulnerabilityData> sev3 = new List<CxWSQueryVulnerabilityData>();
317+
List<CxWSQueryVulnerabilityData> sev4 = new List<CxWSQueryVulnerabilityData>();
313318

314319
for (int i = 0; i < queries.Length; i++)
315320
{
@@ -328,8 +333,15 @@ public static void ShowStored(CxWSQueryVulnerabilityData[] queries, LoginData lo
328333
case 3:
329334
sev3.Add(cur);
330335
break;
336+
case 4:
337+
sev4.Add(cur);
338+
break;
331339
}
332340
}
341+
if (sev4.Count > 0)
342+
{
343+
queriesGroups.Add(ReportQuerySeverityType.Critical, sev4);
344+
}
333345
if (sev3.Count > 0)
334346
{
335347
queriesGroups.Add(ReportQuerySeverityType.High, sev3);
@@ -554,6 +566,34 @@ public static ResultState[] GetResultStateList()
554566
return res;
555567
}
556568

569+
public static string GetSASTVersionDetails()
570+
{
571+
string responseText = string.Empty;
572+
573+
if(!string.IsNullOrEmpty(LoginHelper.ServerBaseUrl))
574+
{
575+
CxRESTApiCommon rESTApiPortalConfiguration = new CxRESTApiCommon(string.Format(_apiSASTVersionDetails));
576+
HttpWebResponse response = rESTApiPortalConfiguration.InitPortalBaseUrl();
577+
578+
if (response != null && response.StatusCode == HttpStatusCode.OK)
579+
{
580+
using (StreamReader reader = new StreamReader(response.GetResponseStream(), Encoding.UTF8))
581+
{
582+
responseText = reader.ReadToEnd();
583+
}
584+
}
585+
}
586+
587+
if (!string.IsNullOrEmpty(responseText))
588+
{
589+
CxVersionInfo versionInfo = new CxVersionInfo();
590+
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
591+
versionInfo = (CxVersionInfo)javaScriptSerializer.Deserialize(responseText, typeof(CxVersionInfo));
592+
return versionInfo.version;
593+
}
594+
return "";
595+
}
596+
557597
private static ResultState[] RemoveNotExploitableFromArray(ResultState[] resultStates)
558598
{
559599
ResultState [] statesWithoutNotExploitable = new ResultState[resultStates.Length-1];
Lines changed: 145 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,145 @@
1+
using Common;
2+
using CxViewerAction.Entities;
3+
using CxViewerAction.Helpers;
4+
using CxViewerAction.WebPortal;
5+
using System;
6+
using System.IO;
7+
using System.Net;
8+
using System.Text;
9+
using System.Web.Script.Serialization;
10+
11+
namespace CxViewerAction.Services
12+
{
13+
public class CxRESTApiNoneConfiguration
14+
{
15+
#region Fields
16+
17+
private string _restAPIRelativePath = "/cxrestapi/Configurations/None";
18+
private const string requestContentType = "application/json, text/plain, */*";
19+
20+
#endregion
21+
22+
#region API
23+
24+
public void InitNoneBaseUrl()
25+
{
26+
try
27+
{
28+
LoginHelper.PortalConfiguration = new CxPortalConfiguration();
29+
Uri uri = GetLoginUri();
30+
HttpWebRequest webRequest = GetWebRequest(uri);
31+
CxPortalConfiguration result = GetWebResponse(webRequest);
32+
LoginHelper.PortalConfiguration.WebServer = GetWebServerBaseUrl(result.WebServer);
33+
}
34+
catch (System.Net.WebException ex)
35+
{
36+
var response = (System.Net.HttpWebResponse)ex.Response;
37+
38+
if (response.StatusCode == HttpStatusCode.NotFound)
39+
{
40+
LoginHelper.PortalConfiguration.WebServer = LoginHelper.ServerBaseUrl;
41+
}
42+
else
43+
{
44+
Logger.Create().Error("CxRESTApiPortalConfiguration->GetPortalBaseUrl: " + ex.ToString());
45+
}
46+
}
47+
}
48+
49+
public CxPortalConfiguration InitNoneConfigurationDetails()
50+
{
51+
try
52+
{
53+
LoginHelper.PortalConfiguration = new CxPortalConfiguration();
54+
Uri uri = GetLoginUri();
55+
HttpWebRequest webRequest = GetWebRequest(uri);
56+
return GetWebResponse(webRequest);
57+
}
58+
catch (System.Net.WebException ex)
59+
{
60+
var response = (System.Net.HttpWebResponse)ex.Response;
61+
62+
if (response.StatusCode == HttpStatusCode.NotFound)
63+
{
64+
LoginHelper.PortalConfiguration.WebServer = LoginHelper.ServerBaseUrl;
65+
}
66+
else
67+
{
68+
Logger.Create().Error("CxRESTApiPortalConfiguration->InitPortalConfigurationDetails: " + ex.ToString());
69+
}
70+
}
71+
return null;
72+
}
73+
#endregion
74+
75+
#region Private methods
76+
77+
private string GetWebServerBaseUrl(string url)
78+
{
79+
if (string.IsNullOrEmpty(url))
80+
{
81+
return LoginHelper.ServerBaseUrl;
82+
}
83+
84+
Uri uri = new Uri(LoginHelper.ServerBaseUrl);
85+
86+
if (!url.StartsWith(uri.Scheme))
87+
{
88+
return string.Format("{0}://{1}", uri.Scheme, url);
89+
}
90+
91+
return url;
92+
}
93+
94+
private HttpWebRequest GetWebRequest(Uri uri)
95+
{
96+
HttpWebRequest webRequest = new CxRESTApiWebRequestCore().Create(uri, "GET");
97+
webRequest.Accept = requestContentType;
98+
OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
99+
if (CxVSWebServiceWrapper.IsTokenExpired(oidcLoginData))
100+
{
101+
//get the login data again with the new access token
102+
oidcLoginData = OidcLoginData.GetOidcLoginDataInstance();
103+
};
104+
webRequest.Headers.Clear();
105+
webRequest.Headers.Add(Constants.AUTHORIZATION_HEADER, Constants.BEARER + oidcLoginData.AccessToken);
106+
return webRequest;
107+
}
108+
109+
private CxPortalConfiguration GetWebResponse(HttpWebRequest webRequest)
110+
{
111+
string responseText = string.Empty;
112+
CxPortalConfiguration portalConfiguration = new CxPortalConfiguration();
113+
HttpWebResponse webResponse = (HttpWebResponse)webRequest.GetResponse();
114+
115+
if (webResponse.StatusCode != HttpStatusCode.OK)
116+
{
117+
Logger.Create().Error("CxRESTApiPortalConfiguration->HandleWebResponse->Rest API, status message: " + webResponse.StatusDescription);
118+
}
119+
120+
using (StreamReader reader = new StreamReader(webResponse.GetResponseStream(), ASCIIEncoding.ASCII))
121+
{
122+
responseText = reader.ReadToEnd();
123+
}
124+
125+
if (!string.IsNullOrEmpty(responseText))
126+
{
127+
JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
128+
portalConfiguration = (CxPortalConfiguration)javaScriptSerializer.Deserialize(responseText, typeof(CxPortalConfiguration));
129+
}
130+
131+
return portalConfiguration;
132+
}
133+
134+
private Uri GetLoginUri()
135+
{
136+
string url = string.Format("{0}{1}",
137+
Common.Text.Text.RemoveTrailingSlash(LoginHelper.ServerBaseUrl),
138+
_restAPIRelativePath);
139+
140+
return new Uri(url);
141+
}
142+
143+
#endregion
144+
}
145+
}
Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
namespace CxViewerAction.ValueObjects
2+
{
3+
public class CxVersionInfo
4+
{
5+
public string version { get; set; }
6+
public string hotFix { get; set; }
7+
public string enginePackVersion { get; set; }
8+
}
9+
}
Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
namespace CxViewerAction.ValueObjects
2+
{
3+
public enum ResultStates
4+
{
5+
ToVerify,
6+
NotExploitable,
7+
Confirmed,
8+
Urgent,
9+
ProposedNotExploitable
10+
}
11+
}

CxActionShared/ValueObjects/WebPortal/Models/CxPortalConfiguration.cs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,9 @@ public class CxPortalConfiguration
88

99
public bool MandatoryCommentOnChangeResultState { get; set; }
1010

11+
public bool MandatoryCommentOnChangeResultStateToNE { get; set; }
12+
13+
public bool MandatoryCommentOnChangeResultStateToPNE { get; set; }
1114
#endregion
1215
}
1316
}

CxActionShared/Views/BrowserForm.cs

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
using CefSharp.WinForms;
1717
using System.Collections.Specialized;
1818
using static CxViewerAction.Views.BrowserForm.MyCustomResourceRequestHandler;
19+
using CxViewerAction.Entities;
1920

2021
//This code is using CefSharp Browser for Login.
2122
// Use of this source code is governed by a BSD-style license that can be found in the CxViewerVSIX Resource LICENSE file.
@@ -28,6 +29,7 @@ public partial class BrowserForm : Form
2829
public event EventHandler UserClosedForm;
2930
public const string ERROR_QUERY_KEY = "Error";
3031
public const string BLANK_PAGE = "about:blank";
32+
public const String CODE_KEY = "code=";
3133
public BrowserForm()
3234
{
3335
InitializeComponent();
@@ -130,7 +132,7 @@ private void chromium_FrameLoadEnd(object sender, CefSharp.FrameLoadEndEventArgs
130132
// Was the loaded page the first page load?
131133
browser.ExecuteScriptAsync("document.oncontextmenu = function() { return false; };");
132134

133-
if (!e.Url.ToLower().Contains("code="))
135+
if (!validateUrlResponse(e))
134136
{
135137
if (e.Url.ToString().Contains("CxRestAPI"))
136138
{
@@ -159,6 +161,21 @@ private void chromium_FrameLoadEnd(object sender, CefSharp.FrameLoadEndEventArgs
159161
Cef.GetGlobalCookieManager().DeleteCookies("", "");
160162
Application.ExitThread();
161163
}
164+
165+
private Boolean validateUrlResponse(CefSharp.FrameLoadEndEventArgs eventArgs)
166+
{
167+
try
168+
{
169+
LoginData loginData = LoginHelper.LoadSaved();
170+
Uri myUri = new Uri(loginData.ServerBaseUri);
171+
String host = myUri.Host;
172+
return eventArgs.Url.Contains(host) && eventArgs.Url.ToLower().Contains(CODE_KEY);
173+
}
174+
catch (Exception ex)
175+
{
176+
throw new Exception(ex.ToString());
177+
}
178+
}
162179
private string ExtractCodeFromUrl(string absoluteUri)
163180
{
164181
Uri myUri = new Uri(absoluteUri);

0 commit comments

Comments
 (0)