diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..e6cd53b --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,31 @@ +# Changelog +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). + +## [Unreleased] - Requiring major [semver](https://semver.org/) change + +### Added + +* Support for promises via [request-promise-native](https://github.com/request/request-promise-native), while retaining backwards compatibility for those wishing to use callbacks +* Ability to add the `apiKey` once only when instantiating the `ZapClient`. See example in [README](https://github.com/zaproxy/zap-api-nodejs/README.md#instantiate-the-client-api) +* Brand new [README](https://github.com/zaproxy/zap-api-nodejs/README.md) + +### Changed + +* Minimum NodeJS version is now 8.6.0 (breaking change) +* Source no longer in zaproxy/nodejs/api/zapv2. Now in its own repository [zaproxy/zap-api-nodejs](https://github.com/zaproxy/zap-api-nodejs) +* License changed from MIT to [Apache 2.0](https://github.com/zaproxy/zap-api-nodejs/blob/master/LICENSE) +* Replaced many `var`s with `const`s + +### Removed + +* The explicit `apikey` on many API methods (breaking change) +* [lodash](https://www.npmjs.com/package/lodash) + +### Security + +* Fixed all 12 known security defects by updating the dependencies + +## 0.3.0 - 2017-12-04 + diff --git a/README.md b/README.md new file mode 100644 index 0000000..c7f294d --- /dev/null +++ b/README.md @@ -0,0 +1,89 @@ +
+
+ + zap-api-nodejs logo + +
+
+

OWASP ZAP Node API

+

+ + + License + + +

+
+ +The NodeJS implementation to access the [OWASP ZAP API](https://github.com/zaproxy/zaproxy/wiki/ApiDetails). For more information +about OWASP ZAP consult the (main) [OWASP ZAP project](https://github.com/zaproxy/zaproxy/). + +## Install + +``` +npm install zaproxy +``` + +## Usage + +By default ZAP [requires an API key](https://github.com/zaproxy/zaproxy/wiki/FAQapikey) to be sent with every request. This is done automatically providing you supply the same API key when you instantiate the `ZapClient` that you use to run ZAP with. All following API requests will use this same API key. +You can disable the API key when running ZAP if you are on a trusted network and understand the risks. If you choose to do so, you may omit the `apiKey` property of the `zapOptions` object supplied to `ZapClient`. + +### Instantiate the Node API: + +```js +const ZapClient = require('zaproxy'); + +const zapOptions = { + apiKey: , // I.E. 'v90dnblpqs1pcac991tn2oudl' + proxy: ://: // I.E. 'http://192.168.0.10:8080' +}; + +const zaproxy = new ZapClient(zapOptions); +``` + +### Use the Node API: + +Callbacks: + +```js +zaproxy.spider.scanAsUser(contextId, userId, sutBaseUrl, maxChildren, recurse, subtreeonly, (err, resp) => { + if (err) // Handle the error. + if (resp) // Handle the response. +}); +``` + +Promises: + +```js +await zaproxy.spider.scanAsUser(contextId, userId, sutBaseUrl, maxChildren) + .then( + resp => console.log(JSON.stringify(resp)), + err => `Error occurred while attempting to scan as user. Error was: ${err.message}` + ); +``` + +## API + +For a full API list, see [https://github.com/zaproxy/zaproxy/wiki/ApiGen_Index](https://github.com/zaproxy/zaproxy/wiki/ApiGen_Index). + +The Node API methods have the same signature as the API documentation, featuring both callback and promise based interfaces, making everyone happy. + +The API key is no longer explicitly required on any Node API method invocations. Unless you have disabled the API key when running ZAP, simply provide it on Node API instantiation as mentioned in the [Usage](#usage) section and it will be provided automatically with each request to the ZAP API. + +**Callback mode**: If you provide a callback as the last parameter, the callback will be called with error and response arguments, with the response being an object that corresponds to the JSON output of the API call. +**Promise mode**: If you wish to use the modern approach, simply don't provide a callback, and a native promise will be returned for you to deal with as you wish. + +## Getting Help + +For help using the OWASP ZAP API refer to: + + * [Wiki](https://github.com/zaproxy/zaproxy/wiki/ApiDetails) + * [OWASP ZAP User Group](https://groups.google.com/group/zaproxy-users) - for asking questions; + * IRC: irc.mozilla.org #websectools (eg [using Mibbit](http://chat.mibbit.com/?server=irc.mozilla.org%3A%2B6697&channel=%23websectools)) - chat with core ZAP developers (European office hours usually best) + +For specific help with this Node API, contact [@binarymist](https://github.com/binarymist) (the maintainer). + +## Issues + +To report issues related to the OWASP ZAP Node API, bugs and enhancements requests, use the [issue tracker of the main OWASP ZAP project](https://github.com/zaproxy/zaproxy/issues). diff --git a/assets/images/ZapNodeApi.png b/assets/images/ZapNodeApi.png new file mode 100644 index 0000000..d888252 Binary files /dev/null and b/assets/images/ZapNodeApi.png differ diff --git a/package-lock.json b/package-lock.json new file mode 100644 index 0000000..1c63d7a --- /dev/null +++ b/package-lock.json @@ -0,0 +1,364 @@ +{ + "name": "zaproxy", + "version": "0.3.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "ajv": { + "version": "5.5.2", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz", + "integrity": "sha1-c7Xuyj+rZT49P5Qis0GtQiBdyWU=", + "requires": { + "co": "^4.6.0", + "fast-deep-equal": "^1.0.0", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.3.0" + } + }, + "asn1": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", + "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", + "requires": { + "safer-buffer": "~2.1.0" + } + }, + "assert-plus": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", + "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" + }, + "aws-sign2": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", + "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" + }, + "aws4": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz", + "integrity": "sha512-ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ==" + }, + "bcrypt-pbkdf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", + "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "requires": { + "tweetnacl": "^0.14.3" + } + }, + "caseless": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", + "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" + }, + "co": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=" + }, + "combined-stream": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.7.tgz", + "integrity": "sha512-brWl9y6vOB1xYPZcpZde3N9zDByXTosAeMDo4p1wzo6UMOX4vumB+TP1RZ76sfE6Md68Q0NJSrE/gbezd4Ul+w==", + "requires": { + "delayed-stream": "~1.0.0" + } + }, + "core-util-is": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", + "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" + }, + "dashdash": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", + "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "requires": { + "assert-plus": "^1.0.0" + } + }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" + }, + "ecc-jsbn": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", + "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "requires": { + "jsbn": "~0.1.0", + "safer-buffer": "^2.1.0" + } + }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" + }, + "extsprintf": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", + "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" + }, + "fast-deep-equal": { + "version": "1.1.0", + "resolved": "http://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.1.0.tgz", + "integrity": "sha1-wFNHeBfIa1HaqFPIHgWbcz0CNhQ=" + }, + "fast-json-stable-stringify": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz", + "integrity": "sha1-1RQsDK7msRifh9OnYREGT4bIu/I=" + }, + "forever-agent": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", + "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" + }, + "form-data": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + }, + "getpass": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", + "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "requires": { + "assert-plus": "^1.0.0" + } + }, + "har-schema": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", + "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" + }, + "har-validator": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.0.tgz", + "integrity": "sha512-+qnmNjI4OfH2ipQ9VQOw23bBd/ibtfbVdK2fYbY4acTDqKTW/YDp9McimZdDbG8iV9fZizUqQMD5xvriB146TA==", + "requires": { + "ajv": "^5.3.0", + "har-schema": "^2.0.0" + } + }, + "http-signature": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "requires": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + } + }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" + }, + "isstream": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", + "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" + }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + }, + "json-schema": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", + "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=" + }, + "json-schema-traverse": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz", + "integrity": "sha1-NJptRMU6Ud6JtAgFxdXlm0F9M0A=" + }, + "json-stringify-safe": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" + }, + "jsprim": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", + "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", + "requires": { + "assert-plus": "1.0.0", + "extsprintf": "1.3.0", + "json-schema": "0.2.3", + "verror": "1.10.0" + } + }, + "lodash": { + "version": "4.17.11", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz", + "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==" + }, + "mime-db": { + "version": "1.37.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.37.0.tgz", + "integrity": "sha512-R3C4db6bgQhlIhPU48fUtdVmKnflq+hRdad7IyKhtFj06VPNVdk2RhiYL3UjQIlso8L+YxAtFkobT0VK+S/ybg==" + }, + "mime-types": { + "version": "2.1.21", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.21.tgz", + "integrity": "sha512-3iL6DbwpyLzjR3xHSFNFeb9Nz/M8WDkX33t1GFQnFOllWk8pOrh/LSrB5OXlnlW5P9LH73X6loW/eogc+F5lJg==", + "requires": { + "mime-db": "~1.37.0" + } + }, + "oauth-sign": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", + "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" + }, + "performance-now": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", + "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" + }, + "psl": { + "version": "1.1.29", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.1.29.tgz", + "integrity": "sha512-AeUmQ0oLN02flVHXWh9sSJF7mcdFq0ppid/JkErufc3hGIV/AMa8Fo9VgDo/cT2jFdOWoFvHp90qqBH54W+gjQ==" + }, + "punycode": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz", + "integrity": "sha1-wNWmOycYgArY4esPpSachN1BhF4=" + }, + "qs": { + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" + }, + "request": { + "version": "2.88.0", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.0.tgz", + "integrity": "sha512-NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg==", + "requires": { + "aws-sign2": "~0.7.0", + "aws4": "^1.8.0", + "caseless": "~0.12.0", + "combined-stream": "~1.0.6", + "extend": "~3.0.2", + "forever-agent": "~0.6.1", + "form-data": "~2.3.2", + "har-validator": "~5.1.0", + "http-signature": "~1.2.0", + "is-typedarray": "~1.0.0", + "isstream": "~0.1.2", + "json-stringify-safe": "~5.0.1", + "mime-types": "~2.1.19", + "oauth-sign": "~0.9.0", + "performance-now": "^2.1.0", + "qs": "~6.5.2", + "safe-buffer": "^5.1.2", + "tough-cookie": "~2.4.3", + "tunnel-agent": "^0.6.0", + "uuid": "^3.3.2" + } + }, + "request-promise-core": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.1.tgz", + "integrity": "sha1-Pu4AssWqgyOc+wTFcA2jb4HNCLY=", + "requires": { + "lodash": "^4.13.1" + } + }, + "request-promise-native": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.5.tgz", + "integrity": "sha1-UoF3D2jgyXGeUWP9P6tIIhX0/aU=", + "requires": { + "request-promise-core": "1.1.1", + "stealthy-require": "^1.1.0", + "tough-cookie": ">=2.3.3" + } + }, + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + }, + "safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" + }, + "sshpk": { + "version": "1.15.2", + "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.15.2.tgz", + "integrity": "sha512-Ra/OXQtuh0/enyl4ETZAfTaeksa6BXks5ZcjpSUNrjBr0DvrJKX+1fsKDPpT9TBXgHAFsa4510aNVgI8g/+SzA==", + "requires": { + "asn1": "~0.2.3", + "assert-plus": "^1.0.0", + "bcrypt-pbkdf": "^1.0.0", + "dashdash": "^1.12.0", + "ecc-jsbn": "~0.1.1", + "getpass": "^0.1.1", + "jsbn": "~0.1.0", + "safer-buffer": "^2.0.2", + "tweetnacl": "~0.14.0" + } + }, + "stealthy-require": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/stealthy-require/-/stealthy-require-1.1.1.tgz", + "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=" + }, + "tough-cookie": { + "version": "2.4.3", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz", + "integrity": "sha512-Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==", + "requires": { + "psl": "^1.1.24", + "punycode": "^1.4.1" + } + }, + "tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "requires": { + "safe-buffer": "^5.0.1" + } + }, + "tweetnacl": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", + "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" + }, + "uuid": { + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", + "integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA==" + }, + "verror": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", + "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", + "requires": { + "assert-plus": "^1.0.0", + "core-util-is": "1.0.2", + "extsprintf": "^1.2.0" + } + } + } +} diff --git a/package.json b/package.json new file mode 100644 index 0000000..978be1b --- /dev/null +++ b/package.json @@ -0,0 +1,38 @@ +{ + "name": "zaproxy", + "description": "ZAProxy Client API for Node.js", + "version": "0.3.0", + "homepage": "https://github.com/zaproxy/zap-api-nodejs", + "author": { + "name": "Kim Carter", + "email": "services@binarymist.net" + }, + "repository": { + "type": "git", + "url": "https://github.com/zaproxy/zap-api-nodejs.git" + }, + "bugs": { + "url": "https://github.com/zaproxy/zaproxy/issues" + }, + "licenses": [ + { + "type": "Apache", + "url": "https://github.com/zaproxy/zap-api-nodejs/blob/master/LICENSE" + } + ], + "main": "src/index.js", + "engines": { + "node": ">=8.6.0" + }, + "dependencies": { + "request": "^2.88.0", + "request-promise-native": "^1.0.5" + }, + "keywords": [ + "zaproxy", + "api", + "wrapper", + "security", + "infosec" + ] +} diff --git a/src/acsrf.js b/src/acsrf.js new file mode 100644 index 0000000..48c3a9a --- /dev/null +++ b/src/acsrf.js @@ -0,0 +1,74 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Acsrf(clientApi) { + this.api = clientApi; +} + +/** + * Lists the names of all anti-CSRF tokens + **/ +Acsrf.prototype.optionTokensNames = function (callback) { + if (typeof callback === 'function') { + this.api.request('/acsrf/view/optionTokensNames/', callback); + return; + } + return this.api.requestPromise('/acsrf/view/optionTokensNames/'); +}; + +/** + * Adds an anti-CSRF token with the given name, enabled by default + **/ +Acsrf.prototype.addOptionToken = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/acsrf/action/addOptionToken/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/acsrf/action/addOptionToken/', {'String' : string}); +}; + +/** + * Removes the anti-CSRF token with the given name + **/ +Acsrf.prototype.removeOptionToken = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/acsrf/action/removeOptionToken/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/acsrf/action/removeOptionToken/', {'String' : string}); +}; + +/** + * Generate a form for testing lack of anti-CSRF tokens - typically invoked via ZAP + **/ +Acsrf.prototype.genForm = function (hrefid, callback) { + if (typeof callback === 'function') { + this.api.requestOther('/acsrf/other/genForm/', {'hrefId' : hrefid}, callback); + return; + } + return this.api.requestPromiseOther('/acsrf/other/genForm/', {'hrefId' : hrefid}); +}; + +module.exports = Acsrf; diff --git a/src/ajaxSpider.js b/src/ajaxSpider.js new file mode 100644 index 0000000..ec46d69 --- /dev/null +++ b/src/ajaxSpider.js @@ -0,0 +1,356 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function AjaxSpider(clientApi) { + this.api = clientApi; +} + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.status = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/status/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/status/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.results = function (start, count, callback) { + const params = {}; + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/results/', params, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/results/', params); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.numberOfResults = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/numberOfResults/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/numberOfResults/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.fullResults = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/fullResults/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/fullResults/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionBrowserId = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionBrowserId/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionBrowserId/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionEventWait = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionEventWait/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionEventWait/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionMaxCrawlDepth = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionMaxCrawlDepth/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionMaxCrawlDepth/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionMaxCrawlStates = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionMaxCrawlStates/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionMaxCrawlStates/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionMaxDuration = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionMaxDuration/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionMaxDuration/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionNumberOfBrowsers = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionNumberOfBrowsers/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionNumberOfBrowsers/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionReloadWait = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionReloadWait/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionReloadWait/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionClickDefaultElems = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionClickDefaultElems/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionClickDefaultElems/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionClickElemsOnce = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionClickElemsOnce/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionClickElemsOnce/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.optionRandomInputs = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/view/optionRandomInputs/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/view/optionRandomInputs/'); +}; + +/** + * Runs the spider against the given URL and/or context, optionally, spidering everything in scope. The parameter 'contextName' can be used to constrain the scan to a Context, the option 'in scope' is ignored if a context was also specified. The parameter 'subtreeOnly' allows to restrict the spider under a site's subtree (using the specified 'url'). + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.scan = function (url, inscope, contextname, subtreeonly, callback) { + const params = {}; + if (url && url !== null) { + params['url'] = url; + } + if (inscope && inscope !== null) { + params['inScope'] = inscope; + } + if (contextname && contextname !== null) { + params['contextName'] = contextname; + } + if (subtreeonly && subtreeonly !== null) { + params['subtreeOnly'] = subtreeonly; + } + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/scan/', params, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/scan/', params); +}; + +/** + * Runs the spider from the perspective of a User, obtained using the given context name and user name. The parameter 'url' allows to specify the starting point for the spider, otherwise it's used an existing URL from the context (if any). The parameter 'subtreeOnly' allows to restrict the spider under a site's subtree (using the specified 'url'). + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.scanAsUser = function (contextname, username, url, subtreeonly, callback) { + const params = {'contextName' : contextname, 'userName' : username}; + if (url && url !== null) { + params['url'] = url; + } + if (subtreeonly && subtreeonly !== null) { + params['subtreeOnly'] = subtreeonly; + } + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/scanAsUser/', params, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/scanAsUser/', params); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.stop = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/stop/', callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/stop/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionBrowserId = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionBrowserId/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionBrowserId/', {'String' : string}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionClickDefaultElems = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionClickDefaultElems/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionClickDefaultElems/', {'Boolean' : bool}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionClickElemsOnce = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionClickElemsOnce/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionClickElemsOnce/', {'Boolean' : bool}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionEventWait = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionEventWait/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionEventWait/', {'Integer' : integer}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionMaxCrawlDepth = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionMaxCrawlDepth/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionMaxCrawlDepth/', {'Integer' : integer}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionMaxCrawlStates = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionMaxCrawlStates/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionMaxCrawlStates/', {'Integer' : integer}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionMaxDuration = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionMaxDuration/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionMaxDuration/', {'Integer' : integer}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionNumberOfBrowsers = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionNumberOfBrowsers/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionNumberOfBrowsers/', {'Integer' : integer}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionRandomInputs = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionRandomInputs/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionRandomInputs/', {'Boolean' : bool}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +AjaxSpider.prototype.setOptionReloadWait = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ajaxSpider/action/setOptionReloadWait/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ajaxSpider/action/setOptionReloadWait/', {'Integer' : integer}); +}; + +module.exports = AjaxSpider; diff --git a/src/ascan.js b/src/ascan.js new file mode 100644 index 0000000..e4aa0f6 --- /dev/null +++ b/src/ascan.js @@ -0,0 +1,876 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Ascan(clientApi) { + this.api = clientApi; +} + +Ascan.prototype.status = function (scanid, callback) { + const params = {}; + if (scanid && scanid !== null) { + params['scanId'] = scanid; + } + if (typeof callback === 'function') { + this.api.request('/ascan/view/status/', params, callback); + return; + } + return this.api.requestPromise('/ascan/view/status/', params); +}; + +Ascan.prototype.scanProgress = function (scanid, callback) { + const params = {}; + if (scanid && scanid !== null) { + params['scanId'] = scanid; + } + if (typeof callback === 'function') { + this.api.request('/ascan/view/scanProgress/', params, callback); + return; + } + return this.api.requestPromise('/ascan/view/scanProgress/', params); +}; + +/** + * Gets the IDs of the messages sent during the scan with the given ID. A message can be obtained with 'message' core view. + **/ +Ascan.prototype.messagesIds = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/messagesIds/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/ascan/view/messagesIds/', {'scanId' : scanid}); +}; + +/** + * Gets the IDs of the alerts raised during the scan with the given ID. An alert can be obtained with 'alert' core view. + **/ +Ascan.prototype.alertsIds = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/alertsIds/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/ascan/view/alertsIds/', {'scanId' : scanid}); +}; + +Ascan.prototype.scans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/scans/', callback); + return; + } + return this.api.requestPromise('/ascan/view/scans/'); +}; + +Ascan.prototype.scanPolicyNames = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/scanPolicyNames/', callback); + return; + } + return this.api.requestPromise('/ascan/view/scanPolicyNames/'); +}; + +/** + * Gets the regexes of URLs excluded from the active scans. + **/ +Ascan.prototype.excludedFromScan = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/excludedFromScan/', callback); + return; + } + return this.api.requestPromise('/ascan/view/excludedFromScan/'); +}; + +Ascan.prototype.scanners = function (scanpolicyname, policyid, callback) { + const params = {}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (policyid && policyid !== null) { + params['policyId'] = policyid; + } + if (typeof callback === 'function') { + this.api.request('/ascan/view/scanners/', params, callback); + return; + } + return this.api.requestPromise('/ascan/view/scanners/', params); +}; + +Ascan.prototype.policies = function (scanpolicyname, policyid, callback) { + const params = {}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (policyid && policyid !== null) { + params['policyId'] = policyid; + } + if (typeof callback === 'function') { + this.api.request('/ascan/view/policies/', params, callback); + return; + } + return this.api.requestPromise('/ascan/view/policies/', params); +}; + +Ascan.prototype.attackModeQueue = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/attackModeQueue/', callback); + return; + } + return this.api.requestPromise('/ascan/view/attackModeQueue/'); +}; + +/** + * Gets all the parameters that are excluded. For each parameter the following are shown: the name, the URL, and the parameter type. + **/ +Ascan.prototype.excludedParams = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/excludedParams/', callback); + return; + } + return this.api.requestPromise('/ascan/view/excludedParams/'); +}; + +/** + * Use view excludedParams instead. + **/ +Ascan.prototype.optionExcludedParamList = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionExcludedParamList/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionExcludedParamList/'); +}; + +/** + * Gets all the types of excluded parameters. For each type the following are shown: the ID and the name. + **/ +Ascan.prototype.excludedParamTypes = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/excludedParamTypes/', callback); + return; + } + return this.api.requestPromise('/ascan/view/excludedParamTypes/'); +}; + +Ascan.prototype.optionAttackPolicy = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionAttackPolicy/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionAttackPolicy/'); +}; + +Ascan.prototype.optionDefaultPolicy = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionDefaultPolicy/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionDefaultPolicy/'); +}; + +Ascan.prototype.optionDelayInMs = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionDelayInMs/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionDelayInMs/'); +}; + +Ascan.prototype.optionHandleAntiCSRFTokens = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionHandleAntiCSRFTokens/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionHandleAntiCSRFTokens/'); +}; + +Ascan.prototype.optionHostPerScan = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionHostPerScan/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionHostPerScan/'); +}; + +Ascan.prototype.optionMaxChartTimeInMins = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionMaxChartTimeInMins/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionMaxChartTimeInMins/'); +}; + +Ascan.prototype.optionMaxResultsToList = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionMaxResultsToList/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionMaxResultsToList/'); +}; + +Ascan.prototype.optionMaxRuleDurationInMins = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionMaxRuleDurationInMins/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionMaxRuleDurationInMins/'); +}; + +Ascan.prototype.optionMaxScanDurationInMins = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionMaxScanDurationInMins/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionMaxScanDurationInMins/'); +}; + +Ascan.prototype.optionMaxScansInUI = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionMaxScansInUI/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionMaxScansInUI/'); +}; + +Ascan.prototype.optionTargetParamsEnabledRPC = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionTargetParamsEnabledRPC/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionTargetParamsEnabledRPC/'); +}; + +Ascan.prototype.optionTargetParamsInjectable = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionTargetParamsInjectable/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionTargetParamsInjectable/'); +}; + +Ascan.prototype.optionThreadPerHost = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionThreadPerHost/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionThreadPerHost/'); +}; + +Ascan.prototype.optionAllowAttackOnStart = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionAllowAttackOnStart/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionAllowAttackOnStart/'); +}; + +/** + * Tells whether or not the active scanner should inject the HTTP request header X-ZAP-Scan-ID, with the ID of the scanner that's sending the requests. + **/ +Ascan.prototype.optionInjectPluginIdInHeader = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionInjectPluginIdInHeader/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionInjectPluginIdInHeader/'); +}; + +Ascan.prototype.optionPromptInAttackMode = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionPromptInAttackMode/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionPromptInAttackMode/'); +}; + +Ascan.prototype.optionPromptToClearFinishedScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionPromptToClearFinishedScans/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionPromptToClearFinishedScans/'); +}; + +Ascan.prototype.optionRescanInAttackMode = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionRescanInAttackMode/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionRescanInAttackMode/'); +}; + +/** + * Tells whether or not the HTTP Headers of all requests should be scanned. Not just requests that send parameters, through the query or request body. + **/ +Ascan.prototype.optionScanHeadersAllRequests = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionScanHeadersAllRequests/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionScanHeadersAllRequests/'); +}; + +Ascan.prototype.optionShowAdvancedDialog = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/view/optionShowAdvancedDialog/', callback); + return; + } + return this.api.requestPromise('/ascan/view/optionShowAdvancedDialog/'); +}; + +/** + * Runs the active scanner against the given URL and/or Context. Optionally, the 'recurse' parameter can be used to scan URLs under the given URL, the parameter 'inScopeOnly' can be used to constrain the scan to URLs that are in scope (ignored if a Context is specified), the parameter 'scanPolicyName' allows to specify the scan policy (if none is given it uses the default scan policy), the parameters 'method' and 'postData' allow to select a given request in conjunction with the given URL. + **/ +Ascan.prototype.scan = function (url, recurse, inscopeonly, scanpolicyname, method, postdata, contextid, callback) { + const params = {}; + if (url && url !== null) { + params['url'] = url; + } + if (recurse && recurse !== null) { + params['recurse'] = recurse; + } + if (inscopeonly && inscopeonly !== null) { + params['inScopeOnly'] = inscopeonly; + } + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (method && method !== null) { + params['method'] = method; + } + if (postdata && postdata !== null) { + params['postData'] = postdata; + } + if (contextid && contextid !== null) { + params['contextId'] = contextid; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/scan/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/scan/', params); +}; + +/** + * Active Scans from the perspective of a User, obtained using the given Context ID and User ID. See 'scan' action for more details. + **/ +Ascan.prototype.scanAsUser = function (url, contextid, userid, recurse, scanpolicyname, method, postdata, callback) { + const params = {}; + if (url && url !== null) { + params['url'] = url; + } + if (contextid && contextid !== null) { + params['contextId'] = contextid; + } + if (userid && userid !== null) { + params['userId'] = userid; + } + if (recurse && recurse !== null) { + params['recurse'] = recurse; + } + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (method && method !== null) { + params['method'] = method; + } + if (postdata && postdata !== null) { + params['postData'] = postdata; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/scanAsUser/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/scanAsUser/', params); +}; + +Ascan.prototype.pause = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/pause/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/ascan/action/pause/', {'scanId' : scanid}); +}; + +Ascan.prototype.resume = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/resume/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/ascan/action/resume/', {'scanId' : scanid}); +}; + +Ascan.prototype.stop = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/stop/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/ascan/action/stop/', {'scanId' : scanid}); +}; + +Ascan.prototype.removeScan = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/removeScan/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/ascan/action/removeScan/', {'scanId' : scanid}); +}; + +Ascan.prototype.pauseAllScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/pauseAllScans/', callback); + return; + } + return this.api.requestPromise('/ascan/action/pauseAllScans/'); +}; + +Ascan.prototype.resumeAllScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/resumeAllScans/', callback); + return; + } + return this.api.requestPromise('/ascan/action/resumeAllScans/'); +}; + +Ascan.prototype.stopAllScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/stopAllScans/', callback); + return; + } + return this.api.requestPromise('/ascan/action/stopAllScans/'); +}; + +Ascan.prototype.removeAllScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/removeAllScans/', callback); + return; + } + return this.api.requestPromise('/ascan/action/removeAllScans/'); +}; + +/** + * Clears the regexes of URLs excluded from the active scans. + **/ +Ascan.prototype.clearExcludedFromScan = function (callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/clearExcludedFromScan/', callback); + return; + } + return this.api.requestPromise('/ascan/action/clearExcludedFromScan/'); +}; + +/** + * Adds a regex of URLs that should be excluded from the active scans. + **/ +Ascan.prototype.excludeFromScan = function (regex, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/excludeFromScan/', {'regex' : regex}, callback); + return; + } + return this.api.requestPromise('/ascan/action/excludeFromScan/', {'regex' : regex}); +}; + +Ascan.prototype.enableAllScanners = function (scanpolicyname, callback) { + const params = {}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/enableAllScanners/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/enableAllScanners/', params); +}; + +Ascan.prototype.disableAllScanners = function (scanpolicyname, callback) { + const params = {}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/disableAllScanners/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/disableAllScanners/', params); +}; + +Ascan.prototype.enableScanners = function (ids, scanpolicyname, callback) { + const params = {'ids' : ids}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/enableScanners/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/enableScanners/', params); +}; + +Ascan.prototype.disableScanners = function (ids, scanpolicyname, callback) { + const params = {'ids' : ids}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/disableScanners/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/disableScanners/', params); +}; + +Ascan.prototype.setEnabledPolicies = function (ids, scanpolicyname, callback) { + const params = {'ids' : ids}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/setEnabledPolicies/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/setEnabledPolicies/', params); +}; + +Ascan.prototype.setPolicyAttackStrength = function (id, attackstrength, scanpolicyname, callback) { + const params = {'id' : id, 'attackStrength' : attackstrength}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/setPolicyAttackStrength/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/setPolicyAttackStrength/', params); +}; + +Ascan.prototype.setPolicyAlertThreshold = function (id, alertthreshold, scanpolicyname, callback) { + const params = {'id' : id, 'alertThreshold' : alertthreshold}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/setPolicyAlertThreshold/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/setPolicyAlertThreshold/', params); +}; + +Ascan.prototype.setScannerAttackStrength = function (id, attackstrength, scanpolicyname, callback) { + const params = {'id' : id, 'attackStrength' : attackstrength}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/setScannerAttackStrength/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/setScannerAttackStrength/', params); +}; + +Ascan.prototype.setScannerAlertThreshold = function (id, alertthreshold, scanpolicyname, callback) { + const params = {'id' : id, 'alertThreshold' : alertthreshold}; + if (scanpolicyname && scanpolicyname !== null) { + params['scanPolicyName'] = scanpolicyname; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/setScannerAlertThreshold/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/setScannerAlertThreshold/', params); +}; + +Ascan.prototype.addScanPolicy = function (scanpolicyname, alertthreshold, attackstrength, callback) { + const params = {'scanPolicyName' : scanpolicyname}; + if (alertthreshold && alertthreshold !== null) { + params['alertThreshold'] = alertthreshold; + } + if (attackstrength && attackstrength !== null) { + params['attackStrength'] = attackstrength; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/addScanPolicy/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/addScanPolicy/', params); +}; + +Ascan.prototype.removeScanPolicy = function (scanpolicyname, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/removeScanPolicy/', {'scanPolicyName' : scanpolicyname}, callback); + return; + } + return this.api.requestPromise('/ascan/action/removeScanPolicy/', {'scanPolicyName' : scanpolicyname}); +}; + +Ascan.prototype.updateScanPolicy = function (scanpolicyname, alertthreshold, attackstrength, callback) { + const params = {'scanPolicyName' : scanpolicyname}; + if (alertthreshold && alertthreshold !== null) { + params['alertThreshold'] = alertthreshold; + } + if (attackstrength && attackstrength !== null) { + params['attackStrength'] = attackstrength; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/updateScanPolicy/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/updateScanPolicy/', params); +}; + +/** + * Imports a Scan Policy using the given file system path. + **/ +Ascan.prototype.importScanPolicy = function (path, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/importScanPolicy/', {'path' : path}, callback); + return; + } + return this.api.requestPromise('/ascan/action/importScanPolicy/', {'path' : path}); +}; + +/** + * Adds a new parameter excluded from the scan, using the specified name. Optionally sets if the new entry applies to a specific URL (default, all URLs) and sets the ID of the type of the parameter (default, ID of any type). The type IDs can be obtained with the view excludedParamTypes. + **/ +Ascan.prototype.addExcludedParam = function (name, type, url, callback) { + const params = {'name' : name}; + if (type && type !== null) { + params['type'] = type; + } + if (url && url !== null) { + params['url'] = url; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/addExcludedParam/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/addExcludedParam/', params); +}; + +/** + * Modifies a parameter excluded from the scan. Allows to modify the name, the URL and the type of parameter. The parameter is selected with its index, which can be obtained with the view excludedParams. + **/ +Ascan.prototype.modifyExcludedParam = function (idx, name, type, url, callback) { + const params = {'idx' : idx}; + if (name && name !== null) { + params['name'] = name; + } + if (type && type !== null) { + params['type'] = type; + } + if (url && url !== null) { + params['url'] = url; + } + if (typeof callback === 'function') { + this.api.request('/ascan/action/modifyExcludedParam/', params, callback); + return; + } + return this.api.requestPromise('/ascan/action/modifyExcludedParam/', params); +}; + +/** + * Removes a parameter excluded from the scan, with the given index. The index can be obtained with the view excludedParams. + **/ +Ascan.prototype.removeExcludedParam = function (idx, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/removeExcludedParam/', {'idx' : idx}, callback); + return; + } + return this.api.requestPromise('/ascan/action/removeExcludedParam/', {'idx' : idx}); +}; + +/** + * Skips the scanner using the given IDs of the scan and the scanner. + **/ +Ascan.prototype.skipScanner = function (scanid, scannerid, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/skipScanner/', {'scanId' : scanid, 'scannerId' : scannerid}, callback); + return; + } + return this.api.requestPromise('/ascan/action/skipScanner/', {'scanId' : scanid, 'scannerId' : scannerid}); +}; + +Ascan.prototype.setOptionAttackPolicy = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionAttackPolicy/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionAttackPolicy/', {'String' : string}); +}; + +Ascan.prototype.setOptionDefaultPolicy = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionDefaultPolicy/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionDefaultPolicy/', {'String' : string}); +}; + +Ascan.prototype.setOptionAllowAttackOnStart = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionAllowAttackOnStart/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionAllowAttackOnStart/', {'Boolean' : bool}); +}; + +Ascan.prototype.setOptionDelayInMs = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionDelayInMs/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionDelayInMs/', {'Integer' : integer}); +}; + +Ascan.prototype.setOptionHandleAntiCSRFTokens = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionHandleAntiCSRFTokens/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionHandleAntiCSRFTokens/', {'Boolean' : bool}); +}; + +Ascan.prototype.setOptionHostPerScan = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionHostPerScan/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionHostPerScan/', {'Integer' : integer}); +}; + +/** + * Sets whether or not the active scanner should inject the HTTP request header X-ZAP-Scan-ID, with the ID of the scanner that's sending the requests. + **/ +Ascan.prototype.setOptionInjectPluginIdInHeader = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionInjectPluginIdInHeader/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionInjectPluginIdInHeader/', {'Boolean' : bool}); +}; + +Ascan.prototype.setOptionMaxChartTimeInMins = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionMaxChartTimeInMins/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionMaxChartTimeInMins/', {'Integer' : integer}); +}; + +Ascan.prototype.setOptionMaxResultsToList = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionMaxResultsToList/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionMaxResultsToList/', {'Integer' : integer}); +}; + +Ascan.prototype.setOptionMaxRuleDurationInMins = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionMaxRuleDurationInMins/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionMaxRuleDurationInMins/', {'Integer' : integer}); +}; + +Ascan.prototype.setOptionMaxScanDurationInMins = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionMaxScanDurationInMins/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionMaxScanDurationInMins/', {'Integer' : integer}); +}; + +Ascan.prototype.setOptionMaxScansInUI = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionMaxScansInUI/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionMaxScansInUI/', {'Integer' : integer}); +}; + +Ascan.prototype.setOptionPromptInAttackMode = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionPromptInAttackMode/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionPromptInAttackMode/', {'Boolean' : bool}); +}; + +Ascan.prototype.setOptionPromptToClearFinishedScans = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionPromptToClearFinishedScans/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionPromptToClearFinishedScans/', {'Boolean' : bool}); +}; + +Ascan.prototype.setOptionRescanInAttackMode = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionRescanInAttackMode/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionRescanInAttackMode/', {'Boolean' : bool}); +}; + +/** + * Sets whether or not the HTTP Headers of all requests should be scanned. Not just requests that send parameters, through the query or request body. + **/ +Ascan.prototype.setOptionScanHeadersAllRequests = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionScanHeadersAllRequests/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionScanHeadersAllRequests/', {'Boolean' : bool}); +}; + +Ascan.prototype.setOptionShowAdvancedDialog = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionShowAdvancedDialog/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionShowAdvancedDialog/', {'Boolean' : bool}); +}; + +Ascan.prototype.setOptionTargetParamsEnabledRPC = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionTargetParamsEnabledRPC/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionTargetParamsEnabledRPC/', {'Integer' : integer}); +}; + +Ascan.prototype.setOptionTargetParamsInjectable = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionTargetParamsInjectable/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionTargetParamsInjectable/', {'Integer' : integer}); +}; + +Ascan.prototype.setOptionThreadPerHost = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/ascan/action/setOptionThreadPerHost/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/ascan/action/setOptionThreadPerHost/', {'Integer' : integer}); +}; + +module.exports = Ascan; diff --git a/src/authentication.js b/src/authentication.js new file mode 100644 index 0000000..4ba3888 --- /dev/null +++ b/src/authentication.js @@ -0,0 +1,98 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Authentication(clientApi) { + this.api = clientApi; +} + +Authentication.prototype.getSupportedAuthenticationMethods = function (callback) { + if (typeof callback === 'function') { + this.api.request('/authentication/view/getSupportedAuthenticationMethods/', callback); + return; + } + return this.api.requestPromise('/authentication/view/getSupportedAuthenticationMethods/'); +}; + +Authentication.prototype.getAuthenticationMethodConfigParams = function (authmethodname, callback) { + if (typeof callback === 'function') { + this.api.request('/authentication/view/getAuthenticationMethodConfigParams/', {'authMethodName' : authmethodname}, callback); + return; + } + return this.api.requestPromise('/authentication/view/getAuthenticationMethodConfigParams/', {'authMethodName' : authmethodname}); +}; + +Authentication.prototype.getAuthenticationMethod = function (contextid, callback) { + if (typeof callback === 'function') { + this.api.request('/authentication/view/getAuthenticationMethod/', {'contextId' : contextid}, callback); + return; + } + return this.api.requestPromise('/authentication/view/getAuthenticationMethod/', {'contextId' : contextid}); +}; + +Authentication.prototype.getLoggedInIndicator = function (contextid, callback) { + if (typeof callback === 'function') { + this.api.request('/authentication/view/getLoggedInIndicator/', {'contextId' : contextid}, callback); + return; + } + return this.api.requestPromise('/authentication/view/getLoggedInIndicator/', {'contextId' : contextid}); +}; + +Authentication.prototype.getLoggedOutIndicator = function (contextid, callback) { + if (typeof callback === 'function') { + this.api.request('/authentication/view/getLoggedOutIndicator/', {'contextId' : contextid}, callback); + return; + } + return this.api.requestPromise('/authentication/view/getLoggedOutIndicator/', {'contextId' : contextid}); +}; + +Authentication.prototype.setAuthenticationMethod = function (contextid, authmethodname, authmethodconfigparams, callback) { + const params = {'contextId' : contextid, 'authMethodName' : authmethodname}; + if (authmethodconfigparams && authmethodconfigparams !== null) { + params['authMethodConfigParams'] = authmethodconfigparams; + } + if (typeof callback === 'function') { + this.api.request('/authentication/action/setAuthenticationMethod/', params, callback); + return; + } + return this.api.requestPromise('/authentication/action/setAuthenticationMethod/', params); +}; + +Authentication.prototype.setLoggedInIndicator = function (contextid, loggedinindicatorregex, callback) { + if (typeof callback === 'function') { + this.api.request('/authentication/action/setLoggedInIndicator/', {'contextId' : contextid, 'loggedInIndicatorRegex' : loggedinindicatorregex}, callback); + return; + } + return this.api.requestPromise('/authentication/action/setLoggedInIndicator/', {'contextId' : contextid, 'loggedInIndicatorRegex' : loggedinindicatorregex}); +}; + +Authentication.prototype.setLoggedOutIndicator = function (contextid, loggedoutindicatorregex, callback) { + if (typeof callback === 'function') { + this.api.request('/authentication/action/setLoggedOutIndicator/', {'contextId' : contextid, 'loggedOutIndicatorRegex' : loggedoutindicatorregex}, callback); + return; + } + return this.api.requestPromise('/authentication/action/setLoggedOutIndicator/', {'contextId' : contextid, 'loggedOutIndicatorRegex' : loggedoutindicatorregex}); +}; + +module.exports = Authentication; diff --git a/src/authorization.js b/src/authorization.js new file mode 100644 index 0000000..3317446 --- /dev/null +++ b/src/authorization.js @@ -0,0 +1,65 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Authorization(clientApi) { + this.api = clientApi; +} + +/** + * Obtains all the configuration of the authorization detection method that is currently set for a context. + **/ +Authorization.prototype.getAuthorizationDetectionMethod = function (contextid, callback) { + if (typeof callback === 'function') { + this.api.request('/authorization/view/getAuthorizationDetectionMethod/', {'contextId' : contextid}, callback); + return; + } + return this.api.requestPromise('/authorization/view/getAuthorizationDetectionMethod/', {'contextId' : contextid}); +}; + +/** + * Sets the authorization detection method for a context as one that identifies un-authorized messages based on: the message's status code or a regex pattern in the response's header or body. Also, whether all conditions must match or just some can be specified via the logicalOperator parameter, which accepts two values: "AND" (default), "OR". + **/ +Authorization.prototype.setBasicAuthorizationDetectionMethod = function (contextid, headerregex, bodyregex, statuscode, logicaloperator, callback) { + const params = {'contextId' : contextid}; + if (headerregex && headerregex !== null) { + params['headerRegex'] = headerregex; + } + if (bodyregex && bodyregex !== null) { + params['bodyRegex'] = bodyregex; + } + if (statuscode && statuscode !== null) { + params['statusCode'] = statuscode; + } + if (logicaloperator && logicaloperator !== null) { + params['logicalOperator'] = logicaloperator; + } + if (typeof callback === 'function') { + this.api.request('/authorization/action/setBasicAuthorizationDetectionMethod/', params, callback); + return; + } + return this.api.requestPromise('/authorization/action/setBasicAuthorizationDetectionMethod/', params); +}; + +module.exports = Authorization; diff --git a/src/autoupdate.js b/src/autoupdate.js new file mode 100644 index 0000000..3764444 --- /dev/null +++ b/src/autoupdate.js @@ -0,0 +1,297 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Autoupdate(clientApi) { + this.api = clientApi; +} + +/** + * Returns the latest version number + **/ +Autoupdate.prototype.latestVersionNumber = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/latestVersionNumber/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/latestVersionNumber/'); +}; + +/** + * Returns 'true' if ZAP is on the latest version + **/ +Autoupdate.prototype.isLatestVersion = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/isLatestVersion/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/isLatestVersion/'); +}; + +/** + * Return a list of all of the installed add-ons + **/ +Autoupdate.prototype.installedAddons = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/installedAddons/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/installedAddons/'); +}; + +/** + * Return a list of any add-ons that have been added to the Marketplace since the last check for updates + **/ +Autoupdate.prototype.newAddons = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/newAddons/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/newAddons/'); +}; + +/** + * Return a list of any add-ons that have been changed in the Marketplace since the last check for updates + **/ +Autoupdate.prototype.updatedAddons = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/updatedAddons/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/updatedAddons/'); +}; + +/** + * Return a list of all of the add-ons on the ZAP Marketplace (this information is read once and then cached) + **/ +Autoupdate.prototype.marketplaceAddons = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/marketplaceAddons/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/marketplaceAddons/'); +}; + +Autoupdate.prototype.optionAddonDirectories = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionAddonDirectories/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionAddonDirectories/'); +}; + +Autoupdate.prototype.optionDayLastChecked = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionDayLastChecked/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionDayLastChecked/'); +}; + +Autoupdate.prototype.optionDayLastInstallWarned = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionDayLastInstallWarned/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionDayLastInstallWarned/'); +}; + +Autoupdate.prototype.optionDayLastUpdateWarned = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionDayLastUpdateWarned/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionDayLastUpdateWarned/'); +}; + +Autoupdate.prototype.optionDownloadDirectory = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionDownloadDirectory/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionDownloadDirectory/'); +}; + +Autoupdate.prototype.optionCheckAddonUpdates = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionCheckAddonUpdates/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionCheckAddonUpdates/'); +}; + +Autoupdate.prototype.optionCheckOnStart = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionCheckOnStart/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionCheckOnStart/'); +}; + +Autoupdate.prototype.optionDownloadNewRelease = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionDownloadNewRelease/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionDownloadNewRelease/'); +}; + +Autoupdate.prototype.optionInstallAddonUpdates = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionInstallAddonUpdates/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionInstallAddonUpdates/'); +}; + +Autoupdate.prototype.optionInstallScannerRules = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionInstallScannerRules/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionInstallScannerRules/'); +}; + +Autoupdate.prototype.optionReportAlphaAddons = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionReportAlphaAddons/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionReportAlphaAddons/'); +}; + +Autoupdate.prototype.optionReportBetaAddons = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionReportBetaAddons/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionReportBetaAddons/'); +}; + +Autoupdate.prototype.optionReportReleaseAddons = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/view/optionReportReleaseAddons/', callback); + return; + } + return this.api.requestPromise('/autoupdate/view/optionReportReleaseAddons/'); +}; + +/** + * Downloads the latest release, if any + **/ +Autoupdate.prototype.downloadLatestRelease = function (callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/downloadLatestRelease/', callback); + return; + } + return this.api.requestPromise('/autoupdate/action/downloadLatestRelease/'); +}; + +/** + * Installs or updates the specified add-on, returning when complete (ie not asynchronously) + **/ +Autoupdate.prototype.installAddon = function (id, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/installAddon/', {'id' : id}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/installAddon/', {'id' : id}); +}; + +/** + * Uninstalls the specified add-on + **/ +Autoupdate.prototype.uninstallAddon = function (id, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/uninstallAddon/', {'id' : id}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/uninstallAddon/', {'id' : id}); +}; + +Autoupdate.prototype.setOptionCheckAddonUpdates = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/setOptionCheckAddonUpdates/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/setOptionCheckAddonUpdates/', {'Boolean' : bool}); +}; + +Autoupdate.prototype.setOptionCheckOnStart = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/setOptionCheckOnStart/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/setOptionCheckOnStart/', {'Boolean' : bool}); +}; + +Autoupdate.prototype.setOptionDownloadNewRelease = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/setOptionDownloadNewRelease/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/setOptionDownloadNewRelease/', {'Boolean' : bool}); +}; + +Autoupdate.prototype.setOptionInstallAddonUpdates = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/setOptionInstallAddonUpdates/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/setOptionInstallAddonUpdates/', {'Boolean' : bool}); +}; + +Autoupdate.prototype.setOptionInstallScannerRules = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/setOptionInstallScannerRules/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/setOptionInstallScannerRules/', {'Boolean' : bool}); +}; + +Autoupdate.prototype.setOptionReportAlphaAddons = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/setOptionReportAlphaAddons/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/setOptionReportAlphaAddons/', {'Boolean' : bool}); +}; + +Autoupdate.prototype.setOptionReportBetaAddons = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/setOptionReportBetaAddons/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/setOptionReportBetaAddons/', {'Boolean' : bool}); +}; + +Autoupdate.prototype.setOptionReportReleaseAddons = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/autoupdate/action/setOptionReportReleaseAddons/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/autoupdate/action/setOptionReportReleaseAddons/', {'Boolean' : bool}); +}; + +module.exports = Autoupdate; diff --git a/src/brk.js b/src/brk.js new file mode 100644 index 0000000..d3520a1 --- /dev/null +++ b/src/brk.js @@ -0,0 +1,159 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Break(clientApi) { + this.api = clientApi; +} + +/** + * Returns True if ZAP will break on both requests and responses + **/ +Break.prototype.isBreakAll = function (callback) { + if (typeof callback === 'function') { + this.api.request('/break/view/isBreakAll/', callback); + return; + } + return this.api.requestPromise('/break/view/isBreakAll/'); +}; + +/** + * Returns True if ZAP will break on requests + **/ +Break.prototype.isBreakRequest = function (callback) { + if (typeof callback === 'function') { + this.api.request('/break/view/isBreakRequest/', callback); + return; + } + return this.api.requestPromise('/break/view/isBreakRequest/'); +}; + +/** + * Returns True if ZAP will break on responses + **/ +Break.prototype.isBreakResponse = function (callback) { + if (typeof callback === 'function') { + this.api.request('/break/view/isBreakResponse/', callback); + return; + } + return this.api.requestPromise('/break/view/isBreakResponse/'); +}; + +/** + * Returns the HTTP message currently intercepted (if any) + **/ +Break.prototype.httpMessage = function (callback) { + if (typeof callback === 'function') { + this.api.request('/break/view/httpMessage/', callback); + return; + } + return this.api.requestPromise('/break/view/httpMessage/'); +}; + +/** + * Controls the global break functionality. The type may be one of: http-all, http-request or http-response. The state may be true (for turning break on for the specified type) or false (for turning break off). Scope is not currently used. + **/ +Break.prototype.brk = function (type, state, scope, callback) { + const params = {'type' : type, 'state' : state}; + if (scope && scope !== null) { + params['scope'] = scope; + } + if (typeof callback === 'function') { + this.api.request('/break/action/break/', params, callback); + return; + } + return this.api.requestPromise('/break/action/break/', params); +}; + +/** + * Overwrites the currently intercepted message with the data provided + **/ +Break.prototype.setHttpMessage = function (httpheader, httpbody, callback) { + const params = {'httpHeader' : httpheader}; + if (httpbody && httpbody !== null) { + params['httpBody'] = httpbody; + } + if (typeof callback === 'function') { + this.api.request('/break/action/setHttpMessage/', params, callback); + return; + } + return this.api.requestPromise('/break/action/setHttpMessage/', params); +}; + +/** + * Submits the currently intercepted message and unsets the global request/response break points + **/ +Break.prototype.cont = function (callback) { + if (typeof callback === 'function') { + this.api.request('/break/action/continue/', callback); + return; + } + return this.api.requestPromise('/break/action/continue/'); +}; + +/** + * Submits the currently intercepted message, the next request or response will automatically be intercepted + **/ +Break.prototype.step = function (callback) { + if (typeof callback === 'function') { + this.api.request('/break/action/step/', callback); + return; + } + return this.api.requestPromise('/break/action/step/'); +}; + +/** + * Drops the currently intercepted message + **/ +Break.prototype.drop = function (callback) { + if (typeof callback === 'function') { + this.api.request('/break/action/drop/', callback); + return; + } + return this.api.requestPromise('/break/action/drop/'); +}; + +/** + * Adds a custom HTTP breakpont. The string is the string to match. Location may be one of: url, request_header, request_body, response_header or response_body. Match may be: contains or regex. Inverse (match) may be true or false. Lastly, ignorecase (when matching the string) may be true or false. + **/ +Break.prototype.addHttpBreakpoint = function (string, location, match, inverse, ignorecase, callback) { + if (typeof callback === 'function') { + this.api.request('/break/action/addHttpBreakpoint/', {'string' : string, 'location' : location, 'match' : match, 'inverse' : inverse, 'ignorecase' : ignorecase}, callback); + return; + } + return this.api.requestPromise('/break/action/addHttpBreakpoint/', {'string' : string, 'location' : location, 'match' : match, 'inverse' : inverse, 'ignorecase' : ignorecase}); +}; + +/** + * Removes the specified break point + **/ +Break.prototype.removeHttpBreakpoint = function (string, location, match, inverse, ignorecase, callback) { + if (typeof callback === 'function') { + this.api.request('/break/action/removeHttpBreakpoint/', {'string' : string, 'location' : location, 'match' : match, 'inverse' : inverse, 'ignorecase' : ignorecase}, callback); + return; + } + return this.api.requestPromise('/break/action/removeHttpBreakpoint/', {'string' : string, 'location' : location, 'match' : match, 'inverse' : inverse, 'ignorecase' : ignorecase}); +}; + +module.exports = Break; diff --git a/src/context.js b/src/context.js new file mode 100644 index 0000000..6ad70cf --- /dev/null +++ b/src/context.js @@ -0,0 +1,228 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Context(clientApi) { + this.api = clientApi; +} + +/** + * List context names of current session + **/ +Context.prototype.contextList = function (callback) { + if (typeof callback === 'function') { + this.api.request('/context/view/contextList/', callback); + return; + } + return this.api.requestPromise('/context/view/contextList/'); +}; + +/** + * List excluded regexs for context + **/ +Context.prototype.excludeRegexs = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/view/excludeRegexs/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/view/excludeRegexs/', {'contextName' : contextname}); +}; + +/** + * List included regexs for context + **/ +Context.prototype.includeRegexs = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/view/includeRegexs/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/view/includeRegexs/', {'contextName' : contextname}); +}; + +/** + * List the information about the named context + **/ +Context.prototype.context = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/view/context/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/view/context/', {'contextName' : contextname}); +}; + +/** + * Lists the names of all built in technologies + **/ +Context.prototype.technologyList = function (callback) { + if (typeof callback === 'function') { + this.api.request('/context/view/technologyList/', callback); + return; + } + return this.api.requestPromise('/context/view/technologyList/'); +}; + +/** + * Lists the names of all technologies included in a context + **/ +Context.prototype.includedTechnologyList = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/view/includedTechnologyList/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/view/includedTechnologyList/', {'contextName' : contextname}); +}; + +/** + * Lists the names of all technologies excluded from a context + **/ +Context.prototype.excludedTechnologyList = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/view/excludedTechnologyList/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/view/excludedTechnologyList/', {'contextName' : contextname}); +}; + +/** + * Add exclude regex to context + **/ +Context.prototype.excludeFromContext = function (contextname, regex, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/excludeFromContext/', {'contextName' : contextname, 'regex' : regex}, callback); + return; + } + return this.api.requestPromise('/context/action/excludeFromContext/', {'contextName' : contextname, 'regex' : regex}); +}; + +/** + * Add include regex to context + **/ +Context.prototype.includeInContext = function (contextname, regex, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/includeInContext/', {'contextName' : contextname, 'regex' : regex}, callback); + return; + } + return this.api.requestPromise('/context/action/includeInContext/', {'contextName' : contextname, 'regex' : regex}); +}; + +/** + * Creates a new context with the given name in the current session + **/ +Context.prototype.newContext = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/newContext/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/action/newContext/', {'contextName' : contextname}); +}; + +/** + * Removes a context in the current session + **/ +Context.prototype.removeContext = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/removeContext/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/action/removeContext/', {'contextName' : contextname}); +}; + +/** + * Exports the context with the given name to a file. If a relative file path is specified it will be resolved against the "contexts" directory in ZAP "home" dir. + **/ +Context.prototype.exportContext = function (contextname, contextfile, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/exportContext/', {'contextName' : contextname, 'contextFile' : contextfile}, callback); + return; + } + return this.api.requestPromise('/context/action/exportContext/', {'contextName' : contextname, 'contextFile' : contextfile}); +}; + +/** + * Imports a context from a file. If a relative file path is specified it will be resolved against the "contexts" directory in ZAP "home" dir. + **/ +Context.prototype.importContext = function (contextfile, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/importContext/', {'contextFile' : contextfile}, callback); + return; + } + return this.api.requestPromise('/context/action/importContext/', {'contextFile' : contextfile}); +}; + +/** + * Includes technologies with the given names, separated by a comma, to a context + **/ +Context.prototype.includeContextTechnologies = function (contextname, technologynames, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/includeContextTechnologies/', {'contextName' : contextname, 'technologyNames' : technologynames}, callback); + return; + } + return this.api.requestPromise('/context/action/includeContextTechnologies/', {'contextName' : contextname, 'technologyNames' : technologynames}); +}; + +/** + * Includes all built in technologies in to a context + **/ +Context.prototype.includeAllContextTechnologies = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/includeAllContextTechnologies/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/action/includeAllContextTechnologies/', {'contextName' : contextname}); +}; + +/** + * Excludes technologies with the given names, separated by a comma, from a context + **/ +Context.prototype.excludeContextTechnologies = function (contextname, technologynames, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/excludeContextTechnologies/', {'contextName' : contextname, 'technologyNames' : technologynames}, callback); + return; + } + return this.api.requestPromise('/context/action/excludeContextTechnologies/', {'contextName' : contextname, 'technologyNames' : technologynames}); +}; + +/** + * Excludes all built in technologies from a context + **/ +Context.prototype.excludeAllContextTechnologies = function (contextname, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/excludeAllContextTechnologies/', {'contextName' : contextname}, callback); + return; + } + return this.api.requestPromise('/context/action/excludeAllContextTechnologies/', {'contextName' : contextname}); +}; + +/** + * Sets a context to in scope (contexts are in scope by default) + **/ +Context.prototype.setContextInScope = function (contextname, booleaninscope, callback) { + if (typeof callback === 'function') { + this.api.request('/context/action/setContextInScope/', {'contextName' : contextname, 'booleanInScope' : booleaninscope}, callback); + return; + } + return this.api.requestPromise('/context/action/setContextInScope/', {'contextName' : contextname, 'booleanInScope' : booleaninscope}); +}; + +module.exports = Context; diff --git a/src/core.js b/src/core.js new file mode 100644 index 0000000..7fba97b --- /dev/null +++ b/src/core.js @@ -0,0 +1,1006 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Core(clientApi) { + this.api = clientApi; +} + +/** + * Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method + **/ +Core.prototype.alert = function (id, callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/alert/', {'id' : id}, callback); + return; + } + return this.api.requestPromise('/core/view/alert/', {'id' : id}); +}; + +/** + * Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts + **/ +Core.prototype.alerts = function (baseurl, start, count, riskid, callback) { + const params = {}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (riskid && riskid !== null) { + params['riskId'] = riskid; + } + if (typeof callback === 'function') { + this.api.request('/core/view/alerts/', params, callback); + return; + } + return this.api.requestPromise('/core/view/alerts/', params); +}; + +/** + * Gets number of alerts grouped by each risk level, optionally filtering by URL + **/ +Core.prototype.alertsSummary = function (baseurl, callback) { + const params = {}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (typeof callback === 'function') { + this.api.request('/core/view/alertsSummary/', params, callback); + return; + } + return this.api.requestPromise('/core/view/alertsSummary/', params); +}; + +/** + * Gets the number of alerts, optionally filtering by URL or riskId + **/ +Core.prototype.numberOfAlerts = function (baseurl, riskid, callback) { + const params = {}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (riskid && riskid !== null) { + params['riskId'] = riskid; + } + if (typeof callback === 'function') { + this.api.request('/core/view/numberOfAlerts/', params, callback); + return; + } + return this.api.requestPromise('/core/view/numberOfAlerts/', params); +}; + +/** + * Gets the name of the hosts accessed through/by ZAP + **/ +Core.prototype.hosts = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/hosts/', callback); + return; + } + return this.api.requestPromise('/core/view/hosts/'); +}; + +/** + * Gets the sites accessed through/by ZAP (scheme and domain) + **/ +Core.prototype.sites = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/sites/', callback); + return; + } + return this.api.requestPromise('/core/view/sites/'); +}; + +/** + * Gets the URLs accessed through/by ZAP, optionally filtering by (base) URL. + **/ +Core.prototype.urls = function (baseurl, callback) { + const params = {}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (typeof callback === 'function') { + this.api.request('/core/view/urls/', params, callback); + return; + } + return this.api.requestPromise('/core/view/urls/', params); +}; + +/** + * Gets the HTTP message with the given ID. Returns the ID, request/response headers and bodies, cookies, note, type, RTT, and timestamp. + **/ +Core.prototype.message = function (id, callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/message/', {'id' : id}, callback); + return; + } + return this.api.requestPromise('/core/view/message/', {'id' : id}); +}; + +/** + * Gets the HTTP messages sent by ZAP, request and response, optionally filtered by URL and paginated with 'start' position and 'count' of messages + **/ +Core.prototype.messages = function (baseurl, start, count, callback) { + const params = {}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/core/view/messages/', params, callback); + return; + } + return this.api.requestPromise('/core/view/messages/', params); +}; + +/** + * Gets the HTTP messages with the given IDs. + **/ +Core.prototype.messagesById = function (ids, callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/messagesById/', {'ids' : ids}, callback); + return; + } + return this.api.requestPromise('/core/view/messagesById/', {'ids' : ids}); +}; + +/** + * Gets the number of messages, optionally filtering by URL + **/ +Core.prototype.numberOfMessages = function (baseurl, callback) { + const params = {}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (typeof callback === 'function') { + this.api.request('/core/view/numberOfMessages/', params, callback); + return; + } + return this.api.requestPromise('/core/view/numberOfMessages/', params); +}; + +/** + * Gets the mode + **/ +Core.prototype.mode = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/mode/', callback); + return; + } + return this.api.requestPromise('/core/view/mode/'); +}; + +/** + * Gets ZAP version + **/ +Core.prototype.version = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/version/', callback); + return; + } + return this.api.requestPromise('/core/view/version/'); +}; + +/** + * Gets the regular expressions, applied to URLs, to exclude from the local proxies. + **/ +Core.prototype.excludedFromProxy = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/excludedFromProxy/', callback); + return; + } + return this.api.requestPromise('/core/view/excludedFromProxy/'); +}; + +Core.prototype.homeDirectory = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/homeDirectory/', callback); + return; + } + return this.api.requestPromise('/core/view/homeDirectory/'); +}; + +/** + * Gets the location of the current session file + **/ +Core.prototype.sessionLocation = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/sessionLocation/', callback); + return; + } + return this.api.requestPromise('/core/view/sessionLocation/'); +}; + +/** + * Gets all the domains that are excluded from the outgoing proxy. For each domain the following are shown: the index, the value (domain), if enabled, and if specified as a regex. + **/ +Core.prototype.proxyChainExcludedDomains = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/proxyChainExcludedDomains/', callback); + return; + } + return this.api.requestPromise('/core/view/proxyChainExcludedDomains/'); +}; + +/** + * Use view proxyChainExcludedDomains instead. + **/ +Core.prototype.optionProxyChainSkipName = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyChainSkipName/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyChainSkipName/'); +}; + +/** + * Use view proxyChainExcludedDomains instead. + **/ +Core.prototype.optionProxyExcludedDomains = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyExcludedDomains/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyExcludedDomains/'); +}; + +/** + * Use view proxyChainExcludedDomains instead. + **/ +Core.prototype.optionProxyExcludedDomainsEnabled = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyExcludedDomainsEnabled/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyExcludedDomainsEnabled/'); +}; + +/** + * Gets the path to ZAP's home directory. + **/ +Core.prototype.zapHomePath = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/zapHomePath/', callback); + return; + } + return this.api.requestPromise('/core/view/zapHomePath/'); +}; + +/** + * Gets the maximum number of alert instances to include in a report. + **/ +Core.prototype.optionMaximumAlertInstances = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionMaximumAlertInstances/', callback); + return; + } + return this.api.requestPromise('/core/view/optionMaximumAlertInstances/'); +}; + +/** + * Gets whether or not related alerts will be merged in any reports generated. + **/ +Core.prototype.optionMergeRelatedAlerts = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionMergeRelatedAlerts/', callback); + return; + } + return this.api.requestPromise('/core/view/optionMergeRelatedAlerts/'); +}; + +/** + * Gets the path to the file with alert overrides. + **/ +Core.prototype.optionAlertOverridesFilePath = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionAlertOverridesFilePath/', callback); + return; + } + return this.api.requestPromise('/core/view/optionAlertOverridesFilePath/'); +}; + +/** + * Gets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy). + **/ +Core.prototype.optionDefaultUserAgent = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionDefaultUserAgent/', callback); + return; + } + return this.api.requestPromise('/core/view/optionDefaultUserAgent/'); +}; + +/** + * Gets the TTL (in seconds) of successful DNS queries. + **/ +Core.prototype.optionDnsTtlSuccessfulQueries = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionDnsTtlSuccessfulQueries/', callback); + return; + } + return this.api.requestPromise('/core/view/optionDnsTtlSuccessfulQueries/'); +}; + +Core.prototype.optionHttpState = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionHttpState/', callback); + return; + } + return this.api.requestPromise('/core/view/optionHttpState/'); +}; + +Core.prototype.optionProxyChainName = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyChainName/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyChainName/'); +}; + +Core.prototype.optionProxyChainPassword = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyChainPassword/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyChainPassword/'); +}; + +Core.prototype.optionProxyChainPort = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyChainPort/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyChainPort/'); +}; + +Core.prototype.optionProxyChainRealm = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyChainRealm/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyChainRealm/'); +}; + +Core.prototype.optionProxyChainUserName = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyChainUserName/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyChainUserName/'); +}; + +Core.prototype.optionTimeoutInSecs = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionTimeoutInSecs/', callback); + return; + } + return this.api.requestPromise('/core/view/optionTimeoutInSecs/'); +}; + +Core.prototype.optionHttpStateEnabled = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionHttpStateEnabled/', callback); + return; + } + return this.api.requestPromise('/core/view/optionHttpStateEnabled/'); +}; + +Core.prototype.optionProxyChainPrompt = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionProxyChainPrompt/', callback); + return; + } + return this.api.requestPromise('/core/view/optionProxyChainPrompt/'); +}; + +Core.prototype.optionSingleCookieRequestHeader = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionSingleCookieRequestHeader/', callback); + return; + } + return this.api.requestPromise('/core/view/optionSingleCookieRequestHeader/'); +}; + +Core.prototype.optionUseProxyChain = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionUseProxyChain/', callback); + return; + } + return this.api.requestPromise('/core/view/optionUseProxyChain/'); +}; + +Core.prototype.optionUseProxyChainAuth = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/view/optionUseProxyChainAuth/', callback); + return; + } + return this.api.requestPromise('/core/view/optionUseProxyChainAuth/'); +}; + +/** + * Convenient and simple action to access a URL, optionally following redirections. Returns the request sent and response received and followed redirections, if any. Other actions are available which offer more control on what is sent, like, 'sendRequest' or 'sendHarRequest'. + **/ +Core.prototype.accessUrl = function (url, followredirects, callback) { + const params = {'url' : url}; + if (followredirects && followredirects !== null) { + params['followRedirects'] = followredirects; + } + if (typeof callback === 'function') { + this.api.request('/core/action/accessUrl/', params, callback); + return; + } + return this.api.requestPromise('/core/action/accessUrl/', params); +}; + +/** + * Shuts down ZAP + **/ +Core.prototype.shutdown = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/shutdown/', callback); + return; + } + return this.api.requestPromise('/core/action/shutdown/'); +}; + +/** + * Creates a new session, optionally overwriting existing files. If a relative path is specified it will be resolved against the "session" directory in ZAP "home" dir. + **/ +Core.prototype.newSession = function (name, overwrite, callback) { + const params = {}; + if (name && name !== null) { + params['name'] = name; + } + if (overwrite && overwrite !== null) { + params['overwrite'] = overwrite; + } + if (typeof callback === 'function') { + this.api.request('/core/action/newSession/', params, callback); + return; + } + return this.api.requestPromise('/core/action/newSession/', params); +}; + +/** + * Loads the session with the given name. If a relative path is specified it will be resolved against the "session" directory in ZAP "home" dir. + **/ +Core.prototype.loadSession = function (name, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/loadSession/', {'name' : name}, callback); + return; + } + return this.api.requestPromise('/core/action/loadSession/', {'name' : name}); +}; + +/** + * Saves the session with the name supplied, optionally overwriting existing files. If a relative path is specified it will be resolved against the "session" directory in ZAP "home" dir. + **/ +Core.prototype.saveSession = function (name, overwrite, callback) { + const params = {'name' : name}; + if (overwrite && overwrite !== null) { + params['overwrite'] = overwrite; + } + if (typeof callback === 'function') { + this.api.request('/core/action/saveSession/', params, callback); + return; + } + return this.api.requestPromise('/core/action/saveSession/', params); +}; + +Core.prototype.snapshotSession = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/snapshotSession/', callback); + return; + } + return this.api.requestPromise('/core/action/snapshotSession/'); +}; + +/** + * Clears the regexes of URLs excluded from the local proxies. + **/ +Core.prototype.clearExcludedFromProxy = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/clearExcludedFromProxy/', callback); + return; + } + return this.api.requestPromise('/core/action/clearExcludedFromProxy/'); +}; + +/** + * Adds a regex of URLs that should be excluded from the local proxies. + **/ +Core.prototype.excludeFromProxy = function (regex, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/excludeFromProxy/', {'regex' : regex}, callback); + return; + } + return this.api.requestPromise('/core/action/excludeFromProxy/', {'regex' : regex}); +}; + +Core.prototype.setHomeDirectory = function (dir, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setHomeDirectory/', {'dir' : dir}, callback); + return; + } + return this.api.requestPromise('/core/action/setHomeDirectory/', {'dir' : dir}); +}; + +/** + * Sets the mode, which may be one of [safe, protect, standard, attack] + **/ +Core.prototype.setMode = function (mode, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setMode/', {'mode' : mode}, callback); + return; + } + return this.api.requestPromise('/core/action/setMode/', {'mode' : mode}); +}; + +/** + * Generates a new Root CA certificate for the local proxies. + **/ +Core.prototype.generateRootCA = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/generateRootCA/', callback); + return; + } + return this.api.requestPromise('/core/action/generateRootCA/'); +}; + +/** + * Sends the HTTP request, optionally following redirections. Returns the request sent and response received and followed redirections, if any. The Mode is enforced when sending the request (and following redirections), custom manual requests are not allowed in 'Safe' mode nor in 'Protected' mode if out of scope. + **/ +Core.prototype.sendRequest = function (request, followredirects, callback) { + const params = {'request' : request}; + if (followredirects && followredirects !== null) { + params['followRedirects'] = followredirects; + } + if (typeof callback === 'function') { + this.api.request('/core/action/sendRequest/', params, callback); + return; + } + return this.api.requestPromise('/core/action/sendRequest/', params); +}; + +/** + * Deletes all alerts of the current session. + **/ +Core.prototype.deleteAllAlerts = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/deleteAllAlerts/', callback); + return; + } + return this.api.requestPromise('/core/action/deleteAllAlerts/'); +}; + +/** + * Deletes the alert with the given ID. + **/ +Core.prototype.deleteAlert = function (id, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/deleteAlert/', {'id' : id}, callback); + return; + } + return this.api.requestPromise('/core/action/deleteAlert/', {'id' : id}); +}; + +Core.prototype.runGarbageCollection = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/runGarbageCollection/', callback); + return; + } + return this.api.requestPromise('/core/action/runGarbageCollection/'); +}; + +/** + * Deletes the site node found in the Sites Tree on the basis of the URL, HTTP method, and post data (if applicable and specified). + **/ +Core.prototype.deleteSiteNode = function (url, method, postdata, callback) { + const params = {'url' : url}; + if (method && method !== null) { + params['method'] = method; + } + if (postdata && postdata !== null) { + params['postData'] = postdata; + } + if (typeof callback === 'function') { + this.api.request('/core/action/deleteSiteNode/', params, callback); + return; + } + return this.api.requestPromise('/core/action/deleteSiteNode/', params); +}; + +/** + * Adds a domain to be excluded from the outgoing proxy, using the specified value. Optionally sets if the new entry is enabled (default, true) and whether or not the new value is specified as a regex (default, false). + **/ +Core.prototype.addProxyChainExcludedDomain = function (value, isregex, isenabled, callback) { + const params = {'value' : value}; + if (isregex && isregex !== null) { + params['isRegex'] = isregex; + } + if (isenabled && isenabled !== null) { + params['isEnabled'] = isenabled; + } + if (typeof callback === 'function') { + this.api.request('/core/action/addProxyChainExcludedDomain/', params, callback); + return; + } + return this.api.requestPromise('/core/action/addProxyChainExcludedDomain/', params); +}; + +/** + * Modifies a domain excluded from the outgoing proxy. Allows to modify the value, if enabled or if a regex. The domain is selected with its index, which can be obtained with the view proxyChainExcludedDomains. + **/ +Core.prototype.modifyProxyChainExcludedDomain = function (idx, value, isregex, isenabled, callback) { + const params = {'idx' : idx}; + if (value && value !== null) { + params['value'] = value; + } + if (isregex && isregex !== null) { + params['isRegex'] = isregex; + } + if (isenabled && isenabled !== null) { + params['isEnabled'] = isenabled; + } + if (typeof callback === 'function') { + this.api.request('/core/action/modifyProxyChainExcludedDomain/', params, callback); + return; + } + return this.api.requestPromise('/core/action/modifyProxyChainExcludedDomain/', params); +}; + +/** + * Removes a domain excluded from the outgoing proxy, with the given index. The index can be obtained with the view proxyChainExcludedDomains. + **/ +Core.prototype.removeProxyChainExcludedDomain = function (idx, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/removeProxyChainExcludedDomain/', {'idx' : idx}, callback); + return; + } + return this.api.requestPromise('/core/action/removeProxyChainExcludedDomain/', {'idx' : idx}); +}; + +/** + * Enables all domains excluded from the outgoing proxy. + **/ +Core.prototype.enableAllProxyChainExcludedDomains = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/enableAllProxyChainExcludedDomains/', callback); + return; + } + return this.api.requestPromise('/core/action/enableAllProxyChainExcludedDomains/'); +}; + +/** + * Disables all domains excluded from the outgoing proxy. + **/ +Core.prototype.disableAllProxyChainExcludedDomains = function (callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/disableAllProxyChainExcludedDomains/', callback); + return; + } + return this.api.requestPromise('/core/action/disableAllProxyChainExcludedDomains/'); +}; + +/** + * Sets the maximum number of alert instances to include in a report. A value of zero is treated as unlimited. + **/ +Core.prototype.setOptionMaximumAlertInstances = function (numberofinstances, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionMaximumAlertInstances/', {'numberOfInstances' : numberofinstances}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionMaximumAlertInstances/', {'numberOfInstances' : numberofinstances}); +}; + +/** + * Sets whether or not related alerts will be merged in any reports generated. + **/ +Core.prototype.setOptionMergeRelatedAlerts = function (enabled, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionMergeRelatedAlerts/', {'enabled' : enabled}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionMergeRelatedAlerts/', {'enabled' : enabled}); +}; + +/** + * Sets (or clears, if empty) the path to the file with alert overrides. + **/ +Core.prototype.setOptionAlertOverridesFilePath = function (filepath, callback) { + const params = {}; + if (filepath && filepath !== null) { + params['filePath'] = filepath; + } + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionAlertOverridesFilePath/', params, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionAlertOverridesFilePath/', params); +}; + +/** + * Sets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy). + **/ +Core.prototype.setOptionDefaultUserAgent = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionDefaultUserAgent/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionDefaultUserAgent/', {'String' : string}); +}; + +Core.prototype.setOptionProxyChainName = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionProxyChainName/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionProxyChainName/', {'String' : string}); +}; + +Core.prototype.setOptionProxyChainPassword = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionProxyChainPassword/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionProxyChainPassword/', {'String' : string}); +}; + +Core.prototype.setOptionProxyChainRealm = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionProxyChainRealm/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionProxyChainRealm/', {'String' : string}); +}; + +/** + * Use actions [add|modify|remove]ProxyChainExcludedDomain instead. + **/ +Core.prototype.setOptionProxyChainSkipName = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionProxyChainSkipName/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionProxyChainSkipName/', {'String' : string}); +}; + +Core.prototype.setOptionProxyChainUserName = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionProxyChainUserName/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionProxyChainUserName/', {'String' : string}); +}; + +/** + * Sets the TTL (in seconds) of successful DNS queries (applies after ZAP restart). + **/ +Core.prototype.setOptionDnsTtlSuccessfulQueries = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionDnsTtlSuccessfulQueries/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionDnsTtlSuccessfulQueries/', {'Integer' : integer}); +}; + +Core.prototype.setOptionHttpStateEnabled = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionHttpStateEnabled/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionHttpStateEnabled/', {'Boolean' : bool}); +}; + +Core.prototype.setOptionProxyChainPort = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionProxyChainPort/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionProxyChainPort/', {'Integer' : integer}); +}; + +Core.prototype.setOptionProxyChainPrompt = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionProxyChainPrompt/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionProxyChainPrompt/', {'Boolean' : bool}); +}; + +Core.prototype.setOptionSingleCookieRequestHeader = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionSingleCookieRequestHeader/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionSingleCookieRequestHeader/', {'Boolean' : bool}); +}; + +Core.prototype.setOptionTimeoutInSecs = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionTimeoutInSecs/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionTimeoutInSecs/', {'Integer' : integer}); +}; + +/** + * Sets whether or not the outgoing proxy should be used. The address/hostname of the outgoing proxy must be set to enable this option. + **/ +Core.prototype.setOptionUseProxyChain = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionUseProxyChain/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionUseProxyChain/', {'Boolean' : bool}); +}; + +Core.prototype.setOptionUseProxyChainAuth = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/core/action/setOptionUseProxyChainAuth/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/core/action/setOptionUseProxyChainAuth/', {'Boolean' : bool}); +}; + +Core.prototype.proxypac = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/proxy.pac/', callback); + return; + } + return this.api.requestPromiseOther('/core/other/proxy.pac/'); +}; + +/** + * Gets the Root CA certificate used by the local proxies. + **/ +Core.prototype.rootcert = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/rootcert/', callback); + return; + } + return this.api.requestPromiseOther('/core/other/rootcert/'); +}; + +Core.prototype.setproxy = function (proxy, callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/setproxy/', {'proxy' : proxy}, callback); + return; + } + return this.api.requestPromiseOther('/core/other/setproxy/', {'proxy' : proxy}); +}; + +/** + * Generates a report in XML format + **/ +Core.prototype.xmlreport = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/xmlreport/', callback); + return; + } + return this.api.requestPromiseOther('/core/other/xmlreport/'); +}; + +/** + * Generates a report in HTML format + **/ +Core.prototype.htmlreport = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/htmlreport/', callback); + return; + } + return this.api.requestPromiseOther('/core/other/htmlreport/'); +}; + +/** + * Generates a report in JSON format + **/ +Core.prototype.jsonreport = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/jsonreport/', callback); + return; + } + return this.api.requestPromiseOther('/core/other/jsonreport/'); +}; + +/** + * Generates a report in Markdown format + **/ +Core.prototype.mdreport = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/mdreport/', callback); + return; + } + return this.api.requestPromiseOther('/core/other/mdreport/'); +}; + +/** + * Gets the message with the given ID in HAR format + **/ +Core.prototype.messageHar = function (id, callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/messageHar/', {'id' : id}, callback); + return; + } + return this.api.requestPromiseOther('/core/other/messageHar/', {'id' : id}); +}; + +/** + * Gets the HTTP messages sent through/by ZAP, in HAR format, optionally filtered by URL and paginated with 'start' position and 'count' of messages + **/ +Core.prototype.messagesHar = function (baseurl, start, count, callback) { + const params = {}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.requestOther('/core/other/messagesHar/', params, callback); + return; + } + return this.api.requestPromiseOther('/core/other/messagesHar/', params); +}; + +/** + * Gets the HTTP messages with the given IDs, in HAR format. + **/ +Core.prototype.messagesHarById = function (ids, callback) { + if (typeof callback === 'function') { + this.api.requestOther('/core/other/messagesHarById/', {'ids' : ids}, callback); + return; + } + return this.api.requestPromiseOther('/core/other/messagesHarById/', {'ids' : ids}); +}; + +/** + * Sends the first HAR request entry, optionally following redirections. Returns, in HAR format, the request sent and response received and followed redirections, if any. The Mode is enforced when sending the request (and following redirections), custom manual requests are not allowed in 'Safe' mode nor in 'Protected' mode if out of scope. + **/ +Core.prototype.sendHarRequest = function (request, followredirects, callback) { + const params = {'request' : request}; + if (followredirects && followredirects !== null) { + params['followRedirects'] = followredirects; + } + if (typeof callback === 'function') { + this.api.requestOther('/core/other/sendHarRequest/', params, callback); + return; + } + return this.api.requestPromiseOther('/core/other/sendHarRequest/', params); +}; + +module.exports = Core; diff --git a/src/forcedUser.js b/src/forcedUser.js new file mode 100644 index 0000000..030fb44 --- /dev/null +++ b/src/forcedUser.js @@ -0,0 +1,74 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function ForcedUser(clientApi) { + this.api = clientApi; +} + +/** + * Returns 'true' if 'forced user' mode is enabled, 'false' otherwise + **/ +ForcedUser.prototype.isForcedUserModeEnabled = function (callback) { + if (typeof callback === 'function') { + this.api.request('/forcedUser/view/isForcedUserModeEnabled/', callback); + return; + } + return this.api.requestPromise('/forcedUser/view/isForcedUserModeEnabled/'); +}; + +/** + * Gets the user (ID) set as 'forced user' for the given context (ID) + **/ +ForcedUser.prototype.getForcedUser = function (contextid, callback) { + if (typeof callback === 'function') { + this.api.request('/forcedUser/view/getForcedUser/', {'contextId' : contextid}, callback); + return; + } + return this.api.requestPromise('/forcedUser/view/getForcedUser/', {'contextId' : contextid}); +}; + +/** + * Sets the user (ID) that should be used in 'forced user' mode for the given context (ID) + **/ +ForcedUser.prototype.setForcedUser = function (contextid, userid, callback) { + if (typeof callback === 'function') { + this.api.request('/forcedUser/action/setForcedUser/', {'contextId' : contextid, 'userId' : userid}, callback); + return; + } + return this.api.requestPromise('/forcedUser/action/setForcedUser/', {'contextId' : contextid, 'userId' : userid}); +}; + +/** + * Sets if 'forced user' mode should be enabled or not + **/ +ForcedUser.prototype.setForcedUserModeEnabled = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/forcedUser/action/setForcedUserModeEnabled/', {'boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/forcedUser/action/setForcedUserModeEnabled/', {'boolean' : bool}); +}; + +module.exports = ForcedUser; diff --git a/src/httpSessions.js b/src/httpSessions.js new file mode 100644 index 0000000..9c7b4a0 --- /dev/null +++ b/src/httpSessions.js @@ -0,0 +1,170 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function HttpSessions(clientApi) { + this.api = clientApi; +} + +/** + * Gets all of the sites that have sessions. + **/ +HttpSessions.prototype.sites = function (callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/view/sites/', callback); + return; + } + return this.api.requestPromise('/httpSessions/view/sites/'); +}; + +/** + * Gets the sessions for the given site. Optionally returning just the session with the given name. + **/ +HttpSessions.prototype.sessions = function (site, session, callback) { + const params = {'site' : site}; + if (session && session !== null) { + params['session'] = session; + } + if (typeof callback === 'function') { + this.api.request('/httpSessions/view/sessions/', params, callback); + return; + } + return this.api.requestPromise('/httpSessions/view/sessions/', params); +}; + +/** + * Gets the name of the active session for the given site. + **/ +HttpSessions.prototype.activeSession = function (site, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/view/activeSession/', {'site' : site}, callback); + return; + } + return this.api.requestPromise('/httpSessions/view/activeSession/', {'site' : site}); +}; + +/** + * Gets the names of the session tokens for the given site. + **/ +HttpSessions.prototype.sessionTokens = function (site, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/view/sessionTokens/', {'site' : site}, callback); + return; + } + return this.api.requestPromise('/httpSessions/view/sessionTokens/', {'site' : site}); +}; + +/** + * Creates an empty session for the given site. Optionally with the given name. + **/ +HttpSessions.prototype.createEmptySession = function (site, session, callback) { + const params = {'site' : site}; + if (session && session !== null) { + params['session'] = session; + } + if (typeof callback === 'function') { + this.api.request('/httpSessions/action/createEmptySession/', params, callback); + return; + } + return this.api.requestPromise('/httpSessions/action/createEmptySession/', params); +}; + +/** + * Removes the session from the given site. + **/ +HttpSessions.prototype.removeSession = function (site, session, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/action/removeSession/', {'site' : site, 'session' : session}, callback); + return; + } + return this.api.requestPromise('/httpSessions/action/removeSession/', {'site' : site, 'session' : session}); +}; + +/** + * Sets the given session as active for the given site. + **/ +HttpSessions.prototype.setActiveSession = function (site, session, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/action/setActiveSession/', {'site' : site, 'session' : session}, callback); + return; + } + return this.api.requestPromise('/httpSessions/action/setActiveSession/', {'site' : site, 'session' : session}); +}; + +/** + * Unsets the active session of the given site. + **/ +HttpSessions.prototype.unsetActiveSession = function (site, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/action/unsetActiveSession/', {'site' : site}, callback); + return; + } + return this.api.requestPromise('/httpSessions/action/unsetActiveSession/', {'site' : site}); +}; + +/** + * Adds the session token to the given site. + **/ +HttpSessions.prototype.addSessionToken = function (site, sessiontoken, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/action/addSessionToken/', {'site' : site, 'sessionToken' : sessiontoken}, callback); + return; + } + return this.api.requestPromise('/httpSessions/action/addSessionToken/', {'site' : site, 'sessionToken' : sessiontoken}); +}; + +/** + * Removes the session token from the given site. + **/ +HttpSessions.prototype.removeSessionToken = function (site, sessiontoken, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/action/removeSessionToken/', {'site' : site, 'sessionToken' : sessiontoken}, callback); + return; + } + return this.api.requestPromise('/httpSessions/action/removeSessionToken/', {'site' : site, 'sessionToken' : sessiontoken}); +}; + +/** + * Sets the value of the session token of the given session for the given site. + **/ +HttpSessions.prototype.setSessionTokenValue = function (site, session, sessiontoken, tokenvalue, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/action/setSessionTokenValue/', {'site' : site, 'session' : session, 'sessionToken' : sessiontoken, 'tokenValue' : tokenvalue}, callback); + return; + } + return this.api.requestPromise('/httpSessions/action/setSessionTokenValue/', {'site' : site, 'session' : session, 'sessionToken' : sessiontoken, 'tokenValue' : tokenvalue}); +}; + +/** + * Renames the session of the given site. + **/ +HttpSessions.prototype.renameSession = function (site, oldsessionname, newsessionname, callback) { + if (typeof callback === 'function') { + this.api.request('/httpSessions/action/renameSession/', {'site' : site, 'oldSessionName' : oldsessionname, 'newSessionName' : newsessionname}, callback); + return; + } + return this.api.requestPromise('/httpSessions/action/renameSession/', {'site' : site, 'oldSessionName' : oldsessionname, 'newSessionName' : newsessionname}); +}; + +module.exports = HttpSessions; diff --git a/src/importLogFiles.js b/src/importLogFiles.js new file mode 100644 index 0000000..141c821 --- /dev/null +++ b/src/importLogFiles.js @@ -0,0 +1,89 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function ImportLogFiles(clientApi) { + this.api = clientApi; +} + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +ImportLogFiles.prototype.ImportZAPLogFromFile = function (filepath, callback) { + if (typeof callback === 'function') { + this.api.request('/importLogFiles/action/ImportZAPLogFromFile/', {'FilePath' : filepath}, callback); + return; + } + return this.api.requestPromise('/importLogFiles/action/ImportZAPLogFromFile/', {'FilePath' : filepath}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +ImportLogFiles.prototype.ImportModSecurityLogFromFile = function (filepath, callback) { + if (typeof callback === 'function') { + this.api.request('/importLogFiles/action/ImportModSecurityLogFromFile/', {'FilePath' : filepath}, callback); + return; + } + return this.api.requestPromise('/importLogFiles/action/ImportModSecurityLogFromFile/', {'FilePath' : filepath}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +ImportLogFiles.prototype.ImportZAPHttpRequestResponsePair = function (httprequest, httpresponse, callback) { + if (typeof callback === 'function') { + this.api.request('/importLogFiles/action/ImportZAPHttpRequestResponsePair/', {'HTTPRequest' : httprequest, 'HTTPResponse' : httpresponse}, callback); + return; + } + return this.api.requestPromise('/importLogFiles/action/ImportZAPHttpRequestResponsePair/', {'HTTPRequest' : httprequest, 'HTTPResponse' : httpresponse}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +ImportLogFiles.prototype.PostModSecurityAuditEvent = function (auditeventstring, callback) { + const params = {}; + if (auditeventstring && auditeventstring !== null) { + params['AuditEventString'] = auditeventstring; + } + if (typeof callback === 'function') { + this.api.request('/importLogFiles/action/PostModSecurityAuditEvent/', params, callback); + return; + } + return this.api.requestPromise('/importLogFiles/action/PostModSecurityAuditEvent/', params); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +ImportLogFiles.prototype.OtherPostModSecurityAuditEvent = function (auditeventstring, callback) { + if (typeof callback === 'function') { + this.api.requestOther('/importLogFiles/other/OtherPostModSecurityAuditEvent/', {'AuditEventString' : auditeventstring}, callback); + return; + } + return this.api.requestPromiseOther('/importLogFiles/other/OtherPostModSecurityAuditEvent/', {'AuditEventString' : auditeventstring}); +}; + +module.exports = ImportLogFiles; diff --git a/src/importurls.js b/src/importurls.js new file mode 100644 index 0000000..c8ddb76 --- /dev/null +++ b/src/importurls.js @@ -0,0 +1,42 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Importurls(clientApi) { + this.api = clientApi; +} + +/** + * Imports URLs (one per line) from the file with the given file system path. + * This component is optional and therefore the API will only work if it is installed + **/ +Importurls.prototype.importurls = function (filepath, callback) { + if (typeof callback === 'function') { + this.api.request('/importurls/action/importurls/', {'filePath' : filepath}, callback); + return; + } + return this.api.requestPromise('/importurls/action/importurls/', {'filePath' : filepath}); +}; + +module.exports = Importurls; diff --git a/src/index.js b/src/index.js new file mode 100644 index 0000000..e280a65 --- /dev/null +++ b/src/index.js @@ -0,0 +1,167 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +const request = require('request'); +const requestPromise = require('request-promise-native'); + +const Acsrf = require('./acsrf'); +const AjaxSpider = require('./ajaxSpider'); +const Ascan = require('./ascan'); +const Authentication = require('./authentication'); +const Authorization = require('./authorization'); +const Autoupdate = require('./autoupdate'); +const Brk = require('./brk'); +const Context = require('./context'); +const Core = require('./core'); +const ForcedUser = require('./forcedUser'); +const HttpSessions = require('./httpSessions'); +const ImportLogFiles = require('./importLogFiles'); +const Importurls = require('./importurls'); +const Openapi = require('./openapi'); +const Params = require('./params'); +const Pnh = require('./pnh'); +const Pscan = require('./pscan'); +const Replacer = require('./replacer'); +const Reveal = require('./reveal'); +const Script = require('./script'); +const Search = require('./search'); +const Selenium = require('./selenium'); +const SessionManagement = require('./sessionManagement'); +const Soap = require('./soap'); +const Spider = require('./spider'); +const Stats = require('./stats'); +const Users = require('./users'); +const Websocket = require('./websocket'); + +// base JSON api url +const BASE = 'http://zap/JSON'; +// base OTHER api url +const BASE_OTHER = 'http://zap/OTHER'; + +function ClientApi(options) { + const requestOptions = { + proxy: { ...{ proxy: 'http://127.0.0.1:8080' }, ...options }.proxy, + method: 'GET', + json: true, + headers: options.apiKey ? { 'X-ZAP-API-Key': options.apiKey } : {} + }; + + this.req = request.defaults(requestOptions); + this.reqPromise = requestPromise.defaults(requestOptions); + this.acsrf = new Acsrf(this); + this.ajaxSpider = new AjaxSpider(this); + this.ascan = new Ascan(this); + this.authentication = new Authentication(this); + this.authorization = new Authorization(this); + this.autoupdate = new Autoupdate(this); + this.brk = new Brk(this); + this.context = new Context(this); + this.core = new Core(this); + this.forcedUser = new ForcedUser(this); + this.httpSessions = new HttpSessions(this); + this.importLogFiles = new ImportLogFiles(this); + this.importurls = new Importurls(this); + this.openapi = new Openapi(this); + this.params = new Params(this); + this.pnh = new Pnh(this); + this.pscan = new Pscan(this); + this.replacer = new Replacer(this); + this.reveal = new Reveal(this); + this.script = new Script(this); + this.search = new Search(this); + this.selenium = new Selenium(this); + this.sessionManagement = new SessionManagement(this); + this.soap = new Soap(this); + this.spider = new Spider(this); + this.stats = new Stats(this); + this.users = new Users(this); + this.websocket = new Websocket(this); +} + +// Legacy for callbacks. + +/** + * Get a handler for REST API responses. + * We include a workaround here for the fact that the API does not + * return the correct status codes in the event of an error + * (i.e. it always returns 200). + **/ +const responseHandler = function (callback) { + return function handleResponse(err, res, body) { + if (err) { + callback(err); + return; + } + + // if the response has a code and a message, it's an error. + if (body && body.code && body.message) { + callback(body); + } else { + callback(null, body); + } + }; +}; + +ClientApi.prototype.request = function (url, parms, callback) { + if (!callback && typeof(parms === 'function')) { + callback = parms; + parms = null; + } + + var options = { + url: BASE + url + }; + if (parms) { + options.qs = parms; + } + this.req(options, responseHandler(callback)); +}; + +ClientApi.prototype.requestOther = function (url, parms, callback) { + if (!callback && typeof(parms === 'function')) { + callback = parms; + parms = null; + } + + var options = { + url: BASE_OTHER + url + }; + if (parms) { + options.qs = parms; + } + this.req(options, responseHandler(callback)); +}; + +// End Legacy for callbacks. + +const makeRequest = function (parms, options) { + return this.reqPromise(parms ? { ...options, qs: parms } : options); +}; + + +ClientApi.prototype.requestPromise = function (url, parms) { + return makeRequest.call(this, parms, { url: BASE + url }); +}; + + +ClientApi.prototype.requestPromiseOther = function (url, parms) { + return makeRequest.call(this, parms, { url: BASE_OTHER + url }); +}; + +module.exports = ClientApi; diff --git a/src/openapi.js b/src/openapi.js new file mode 100644 index 0000000..a8f7b5b --- /dev/null +++ b/src/openapi.js @@ -0,0 +1,58 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Openapi(clientApi) { + this.api = clientApi; +} + +/** + * Import an Open API definition from a local file. + * This component is optional and therefore the API will only work if it is installed + **/ +Openapi.prototype.importFile = function (file, callback) { + if (typeof callback === 'function') { + this.api.request('/openapi/action/importFile/', {'file' : file}, callback); + return; + } + return this.api.requestPromise('/openapi/action/importFile/', {'file' : file}); +}; + +/** + * Import an Open API definition from a URL, hostOverride allows the host to be replaced + * This component is optional and therefore the API will only work if it is installed + **/ +Openapi.prototype.importUrl = function (url, hostoverride, callback) { + const params = {'url' : url}; + if (hostoverride && hostoverride !== null) { + params['hostOverride'] = hostoverride; + } + if (typeof callback === 'function') { + this.api.request('/openapi/action/importUrl/', params, callback); + return; + } + return this.api.requestPromise('/openapi/action/importUrl/', params); +}; + +module.exports = Openapi; diff --git a/src/params.js b/src/params.js new file mode 100644 index 0000000..434179a --- /dev/null +++ b/src/params.js @@ -0,0 +1,45 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Params(clientApi) { + this.api = clientApi; +} + +/** + * Shows the parameters for the specified site, or for all sites if the site is not specified + **/ +Params.prototype.params = function (site, callback) { + const params = {}; + if (site && site !== null) { + params['site'] = site; + } + if (typeof callback === 'function') { + this.api.request('/params/view/params/', params, callback); + return; + } + return this.api.requestPromise('/params/view/params/', params); +}; + +module.exports = Params; diff --git a/src/pnh.js b/src/pnh.js new file mode 100644 index 0000000..33601b2 --- /dev/null +++ b/src/pnh.js @@ -0,0 +1,118 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Pnh(clientApi) { + this.api = clientApi; +} + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +Pnh.prototype.monitor = function (id, message, callback) { + if (typeof callback === 'function') { + this.api.request('/pnh/action/monitor/', {'id' : id, 'message' : message}, callback); + return; + } + return this.api.requestPromise('/pnh/action/monitor/', {'id' : id, 'message' : message}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +Pnh.prototype.oracle = function (id, callback) { + if (typeof callback === 'function') { + this.api.request('/pnh/action/oracle/', {'id' : id}, callback); + return; + } + return this.api.requestPromise('/pnh/action/oracle/', {'id' : id}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +Pnh.prototype.startMonitoring = function (url, callback) { + if (typeof callback === 'function') { + this.api.request('/pnh/action/startMonitoring/', {'url' : url}, callback); + return; + } + return this.api.requestPromise('/pnh/action/startMonitoring/', {'url' : url}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +Pnh.prototype.stopMonitoring = function (id, callback) { + if (typeof callback === 'function') { + this.api.request('/pnh/action/stopMonitoring/', {'id' : id}, callback); + return; + } + return this.api.requestPromise('/pnh/action/stopMonitoring/', {'id' : id}); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +Pnh.prototype.pnh = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/pnh/other/pnh/', callback); + return; + } + return this.api.requestPromiseOther('/pnh/other/pnh/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +Pnh.prototype.manifest = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/pnh/other/manifest/', callback); + return; + } + return this.api.requestPromiseOther('/pnh/other/manifest/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +Pnh.prototype.service = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/pnh/other/service/', callback); + return; + } + return this.api.requestPromiseOther('/pnh/other/service/'); +}; + +/** + * This component is optional and therefore the API will only work if it is installed + **/ +Pnh.prototype.fx_pnhxpi = function (callback) { + if (typeof callback === 'function') { + this.api.requestOther('/pnh/other/fx_pnh.xpi/', callback); + return; + } + return this.api.requestPromiseOther('/pnh/other/fx_pnh.xpi/'); +}; + +module.exports = Pnh; diff --git a/src/pscan.js b/src/pscan.js new file mode 100644 index 0000000..7940397 --- /dev/null +++ b/src/pscan.js @@ -0,0 +1,140 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Pscan(clientApi) { + this.api = clientApi; +} + +/** + * Tells whether or not the passive scan should be performed only on messages that are in scope. + **/ +Pscan.prototype.scanOnlyInScope = function (callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/view/scanOnlyInScope/', callback); + return; + } + return this.api.requestPromise('/pscan/view/scanOnlyInScope/'); +}; + +/** + * The number of records the passive scanner still has to scan + **/ +Pscan.prototype.recordsToScan = function (callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/view/recordsToScan/', callback); + return; + } + return this.api.requestPromise('/pscan/view/recordsToScan/'); +}; + +/** + * Lists all passive scanners with its ID, name, enabled state and alert threshold. + **/ +Pscan.prototype.scanners = function (callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/view/scanners/', callback); + return; + } + return this.api.requestPromise('/pscan/view/scanners/'); +}; + +/** + * Sets whether or not the passive scanning is enabled (Note: the enabled state is not persisted). + **/ +Pscan.prototype.setEnabled = function (enabled, callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/action/setEnabled/', {'enabled' : enabled}, callback); + return; + } + return this.api.requestPromise('/pscan/action/setEnabled/', {'enabled' : enabled}); +}; + +/** + * Sets whether or not the passive scan should be performed only on messages that are in scope. + **/ +Pscan.prototype.setScanOnlyInScope = function (onlyinscope, callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/action/setScanOnlyInScope/', {'onlyInScope' : onlyinscope}, callback); + return; + } + return this.api.requestPromise('/pscan/action/setScanOnlyInScope/', {'onlyInScope' : onlyinscope}); +}; + +/** + * Enables all passive scanners + **/ +Pscan.prototype.enableAllScanners = function (callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/action/enableAllScanners/', callback); + return; + } + return this.api.requestPromise('/pscan/action/enableAllScanners/'); +}; + +/** + * Disables all passive scanners + **/ +Pscan.prototype.disableAllScanners = function (callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/action/disableAllScanners/', callback); + return; + } + return this.api.requestPromise('/pscan/action/disableAllScanners/'); +}; + +/** + * Enables all passive scanners with the given IDs (comma separated list of IDs) + **/ +Pscan.prototype.enableScanners = function (ids, callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/action/enableScanners/', {'ids' : ids}, callback); + return; + } + return this.api.requestPromise('/pscan/action/enableScanners/', {'ids' : ids}); +}; + +/** + * Disables all passive scanners with the given IDs (comma separated list of IDs) + **/ +Pscan.prototype.disableScanners = function (ids, callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/action/disableScanners/', {'ids' : ids}, callback); + return; + } + return this.api.requestPromise('/pscan/action/disableScanners/', {'ids' : ids}); +}; + +/** + * Sets the alert threshold of the passive scanner with the given ID, accepted values for alert threshold: OFF, DEFAULT, LOW, MEDIUM and HIGH + **/ +Pscan.prototype.setScannerAlertThreshold = function (id, alertthreshold, callback) { + if (typeof callback === 'function') { + this.api.request('/pscan/action/setScannerAlertThreshold/', {'id' : id, 'alertThreshold' : alertthreshold}, callback); + return; + } + return this.api.requestPromise('/pscan/action/setScannerAlertThreshold/', {'id' : id, 'alertThreshold' : alertthreshold}); +}; + +module.exports = Pscan; diff --git a/src/replacer.js b/src/replacer.js new file mode 100644 index 0000000..edd9f9a --- /dev/null +++ b/src/replacer.js @@ -0,0 +1,85 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Replacer(clientApi) { + this.api = clientApi; +} + +/** + * Returns full details of all of the rules + * This component is optional and therefore the API will only work if it is installed + **/ +Replacer.prototype.rules = function (callback) { + if (typeof callback === 'function') { + this.api.request('/replacer/view/rules/', callback); + return; + } + return this.api.requestPromise('/replacer/view/rules/'); +}; + +/** + * Adds a replacer rule. For the parameters: desc is a user friendly description, enabled is true or false, matchType is one of [REQ_HEADER, REQ_HEADER_STR, REQ_BODY_STR, RESP_HEADER, RESP_HEADER_STR, RESP_BODY_STR], matchRegex should be true if the matchString should be treated as a regex otherwise false, matchString is the string that will be matched against, replacement is the replacement string, initiators may be blank (for all initiators) or a comma separated list of integers as defined in HttpSender + * This component is optional and therefore the API will only work if it is installed + **/ +Replacer.prototype.addRule = function (description, enabled, matchtype, matchregex, matchstring, replacement, initiators, callback) { + const params = {'description' : description, 'enabled' : enabled, 'matchType' : matchtype, 'matchRegex' : matchregex, 'matchString' : matchstring}; + if (replacement && replacement !== null) { + params['replacement'] = replacement; + } + if (initiators && initiators !== null) { + params['initiators'] = initiators; + } + if (typeof callback === 'function') { + this.api.request('/replacer/action/addRule/', params, callback); + return; + } + return this.api.requestPromise('/replacer/action/addRule/', params); +}; + +/** + * Removes the rule with the given description + * This component is optional and therefore the API will only work if it is installed + **/ +Replacer.prototype.removeRule = function (description, callback) { + if (typeof callback === 'function') { + this.api.request('/replacer/action/removeRule/', {'description' : description}, callback); + return; + } + return this.api.requestPromise('/replacer/action/removeRule/', {'description' : description}); +}; + +/** + * Enables or disables the rule with the given description based on the bool parameter + * This component is optional and therefore the API will only work if it is installed + **/ +Replacer.prototype.setEnabled = function (description, bool, callback) { + if (typeof callback === 'function') { + this.api.request('/replacer/action/setEnabled/', {'description' : description, 'bool' : bool}, callback); + return; + } + return this.api.requestPromise('/replacer/action/setEnabled/', {'description' : description, 'bool' : bool}); +}; + +module.exports = Replacer; diff --git a/src/reveal.js b/src/reveal.js new file mode 100644 index 0000000..0a8a689 --- /dev/null +++ b/src/reveal.js @@ -0,0 +1,54 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Reveal(clientApi) { + this.api = clientApi; +} + +/** + * Tells if shows hidden fields and enables disabled fields + * This component is optional and therefore the API will only work if it is installed + **/ +Reveal.prototype.reveal = function (callback) { + if (typeof callback === 'function') { + this.api.request('/reveal/view/reveal/', callback); + return; + } + return this.api.requestPromise('/reveal/view/reveal/'); +}; + +/** + * Sets if shows hidden fields and enables disabled fields + * This component is optional and therefore the API will only work if it is installed + **/ +Reveal.prototype.setReveal = function (reveal, callback) { + if (typeof callback === 'function') { + this.api.request('/reveal/action/setReveal/', {'reveal' : reveal}, callback); + return; + } + return this.api.requestPromise('/reveal/action/setReveal/', {'reveal' : reveal}); +}; + +module.exports = Reveal; diff --git a/src/script.js b/src/script.js new file mode 100644 index 0000000..2dbb143 --- /dev/null +++ b/src/script.js @@ -0,0 +1,114 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Script(clientApi) { + this.api = clientApi; +} + +/** + * Lists the script engines available + **/ +Script.prototype.listEngines = function (callback) { + if (typeof callback === 'function') { + this.api.request('/script/view/listEngines/', callback); + return; + } + return this.api.requestPromise('/script/view/listEngines/'); +}; + +/** + * Lists the scripts available, with its engine, name, description, type and error state. + **/ +Script.prototype.listScripts = function (callback) { + if (typeof callback === 'function') { + this.api.request('/script/view/listScripts/', callback); + return; + } + return this.api.requestPromise('/script/view/listScripts/'); +}; + +/** + * Enables the script with the given name + **/ +Script.prototype.enable = function (scriptname, callback) { + if (typeof callback === 'function') { + this.api.request('/script/action/enable/', {'scriptName' : scriptname}, callback); + return; + } + return this.api.requestPromise('/script/action/enable/', {'scriptName' : scriptname}); +}; + +/** + * Disables the script with the given name + **/ +Script.prototype.disable = function (scriptname, callback) { + if (typeof callback === 'function') { + this.api.request('/script/action/disable/', {'scriptName' : scriptname}, callback); + return; + } + return this.api.requestPromise('/script/action/disable/', {'scriptName' : scriptname}); +}; + +/** + * Loads a script into ZAP from the given local file, with the given name, type and engine, optionally with a description, and a charset name to read the script (the charset name is required if the script is not in UTF-8, for example, in ISO-8859-1). + **/ +Script.prototype.load = function (scriptname, scripttype, scriptengine, filename, scriptdescription, charset, callback) { + const params = {'scriptName' : scriptname, 'scriptType' : scripttype, 'scriptEngine' : scriptengine, 'fileName' : filename}; + if (scriptdescription && scriptdescription !== null) { + params['scriptDescription'] = scriptdescription; + } + if (charset && charset !== null) { + params['charset'] = charset; + } + if (typeof callback === 'function') { + this.api.request('/script/action/load/', params, callback); + return; + } + return this.api.requestPromise('/script/action/load/', params); +}; + +/** + * Removes the script with the given name + **/ +Script.prototype.remove = function (scriptname, callback) { + if (typeof callback === 'function') { + this.api.request('/script/action/remove/', {'scriptName' : scriptname}, callback); + return; + } + return this.api.requestPromise('/script/action/remove/', {'scriptName' : scriptname}); +}; + +/** + * Runs the stand alone script with the give name + **/ +Script.prototype.runStandAloneScript = function (scriptname, callback) { + if (typeof callback === 'function') { + this.api.request('/script/action/runStandAloneScript/', {'scriptName' : scriptname}, callback); + return; + } + return this.api.requestPromise('/script/action/runStandAloneScript/', {'scriptName' : scriptname}); +}; + +module.exports = Script; diff --git a/src/search.js b/src/search.js new file mode 100644 index 0000000..1f29c57 --- /dev/null +++ b/src/search.js @@ -0,0 +1,246 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Search(clientApi) { + this.api = clientApi; +} + +Search.prototype.urlsByUrlRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/search/view/urlsByUrlRegex/', params, callback); + return; + } + return this.api.requestPromise('/search/view/urlsByUrlRegex/', params); +}; + +Search.prototype.urlsByRequestRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/search/view/urlsByRequestRegex/', params, callback); + return; + } + return this.api.requestPromise('/search/view/urlsByRequestRegex/', params); +}; + +Search.prototype.urlsByResponseRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/search/view/urlsByResponseRegex/', params, callback); + return; + } + return this.api.requestPromise('/search/view/urlsByResponseRegex/', params); +}; + +Search.prototype.urlsByHeaderRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/search/view/urlsByHeaderRegex/', params, callback); + return; + } + return this.api.requestPromise('/search/view/urlsByHeaderRegex/', params); +}; + +Search.prototype.messagesByUrlRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/search/view/messagesByUrlRegex/', params, callback); + return; + } + return this.api.requestPromise('/search/view/messagesByUrlRegex/', params); +}; + +Search.prototype.messagesByRequestRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/search/view/messagesByRequestRegex/', params, callback); + return; + } + return this.api.requestPromise('/search/view/messagesByRequestRegex/', params); +}; + +Search.prototype.messagesByResponseRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/search/view/messagesByResponseRegex/', params, callback); + return; + } + return this.api.requestPromise('/search/view/messagesByResponseRegex/', params); +}; + +Search.prototype.messagesByHeaderRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.request('/search/view/messagesByHeaderRegex/', params, callback); + return; + } + return this.api.requestPromise('/search/view/messagesByHeaderRegex/', params); +}; + +Search.prototype.harByUrlRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.requestOther('/search/other/harByUrlRegex/', params, callback); + return; + } + return this.api.requestPromiseOther('/search/other/harByUrlRegex/', params); +}; + +Search.prototype.harByRequestRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.requestOther('/search/other/harByRequestRegex/', params, callback); + return; + } + return this.api.requestPromiseOther('/search/other/harByRequestRegex/', params); +}; + +Search.prototype.harByResponseRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.requestOther('/search/other/harByResponseRegex/', params, callback); + return; + } + return this.api.requestPromiseOther('/search/other/harByResponseRegex/', params); +}; + +Search.prototype.harByHeaderRegex = function (regex, baseurl, start, count, callback) { + const params = {'regex' : regex}; + if (baseurl && baseurl !== null) { + params['baseurl'] = baseurl; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (typeof callback === 'function') { + this.api.requestOther('/search/other/harByHeaderRegex/', params, callback); + return; + } + return this.api.requestPromiseOther('/search/other/harByHeaderRegex/', params); +}; + +module.exports = Search; diff --git a/src/selenium.js b/src/selenium.js new file mode 100644 index 0000000..69a2e31 --- /dev/null +++ b/src/selenium.js @@ -0,0 +1,150 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Selenium(clientApi) { + this.api = clientApi; +} + +/** + * Returns the current path to ChromeDriver + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.optionChromeDriverPath = function (callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/view/optionChromeDriverPath/', callback); + return; + } + return this.api.requestPromise('/selenium/view/optionChromeDriverPath/'); +}; + +/** + * Returns the current path to Firefox binary + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.optionFirefoxBinaryPath = function (callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/view/optionFirefoxBinaryPath/', callback); + return; + } + return this.api.requestPromise('/selenium/view/optionFirefoxBinaryPath/'); +}; + +/** + * Returns the current path to Firefox driver (geckodriver) + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.optionFirefoxDriverPath = function (callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/view/optionFirefoxDriverPath/', callback); + return; + } + return this.api.requestPromise('/selenium/view/optionFirefoxDriverPath/'); +}; + +/** + * Returns the current path to IEDriverServer + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.optionIeDriverPath = function (callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/view/optionIeDriverPath/', callback); + return; + } + return this.api.requestPromise('/selenium/view/optionIeDriverPath/'); +}; + +/** + * Returns the current path to PhantomJS binary + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.optionPhantomJsBinaryPath = function (callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/view/optionPhantomJsBinaryPath/', callback); + return; + } + return this.api.requestPromise('/selenium/view/optionPhantomJsBinaryPath/'); +}; + +/** + * Sets the current path to ChromeDriver + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.setOptionChromeDriverPath = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/action/setOptionChromeDriverPath/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/selenium/action/setOptionChromeDriverPath/', {'String' : string}); +}; + +/** + * Sets the current path to Firefox binary + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.setOptionFirefoxBinaryPath = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/action/setOptionFirefoxBinaryPath/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/selenium/action/setOptionFirefoxBinaryPath/', {'String' : string}); +}; + +/** + * Sets the current path to Firefox driver (geckodriver) + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.setOptionFirefoxDriverPath = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/action/setOptionFirefoxDriverPath/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/selenium/action/setOptionFirefoxDriverPath/', {'String' : string}); +}; + +/** + * Sets the current path to IEDriverServer + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.setOptionIeDriverPath = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/action/setOptionIeDriverPath/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/selenium/action/setOptionIeDriverPath/', {'String' : string}); +}; + +/** + * Sets the current path to PhantomJS binary + * This component is optional and therefore the API will only work if it is installed + **/ +Selenium.prototype.setOptionPhantomJsBinaryPath = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/selenium/action/setOptionPhantomJsBinaryPath/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/selenium/action/setOptionPhantomJsBinaryPath/', {'String' : string}); +}; + +module.exports = Selenium; diff --git a/src/sessionManagement.js b/src/sessionManagement.js new file mode 100644 index 0000000..0d46966 --- /dev/null +++ b/src/sessionManagement.js @@ -0,0 +1,66 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function SessionManagement(clientApi) { + this.api = clientApi; +} + +SessionManagement.prototype.getSupportedSessionManagementMethods = function (callback) { + if (typeof callback === 'function') { + this.api.request('/sessionManagement/view/getSupportedSessionManagementMethods/', callback); + return; + } + return this.api.requestPromise('/sessionManagement/view/getSupportedSessionManagementMethods/'); +}; + +SessionManagement.prototype.getSessionManagementMethodConfigParams = function (methodname, callback) { + if (typeof callback === 'function') { + this.api.request('/sessionManagement/view/getSessionManagementMethodConfigParams/', {'methodName' : methodname}, callback); + return; + } + return this.api.requestPromise('/sessionManagement/view/getSessionManagementMethodConfigParams/', {'methodName' : methodname}); +}; + +SessionManagement.prototype.getSessionManagementMethod = function (contextid, callback) { + if (typeof callback === 'function') { + this.api.request('/sessionManagement/view/getSessionManagementMethod/', {'contextId' : contextid}, callback); + return; + } + return this.api.requestPromise('/sessionManagement/view/getSessionManagementMethod/', {'contextId' : contextid}); +}; + +SessionManagement.prototype.setSessionManagementMethod = function (contextid, methodname, methodconfigparams, callback) { + const params = {'contextId' : contextid, 'methodName' : methodname}; + if (methodconfigparams && methodconfigparams !== null) { + params['methodConfigParams'] = methodconfigparams; + } + if (typeof callback === 'function') { + this.api.request('/sessionManagement/action/setSessionManagementMethod/', params, callback); + return; + } + return this.api.requestPromise('/sessionManagement/action/setSessionManagementMethod/', params); +}; + +module.exports = SessionManagement; diff --git a/src/soap.js b/src/soap.js new file mode 100644 index 0000000..aa5a615 --- /dev/null +++ b/src/soap.js @@ -0,0 +1,54 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Soap(clientApi) { + this.api = clientApi; +} + +/** + * Import a WSDL definition from local file. + * This component is optional and therefore the API will only work if it is installed + **/ +Soap.prototype.importFile = function (file, callback) { + if (typeof callback === 'function') { + this.api.request('/soap/action/importFile/', {'file' : file}, callback); + return; + } + return this.api.requestPromise('/soap/action/importFile/', {'file' : file}); +}; + +/** + * Import a WSDL definition from a URL. + * This component is optional and therefore the API will only work if it is installed + **/ +Soap.prototype.importUrl = function (url, callback) { + if (typeof callback === 'function') { + this.api.request('/soap/action/importUrl/', {'url' : url}, callback); + return; + } + return this.api.requestPromise('/soap/action/importUrl/', {'url' : url}); +}; + +module.exports = Soap; diff --git a/src/spider.js b/src/spider.js new file mode 100644 index 0000000..dceb491 --- /dev/null +++ b/src/spider.js @@ -0,0 +1,740 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Spider(clientApi) { + this.api = clientApi; +} + +Spider.prototype.status = function (scanid, callback) { + const params = {}; + if (scanid && scanid !== null) { + params['scanId'] = scanid; + } + if (typeof callback === 'function') { + this.api.request('/spider/view/status/', params, callback); + return; + } + return this.api.requestPromise('/spider/view/status/', params); +}; + +Spider.prototype.results = function (scanid, callback) { + const params = {}; + if (scanid && scanid !== null) { + params['scanId'] = scanid; + } + if (typeof callback === 'function') { + this.api.request('/spider/view/results/', params, callback); + return; + } + return this.api.requestPromise('/spider/view/results/', params); +}; + +Spider.prototype.fullResults = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/fullResults/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/spider/view/fullResults/', {'scanId' : scanid}); +}; + +Spider.prototype.scans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/scans/', callback); + return; + } + return this.api.requestPromise('/spider/view/scans/'); +}; + +/** + * Gets the regexes of URLs excluded from the spider scans. + **/ +Spider.prototype.excludedFromScan = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/excludedFromScan/', callback); + return; + } + return this.api.requestPromise('/spider/view/excludedFromScan/'); +}; + +/** + * Returns a list of unique URLs from the history table based on HTTP messages added by the Spider. + **/ +Spider.prototype.allUrls = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/allUrls/', callback); + return; + } + return this.api.requestPromise('/spider/view/allUrls/'); +}; + +/** + * Returns a list of the names of the nodes added to the Sites tree by the specified scan. + **/ +Spider.prototype.addedNodes = function (scanid, callback) { + const params = {}; + if (scanid && scanid !== null) { + params['scanId'] = scanid; + } + if (typeof callback === 'function') { + this.api.request('/spider/view/addedNodes/', params, callback); + return; + } + return this.api.requestPromise('/spider/view/addedNodes/', params); +}; + +/** + * Gets all the domains that are always in scope. For each domain the following are shown: the index, the value (domain), if enabled, and if specified as a regex. + **/ +Spider.prototype.domainsAlwaysInScope = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/domainsAlwaysInScope/', callback); + return; + } + return this.api.requestPromise('/spider/view/domainsAlwaysInScope/'); +}; + +/** + * Use view domainsAlwaysInScope instead. + **/ +Spider.prototype.optionDomainsAlwaysInScope = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionDomainsAlwaysInScope/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionDomainsAlwaysInScope/'); +}; + +/** + * Use view domainsAlwaysInScope instead. + **/ +Spider.prototype.optionDomainsAlwaysInScopeEnabled = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionDomainsAlwaysInScopeEnabled/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionDomainsAlwaysInScopeEnabled/'); +}; + +Spider.prototype.optionHandleParameters = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionHandleParameters/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionHandleParameters/'); +}; + +/** + * Gets the maximum number of child nodes (per node) that can be crawled, 0 means no limit. + **/ +Spider.prototype.optionMaxChildren = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionMaxChildren/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionMaxChildren/'); +}; + +Spider.prototype.optionMaxDepth = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionMaxDepth/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionMaxDepth/'); +}; + +Spider.prototype.optionMaxDuration = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionMaxDuration/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionMaxDuration/'); +}; + +/** + * Gets the maximum size, in bytes, that a response might have to be parsed. + **/ +Spider.prototype.optionMaxParseSizeBytes = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionMaxParseSizeBytes/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionMaxParseSizeBytes/'); +}; + +Spider.prototype.optionMaxScansInUI = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionMaxScansInUI/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionMaxScansInUI/'); +}; + +Spider.prototype.optionRequestWaitTime = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionRequestWaitTime/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionRequestWaitTime/'); +}; + +Spider.prototype.optionScope = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionScope/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionScope/'); +}; + +Spider.prototype.optionScopeText = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionScopeText/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionScopeText/'); +}; + +Spider.prototype.optionSkipURLString = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionSkipURLString/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionSkipURLString/'); +}; + +Spider.prototype.optionThreadCount = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionThreadCount/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionThreadCount/'); +}; + +Spider.prototype.optionUserAgent = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionUserAgent/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionUserAgent/'); +}; + +/** + * Gets whether or not a spider process should accept cookies while spidering. + **/ +Spider.prototype.optionAcceptCookies = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionAcceptCookies/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionAcceptCookies/'); +}; + +Spider.prototype.optionHandleODataParametersVisited = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionHandleODataParametersVisited/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionHandleODataParametersVisited/'); +}; + +Spider.prototype.optionParseComments = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionParseComments/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionParseComments/'); +}; + +Spider.prototype.optionParseGit = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionParseGit/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionParseGit/'); +}; + +Spider.prototype.optionParseRobotsTxt = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionParseRobotsTxt/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionParseRobotsTxt/'); +}; + +Spider.prototype.optionParseSVNEntries = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionParseSVNEntries/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionParseSVNEntries/'); +}; + +Spider.prototype.optionParseSitemapXml = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionParseSitemapXml/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionParseSitemapXml/'); +}; + +Spider.prototype.optionPostForm = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionPostForm/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionPostForm/'); +}; + +Spider.prototype.optionProcessForm = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionProcessForm/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionProcessForm/'); +}; + +/** + * Gets whether or not the 'Referer' header should be sent while spidering. + **/ +Spider.prototype.optionSendRefererHeader = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionSendRefererHeader/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionSendRefererHeader/'); +}; + +Spider.prototype.optionShowAdvancedDialog = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/view/optionShowAdvancedDialog/', callback); + return; + } + return this.api.requestPromise('/spider/view/optionShowAdvancedDialog/'); +}; + +/** + * Runs the spider against the given URL (or context). Optionally, the 'maxChildren' parameter can be set to limit the number of children scanned, the 'recurse' parameter can be used to prevent the spider from seeding recursively, the parameter 'contextName' can be used to constrain the scan to a Context and the parameter 'subtreeOnly' allows to restrict the spider under a site's subtree (using the specified 'url'). + **/ +Spider.prototype.scan = function (url, maxchildren, recurse, contextname, subtreeonly, callback) { + const params = {}; + if (url && url !== null) { + params['url'] = url; + } + if (maxchildren && maxchildren !== null) { + params['maxChildren'] = maxchildren; + } + if (recurse && recurse !== null) { + params['recurse'] = recurse; + } + if (contextname && contextname !== null) { + params['contextName'] = contextname; + } + if (subtreeonly && subtreeonly !== null) { + params['subtreeOnly'] = subtreeonly; + } + if (typeof callback === 'function') { + this.api.request('/spider/action/scan/', params, callback); + return; + } + return this.api.requestPromise('/spider/action/scan/', params); +}; + +/** + * Runs the spider from the perspective of a User, obtained using the given Context ID and User ID. See 'scan' action for more details. + **/ +Spider.prototype.scanAsUser = function (contextid, userid, url, maxchildren, recurse, subtreeonly, callback) { + const params = {'contextId' : contextid, 'userId' : userid}; + if (url && url !== null) { + params['url'] = url; + } + if (maxchildren && maxchildren !== null) { + params['maxChildren'] = maxchildren; + } + if (recurse && recurse !== null) { + params['recurse'] = recurse; + } + if (subtreeonly && subtreeonly !== null) { + params['subtreeOnly'] = subtreeonly; + } + if (typeof callback === 'function') { + this.api.request('/spider/action/scanAsUser/', params, callback); + return; + } + return this.api.requestPromise('/spider/action/scanAsUser/', params); +}; + +Spider.prototype.pause = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/pause/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/spider/action/pause/', {'scanId' : scanid}); +}; + +Spider.prototype.resume = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/resume/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/spider/action/resume/', {'scanId' : scanid}); +}; + +Spider.prototype.stop = function (scanid, callback) { + const params = {}; + if (scanid && scanid !== null) { + params['scanId'] = scanid; + } + if (typeof callback === 'function') { + this.api.request('/spider/action/stop/', params, callback); + return; + } + return this.api.requestPromise('/spider/action/stop/', params); +}; + +Spider.prototype.removeScan = function (scanid, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/removeScan/', {'scanId' : scanid}, callback); + return; + } + return this.api.requestPromise('/spider/action/removeScan/', {'scanId' : scanid}); +}; + +Spider.prototype.pauseAllScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/pauseAllScans/', callback); + return; + } + return this.api.requestPromise('/spider/action/pauseAllScans/'); +}; + +Spider.prototype.resumeAllScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/resumeAllScans/', callback); + return; + } + return this.api.requestPromise('/spider/action/resumeAllScans/'); +}; + +Spider.prototype.stopAllScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/stopAllScans/', callback); + return; + } + return this.api.requestPromise('/spider/action/stopAllScans/'); +}; + +Spider.prototype.removeAllScans = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/removeAllScans/', callback); + return; + } + return this.api.requestPromise('/spider/action/removeAllScans/'); +}; + +/** + * Clears the regexes of URLs excluded from the spider scans. + **/ +Spider.prototype.clearExcludedFromScan = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/clearExcludedFromScan/', callback); + return; + } + return this.api.requestPromise('/spider/action/clearExcludedFromScan/'); +}; + +/** + * Adds a regex of URLs that should be excluded from the spider scans. + **/ +Spider.prototype.excludeFromScan = function (regex, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/excludeFromScan/', {'regex' : regex}, callback); + return; + } + return this.api.requestPromise('/spider/action/excludeFromScan/', {'regex' : regex}); +}; + +/** + * Adds a new domain that's always in scope, using the specified value. Optionally sets if the new entry is enabled (default, true) and whether or not the new value is specified as a regex (default, false). + **/ +Spider.prototype.addDomainAlwaysInScope = function (value, isregex, isenabled, callback) { + const params = {'value' : value}; + if (isregex && isregex !== null) { + params['isRegex'] = isregex; + } + if (isenabled && isenabled !== null) { + params['isEnabled'] = isenabled; + } + if (typeof callback === 'function') { + this.api.request('/spider/action/addDomainAlwaysInScope/', params, callback); + return; + } + return this.api.requestPromise('/spider/action/addDomainAlwaysInScope/', params); +}; + +/** + * Modifies a domain that's always in scope. Allows to modify the value, if enabled or if a regex. The domain is selected with its index, which can be obtained with the view domainsAlwaysInScope. + **/ +Spider.prototype.modifyDomainAlwaysInScope = function (idx, value, isregex, isenabled, callback) { + const params = {'idx' : idx}; + if (value && value !== null) { + params['value'] = value; + } + if (isregex && isregex !== null) { + params['isRegex'] = isregex; + } + if (isenabled && isenabled !== null) { + params['isEnabled'] = isenabled; + } + if (typeof callback === 'function') { + this.api.request('/spider/action/modifyDomainAlwaysInScope/', params, callback); + return; + } + return this.api.requestPromise('/spider/action/modifyDomainAlwaysInScope/', params); +}; + +/** + * Removes a domain that's always in scope, with the given index. The index can be obtained with the view domainsAlwaysInScope. + **/ +Spider.prototype.removeDomainAlwaysInScope = function (idx, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/removeDomainAlwaysInScope/', {'idx' : idx}, callback); + return; + } + return this.api.requestPromise('/spider/action/removeDomainAlwaysInScope/', {'idx' : idx}); +}; + +/** + * Enables all domains that are always in scope. + **/ +Spider.prototype.enableAllDomainsAlwaysInScope = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/enableAllDomainsAlwaysInScope/', callback); + return; + } + return this.api.requestPromise('/spider/action/enableAllDomainsAlwaysInScope/'); +}; + +/** + * Disables all domains that are always in scope. + **/ +Spider.prototype.disableAllDomainsAlwaysInScope = function (callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/disableAllDomainsAlwaysInScope/', callback); + return; + } + return this.api.requestPromise('/spider/action/disableAllDomainsAlwaysInScope/'); +}; + +Spider.prototype.setOptionHandleParameters = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionHandleParameters/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionHandleParameters/', {'String' : string}); +}; + +/** + * Use actions [add|modify|remove]DomainAlwaysInScope instead. + **/ +Spider.prototype.setOptionScopeString = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionScopeString/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionScopeString/', {'String' : string}); +}; + +Spider.prototype.setOptionSkipURLString = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionSkipURLString/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionSkipURLString/', {'String' : string}); +}; + +Spider.prototype.setOptionUserAgent = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionUserAgent/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionUserAgent/', {'String' : string}); +}; + +/** + * Sets whether or not a spider process should accept cookies while spidering. + **/ +Spider.prototype.setOptionAcceptCookies = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionAcceptCookies/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionAcceptCookies/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionHandleODataParametersVisited = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionHandleODataParametersVisited/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionHandleODataParametersVisited/', {'Boolean' : bool}); +}; + +/** + * Sets the maximum number of child nodes (per node) that can be crawled, 0 means no limit. + **/ +Spider.prototype.setOptionMaxChildren = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionMaxChildren/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionMaxChildren/', {'Integer' : integer}); +}; + +Spider.prototype.setOptionMaxDepth = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionMaxDepth/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionMaxDepth/', {'Integer' : integer}); +}; + +Spider.prototype.setOptionMaxDuration = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionMaxDuration/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionMaxDuration/', {'Integer' : integer}); +}; + +/** + * Sets the maximum size, in bytes, that a response might have to be parsed. This allows the spider to skip big responses/files. + **/ +Spider.prototype.setOptionMaxParseSizeBytes = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionMaxParseSizeBytes/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionMaxParseSizeBytes/', {'Integer' : integer}); +}; + +Spider.prototype.setOptionMaxScansInUI = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionMaxScansInUI/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionMaxScansInUI/', {'Integer' : integer}); +}; + +Spider.prototype.setOptionParseComments = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionParseComments/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionParseComments/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionParseGit = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionParseGit/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionParseGit/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionParseRobotsTxt = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionParseRobotsTxt/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionParseRobotsTxt/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionParseSVNEntries = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionParseSVNEntries/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionParseSVNEntries/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionParseSitemapXml = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionParseSitemapXml/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionParseSitemapXml/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionPostForm = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionPostForm/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionPostForm/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionProcessForm = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionProcessForm/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionProcessForm/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionRequestWaitTime = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionRequestWaitTime/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionRequestWaitTime/', {'Integer' : integer}); +}; + +/** + * Sets whether or not the 'Referer' header should be sent while spidering. + **/ +Spider.prototype.setOptionSendRefererHeader = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionSendRefererHeader/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionSendRefererHeader/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionShowAdvancedDialog = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionShowAdvancedDialog/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionShowAdvancedDialog/', {'Boolean' : bool}); +}; + +Spider.prototype.setOptionThreadCount = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/spider/action/setOptionThreadCount/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/spider/action/setOptionThreadCount/', {'Integer' : integer}); +}; + +module.exports = Spider; diff --git a/src/stats.js b/src/stats.js new file mode 100644 index 0000000..9a6004d --- /dev/null +++ b/src/stats.js @@ -0,0 +1,189 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Stats(clientApi) { + this.api = clientApi; +} + +/** + * Statistics + **/ +Stats.prototype.stats = function (keyprefix, callback) { + const params = {}; + if (keyprefix && keyprefix !== null) { + params['keyPrefix'] = keyprefix; + } + if (typeof callback === 'function') { + this.api.request('/stats/view/stats/', params, callback); + return; + } + return this.api.requestPromise('/stats/view/stats/', params); +}; + +/** + * Gets all of the site based statistics, optionally filtered by a key prefix + **/ +Stats.prototype.allSitesStats = function (keyprefix, callback) { + const params = {}; + if (keyprefix && keyprefix !== null) { + params['keyPrefix'] = keyprefix; + } + if (typeof callback === 'function') { + this.api.request('/stats/view/allSitesStats/', params, callback); + return; + } + return this.api.requestPromise('/stats/view/allSitesStats/', params); +}; + +/** + * Gets all of the global statistics, optionally filtered by a key prefix + **/ +Stats.prototype.siteStats = function (site, keyprefix, callback) { + const params = {'site' : site}; + if (keyprefix && keyprefix !== null) { + params['keyPrefix'] = keyprefix; + } + if (typeof callback === 'function') { + this.api.request('/stats/view/siteStats/', params, callback); + return; + } + return this.api.requestPromise('/stats/view/siteStats/', params); +}; + +/** + * Gets the Statsd service hostname + **/ +Stats.prototype.optionStatsdHost = function (callback) { + if (typeof callback === 'function') { + this.api.request('/stats/view/optionStatsdHost/', callback); + return; + } + return this.api.requestPromise('/stats/view/optionStatsdHost/'); +}; + +/** + * Gets the Statsd service port + **/ +Stats.prototype.optionStatsdPort = function (callback) { + if (typeof callback === 'function') { + this.api.request('/stats/view/optionStatsdPort/', callback); + return; + } + return this.api.requestPromise('/stats/view/optionStatsdPort/'); +}; + +/** + * Gets the prefix to be applied to all stats sent to the configured Statsd service + **/ +Stats.prototype.optionStatsdPrefix = function (callback) { + if (typeof callback === 'function') { + this.api.request('/stats/view/optionStatsdPrefix/', callback); + return; + } + return this.api.requestPromise('/stats/view/optionStatsdPrefix/'); +}; + +/** + * Returns 'true' if in memory statistics are enabled, otherwise returns 'false' + **/ +Stats.prototype.optionInMemoryEnabled = function (callback) { + if (typeof callback === 'function') { + this.api.request('/stats/view/optionInMemoryEnabled/', callback); + return; + } + return this.api.requestPromise('/stats/view/optionInMemoryEnabled/'); +}; + +/** + * Returns 'true' if a Statsd server has been correctly configured, otherwise returns 'false' + **/ +Stats.prototype.optionStatsdEnabled = function (callback) { + if (typeof callback === 'function') { + this.api.request('/stats/view/optionStatsdEnabled/', callback); + return; + } + return this.api.requestPromise('/stats/view/optionStatsdEnabled/'); +}; + +/** + * Clears all of the statistics + **/ +Stats.prototype.clearStats = function (keyprefix, callback) { + const params = {}; + if (keyprefix && keyprefix !== null) { + params['keyPrefix'] = keyprefix; + } + if (typeof callback === 'function') { + this.api.request('/stats/action/clearStats/', params, callback); + return; + } + return this.api.requestPromise('/stats/action/clearStats/', params); +}; + +/** + * Sets the Statsd service hostname, supply an empty string to stop using a Statsd service + **/ +Stats.prototype.setOptionStatsdHost = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/stats/action/setOptionStatsdHost/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/stats/action/setOptionStatsdHost/', {'String' : string}); +}; + +/** + * Sets the prefix to be applied to all stats sent to the configured Statsd service + **/ +Stats.prototype.setOptionStatsdPrefix = function (string, callback) { + if (typeof callback === 'function') { + this.api.request('/stats/action/setOptionStatsdPrefix/', {'String' : string}, callback); + return; + } + return this.api.requestPromise('/stats/action/setOptionStatsdPrefix/', {'String' : string}); +}; + +/** + * Sets whether in memory statistics are enabled + **/ +Stats.prototype.setOptionInMemoryEnabled = function (bool, callback) { + if (typeof callback === 'function') { + this.api.request('/stats/action/setOptionInMemoryEnabled/', {'Boolean' : bool}, callback); + return; + } + return this.api.requestPromise('/stats/action/setOptionInMemoryEnabled/', {'Boolean' : bool}); +}; + +/** + * Sets the Statsd service port + **/ +Stats.prototype.setOptionStatsdPort = function (integer, callback) { + if (typeof callback === 'function') { + this.api.request('/stats/action/setOptionStatsdPort/', {'Integer' : integer}, callback); + return; + } + return this.api.requestPromise('/stats/action/setOptionStatsdPort/', {'Integer' : integer}); +}; + +module.exports = Stats; diff --git a/src/users.js b/src/users.js new file mode 100644 index 0000000..d52c315 --- /dev/null +++ b/src/users.js @@ -0,0 +1,117 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Users(clientApi) { + this.api = clientApi; +} + +Users.prototype.usersList = function (contextid, callback) { + const params = {}; + if (contextid && contextid !== null) { + params['contextId'] = contextid; + } + if (typeof callback === 'function') { + this.api.request('/users/view/usersList/', params, callback); + return; + } + return this.api.requestPromise('/users/view/usersList/', params); +}; + +Users.prototype.getUserById = function (contextid, userid, callback) { + const params = {}; + if (contextid && contextid !== null) { + params['contextId'] = contextid; + } + if (userid && userid !== null) { + params['userId'] = userid; + } + if (typeof callback === 'function') { + this.api.request('/users/view/getUserById/', params, callback); + return; + } + return this.api.requestPromise('/users/view/getUserById/', params); +}; + +Users.prototype.getAuthenticationCredentialsConfigParams = function (contextid, callback) { + if (typeof callback === 'function') { + this.api.request('/users/view/getAuthenticationCredentialsConfigParams/', {'contextId' : contextid}, callback); + return; + } + return this.api.requestPromise('/users/view/getAuthenticationCredentialsConfigParams/', {'contextId' : contextid}); +}; + +Users.prototype.getAuthenticationCredentials = function (contextid, userid, callback) { + if (typeof callback === 'function') { + this.api.request('/users/view/getAuthenticationCredentials/', {'contextId' : contextid, 'userId' : userid}, callback); + return; + } + return this.api.requestPromise('/users/view/getAuthenticationCredentials/', {'contextId' : contextid, 'userId' : userid}); +}; + +Users.prototype.newUser = function (contextid, name, callback) { + if (typeof callback === 'function') { + this.api.request('/users/action/newUser/', {'contextId' : contextid, 'name' : name}, callback); + return; + } + return this.api.requestPromise('/users/action/newUser/', {'contextId' : contextid, 'name' : name}); +}; + +Users.prototype.removeUser = function (contextid, userid, callback) { + if (typeof callback === 'function') { + this.api.request('/users/action/removeUser/', {'contextId' : contextid, 'userId' : userid}, callback); + return; + } + return this.api.requestPromise('/users/action/removeUser/', {'contextId' : contextid, 'userId' : userid}); +}; + +Users.prototype.setUserEnabled = function (contextid, userid, enabled, callback) { + if (typeof callback === 'function') { + this.api.request('/users/action/setUserEnabled/', {'contextId' : contextid, 'userId' : userid, 'enabled' : enabled}, callback); + return; + } + return this.api.requestPromise('/users/action/setUserEnabled/', {'contextId' : contextid, 'userId' : userid, 'enabled' : enabled}); +}; + +Users.prototype.setUserName = function (contextid, userid, name, callback) { + if (typeof callback === 'function') { + this.api.request('/users/action/setUserName/', {'contextId' : contextid, 'userId' : userid, 'name' : name}, callback); + return; + } + return this.api.requestPromise('/users/action/setUserName/', {'contextId' : contextid, 'userId' : userid, 'name' : name}); +}; + +Users.prototype.setAuthenticationCredentials = function (contextid, userid, authcredentialsconfigparams, callback) { + const params = {'contextId' : contextid, 'userId' : userid}; + if (authcredentialsconfigparams && authcredentialsconfigparams !== null) { + params['authCredentialsConfigParams'] = authcredentialsconfigparams; + } + if (typeof callback === 'function') { + this.api.request('/users/action/setAuthenticationCredentials/', params, callback); + return; + } + return this.api.requestPromise('/users/action/setAuthenticationCredentials/', params); +}; + +module.exports = Users; diff --git a/src/websocket.js b/src/websocket.js new file mode 100644 index 0000000..43f884b --- /dev/null +++ b/src/websocket.js @@ -0,0 +1,91 @@ +/* Zed Attack Proxy (ZAP) and its related class files. + * + * ZAP is an HTTP/HTTPS proxy for assessing web application security. + * + * Copyright 2018 the ZAP development team + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +'use strict'; + +/** + * This file was automatically generated. + */ +function Websocket(clientApi) { + this.api = clientApi; +} + +/** + * Returns all of the registered web socket channels + * This component is optional and therefore the API will only work if it is installed + **/ +Websocket.prototype.channels = function (callback) { + if (typeof callback === 'function') { + this.api.request('/websocket/view/channels/', callback); + return; + } + return this.api.requestPromise('/websocket/view/channels/'); +}; + +/** + * Returns full details of the message specified by the channelId and messageId + * This component is optional and therefore the API will only work if it is installed + **/ +Websocket.prototype.message = function (channelid, messageid, callback) { + if (typeof callback === 'function') { + this.api.request('/websocket/view/message/', {'channelId' : channelid, 'messageId' : messageid}, callback); + return; + } + return this.api.requestPromise('/websocket/view/message/', {'channelId' : channelid, 'messageId' : messageid}); +}; + +/** + * Returns a list of all of the messages that meet the given criteria (all optional), where channelId is a channel identifier, start is the offset to start returning messages from (starting from 0), count is the number of messages to return (default no limit) and payloadPreviewLength is the maximum number bytes to return for the payload contents + * This component is optional and therefore the API will only work if it is installed + **/ +Websocket.prototype.messages = function (channelid, start, count, payloadpreviewlength, callback) { + const params = {}; + if (channelid && channelid !== null) { + params['channelId'] = channelid; + } + if (start && start !== null) { + params['start'] = start; + } + if (count && count !== null) { + params['count'] = count; + } + if (payloadpreviewlength && payloadpreviewlength !== null) { + params['payloadPreviewLength'] = payloadpreviewlength; + } + if (typeof callback === 'function') { + this.api.request('/websocket/view/messages/', params, callback); + return; + } + return this.api.requestPromise('/websocket/view/messages/', params); +}; + +/** + * Sends the specified message on the channel specified by channelId, if outgoing is 'True' then the message will be sent to the server and if it is 'False' then it will be sent to the client + * This component is optional and therefore the API will only work if it is installed + **/ +Websocket.prototype.sendTextMessage = function (channelid, outgoing, message, callback) { + if (typeof callback === 'function') { + this.api.request('/websocket/action/sendTextMessage/', {'channelId' : channelid, 'outgoing' : outgoing, 'message' : message}, callback); + return; + } + return this.api.requestPromise('/websocket/action/sendTextMessage/', {'channelId' : channelid, 'outgoing' : outgoing, 'message' : message}); +}; + +module.exports = Websocket;