diff --git a/.github/workflows/golangci-lint.yaml b/.github/workflows/golangci-lint.yaml index e07f52e..2c44cf9 100644 --- a/.github/workflows/golangci-lint.yaml +++ b/.github/workflows/golangci-lint.yaml @@ -4,37 +4,17 @@ on: branches: - master pull_request: - + permissions: contents: read - # Optional: allow read access to pull request. Use with `only-new-issues` option. - # pull-requests: read + jobs: golangci: name: lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: golangci-lint - uses: golangci/golangci-lint-action@v2 + - uses: actions/checkout@v4 + - name: Run golangci-lint + uses: golangci/golangci-lint-action@v6 with: - # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version version: latest - - # Optional: working directory, useful for monorepos - # working-directory: somedir - - # Optional: golangci-lint command line arguments. - # args: --issues-exit-code=0 - - # Optional: show only new issues if it's a pull request. The default value is `false`. - # only-new-issues: true - - # Optional: if set to true then the action will use pre-installed Go. - # skip-go-installation: true - - # Optional: if set to true then the action don't cache or restore ~/go/pkg. - # skip-pkg-cache: true - - # Optional: if set to true then the action don't cache or restore ~/.cache/go-build. - # skip-build-cache: true \ No newline at end of file diff --git a/.gitignore b/.gitignore index daf913b..6b3cdf4 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,6 @@ _testmain.go *.exe *.test *.prof + +zaproxy/ +zap-extensions/ diff --git a/README.md b/README.md index 4fc0ee1..f37d4e8 100644 --- a/README.md +++ b/README.md @@ -22,25 +22,36 @@ Most of the API code is generated from the ZAP java source code. To regenerate the API code you will need the repos [zaproxy](https://github.com/zaproxy/zaproxy) and [zap-extensions](https://github.com/zaproxy/zap-extensions) checked out at the same level as this one. -You should typically generate the core API calls from the latest release tag e.g.: +Cloning the Repositories: +``` +git clone --recursive -j8 https://github.com/zaproxy/zaproxy.git +git clone --recursive -j8 https://github.com/zaproxy/zap-extensions.git +``` + +Typically, you should generate the core API calls from the latest release tag. For example: ``` cd zaproxy git fetch upstream -t -git checkout tags/v2.13.0 +git checkout tags/v2.15.0 ./gradlew generateGoApiEndpoints cd .. ``` -The add-on APIs can be generated from the zap-extensions `main` branch: +The add-on APIs can be generated from the zap-extensions main branch: ``` cd zap-extensions -git pull upstream main ./gradlew generateGoZapApiClientFiles --continue cd .. ``` +Finally, run the command to update the `interface.go`: + +``` +/bin/bash zap-api-go/zap/generate_interface.sh +``` + The above commands will update the files in `zap-api-go/zap`. If any new files are created then they should be manually added to `zap-api-go/zap/interface.go` as per the existing files. \ No newline at end of file diff --git a/go.mod b/go.mod index 4563020..0f34d0f 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,3 @@ module github.com/zaproxy/zap-api-go -go 1.17 +go 1.22 diff --git a/zap/access-control_generated.go b/zap-api-go/zap/access-control_generated.go similarity index 100% rename from zap/access-control_generated.go rename to zap-api-go/zap/access-control_generated.go diff --git a/zap/acsrf_generated.go b/zap-api-go/zap/acsrf_generated.go similarity index 92% rename from zap/acsrf_generated.go rename to zap-api-go/zap/acsrf_generated.go index fe78831..1174ea1 100644 --- a/zap/acsrf_generated.go +++ b/zap-api-go/zap/acsrf_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -62,9 +62,10 @@ func (a Acsrf) SetOptionPartialMatchingEnabled(boolean bool) (map[string]interfa } // Generate a form for testing lack of anti-CSRF tokens - typically invoked via ZAP -func (a Acsrf) GenForm(hrefid string) ([]byte, error) { +func (a Acsrf) GenForm(hrefid string, actionurl string) ([]byte, error) { m := map[string]string{ - "hrefId": hrefid, + "hrefId": hrefid, + "actionUrl": actionurl, } return a.c.RequestOther("acsrf/other/genForm/", m) } diff --git a/zap/ajax-spider_generated.go b/zap-api-go/zap/ajax-spider_generated.go similarity index 83% rename from zap/ajax-spider_generated.go rename to zap-api-go/zap/ajax-spider_generated.go index 613bbf3..b80f48a 100644 --- a/zap/ajax-spider_generated.go +++ b/zap-api-go/zap/ajax-spider_generated.go @@ -34,6 +34,16 @@ func (a AjaxSpider) AllowedResources() (map[string]interface{}, error) { return a.c.Request("ajaxSpider/view/allowedResources/", nil) } +// Gets the excluded elements. The excluded elements are not clicked during crawling, for example, to prevent logging out. +// +// This component is optional and therefore the API will only work if it is installed +func (a AjaxSpider) ExcludedElements(contextname string) (map[string]interface{}, error) { + m := map[string]string{ + "contextName": contextname, + } + return a.c.Request("ajaxSpider/view/excludedElements/", m) +} + // Gets the current status of the crawler. Actual values are Stopped and Running. // // This component is optional and therefore the API will only work if it is installed @@ -180,6 +190,52 @@ func (a AjaxSpider) AddAllowedResource(regex string, enabled string) (map[string return a.c.Request("ajaxSpider/action/addAllowedResource/", m) } +// Adds an excluded element to a context. +// +// This component is optional and therefore the API will only work if it is installed +func (a AjaxSpider) AddExcludedElement(contextname string, description string, element string, xpath string, text string, attributename string, attributevalue string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "contextName": contextname, + "description": description, + "element": element, + "xpath": xpath, + "text": text, + "attributeName": attributename, + "attributeValue": attributevalue, + "enabled": enabled, + } + return a.c.Request("ajaxSpider/action/addExcludedElement/", m) +} + +// Modifies an excluded element of a context. +// +// This component is optional and therefore the API will only work if it is installed +func (a AjaxSpider) ModifyExcludedElement(contextname string, description string, element string, descriptionnew string, xpath string, text string, attributename string, attributevalue string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "contextName": contextname, + "description": description, + "element": element, + "descriptionNew": descriptionnew, + "xpath": xpath, + "text": text, + "attributeName": attributename, + "attributeValue": attributevalue, + "enabled": enabled, + } + return a.c.Request("ajaxSpider/action/modifyExcludedElement/", m) +} + +// Removes an excluded element from a context. +// +// This component is optional and therefore the API will only work if it is installed +func (a AjaxSpider) RemoveExcludedElement(contextname string, description string) (map[string]interface{}, error) { + m := map[string]string{ + "contextName": contextname, + "description": description, + } + return a.c.Request("ajaxSpider/action/removeExcludedElement/", m) +} + // Removes an allowed resource. // // This component is optional and therefore the API will only work if it is installed @@ -211,7 +267,7 @@ func (a AjaxSpider) SetOptionBrowserId(str string) (map[string]interface{}, erro return a.c.Request("ajaxSpider/action/setOptionBrowserId/", m) } -// Sets whether or not the the AJAX Spider will only click on the default HTML elements. +// Sets whether or not the AJAX Spider will only click on the default HTML elements. // // This component is optional and therefore the API will only work if it is installed func (a AjaxSpider) SetOptionClickDefaultElems(boolean bool) (map[string]interface{}, error) { diff --git a/zap/alert-filter_generated.go b/zap-api-go/zap/alert-filter_generated.go similarity index 91% rename from zap/alert-filter_generated.go rename to zap-api-go/zap/alert-filter_generated.go index 9937df3..30ec62d 100644 --- a/zap/alert-filter_generated.go +++ b/zap-api-go/zap/alert-filter_generated.go @@ -45,7 +45,7 @@ func (a AlertFilter) GlobalAlertFilterList() (map[string]interface{}, error) { // Adds a new alert filter for the context with the given ID. // // This component is optional and therefore the API will only work if it is installed -func (a AlertFilter) AddAlertFilter(contextid string, ruleid string, newlevel string, url string, urlisregex string, parameter string, enabled string, parameterisregex string, attack string, attackisregex string, evidence string, evidenceisregex string) (map[string]interface{}, error) { +func (a AlertFilter) AddAlertFilter(contextid string, ruleid string, newlevel string, url string, urlisregex string, parameter string, enabled string, parameterisregex string, attack string, attackisregex string, evidence string, evidenceisregex string, methods string) (map[string]interface{}, error) { m := map[string]string{ "contextId": contextid, "ruleId": ruleid, @@ -59,6 +59,7 @@ func (a AlertFilter) AddAlertFilter(contextid string, ruleid string, newlevel st "attackIsRegex": attackisregex, "evidence": evidence, "evidenceIsRegex": evidenceisregex, + "methods": methods, } return a.c.Request("alertFilter/action/addAlertFilter/", m) } @@ -66,7 +67,7 @@ func (a AlertFilter) AddAlertFilter(contextid string, ruleid string, newlevel st // Removes an alert filter from the context with the given ID. // // This component is optional and therefore the API will only work if it is installed -func (a AlertFilter) RemoveAlertFilter(contextid string, ruleid string, newlevel string, url string, urlisregex string, parameter string, enabled string, parameterisregex string, attack string, attackisregex string, evidence string, evidenceisregex string) (map[string]interface{}, error) { +func (a AlertFilter) RemoveAlertFilter(contextid string, ruleid string, newlevel string, url string, urlisregex string, parameter string, enabled string, parameterisregex string, attack string, attackisregex string, evidence string, evidenceisregex string, methods string) (map[string]interface{}, error) { m := map[string]string{ "contextId": contextid, "ruleId": ruleid, @@ -80,6 +81,7 @@ func (a AlertFilter) RemoveAlertFilter(contextid string, ruleid string, newlevel "attackIsRegex": attackisregex, "evidence": evidence, "evidenceIsRegex": evidenceisregex, + "methods": methods, } return a.c.Request("alertFilter/action/removeAlertFilter/", m) } @@ -87,7 +89,7 @@ func (a AlertFilter) RemoveAlertFilter(contextid string, ruleid string, newlevel // Adds a new global alert filter. // // This component is optional and therefore the API will only work if it is installed -func (a AlertFilter) AddGlobalAlertFilter(ruleid string, newlevel string, url string, urlisregex string, parameter string, enabled string, parameterisregex string, attack string, attackisregex string, evidence string, evidenceisregex string) (map[string]interface{}, error) { +func (a AlertFilter) AddGlobalAlertFilter(ruleid string, newlevel string, url string, urlisregex string, parameter string, enabled string, parameterisregex string, attack string, attackisregex string, evidence string, evidenceisregex string, methods string) (map[string]interface{}, error) { m := map[string]string{ "ruleId": ruleid, "newLevel": newlevel, @@ -100,6 +102,7 @@ func (a AlertFilter) AddGlobalAlertFilter(ruleid string, newlevel string, url st "attackIsRegex": attackisregex, "evidence": evidence, "evidenceIsRegex": evidenceisregex, + "methods": methods, } return a.c.Request("alertFilter/action/addGlobalAlertFilter/", m) } @@ -107,7 +110,7 @@ func (a AlertFilter) AddGlobalAlertFilter(ruleid string, newlevel string, url st // Removes a global alert filter. // // This component is optional and therefore the API will only work if it is installed -func (a AlertFilter) RemoveGlobalAlertFilter(ruleid string, newlevel string, url string, urlisregex string, parameter string, enabled string, parameterisregex string, attack string, attackisregex string, evidence string, evidenceisregex string) (map[string]interface{}, error) { +func (a AlertFilter) RemoveGlobalAlertFilter(ruleid string, newlevel string, url string, urlisregex string, parameter string, enabled string, parameterisregex string, attack string, attackisregex string, evidence string, evidenceisregex string, methods string) (map[string]interface{}, error) { m := map[string]string{ "ruleId": ruleid, "newLevel": newlevel, @@ -120,6 +123,7 @@ func (a AlertFilter) RemoveGlobalAlertFilter(ruleid string, newlevel string, url "attackIsRegex": attackisregex, "evidence": evidence, "evidenceIsRegex": evidenceisregex, + "methods": methods, } return a.c.Request("alertFilter/action/removeGlobalAlertFilter/", m) } diff --git a/zap/alert_generated.go b/zap-api-go/zap/alert_generated.go similarity index 88% rename from zap/alert_generated.go rename to zap-api-go/zap/alert_generated.go index ed7a9d8..528e8fe 100644 --- a/zap/alert_generated.go +++ b/zap-api-go/zap/alert_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -34,12 +34,13 @@ func (a Alert) Alert(id string) (map[string]interface{}, error) { } // Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts -func (a Alert) Alerts(baseurl string, start string, count string, riskid string) (map[string]interface{}, error) { +func (a Alert) Alerts(baseurl string, start string, count string, riskid string, contextname string) (map[string]interface{}, error) { m := map[string]string{ - "baseurl": baseurl, - "start": start, - "count": count, - "riskId": riskid, + "baseurl": baseurl, + "start": start, + "count": count, + "riskId": riskid, + "contextName": contextname, } return a.c.Request("alert/view/alerts/", m) } @@ -84,6 +85,16 @@ func (a Alert) DeleteAllAlerts() (map[string]interface{}, error) { return a.c.Request("alert/action/deleteAllAlerts/", nil) } +// Deletes all the alerts optionally filtered by URL which fall within the Context with the provided name, risk, or base URL. +func (a Alert) DeleteAlerts(contextname string, baseurl string, riskid string) (map[string]interface{}, error) { + m := map[string]string{ + "contextName": contextname, + "baseurl": baseurl, + "riskId": riskid, + } + return a.c.Request("alert/action/deleteAlerts/", m) +} + // Deletes the alert with the given ID. func (a Alert) DeleteAlert(id string) (map[string]interface{}, error) { m := map[string]string{ diff --git a/zap/ascan_generated.go b/zap-api-go/zap/ascan_generated.go similarity index 89% rename from zap/ascan_generated.go rename to zap-api-go/zap/ascan_generated.go index b21ba7d..4ca7b60 100644 --- a/zap/ascan_generated.go +++ b/zap-api-go/zap/ascan_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -70,7 +70,7 @@ func (a Ascan) ExcludedFromScan() (map[string]interface{}, error) { return a.c.Request("ascan/view/excludedFromScan/", nil) } -// Gets the scanners, optionally, of the given scan policy and/or scanner policy/category ID. +// Gets the scan rules, optionally, of the given scan policy or scanner policy/category ID. func (a Ascan) Scanners(scanpolicyname string, policyid string) (map[string]interface{}, error) { m := map[string]string{ "scanPolicyName": scanpolicyname, @@ -126,6 +126,11 @@ func (a Ascan) OptionHostPerScan() (map[string]interface{}, error) { return a.c.Request("ascan/view/optionHostPerScan/", nil) } +// Gets the maximum number of alerts that a rule can raise before being skipped. +func (a Ascan) OptionMaxAlertsPerRule() (map[string]interface{}, error) { + return a.c.Request("ascan/view/optionMaxAlertsPerRule/", nil) +} + func (a Ascan) OptionMaxChartTimeInMins() (map[string]interface{}, error) { return a.c.Request("ascan/view/optionMaxChartTimeInMins/", nil) } @@ -167,7 +172,12 @@ func (a Ascan) OptionAllowAttackOnStart() (map[string]interface{}, error) { return a.c.Request("ascan/view/optionAllowAttackOnStart/", nil) } -// Tells whether or not the active scanner should inject the HTTP request header X-ZAP-Scan-ID, with the ID of the scanner that's sending the requests. +// Tells whether or not the active scanner should encode cookie values. +func (a Ascan) OptionEncodeCookieValues() (map[string]interface{}, error) { + return a.c.Request("ascan/view/optionEncodeCookieValues/", nil) +} + +// Tells whether or not the active scanner should inject the HTTP request header X-ZAP-Scan-ID, with the ID of the scan rule that's sending the requests. func (a Ascan) OptionInjectPluginIdInHeader() (map[string]interface{}, error) { return a.c.Request("ascan/view/optionInjectPluginIdInHeader/", nil) } @@ -198,7 +208,7 @@ func (a Ascan) OptionShowAdvancedDialog() (map[string]interface{}, error) { return a.c.Request("ascan/view/optionShowAdvancedDialog/", nil) } -// Runs the active scanner against the given URL and/or Context. Optionally, the 'recurse' parameter can be used to scan URLs under the given URL, the parameter 'inScopeOnly' can be used to constrain the scan to URLs that are in scope (ignored if a Context is specified), the parameter 'scanPolicyName' allows to specify the scan policy (if none is given it uses the default scan policy), the parameters 'method' and 'postData' allow to select a given request in conjunction with the given URL. +// Runs the active scanner against the given URL or Context. Optionally, the 'recurse' parameter can be used to scan URLs under the given URL, the parameter 'inScopeOnly' can be used to constrain the scan to URLs that are in scope (ignored if a Context is specified), the parameter 'scanPolicyName' allows to specify the scan policy (if none is given it uses the default scan policy), the parameters 'method' and 'postData' allow to select a given request in conjunction with the given URL. func (a Ascan) Scan(url string, recurse string, inscopeonly string, scanpolicyname string, method string, postdata string, contextid string) (map[string]interface{}, error) { m := map[string]string{ "url": url, @@ -283,7 +293,7 @@ func (a Ascan) ExcludeFromScan(regex string) (map[string]interface{}, error) { return a.c.Request("ascan/action/excludeFromScan/", m) } -// Enables all scanners of the scan policy with the given name, or the default if none given. +// Enables all scan rules of the scan policy with the given name, or the default if none given. func (a Ascan) EnableAllScanners(scanpolicyname string) (map[string]interface{}, error) { m := map[string]string{ "scanPolicyName": scanpolicyname, @@ -291,7 +301,7 @@ func (a Ascan) EnableAllScanners(scanpolicyname string) (map[string]interface{}, return a.c.Request("ascan/action/enableAllScanners/", m) } -// Disables all scanners of the scan policy with the given name, or the default if none given. +// Disables all scan rules of the scan policy with the given name, or the default if none given. func (a Ascan) DisableAllScanners(scanpolicyname string) (map[string]interface{}, error) { m := map[string]string{ "scanPolicyName": scanpolicyname, @@ -299,7 +309,7 @@ func (a Ascan) DisableAllScanners(scanpolicyname string) (map[string]interface{} return a.c.Request("ascan/action/disableAllScanners/", m) } -// Enables the scanners with the given IDs (comma separated list of IDs) of the scan policy with the given name, or the default if none given. +// Enables the scan rules with the given IDs (comma separated list of IDs) of the scan policy with the given name, or the default if none given. func (a Ascan) EnableScanners(ids string, scanpolicyname string) (map[string]interface{}, error) { m := map[string]string{ "ids": ids, @@ -308,7 +318,7 @@ func (a Ascan) EnableScanners(ids string, scanpolicyname string) (map[string]int return a.c.Request("ascan/action/enableScanners/", m) } -// Disables the scanners with the given IDs (comma separated list of IDs) of the scan policy with the given name, or the default if none given. +// Disables the scan rules with the given IDs (comma separated list of IDs) of the scan policy with the given name, or the default if none given. func (a Ascan) DisableScanners(ids string, scanpolicyname string) (map[string]interface{}, error) { m := map[string]string{ "ids": ids, @@ -423,7 +433,7 @@ func (a Ascan) RemoveExcludedParam(idx string) (map[string]interface{}, error) { return a.c.Request("ascan/action/removeExcludedParam/", m) } -// Skips the scanner using the given IDs of the scan and the scanner. +// Skips the scan rule using the given IDs of the scan and the scan rule. func (a Ascan) SkipScanner(scanid string, scannerid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -468,6 +478,14 @@ func (a Ascan) SetOptionDelayInMs(i int) (map[string]interface{}, error) { return a.c.Request("ascan/action/setOptionDelayInMs/", m) } +// Sets whether or not the active scanner should encode cookie values. +func (a Ascan) SetOptionEncodeCookieValues(boolean bool) (map[string]interface{}, error) { + m := map[string]string{ + "Boolean": strconv.FormatBool(boolean), + } + return a.c.Request("ascan/action/setOptionEncodeCookieValues/", m) +} + func (a Ascan) SetOptionHandleAntiCSRFTokens(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -482,7 +500,7 @@ func (a Ascan) SetOptionHostPerScan(i int) (map[string]interface{}, error) { return a.c.Request("ascan/action/setOptionHostPerScan/", m) } -// Sets whether or not the active scanner should inject the HTTP request header X-ZAP-Scan-ID, with the ID of the scanner that's sending the requests. +// Sets whether or not the active scanner should inject the HTTP request header X-ZAP-Scan-ID, with the ID of the scan rule that's sending the requests. func (a Ascan) SetOptionInjectPluginIdInHeader(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -490,6 +508,14 @@ func (a Ascan) SetOptionInjectPluginIdInHeader(boolean bool) (map[string]interfa return a.c.Request("ascan/action/setOptionInjectPluginIdInHeader/", m) } +// Sets the maximum number of alerts that a rule can raise before being skipped. +func (a Ascan) SetOptionMaxAlertsPerRule(i int) (map[string]interface{}, error) { + m := map[string]string{ + "Integer": strconv.Itoa(i), + } + return a.c.Request("ascan/action/setOptionMaxAlertsPerRule/", m) +} + func (a Ascan) SetOptionMaxChartTimeInMins(i int) (map[string]interface{}, error) { m := map[string]string{ "Integer": strconv.Itoa(i), diff --git a/zap/authentication_generated.go b/zap-api-go/zap/authentication_generated.go similarity index 98% rename from zap/authentication_generated.go rename to zap-api-go/zap/authentication_generated.go index 9ff7247..771edfd 100644 --- a/zap/authentication_generated.go +++ b/zap-api-go/zap/authentication_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/authorization_generated.go b/zap-api-go/zap/authorization_generated.go similarity index 97% rename from zap/authorization_generated.go rename to zap-api-go/zap/authorization_generated.go index bd6882f..dbb8fd6 100644 --- a/zap/authorization_generated.go +++ b/zap-api-go/zap/authorization_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/automation_generated.go b/zap-api-go/zap/automation_generated.go similarity index 100% rename from zap/automation_generated.go rename to zap-api-go/zap/automation_generated.go diff --git a/zap/autoupdate_generated.go b/zap-api-go/zap/autoupdate_generated.go similarity index 99% rename from zap/autoupdate_generated.go rename to zap-api-go/zap/autoupdate_generated.go index 9ece400..48e40da 100644 --- a/zap/autoupdate_generated.go +++ b/zap-api-go/zap/autoupdate_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/brk_generated.go b/zap-api-go/zap/brk_generated.go similarity index 98% rename from zap/brk_generated.go rename to zap-api-go/zap/brk_generated.go index 93137f3..5dc1521 100644 --- a/zap/brk_generated.go +++ b/zap-api-go/zap/brk_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/client.go b/zap-api-go/zap/client.go similarity index 87% rename from zap/client.go rename to zap-api-go/zap/client.go index 4044190..e255897 100644 --- a/zap/client.go +++ b/zap-api-go/zap/client.go @@ -22,19 +22,18 @@ import ( "crypto/tls" "encoding/json" "fmt" - "io/ioutil" + "io" + "log" "net/http" "net/url" ) const ( - DefaultBase = "http://zap/JSON/" - DefaultBaseOther = "http://zap/OTHER/" - DefaultHTTPSBase = "https://zap/JSON/" - DefaultHTTPSBaseOther = "https://zap/OTHER/" - DefaultProxy = "tcp://127.0.0.1:8080" - ZAP_API_KEY_PARAM = "apikey" - ZAP_API_KEY_HEADER = "X-ZAP-API-Key" + DefaultBase = "http://zap/JSON/" + DefaultBaseOther = "http://zap/OTHER/" + DefaultProxy = "tcp://127.0.0.1:8080" + ZAP_API_KEY_PARAM = "apikey" + ZAP_API_KEY_HEADER = "X-ZAP-API-Key" ) // Config defines the config of ZAP client @@ -134,8 +133,13 @@ func (c *Client) request(path string, queryParams map[string]string) ([]byte, er resp, err := c.httpClient.Do(req) if err != nil { - return nil, fmt.Errorf("Errored when sending request to the server: %v", err) + return nil, fmt.Errorf("errored when sending request to the server: %v", err) } - defer resp.Body.Close() - return ioutil.ReadAll(resp.Body) + defer func(Body io.ReadCloser) { + errClose := Body.Close() + if errClose != nil { + log.Printf("Error closing response body: %v", errClose) + } + }(resp.Body) + return io.ReadAll(resp.Body) } diff --git a/zap/context_generated.go b/zap-api-go/zap/context_generated.go similarity index 99% rename from zap/context_generated.go rename to zap-api-go/zap/context_generated.go index e299c4d..acc5e7d 100644 --- a/zap/context_generated.go +++ b/zap-api-go/zap/context_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/core_generated.go b/zap-api-go/zap/core_generated.go similarity index 94% rename from zap/core_generated.go rename to zap-api-go/zap/core_generated.go index 8cb9389..ca7741d 100644 --- a/zap/core_generated.go +++ b/zap-api-go/zap/core_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -187,6 +187,14 @@ func (c Core) NumberOfAlerts(baseurl string, riskid string) (map[string]interfac return c.c.Request("core/view/numberOfAlerts/", m) } +// The detailed logging config, optionally filtered based on a name (ex: starts with). +func (c Core) GetLogLevel(name string) (map[string]interface{}, error) { + m := map[string]string{ + "name": name, + } + return c.c.Request("core/view/getLogLevel/", m) +} + // Gets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy). func (c Core) OptionDefaultUserAgent() (map[string]interface{}, error) { return c.c.Request("core/view/optionDefaultUserAgent/", nil) @@ -201,6 +209,10 @@ func (c Core) OptionHttpState() (map[string]interface{}, error) { return c.c.Request("core/view/optionHttpState/", nil) } +func (c Core) OptionHttpStateEnabled() (map[string]interface{}, error) { + return c.c.Request("core/view/optionHttpStateEnabled/", nil) +} + func (c Core) OptionProxyChainName() (map[string]interface{}, error) { return c.c.Request("core/view/optionProxyChainName/", nil) } @@ -213,6 +225,10 @@ func (c Core) OptionProxyChainPort() (map[string]interface{}, error) { return c.c.Request("core/view/optionProxyChainPort/", nil) } +func (c Core) OptionProxyChainPrompt() (map[string]interface{}, error) { + return c.c.Request("core/view/optionProxyChainPrompt/", nil) +} + func (c Core) OptionProxyChainRealm() (map[string]interface{}, error) { return c.c.Request("core/view/optionProxyChainRealm/", nil) } @@ -221,23 +237,15 @@ func (c Core) OptionProxyChainUserName() (map[string]interface{}, error) { return c.c.Request("core/view/optionProxyChainUserName/", nil) } +func (c Core) OptionSingleCookieRequestHeader() (map[string]interface{}, error) { + return c.c.Request("core/view/optionSingleCookieRequestHeader/", nil) +} + // Gets the connection time out (in seconds). func (c Core) OptionTimeoutInSecs() (map[string]interface{}, error) { return c.c.Request("core/view/optionTimeoutInSecs/", nil) } -func (c Core) OptionHttpStateEnabled() (map[string]interface{}, error) { - return c.c.Request("core/view/optionHttpStateEnabled/", nil) -} - -func (c Core) OptionProxyChainPrompt() (map[string]interface{}, error) { - return c.c.Request("core/view/optionProxyChainPrompt/", nil) -} - -func (c Core) OptionSingleCookieRequestHeader() (map[string]interface{}, error) { - return c.c.Request("core/view/optionSingleCookieRequestHeader/", nil) -} - func (c Core) OptionUseProxyChain() (map[string]interface{}, error) { return c.c.Request("core/view/optionUseProxyChain/", nil) } @@ -434,6 +442,14 @@ func (c Core) DisableClientCertificate() (map[string]interface{}, error) { return c.c.Request("core/action/disableClientCertificate/", nil) } +// Create a zip file of the ZAP core and add-on SBOMs +func (c Core) CreateSbomZip(filepath string) (map[string]interface{}, error) { + m := map[string]string{ + "filePath": filepath, + } + return c.c.Request("core/action/createSbomZip/", m) +} + // Deletes all alerts of the current session. func (c Core) DeleteAllAlerts() (map[string]interface{}, error) { return c.c.Request("core/action/deleteAllAlerts/", nil) @@ -447,6 +463,15 @@ func (c Core) DeleteAlert(id string) (map[string]interface{}, error) { return c.c.Request("core/action/deleteAlert/", m) } +// Sets the logging level for a given logger name. +func (c Core) SetLogLevel(name string, loglevel string) (map[string]interface{}, error) { + m := map[string]string{ + "name": name, + "logLevel": loglevel, + } + return c.c.Request("core/action/setLogLevel/", m) +} + // Sets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy). func (c Core) SetOptionDefaultUserAgent(str string) (map[string]interface{}, error) { m := map[string]string{ @@ -455,69 +480,69 @@ func (c Core) SetOptionDefaultUserAgent(str string) (map[string]interface{}, err return c.c.Request("core/action/setOptionDefaultUserAgent/", m) } -func (c Core) SetOptionProxyChainName(str string) (map[string]interface{}, error) { +// Sets the TTL (in seconds) of successful DNS queries (applies after ZAP restart). +func (c Core) SetOptionDnsTtlSuccessfulQueries(i int) (map[string]interface{}, error) { m := map[string]string{ - "String": str, + "Integer": strconv.Itoa(i), } - return c.c.Request("core/action/setOptionProxyChainName/", m) + return c.c.Request("core/action/setOptionDnsTtlSuccessfulQueries/", m) } -func (c Core) SetOptionProxyChainPassword(str string) (map[string]interface{}, error) { +func (c Core) SetOptionHttpStateEnabled(boolean bool) (map[string]interface{}, error) { m := map[string]string{ - "String": str, + "Boolean": strconv.FormatBool(boolean), } - return c.c.Request("core/action/setOptionProxyChainPassword/", m) + return c.c.Request("core/action/setOptionHttpStateEnabled/", m) } -func (c Core) SetOptionProxyChainRealm(str string) (map[string]interface{}, error) { +func (c Core) SetOptionProxyChainName(str string) (map[string]interface{}, error) { m := map[string]string{ "String": str, } - return c.c.Request("core/action/setOptionProxyChainRealm/", m) + return c.c.Request("core/action/setOptionProxyChainName/", m) } -// Use actions [add|modify|remove]ProxyChainExcludedDomain instead. -func (c Core) SetOptionProxyChainSkipName(str string) (map[string]interface{}, error) { +func (c Core) SetOptionProxyChainPassword(str string) (map[string]interface{}, error) { m := map[string]string{ "String": str, } - return c.c.Request("core/action/setOptionProxyChainSkipName/", m) + return c.c.Request("core/action/setOptionProxyChainPassword/", m) } -func (c Core) SetOptionProxyChainUserName(str string) (map[string]interface{}, error) { +func (c Core) SetOptionProxyChainPort(i int) (map[string]interface{}, error) { m := map[string]string{ - "String": str, + "Integer": strconv.Itoa(i), } - return c.c.Request("core/action/setOptionProxyChainUserName/", m) + return c.c.Request("core/action/setOptionProxyChainPort/", m) } -// Sets the TTL (in seconds) of successful DNS queries (applies after ZAP restart). -func (c Core) SetOptionDnsTtlSuccessfulQueries(i int) (map[string]interface{}, error) { +func (c Core) SetOptionProxyChainPrompt(boolean bool) (map[string]interface{}, error) { m := map[string]string{ - "Integer": strconv.Itoa(i), + "Boolean": strconv.FormatBool(boolean), } - return c.c.Request("core/action/setOptionDnsTtlSuccessfulQueries/", m) + return c.c.Request("core/action/setOptionProxyChainPrompt/", m) } -func (c Core) SetOptionHttpStateEnabled(boolean bool) (map[string]interface{}, error) { +func (c Core) SetOptionProxyChainRealm(str string) (map[string]interface{}, error) { m := map[string]string{ - "Boolean": strconv.FormatBool(boolean), + "String": str, } - return c.c.Request("core/action/setOptionHttpStateEnabled/", m) + return c.c.Request("core/action/setOptionProxyChainRealm/", m) } -func (c Core) SetOptionProxyChainPort(i int) (map[string]interface{}, error) { +// Use actions [add|modify|remove]ProxyChainExcludedDomain instead. +func (c Core) SetOptionProxyChainSkipName(str string) (map[string]interface{}, error) { m := map[string]string{ - "Integer": strconv.Itoa(i), + "String": str, } - return c.c.Request("core/action/setOptionProxyChainPort/", m) + return c.c.Request("core/action/setOptionProxyChainSkipName/", m) } -func (c Core) SetOptionProxyChainPrompt(boolean bool) (map[string]interface{}, error) { +func (c Core) SetOptionProxyChainUserName(str string) (map[string]interface{}, error) { m := map[string]string{ - "Boolean": strconv.FormatBool(boolean), + "String": str, } - return c.c.Request("core/action/setOptionProxyChainPrompt/", m) + return c.c.Request("core/action/setOptionProxyChainUserName/", m) } func (c Core) SetOptionSingleCookieRequestHeader(boolean bool) (map[string]interface{}, error) { @@ -628,3 +653,20 @@ func (c Core) SendHarRequest(request string, followredirects string) ([]byte, er } return c.c.RequestOther("core/other/sendHarRequest/", m) } + +// Download a file from the transfer directory +func (c Core) FileDownload(filename string) ([]byte, error) { + m := map[string]string{ + "fileName": filename, + } + return c.c.RequestOther("core/other/fileDownload/", m) +} + +// Upload a file to the transfer directory. Only POST requests accepted with encodings of "multipart/form-data" or "application/x-www-form-urlencoded". +func (c Core) FileUpload(filename string, filecontents string) ([]byte, error) { + m := map[string]string{ + "fileName": filename, + "fileContents": filecontents, + } + return c.c.RequestOther("core/other/fileUpload/", m) +} diff --git a/zap-api-go/zap/custompayloads_generated.go b/zap-api-go/zap/custompayloads_generated.go new file mode 100644 index 0000000..b90368c --- /dev/null +++ b/zap-api-go/zap/custompayloads_generated.go @@ -0,0 +1,107 @@ +// Zed Attack Proxy (ZAP) and its related class files. +// +// ZAP is an HTTP/HTTPS proxy for assessing web application security. +// +// Copyright 2017 the ZAP development team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// *** This file was automatically generated. *** +// + +package zap + +type Custompayloads struct { + c *Client +} + +// Lists all available categories. +// +// This component is optional and therefore the API will only work if it is installed +func (c Custompayloads) CustomPayloadsCategories() (map[string]interface{}, error) { + return c.c.Request("custompayloads/view/customPayloadsCategories/", nil) +} + +// Lists all the payloads currently loaded (category, payload, enabled state). Optionally filtered by category. +// +// This component is optional and therefore the API will only work if it is installed +func (c Custompayloads) CustomPayloads(category string) (map[string]interface{}, error) { + m := map[string]string{ + "category": category, + } + return c.c.Request("custompayloads/view/customPayloads/", m) +} + +// Disables payloads for a given category. +// +// This component is optional and therefore the API will only work if it is installed +func (c Custompayloads) DisableCustomPayloads(category string) (map[string]interface{}, error) { + m := map[string]string{ + "category": category, + } + return c.c.Request("custompayloads/action/disableCustomPayloads/", m) +} + +// Enables payloads for a given category. +// +// This component is optional and therefore the API will only work if it is installed +func (c Custompayloads) EnableCustomPayloads(category string) (map[string]interface{}, error) { + m := map[string]string{ + "category": category, + } + return c.c.Request("custompayloads/action/enableCustomPayloads/", m) +} + +// Removes a payload. +// +// This component is optional and therefore the API will only work if it is installed +func (c Custompayloads) RemoveCustomPayload(category string, payload string) (map[string]interface{}, error) { + m := map[string]string{ + "category": category, + "payload": payload, + } + return c.c.Request("custompayloads/action/removeCustomPayload/", m) +} + +// Adds a new payload. +// +// This component is optional and therefore the API will only work if it is installed +func (c Custompayloads) AddCustomPayload(category string, payload string) (map[string]interface{}, error) { + m := map[string]string{ + "category": category, + "payload": payload, + } + return c.c.Request("custompayloads/action/addCustomPayload/", m) +} + +// Enables a given payload. +// +// This component is optional and therefore the API will only work if it is installed +func (c Custompayloads) EnableCustomPayload(category string, payload string) (map[string]interface{}, error) { + m := map[string]string{ + "category": category, + "payload": payload, + } + return c.c.Request("custompayloads/action/enableCustomPayload/", m) +} + +// Disables a given payload. +// +// This component is optional and therefore the API will only work if it is installed +func (c Custompayloads) DisableCustomPayload(category string, payload string) (map[string]interface{}, error) { + m := map[string]string{ + "category": category, + "payload": payload, + } + return c.c.Request("custompayloads/action/disableCustomPayload/", m) +} diff --git a/zap-api-go/zap/exim_generated.go b/zap-api-go/zap/exim_generated.go new file mode 100644 index 0000000..b90f33a --- /dev/null +++ b/zap-api-go/zap/exim_generated.go @@ -0,0 +1,99 @@ +// Zed Attack Proxy (ZAP) and its related class files. +// +// ZAP is an HTTP/HTTPS proxy for assessing web application security. +// +// Copyright 2017 the ZAP development team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// *** This file was automatically generated. *** +// + +package zap + +type Exim struct { + c *Client +} + +// Imports a HAR file. +// +// This component is optional and therefore the API will only work if it is installed +func (e Exim) ImportHar(filepath string) (map[string]interface{}, error) { + m := map[string]string{ + "filePath": filepath, + } + return e.c.Request("exim/action/importHar/", m) +} + +// Imports URLs (one per line) from the file with the given file system path. +// +// This component is optional and therefore the API will only work if it is installed +func (e Exim) ImportUrls(filepath string) (map[string]interface{}, error) { + m := map[string]string{ + "filePath": filepath, + } + return e.c.Request("exim/action/importUrls/", m) +} + +// Imports previously exported ZAP messages from the file with the given file system path. +// +// This component is optional and therefore the API will only work if it is installed +func (e Exim) ImportZapLogs(filepath string) (map[string]interface{}, error) { + m := map[string]string{ + "filePath": filepath, + } + return e.c.Request("exim/action/importZapLogs/", m) +} + +// Imports ModSecurity2 logs from the file with the given file system path. +// +// This component is optional and therefore the API will only work if it is installed +func (e Exim) ImportModsec2Logs(filepath string) (map[string]interface{}, error) { + m := map[string]string{ + "filePath": filepath, + } + return e.c.Request("exim/action/importModsec2Logs/", m) +} + +// Gets the HTTP messages sent through/by ZAP, in HAR format, optionally filtered by URL and paginated with 'start' position and 'count' of messages +// +// This component is optional and therefore the API will only work if it is installed +func (e Exim) ExportHar(baseurl string, start string, count string) ([]byte, error) { + m := map[string]string{ + "baseurl": baseurl, + "start": start, + "count": count, + } + return e.c.RequestOther("exim/other/exportHar/", m) +} + +// Gets the HTTP messages with the given IDs, in HAR format. +// +// This component is optional and therefore the API will only work if it is installed +func (e Exim) ExportHarById(ids string) ([]byte, error) { + m := map[string]string{ + "ids": ids, + } + return e.c.RequestOther("exim/other/exportHarById/", m) +} + +// Sends the first HAR request entry, optionally following redirections. Returns, in HAR format, the request sent and response received and followed redirections, if any. The Mode is enforced when sending the request (and following redirections), custom manual requests are not allowed in 'Safe' mode nor in 'Protected' mode if out of scope. +// +// This component is optional and therefore the API will only work if it is installed +func (e Exim) SendHarRequest(request string, followredirects string) ([]byte, error) { + m := map[string]string{ + "request": request, + "followRedirects": followredirects, + } + return e.c.RequestOther("exim/other/sendHarRequest/", m) +} diff --git a/zap/forced-user_generated.go b/zap-api-go/zap/forced-user_generated.go similarity index 97% rename from zap/forced-user_generated.go rename to zap-api-go/zap/forced-user_generated.go index 84a8f01..118386b 100644 --- a/zap/forced-user_generated.go +++ b/zap-api-go/zap/forced-user_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap-api-go/zap/generate_interface.sh b/zap-api-go/zap/generate_interface.sh new file mode 100644 index 0000000..e8d5dfb --- /dev/null +++ b/zap-api-go/zap/generate_interface.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +# Create or clear the interface.go file +output_file="interface.go" +echo "// Package zap defines the interface a ZAP client should implement" > $output_file +echo "package zap" >> $output_file +echo "" >> $output_file +echo "// Interface defines the interface a ZAP client should implement" >> $output_file +echo "type Interface interface {" >> $output_file + +# Find all _generated.go files +generated_files=$(find . -name "*_generated.go") + +# Loop through each _generated.go file and extract the struct and function +for file in $generated_files; do + struct_name=$(grep -o 'type [^ ]* struct' "$file" | awk '{print $2}') + if [ -n "$struct_name" ]; then + echo " $struct_name() *$struct_name" >> $output_file + fi +done + +echo "}" >> $output_file +echo "" >> $output_file + +# Loop through each _generated.go file again to extract and write function implementations +for file in $generated_files; do + struct_name=$(grep -o 'type [^ ]* struct' "$file" | awk '{print $2}') + if [ -n "$struct_name" ]; then + echo "// $struct_name() returns a $struct_name client" >> $output_file + echo "func (c *Client) $struct_name() *$struct_name {" >> $output_file + echo " return &$struct_name{c}" >> $output_file + echo "}" >> $output_file + echo "" >> $output_file + fi +done + +echo "interface.go file has been generated." diff --git a/zap/graphql_generated.go b/zap-api-go/zap/graphql_generated.go similarity index 91% rename from zap/graphql_generated.go rename to zap-api-go/zap/graphql_generated.go index 98d59cb..c4399ac 100644 --- a/zap/graphql_generated.go +++ b/zap-api-go/zap/graphql_generated.go @@ -69,6 +69,13 @@ func (g Graphql) OptionOptionalArgsEnabled() (map[string]interface{}, error) { return g.c.Request("graphql/view/optionOptionalArgsEnabled/", nil) } +// Returns whether the query generator is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (g Graphql) OptionQueryGenEnabled() (map[string]interface{}, error) { + return g.c.Request("graphql/view/optionQueryGenEnabled/", nil) +} + // Returns the current level for which a single query is generated. // // This component is optional and therefore the API will only work if it is installed @@ -184,3 +191,13 @@ func (g Graphql) SetOptionOptionalArgsEnabled(boolean bool) (map[string]interfac } return g.c.Request("graphql/action/setOptionOptionalArgsEnabled/", m) } + +// Sets whether the query generator is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (g Graphql) SetOptionQueryGenEnabled(boolean bool) (map[string]interface{}, error) { + m := map[string]string{ + "Boolean": strconv.FormatBool(boolean), + } + return g.c.Request("graphql/action/setOptionQueryGenEnabled/", m) +} diff --git a/zap/http-sessions_generated.go b/zap-api-go/zap/http-sessions_generated.go similarity index 99% rename from zap/http-sessions_generated.go rename to zap-api-go/zap/http-sessions_generated.go index 391e136..c5ab160 100644 --- a/zap/http-sessions_generated.go +++ b/zap-api-go/zap/http-sessions_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/interface.go b/zap-api-go/zap/interface.go similarity index 75% rename from zap/interface.go rename to zap-api-go/zap/interface.go index 8b291bb..b731a6f 100644 --- a/zap/interface.go +++ b/zap-api-go/zap/interface.go @@ -1,116 +1,103 @@ -// Zed Attack Proxy (ZAP) and its related class files. -// -// ZAP is an HTTP/HTTPS proxy for assessing web application security. -// -// Copyright 2022 the ZAP development team -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// TODO: auto generate this file +// Package zap defines the interface a ZAP client should implement package zap // Interface defines the interface a ZAP client should implement type Interface interface { - AccessControl() *AccessControl - Acsrf() *Acsrf - AjaxSpider() *AjaxSpider Alert() *Alert - AlertFilter() *AlertFilter - Ascan() *Ascan + Postman() *Postman Authentication() *Authentication - Authorization() *Authorization - Automation() *Automation + Retest() *Retest + Network() *Network + Pnh() *Pnh + Graphql() *Graphql + Soap() *Soap + Spider() *Spider Autoupdate() *Autoupdate + Core() *Core Break() *Break + Exim() *Exim Context() *Context - Core() *Core - Exportreport() *Exportreport + Pscan() *Pscan ForcedUser() *ForcedUser - Graphql() *Graphql + Script() *Script + Authorization() *Authorization + Automation() *Automation + Search() *Search + Reports() *Reports + Selenium() *Selenium HttpSessions() *HttpSessions - ImportLogFiles() *ImportLogFiles - Importurls() *Importurls - LocalProxies() *LocalProxies + Websocket() *Websocket Openapi() *Openapi - Params() *Params - Pnh() *Pnh - Pscan() *Pscan - Replacer() *Replacer - Reports() *Reports - Retest() *Retest + AjaxSpider() *AjaxSpider + AccessControl() *AccessControl Reveal() *Reveal + Params() *Params Revisit() *Revisit - RuleConfig() *RuleConfig - Script() *Script - Search() *Search - Selenium() *Selenium - SessionManagement() *SessionManagement - Soap() *Soap - Spider() *Spider - Stats() *Stats + AlertFilter() *AlertFilter + Replacer() *Replacer Users() *Users + Acsrf() *Acsrf + Ascan() *Ascan Wappalyzer() *Wappalyzer - Websocket() *Websocket + Stats() *Stats + RuleConfig() *RuleConfig + SessionManagement() *SessionManagement + Custompayloads() *Custompayloads } -// AccessControl() returns a AccessControl client -func (c *Client) AccessControl() *AccessControl { - return &AccessControl{c} +// Alert() returns a Alert client +func (c *Client) Alert() *Alert { + return &Alert{c} } -// Acsrf() returns a Acsrf client -func (c *Client) Acsrf() *Acsrf { - return &Acsrf{c} +// Postman() returns a Postman client +func (c *Client) Postman() *Postman { + return &Postman{c} } -// AjaxSpider() returns a AjaxSpider client -func (c *Client) AjaxSpider() *AjaxSpider { - return &AjaxSpider{c} +// Authentication() returns a Authentication client +func (c *Client) Authentication() *Authentication { + return &Authentication{c} } -// Alert() returns a Alert client -func (c *Client) Alert() *Alert { - return &Alert{c} +// Retest() returns a Retest client +func (c *Client) Retest() *Retest { + return &Retest{c} } -// AlertFilter() returns a AlertFilter client -func (c *Client) AlertFilter() *AlertFilter { - return &AlertFilter{c} +// Network() returns a Network client +func (c *Client) Network() *Network { + return &Network{c} } -// Ascan() returns a Ascan client -func (c *Client) Ascan() *Ascan { - return &Ascan{c} +// Pnh() returns a Pnh client +func (c *Client) Pnh() *Pnh { + return &Pnh{c} } -// Authentication() returns a Authentication client -func (c *Client) Authentication() *Authentication { - return &Authentication{c} +// Graphql() returns a Graphql client +func (c *Client) Graphql() *Graphql { + return &Graphql{c} } -// Authorization() returns a Authorization client -func (c *Client) Authorization() *Authorization { - return &Authorization{c} +// Soap() returns a Soap client +func (c *Client) Soap() *Soap { + return &Soap{c} +} + +// Spider() returns a Spider client +func (c *Client) Spider() *Spider { + return &Spider{c} } -// Autoupdate returns an Autoupdate client +// Autoupdate() returns a Autoupdate client func (c *Client) Autoupdate() *Autoupdate { return &Autoupdate{c} } -// Automation() returns an Automation client -func (c *Client) Automation() *Automation { - return &Automation{c} +// Core() returns a Core client +func (c *Client) Core() *Core { + return &Core{c} } // Break() returns a Break client @@ -118,19 +105,19 @@ func (c *Client) Break() *Break { return &Break{c} } +// Exim() returns a Exim client +func (c *Client) Exim() *Exim { + return &Exim{c} +} + // Context() returns a Context client func (c *Client) Context() *Context { return &Context{c} } -// Core() returns a Core client -func (c *Client) Core() *Core { - return &Core{c} -} - -// Exportreport() returns a Exportreport client -func (c *Client) Exportreport() *Exportreport { - return &Exportreport{c} +// Pscan() returns a Pscan client +func (c *Client) Pscan() *Pscan { + return &Pscan{c} } // ForcedUser() returns a ForcedUser client @@ -138,64 +125,59 @@ func (c *Client) ForcedUser() *ForcedUser { return &ForcedUser{c} } -// Graphql() returns a Graphql client -func (c *Client) Graphql() *Graphql { - return &Graphql{c} -} - -// HttpSessions() returns a HttpSessions client -func (c *Client) HttpSessions() *HttpSessions { - return &HttpSessions{c} +// Script() returns a Script client +func (c *Client) Script() *Script { + return &Script{c} } -// ImportLogFiles() returns a ImportLogFiles client -func (c *Client) ImportLogFiles() *ImportLogFiles { - return &ImportLogFiles{c} +// Authorization() returns a Authorization client +func (c *Client) Authorization() *Authorization { + return &Authorization{c} } -// Importurls() returns a Importurls client -func (c *Client) Importurls() *Importurls { - return &Importurls{c} +// Automation() returns a Automation client +func (c *Client) Automation() *Automation { + return &Automation{c} } -// LocalProxies() returns a LocalProxies client -func (c *Client) LocalProxies() *LocalProxies { - return &LocalProxies{c} +// Search() returns a Search client +func (c *Client) Search() *Search { + return &Search{c} } -// Openapi() returns a Openapi clinet -func (c *Client) Openapi() *Openapi { - return &Openapi{c} +// Reports() returns a Reports client +func (c *Client) Reports() *Reports { + return &Reports{c} } -// Params() returns a Params client -func (c *Client) Params() *Params { - return &Params{c} +// Selenium() returns a Selenium client +func (c *Client) Selenium() *Selenium { + return &Selenium{c} } -// Pnh() returns a Pnh client -func (c *Client) Pnh() *Pnh { - return &Pnh{c} +// HttpSessions() returns a HttpSessions client +func (c *Client) HttpSessions() *HttpSessions { + return &HttpSessions{c} } -// Pscan() returns a Pscan client -func (c *Client) Pscan() *Pscan { - return &Pscan{c} +// Websocket() returns a Websocket client +func (c *Client) Websocket() *Websocket { + return &Websocket{c} } -// Replacer() returns a Replacer client -func (c *Client) Replacer() *Replacer { - return &Replacer{c} +// Openapi() returns a Openapi client +func (c *Client) Openapi() *Openapi { + return &Openapi{c} } -// Reports() returns a Reports client -func (c *Client) Reports() *Reports { - return &Reports{c} +// AjaxSpider() returns a AjaxSpider client +func (c *Client) AjaxSpider() *AjaxSpider { + return &AjaxSpider{c} } -// Retest() returns a Retest client -func (c *Client) Retest() *Retest { - return &Retest{c} +// AccessControl() returns a AccessControl client +func (c *Client) AccessControl() *AccessControl { + return &AccessControl{c} } // Reveal() returns a Reveal client @@ -203,44 +185,44 @@ func (c *Client) Reveal() *Reveal { return &Reveal{c} } +// Params() returns a Params client +func (c *Client) Params() *Params { + return &Params{c} +} + // Revisit() returns a Revisit client func (c *Client) Revisit() *Revisit { return &Revisit{c} } -// RuleConfig() returns a RuleConfig client -func (c *Client) RuleConfig() *RuleConfig { - return &RuleConfig{c} -} - -// Script() returns a Script client -func (c *Client) Script() *Script { - return &Script{c} +// AlertFilter() returns a AlertFilter client +func (c *Client) AlertFilter() *AlertFilter { + return &AlertFilter{c} } -// Search() returns a Search client -func (c *Client) Search() *Search { - return &Search{c} +// Replacer() returns a Replacer client +func (c *Client) Replacer() *Replacer { + return &Replacer{c} } -// Selenium() returns a Selenium client -func (c *Client) Selenium() *Selenium { - return &Selenium{c} +// Users() returns a Users client +func (c *Client) Users() *Users { + return &Users{c} } -// SessionManagement() returns a SessionManagement client -func (c *Client) SessionManagement() *SessionManagement { - return &SessionManagement{c} +// Acsrf() returns a Acsrf client +func (c *Client) Acsrf() *Acsrf { + return &Acsrf{c} } -// Soap() returns a Soap client -func (c *Client) Soap() *Soap { - return &Soap{c} +// Ascan() returns a Ascan client +func (c *Client) Ascan() *Ascan { + return &Ascan{c} } -// Spider() returns a Spider client -func (c *Client) Spider() *Spider { - return &Spider{c} +// Wappalyzer() returns a Wappalyzer client +func (c *Client) Wappalyzer() *Wappalyzer { + return &Wappalyzer{c} } // Stats() returns a Stats client @@ -248,17 +230,17 @@ func (c *Client) Stats() *Stats { return &Stats{c} } -// Users() returns a Users client -func (c *Client) Users() *Users { - return &Users{c} +// RuleConfig() returns a RuleConfig client +func (c *Client) RuleConfig() *RuleConfig { + return &RuleConfig{c} } -// Wappalyzer() returns a Wappalyzer client -func (c *Client) Wappalyzer() *Wappalyzer { - return &Wappalyzer{c} +// SessionManagement() returns a SessionManagement client +func (c *Client) SessionManagement() *SessionManagement { + return &SessionManagement{c} } -// Websocket() returns a Websocket client -func (c *Client) Websocket() *Websocket { - return &Websocket{c} +// Custompayloads() returns a Custompayloads client +func (c *Client) Custompayloads() *Custompayloads { + return &Custompayloads{c} } diff --git a/zap-api-go/zap/network_generated.go b/zap-api-go/zap/network_generated.go new file mode 100644 index 0000000..dcf0540 --- /dev/null +++ b/zap-api-go/zap/network_generated.go @@ -0,0 +1,479 @@ +// Zed Attack Proxy (ZAP) and its related class files. +// +// ZAP is an HTTP/HTTPS proxy for assessing web application security. +// +// Copyright 2017 the ZAP development team +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// *** This file was automatically generated. *** +// + +package zap + +type Network struct { + c *Client +} + +// Gets the Root CA certificate validity, in days. Used when generating a new Root CA certificate. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetRootCaCertValidity() (map[string]interface{}, error) { + return n.c.Request("network/view/getRootCaCertValidity/", nil) +} + +// Gets the server certificate validity, in days. Used when generating server certificates. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetServerCertValidity() (map[string]interface{}, error) { + return n.c.Request("network/view/getServerCertValidity/", nil) +} + +// Gets the aliases used to identify the local servers/proxies. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetAliases() (map[string]interface{}, error) { + return n.c.Request("network/view/getAliases/", nil) +} + +// Gets the local servers/proxies. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetLocalServers() (map[string]interface{}, error) { + return n.c.Request("network/view/getLocalServers/", nil) +} + +// Gets the authorities that will pass-through the local proxies. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetPassThroughs() (map[string]interface{}, error) { + return n.c.Request("network/view/getPassThroughs/", nil) +} + +// Gets the connection timeout, in seconds. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetConnectionTimeout() (map[string]interface{}, error) { + return n.c.Request("network/view/getConnectionTimeout/", nil) +} + +// Gets the default user-agent. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetDefaultUserAgent() (map[string]interface{}, error) { + return n.c.Request("network/view/getDefaultUserAgent/", nil) +} + +// Gets the TTL (in seconds) of successful DNS queries. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetDnsTtlSuccessfulQueries() (map[string]interface{}, error) { + return n.c.Request("network/view/getDnsTtlSuccessfulQueries/", nil) +} + +// Gets the HTTP proxy. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetHttpProxy() (map[string]interface{}, error) { + return n.c.Request("network/view/getHttpProxy/", nil) +} + +// Gets the HTTP proxy exclusions. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetHttpProxyExclusions() (map[string]interface{}, error) { + return n.c.Request("network/view/getHttpProxyExclusions/", nil) +} + +// Gets the SOCKS proxy. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetSocksProxy() (map[string]interface{}, error) { + return n.c.Request("network/view/getSocksProxy/", nil) +} + +// Tells whether or not the HTTP proxy authentication is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) IsHttpProxyAuthEnabled() (map[string]interface{}, error) { + return n.c.Request("network/view/isHttpProxyAuthEnabled/", nil) +} + +// Tells whether or not the HTTP proxy is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) IsHttpProxyEnabled() (map[string]interface{}, error) { + return n.c.Request("network/view/isHttpProxyEnabled/", nil) +} + +// Tells whether or not the SOCKS proxy is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) IsSocksProxyEnabled() (map[string]interface{}, error) { + return n.c.Request("network/view/isSocksProxyEnabled/", nil) +} + +// Tells whether or not to use global HTTP state. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) IsUseGlobalHttpState() (map[string]interface{}, error) { + return n.c.Request("network/view/isUseGlobalHttpState/", nil) +} + +// List of rate limit rules. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GetRateLimitRules() (map[string]interface{}, error) { + return n.c.Request("network/view/getRateLimitRules/", nil) +} + +// Generates a new Root CA certificate, used to issue server certificates. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) GenerateRootCaCert() (map[string]interface{}, error) { + return n.c.Request("network/action/generateRootCaCert/", nil) +} + +// Imports a Root CA certificate to be used to issue server certificates. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) ImportRootCaCert(filepath string) (map[string]interface{}, error) { + m := map[string]string{ + "filePath": filepath, + } + return n.c.Request("network/action/importRootCaCert/", m) +} + +// Sets the Root CA certificate validity. Used when generating a new Root CA certificate. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetRootCaCertValidity(validity string) (map[string]interface{}, error) { + m := map[string]string{ + "validity": validity, + } + return n.c.Request("network/action/setRootCaCertValidity/", m) +} + +// Sets the server certificate validity. Used when generating server certificates. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetServerCertValidity(validity string) (map[string]interface{}, error) { + m := map[string]string{ + "validity": validity, + } + return n.c.Request("network/action/setServerCertValidity/", m) +} + +// Adds an alias for the local servers/proxies. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) AddAlias(name string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "name": name, + "enabled": enabled, + } + return n.c.Request("network/action/addAlias/", m) +} + +// Adds a local server/proxy. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) AddLocalServer(address string, port string, api string, proxy string, behindnat string, decoderesponse string, removeacceptencoding string) (map[string]interface{}, error) { + m := map[string]string{ + "address": address, + "port": port, + "api": api, + "proxy": proxy, + "behindNat": behindnat, + "decodeResponse": decoderesponse, + "removeAcceptEncoding": removeacceptencoding, + } + return n.c.Request("network/action/addLocalServer/", m) +} + +// Adds an authority to pass-through the local proxies. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) AddPassThrough(authority string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "authority": authority, + "enabled": enabled, + } + return n.c.Request("network/action/addPassThrough/", m) +} + +// Removes an alias. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) RemoveAlias(name string) (map[string]interface{}, error) { + m := map[string]string{ + "name": name, + } + return n.c.Request("network/action/removeAlias/", m) +} + +// Removes a local server/proxy. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) RemoveLocalServer(address string, port string) (map[string]interface{}, error) { + m := map[string]string{ + "address": address, + "port": port, + } + return n.c.Request("network/action/removeLocalServer/", m) +} + +// Removes a pass-through. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) RemovePassThrough(authority string) (map[string]interface{}, error) { + m := map[string]string{ + "authority": authority, + } + return n.c.Request("network/action/removePassThrough/", m) +} + +// Sets whether or not an alias is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetAliasEnabled(name string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "name": name, + "enabled": enabled, + } + return n.c.Request("network/action/setAliasEnabled/", m) +} + +// Sets whether or not a pass-through is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetPassThroughEnabled(authority string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "authority": authority, + "enabled": enabled, + } + return n.c.Request("network/action/setPassThroughEnabled/", m) +} + +// Sets the timeout, for reads and connects. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetConnectionTimeout(timeout string) (map[string]interface{}, error) { + m := map[string]string{ + "timeout": timeout, + } + return n.c.Request("network/action/setConnectionTimeout/", m) +} + +// Sets the default user-agent. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetDefaultUserAgent(useragent string) (map[string]interface{}, error) { + m := map[string]string{ + "userAgent": useragent, + } + return n.c.Request("network/action/setDefaultUserAgent/", m) +} + +// Sets the TTL of successful DNS queries. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetDnsTtlSuccessfulQueries(ttl string) (map[string]interface{}, error) { + m := map[string]string{ + "ttl": ttl, + } + return n.c.Request("network/action/setDnsTtlSuccessfulQueries/", m) +} + +// Adds a host to be excluded from the HTTP proxy. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) AddHttpProxyExclusion(host string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "host": host, + "enabled": enabled, + } + return n.c.Request("network/action/addHttpProxyExclusion/", m) +} + +// Removes an HTTP proxy exclusion. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) RemoveHttpProxyExclusion(host string) (map[string]interface{}, error) { + m := map[string]string{ + "host": host, + } + return n.c.Request("network/action/removeHttpProxyExclusion/", m) +} + +// Sets the HTTP proxy configuration. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetHttpProxy(host string, port string, realm string, username string, password string) (map[string]interface{}, error) { + m := map[string]string{ + "host": host, + "port": port, + "realm": realm, + "username": username, + "password": password, + } + return n.c.Request("network/action/setHttpProxy/", m) +} + +// Sets whether or not the HTTP proxy authentication is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetHttpProxyAuthEnabled(enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "enabled": enabled, + } + return n.c.Request("network/action/setHttpProxyAuthEnabled/", m) +} + +// Sets whether or not the HTTP proxy is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetHttpProxyEnabled(enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "enabled": enabled, + } + return n.c.Request("network/action/setHttpProxyEnabled/", m) +} + +// Sets whether or not an HTTP proxy exclusion is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetHttpProxyExclusionEnabled(host string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "host": host, + "enabled": enabled, + } + return n.c.Request("network/action/setHttpProxyExclusionEnabled/", m) +} + +// Sets the SOCKS proxy configuration. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetSocksProxy(host string, port string, version string, usedns string, username string, password string) (map[string]interface{}, error) { + m := map[string]string{ + "host": host, + "port": port, + "version": version, + "useDns": usedns, + "username": username, + "password": password, + } + return n.c.Request("network/action/setSocksProxy/", m) +} + +// Sets whether or not the SOCKS proxy is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetSocksProxyEnabled(enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "enabled": enabled, + } + return n.c.Request("network/action/setSocksProxyEnabled/", m) +} + +// Sets whether or not to use the global HTTP state. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetUseGlobalHttpState(use string) (map[string]interface{}, error) { + m := map[string]string{ + "use": use, + } + return n.c.Request("network/action/setUseGlobalHttpState/", m) +} + +// Adds a client certificate contained in a PKCS#12 file, the certificate is automatically set as active and used. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) AddPkcs12ClientCertificate(filepath string, password string, index string) (map[string]interface{}, error) { + m := map[string]string{ + "filePath": filepath, + "password": password, + "index": index, + } + return n.c.Request("network/action/addPkcs12ClientCertificate/", m) +} + +// Sets whether or not to use the active client certificate. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetUseClientCertificate(use string) (map[string]interface{}, error) { + m := map[string]string{ + "use": use, + } + return n.c.Request("network/action/setUseClientCertificate/", m) +} + +// Adds a rate limit rule +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) AddRateLimitRule(description string, enabled string, matchregex string, matchstring string, requestspersecond string, groupby string) (map[string]interface{}, error) { + m := map[string]string{ + "description": description, + "enabled": enabled, + "matchRegex": matchregex, + "matchString": matchstring, + "requestsPerSecond": requestspersecond, + "groupBy": groupby, + } + return n.c.Request("network/action/addRateLimitRule/", m) +} + +// Remove a rate limit rule +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) RemoveRateLimitRule(description string) (map[string]interface{}, error) { + m := map[string]string{ + "description": description, + } + return n.c.Request("network/action/removeRateLimitRule/", m) +} + +// Set enabled state for a rate limit rule. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetRateLimitRuleEnabled(description string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "description": description, + "enabled": enabled, + } + return n.c.Request("network/action/setRateLimitRuleEnabled/", m) +} + +// Provides a PAC file, proxying through the main proxy. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) Proxypac() ([]byte, error) { + return n.c.RequestOther("network/other/proxy.pac/", nil) +} + +// Sets the HTTP proxy configuration. +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) SetProxy(proxy string) ([]byte, error) { + m := map[string]string{ + "proxy": proxy, + } + return n.c.RequestOther("network/other/setProxy/", m) +} + +// Gets the Root CA certificate used to issue server certificates. Suitable to import into client applications (e.g. browsers). +// +// This component is optional and therefore the API will only work if it is installed +func (n Network) RootCaCert() ([]byte, error) { + return n.c.RequestOther("network/other/rootCaCert/", nil) +} diff --git a/zap/openapi_generated.go b/zap-api-go/zap/openapi_generated.go similarity index 100% rename from zap/openapi_generated.go rename to zap-api-go/zap/openapi_generated.go diff --git a/zap/params_generated.go b/zap-api-go/zap/params_generated.go similarity index 96% rename from zap/params_generated.go rename to zap-api-go/zap/params_generated.go index 4fe48c9..3504084 100644 --- a/zap/params_generated.go +++ b/zap-api-go/zap/params_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/pnh_generated.go b/zap-api-go/zap/pnh_generated.go similarity index 100% rename from zap/pnh_generated.go rename to zap-api-go/zap/pnh_generated.go diff --git a/zap/importurls_generated.go b/zap-api-go/zap/postman_generated.go similarity index 63% rename from zap/importurls_generated.go rename to zap-api-go/zap/postman_generated.go index 3403673..0b3cfcd 100644 --- a/zap/importurls_generated.go +++ b/zap-api-go/zap/postman_generated.go @@ -21,16 +21,24 @@ package zap -type Importurls struct { +type Postman struct { c *Client } -// Imports URLs (one per line) from the file with the given file system path. -// // This component is optional and therefore the API will only work if it is installed -func (i Importurls) Importurls(filepath string) (map[string]interface{}, error) { +func (p Postman) ImportFile(file string, endpointurl string) (map[string]interface{}, error) { + m := map[string]string{ + "file": file, + "endpointUrl": endpointurl, + } + return p.c.Request("postman/action/importFile/", m) +} + +// This component is optional and therefore the API will only work if it is installed +func (p Postman) ImportUrl(url string, endpointurl string) (map[string]interface{}, error) { m := map[string]string{ - "filePath": filepath, + "url": url, + "endpointUrl": endpointurl, } - return i.c.Request("importurls/action/importurls/", m) + return p.c.Request("postman/action/importUrl/", m) } diff --git a/zap/pscan_generated.go b/zap-api-go/zap/pscan_generated.go similarity index 59% rename from zap/pscan_generated.go rename to zap-api-go/zap/pscan_generated.go index b667348..a6b566a 100644 --- a/zap/pscan_generated.go +++ b/zap-api-go/zap/pscan_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -26,31 +26,50 @@ type Pscan struct { } // Tells whether or not the passive scan should be performed only on messages that are in scope. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) ScanOnlyInScope() (map[string]interface{}, error) { return p.c.Request("pscan/view/scanOnlyInScope/", nil) } -// The number of records the passive scanner still has to scan +// The number of records the passive scanner still has to scan. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) RecordsToScan() (map[string]interface{}, error) { return p.c.Request("pscan/view/recordsToScan/", nil) } -// Lists all passive scanners with its ID, name, enabled state and alert threshold. +// Lists all passive scan rules with their ID, name, enabled state, and alert threshold. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) Scanners() (map[string]interface{}, error) { return p.c.Request("pscan/view/scanners/", nil) } -// Show information about the passive scan rule currently being run (if any). +// Shows information about the passive scan rule currently being run (if any). +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) CurrentRule() (map[string]interface{}, error) { return p.c.Request("pscan/view/currentRule/", nil) } +// Shows information about the passive scan tasks currently being run (if any). +// +// This component is optional and therefore the API will only work if it is installed +func (p Pscan) CurrentTasks() (map[string]interface{}, error) { + return p.c.Request("pscan/view/currentTasks/", nil) +} + // Gets the maximum number of alerts a passive scan rule should raise. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) MaxAlertsPerRule() (map[string]interface{}, error) { return p.c.Request("pscan/view/maxAlertsPerRule/", nil) } // Sets whether or not the passive scanning is enabled (Note: the enabled state is not persisted). +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) SetEnabled(enabled string) (map[string]interface{}, error) { m := map[string]string{ "enabled": enabled, @@ -59,6 +78,8 @@ func (p Pscan) SetEnabled(enabled string) (map[string]interface{}, error) { } // Sets whether or not the passive scan should be performed only on messages that are in scope. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) SetScanOnlyInScope(onlyinscope string) (map[string]interface{}, error) { m := map[string]string{ "onlyInScope": onlyinscope, @@ -66,17 +87,23 @@ func (p Pscan) SetScanOnlyInScope(onlyinscope string) (map[string]interface{}, e return p.c.Request("pscan/action/setScanOnlyInScope/", m) } -// Enables all passive scanners +// Enables all passive scan rules. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) EnableAllScanners() (map[string]interface{}, error) { return p.c.Request("pscan/action/enableAllScanners/", nil) } -// Disables all passive scanners +// Disables all passive scan rules. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) DisableAllScanners() (map[string]interface{}, error) { return p.c.Request("pscan/action/disableAllScanners/", nil) } -// Enables all passive scanners with the given IDs (comma separated list of IDs) +// Enables passive scan rules. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) EnableScanners(ids string) (map[string]interface{}, error) { m := map[string]string{ "ids": ids, @@ -84,7 +111,9 @@ func (p Pscan) EnableScanners(ids string) (map[string]interface{}, error) { return p.c.Request("pscan/action/enableScanners/", m) } -// Disables all passive scanners with the given IDs (comma separated list of IDs) +// Disables passive scan rules. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) DisableScanners(ids string) (map[string]interface{}, error) { m := map[string]string{ "ids": ids, @@ -92,7 +121,9 @@ func (p Pscan) DisableScanners(ids string) (map[string]interface{}, error) { return p.c.Request("pscan/action/disableScanners/", m) } -// Sets the alert threshold of the passive scanner with the given ID, accepted values for alert threshold: OFF, DEFAULT, LOW, MEDIUM and HIGH +// Sets the alert threshold of a passive scan rule. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) SetScannerAlertThreshold(id string, alertthreshold string) (map[string]interface{}, error) { m := map[string]string{ "id": id, @@ -101,7 +132,9 @@ func (p Pscan) SetScannerAlertThreshold(id string, alertthreshold string) (map[s return p.c.Request("pscan/action/setScannerAlertThreshold/", m) } -// Sets the maximum number of alerts a passive scan rule should raise. +// Sets the maximum number of alerts a passive scan rule can raise. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) SetMaxAlertsPerRule(maxalerts string) (map[string]interface{}, error) { m := map[string]string{ "maxAlerts": maxalerts, @@ -110,11 +143,22 @@ func (p Pscan) SetMaxAlertsPerRule(maxalerts string) (map[string]interface{}, er } // Disables all passive scan tags. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) DisableAllTags() (map[string]interface{}, error) { return p.c.Request("pscan/action/disableAllTags/", nil) } // Enables all passive scan tags. +// +// This component is optional and therefore the API will only work if it is installed func (p Pscan) EnableAllTags() (map[string]interface{}, error) { return p.c.Request("pscan/action/enableAllTags/", nil) } + +// Clears the passive scan queue. +// +// This component is optional and therefore the API will only work if it is installed +func (p Pscan) ClearQueue() (map[string]interface{}, error) { + return p.c.Request("pscan/action/clearQueue/", nil) +} diff --git a/zap/replacer_generated.go b/zap-api-go/zap/replacer_generated.go similarity index 96% rename from zap/replacer_generated.go rename to zap-api-go/zap/replacer_generated.go index 8b45c44..bec9431 100644 --- a/zap/replacer_generated.go +++ b/zap-api-go/zap/replacer_generated.go @@ -35,7 +35,7 @@ func (r Replacer) Rules() (map[string]interface{}, error) { // Adds a replacer rule. For the parameters: desc is a user friendly description, enabled is true or false, matchType is one of [REQ_HEADER, REQ_HEADER_STR, REQ_BODY_STR, RESP_HEADER, RESP_HEADER_STR, RESP_BODY_STR], matchRegex should be true if the matchString should be treated as a regex otherwise false, matchString is the string that will be matched against, replacement is the replacement string, initiators may be blank (for all initiators) or a comma separated list of integers as defined in HttpSender // // This component is optional and therefore the API will only work if it is installed -func (r Replacer) AddRule(description string, enabled string, matchtype string, matchregex string, matchstring string, replacement string, initiators string) (map[string]interface{}, error) { +func (r Replacer) AddRule(description string, enabled string, matchtype string, matchregex string, matchstring string, replacement string, initiators string, url string) (map[string]interface{}, error) { m := map[string]string{ "description": description, "enabled": enabled, @@ -44,6 +44,7 @@ func (r Replacer) AddRule(description string, enabled string, matchtype string, "matchString": matchstring, "replacement": replacement, "initiators": initiators, + "url": url, } return r.c.Request("replacer/action/addRule/", m) } diff --git a/zap/reports_generated.go b/zap-api-go/zap/reports_generated.go similarity index 100% rename from zap/reports_generated.go rename to zap-api-go/zap/reports_generated.go diff --git a/zap/retest_generated.go b/zap-api-go/zap/retest_generated.go similarity index 100% rename from zap/retest_generated.go rename to zap-api-go/zap/retest_generated.go diff --git a/zap/reveal_generated.go b/zap-api-go/zap/reveal_generated.go similarity index 100% rename from zap/reveal_generated.go rename to zap-api-go/zap/reveal_generated.go diff --git a/zap/revisit_generated.go b/zap-api-go/zap/revisit_generated.go similarity index 100% rename from zap/revisit_generated.go rename to zap-api-go/zap/revisit_generated.go diff --git a/zap/rule-config_generated.go b/zap-api-go/zap/rule-config_generated.go similarity index 97% rename from zap/rule-config_generated.go rename to zap-api-go/zap/rule-config_generated.go index bccf237..2c62970 100644 --- a/zap/rule-config_generated.go +++ b/zap-api-go/zap/rule-config_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/script_generated.go b/zap-api-go/zap/script_generated.go similarity index 78% rename from zap/script_generated.go rename to zap-api-go/zap/script_generated.go index 5a5a909..fcfa5db 100644 --- a/zap/script_generated.go +++ b/zap-api-go/zap/script_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -26,21 +26,29 @@ type Script struct { } // Lists the script engines available +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ListEngines() (map[string]interface{}, error) { return s.c.Request("script/view/listEngines/", nil) } // Lists the script types available. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ListTypes() (map[string]interface{}, error) { return s.c.Request("script/view/listTypes/", nil) } // Lists the scripts available, with its engine, name, description, type and error state. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ListScripts() (map[string]interface{}, error) { return s.c.Request("script/view/listScripts/", nil) } // Gets the value of the global variable with the given key. Returns an API error (DOES_NOT_EXIST) if no value was previously set. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) GlobalVar(varkey string) (map[string]interface{}, error) { m := map[string]string{ "varKey": varkey, @@ -49,6 +57,8 @@ func (s Script) GlobalVar(varkey string) (map[string]interface{}, error) { } // Gets the value (string representation) of a global custom variable. Returns an API error (DOES_NOT_EXIST) if no value was previously set. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) GlobalCustomVar(varkey string) (map[string]interface{}, error) { m := map[string]string{ "varKey": varkey, @@ -57,16 +67,22 @@ func (s Script) GlobalCustomVar(varkey string) (map[string]interface{}, error) { } // Gets all the global variables (key/value pairs). +// +// This component is optional and therefore the API will only work if it is installed func (s Script) GlobalVars() (map[string]interface{}, error) { return s.c.Request("script/view/globalVars/", nil) } // Gets all the global custom variables (key/value pairs, the value is the string representation). +// +// This component is optional and therefore the API will only work if it is installed func (s Script) GlobalCustomVars() (map[string]interface{}, error) { return s.c.Request("script/view/globalCustomVars/", nil) } // Gets the value of the variable with the given key for the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists or if no value was previously set. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ScriptVar(scriptname string, varkey string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -76,6 +92,8 @@ func (s Script) ScriptVar(scriptname string, varkey string) (map[string]interfac } // Gets the value (string representation) of a custom variable. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists or if no value was previously set. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ScriptCustomVar(scriptname string, varkey string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -85,6 +103,8 @@ func (s Script) ScriptCustomVar(scriptname string, varkey string) (map[string]in } // Gets all the variables (key/value pairs) of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ScriptVars(scriptname string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -93,6 +113,8 @@ func (s Script) ScriptVars(scriptname string) (map[string]interface{}, error) { } // Gets all the custom variables (key/value pairs, the value is the string representation) of a script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ScriptCustomVars(scriptname string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -101,6 +123,8 @@ func (s Script) ScriptCustomVars(scriptname string) (map[string]interface{}, err } // Enables the script with the given name +// +// This component is optional and therefore the API will only work if it is installed func (s Script) Enable(scriptname string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -109,6 +133,8 @@ func (s Script) Enable(scriptname string) (map[string]interface{}, error) { } // Disables the script with the given name +// +// This component is optional and therefore the API will only work if it is installed func (s Script) Disable(scriptname string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -117,6 +143,8 @@ func (s Script) Disable(scriptname string) (map[string]interface{}, error) { } // Loads a script into ZAP from the given local file, with the given name, type and engine, optionally with a description, and a charset name to read the script (the charset name is required if the script is not in UTF-8, for example, in ISO-8859-1). +// +// This component is optional and therefore the API will only work if it is installed func (s Script) Load(scriptname string, scripttype string, scriptengine string, filename string, scriptdescription string, charset string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -130,6 +158,8 @@ func (s Script) Load(scriptname string, scripttype string, scriptengine string, } // Removes the script with the given name +// +// This component is optional and therefore the API will only work if it is installed func (s Script) Remove(scriptname string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -138,6 +168,8 @@ func (s Script) Remove(scriptname string) (map[string]interface{}, error) { } // Runs the stand alone script with the given name +// +// This component is optional and therefore the API will only work if it is installed func (s Script) RunStandAloneScript(scriptname string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -146,6 +178,8 @@ func (s Script) RunStandAloneScript(scriptname string) (map[string]interface{}, } // Clears the global variable with the given key. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ClearGlobalVar(varkey string) (map[string]interface{}, error) { m := map[string]string{ "varKey": varkey, @@ -154,6 +188,8 @@ func (s Script) ClearGlobalVar(varkey string) (map[string]interface{}, error) { } // Clears a global custom variable. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ClearGlobalCustomVar(varkey string) (map[string]interface{}, error) { m := map[string]string{ "varKey": varkey, @@ -162,11 +198,15 @@ func (s Script) ClearGlobalCustomVar(varkey string) (map[string]interface{}, err } // Clears the global variables. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ClearGlobalVars() (map[string]interface{}, error) { return s.c.Request("script/action/clearGlobalVars/", nil) } // Clears the variable with the given key of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ClearScriptVar(scriptname string, varkey string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -176,6 +216,8 @@ func (s Script) ClearScriptVar(scriptname string, varkey string) (map[string]int } // Clears a script custom variable. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ClearScriptCustomVar(scriptname string, varkey string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -185,6 +227,8 @@ func (s Script) ClearScriptCustomVar(scriptname string, varkey string) (map[stri } // Clears the variables of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) ClearScriptVars(scriptname string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -193,6 +237,8 @@ func (s Script) ClearScriptVars(scriptname string) (map[string]interface{}, erro } // Sets the value of the variable with the given key of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) SetScriptVar(scriptname string, varkey string, varvalue string) (map[string]interface{}, error) { m := map[string]string{ "scriptName": scriptname, @@ -203,6 +249,8 @@ func (s Script) SetScriptVar(scriptname string, varkey string, varvalue string) } // Sets the value of the global variable with the given key. +// +// This component is optional and therefore the API will only work if it is installed func (s Script) SetGlobalVar(varkey string, varvalue string) (map[string]interface{}, error) { m := map[string]string{ "varKey": varkey, diff --git a/zap/search_generated.go b/zap-api-go/zap/search_generated.go similarity index 81% rename from zap/search_generated.go rename to zap-api-go/zap/search_generated.go index 6e3e0ba..9eae81d 100644 --- a/zap/search_generated.go +++ b/zap-api-go/zap/search_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -36,6 +36,17 @@ func (s Search) UrlsByUrlRegex(regex string, baseurl string, start string, count return s.c.Request("search/view/urlsByUrlRegex/", m) } +// Returns the URLs of the HTTP messages that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages. +func (s Search) UrlsByTagRegex(regex string, baseurl string, start string, count string) (map[string]interface{}, error) { + m := map[string]string{ + "regex": regex, + "baseurl": baseurl, + "start": start, + "count": count, + } + return s.c.Request("search/view/urlsByTagRegex/", m) +} + // Returns the URLs of the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages. func (s Search) UrlsByRequestRegex(regex string, baseurl string, start string, count string) (map[string]interface{}, error) { m := map[string]string{ @@ -80,6 +91,17 @@ func (s Search) MessagesByUrlRegex(regex string, baseurl string, start string, c return s.c.Request("search/view/messagesByUrlRegex/", m) } +// Returns the HTTP messages that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages. +func (s Search) MessagesByTagRegex(regex string, baseurl string, start string, count string) (map[string]interface{}, error) { + m := map[string]string{ + "regex": regex, + "baseurl": baseurl, + "start": start, + "count": count, + } + return s.c.Request("search/view/messagesByTagRegex/", m) +} + // Returns the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages. func (s Search) MessagesByRequestRegex(regex string, baseurl string, start string, count string) (map[string]interface{}, error) { m := map[string]string{ @@ -124,6 +146,17 @@ func (s Search) HarByUrlRegex(regex string, baseurl string, start string, count return s.c.RequestOther("search/other/harByUrlRegex/", m) } +// Returns the HTTP messages, in HAR format, that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages. +func (s Search) HarByTagRegex(regex string, baseurl string, start string, count string) ([]byte, error) { + m := map[string]string{ + "regex": regex, + "baseurl": baseurl, + "start": start, + "count": count, + } + return s.c.RequestOther("search/other/harByTagRegex/", m) +} + // Returns the HTTP messages, in HAR format, that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages. func (s Search) HarByRequestRegex(regex string, baseurl string, start string, count string) ([]byte, error) { m := map[string]string{ diff --git a/zap/selenium_generated.go b/zap-api-go/zap/selenium_generated.go similarity index 62% rename from zap/selenium_generated.go rename to zap-api-go/zap/selenium_generated.go index 442c80a..af7f896 100644 --- a/zap/selenium_generated.go +++ b/zap-api-go/zap/selenium_generated.go @@ -30,6 +30,13 @@ func (s Selenium) OptionBrowserExtensions() (map[string]interface{}, error) { return s.c.Request("selenium/view/optionBrowserExtensions/", nil) } +// Returns the current path to Chrome binary +// +// This component is optional and therefore the API will only work if it is installed +func (s Selenium) OptionChromeBinaryPath() (map[string]interface{}, error) { + return s.c.Request("selenium/view/optionChromeBinaryPath/", nil) +} + // Returns the current path to ChromeDriver // // This component is optional and therefore the API will only work if it is installed @@ -44,6 +51,11 @@ func (s Selenium) OptionFirefoxBinaryPath() (map[string]interface{}, error) { return s.c.Request("selenium/view/optionFirefoxBinaryPath/", nil) } +// This component is optional and therefore the API will only work if it is installed +func (s Selenium) OptionFirefoxDefaultProfile() (map[string]interface{}, error) { + return s.c.Request("selenium/view/optionFirefoxDefaultProfile/", nil) +} + // Returns the current path to Firefox driver (geckodriver) // // This component is optional and therefore the API will only work if it is installed @@ -61,13 +73,31 @@ func (s Selenium) OptionLastDirectory() (map[string]interface{}, error) { return s.c.Request("selenium/view/optionLastDirectory/", nil) } -// Returns the current path to PhantomJS binary -// // This component is optional and therefore the API will only work if it is installed func (s Selenium) OptionPhantomJsBinaryPath() (map[string]interface{}, error) { return s.c.Request("selenium/view/optionPhantomJsBinaryPath/", nil) } +// Gets the browser arguments. +// +// This component is optional and therefore the API will only work if it is installed +func (s Selenium) GetBrowserArguments(browser string) (map[string]interface{}, error) { + m := map[string]string{ + "browser": browser, + } + return s.c.Request("selenium/view/getBrowserArguments/", m) +} + +// Sets the current path to Chrome binary +// +// This component is optional and therefore the API will only work if it is installed +func (s Selenium) SetOptionChromeBinaryPath(str string) (map[string]interface{}, error) { + m := map[string]string{ + "String": str, + } + return s.c.Request("selenium/action/setOptionChromeBinaryPath/", m) +} + // Sets the current path to ChromeDriver // // This component is optional and therefore the API will only work if it is installed @@ -88,6 +118,14 @@ func (s Selenium) SetOptionFirefoxBinaryPath(str string) (map[string]interface{} return s.c.Request("selenium/action/setOptionFirefoxBinaryPath/", m) } +// This component is optional and therefore the API will only work if it is installed +func (s Selenium) SetOptionFirefoxDefaultProfile(str string) (map[string]interface{}, error) { + m := map[string]string{ + "String": str, + } + return s.c.Request("selenium/action/setOptionFirefoxDefaultProfile/", m) +} + // Sets the current path to Firefox driver (geckodriver) // // This component is optional and therefore the API will only work if it is installed @@ -114,8 +152,6 @@ func (s Selenium) SetOptionLastDirectory(str string) (map[string]interface{}, er return s.c.Request("selenium/action/setOptionLastDirectory/", m) } -// Sets the current path to PhantomJS binary -// // This component is optional and therefore the API will only work if it is installed func (s Selenium) SetOptionPhantomJsBinaryPath(str string) (map[string]interface{}, error) { m := map[string]string{ @@ -123,3 +159,38 @@ func (s Selenium) SetOptionPhantomJsBinaryPath(str string) (map[string]interface } return s.c.Request("selenium/action/setOptionPhantomJsBinaryPath/", m) } + +// Adds a browser argument. +// +// This component is optional and therefore the API will only work if it is installed +func (s Selenium) AddBrowserArgument(browser string, argument string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "browser": browser, + "argument": argument, + "enabled": enabled, + } + return s.c.Request("selenium/action/addBrowserArgument/", m) +} + +// Removes a browser argument. +// +// This component is optional and therefore the API will only work if it is installed +func (s Selenium) RemoveBrowserArgument(browser string, argument string) (map[string]interface{}, error) { + m := map[string]string{ + "browser": browser, + "argument": argument, + } + return s.c.Request("selenium/action/removeBrowserArgument/", m) +} + +// Sets whether or not a browser argument is enabled. +// +// This component is optional and therefore the API will only work if it is installed +func (s Selenium) SetBrowserArgumentEnabled(browser string, argument string, enabled string) (map[string]interface{}, error) { + m := map[string]string{ + "browser": browser, + "argument": argument, + "enabled": enabled, + } + return s.c.Request("selenium/action/setBrowserArgumentEnabled/", m) +} diff --git a/zap/session-management_generated.go b/zap-api-go/zap/session-management_generated.go similarity index 98% rename from zap/session-management_generated.go rename to zap-api-go/zap/session-management_generated.go index 448f158..50ae76b 100644 --- a/zap/session-management_generated.go +++ b/zap-api-go/zap/session-management_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/soap_generated.go b/zap-api-go/zap/soap_generated.go similarity index 100% rename from zap/soap_generated.go rename to zap-api-go/zap/soap_generated.go diff --git a/zap/spider_generated.go b/zap-api-go/zap/spider_generated.go similarity index 70% rename from zap/spider_generated.go rename to zap-api-go/zap/spider_generated.go index 21672fa..93273e8 100644 --- a/zap/spider_generated.go +++ b/zap-api-go/zap/spider_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,6 +27,7 @@ type Spider struct { c *Client } +// This component is optional and therefore the API will only work if it is installed func (s Spider) Status(scanid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -34,6 +35,7 @@ func (s Spider) Status(scanid string) (map[string]interface{}, error) { return s.c.Request("spider/view/status/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) Results(scanid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -41,6 +43,7 @@ func (s Spider) Results(scanid string) (map[string]interface{}, error) { return s.c.Request("spider/view/results/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) FullResults(scanid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -48,21 +51,28 @@ func (s Spider) FullResults(scanid string) (map[string]interface{}, error) { return s.c.Request("spider/view/fullResults/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) Scans() (map[string]interface{}, error) { return s.c.Request("spider/view/scans/", nil) } // Gets the regexes of URLs excluded from the spider scans. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) ExcludedFromScan() (map[string]interface{}, error) { return s.c.Request("spider/view/excludedFromScan/", nil) } // Returns a list of unique URLs from the history table based on HTTP messages added by the Spider. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) AllUrls() (map[string]interface{}, error) { return s.c.Request("spider/view/allUrls/", nil) } // Returns a list of the names of the nodes added to the Sites tree by the specified scan. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) AddedNodes(scanid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -71,118 +81,149 @@ func (s Spider) AddedNodes(scanid string) (map[string]interface{}, error) { } // Gets all the domains that are always in scope. For each domain the following are shown: the index, the value (domain), if enabled, and if specified as a regex. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) DomainsAlwaysInScope() (map[string]interface{}, error) { return s.c.Request("spider/view/domainsAlwaysInScope/", nil) } // Use view domainsAlwaysInScope instead. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionDomainsAlwaysInScope() (map[string]interface{}, error) { return s.c.Request("spider/view/optionDomainsAlwaysInScope/", nil) } // Use view domainsAlwaysInScope instead. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionDomainsAlwaysInScopeEnabled() (map[string]interface{}, error) { return s.c.Request("spider/view/optionDomainsAlwaysInScopeEnabled/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionHandleParameters() (map[string]interface{}, error) { return s.c.Request("spider/view/optionHandleParameters/", nil) } // Gets the maximum number of child nodes (per node) that can be crawled, 0 means no limit. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionMaxChildren() (map[string]interface{}, error) { return s.c.Request("spider/view/optionMaxChildren/", nil) } // Gets the maximum depth the spider can crawl, 0 if unlimited. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionMaxDepth() (map[string]interface{}, error) { return s.c.Request("spider/view/optionMaxDepth/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionMaxDuration() (map[string]interface{}, error) { return s.c.Request("spider/view/optionMaxDuration/", nil) } // Gets the maximum size, in bytes, that a response might have to be parsed. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionMaxParseSizeBytes() (map[string]interface{}, error) { return s.c.Request("spider/view/optionMaxParseSizeBytes/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionMaxScansInUI() (map[string]interface{}, error) { return s.c.Request("spider/view/optionMaxScansInUI/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionRequestWaitTime() (map[string]interface{}, error) { return s.c.Request("spider/view/optionRequestWaitTime/", nil) } -func (s Spider) OptionScope() (map[string]interface{}, error) { - return s.c.Request("spider/view/optionScope/", nil) -} - -func (s Spider) OptionScopeText() (map[string]interface{}, error) { - return s.c.Request("spider/view/optionScopeText/", nil) -} - +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionSkipURLString() (map[string]interface{}, error) { return s.c.Request("spider/view/optionSkipURLString/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionThreadCount() (map[string]interface{}, error) { return s.c.Request("spider/view/optionThreadCount/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionUserAgent() (map[string]interface{}, error) { return s.c.Request("spider/view/optionUserAgent/", nil) } // Gets whether or not a spider process should accept cookies while spidering. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionAcceptCookies() (map[string]interface{}, error) { return s.c.Request("spider/view/optionAcceptCookies/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionHandleODataParametersVisited() (map[string]interface{}, error) { return s.c.Request("spider/view/optionHandleODataParametersVisited/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionParseComments() (map[string]interface{}, error) { return s.c.Request("spider/view/optionParseComments/", nil) } +// This component is optional and therefore the API will only work if it is installed +func (s Spider) OptionParseDsStore() (map[string]interface{}, error) { + return s.c.Request("spider/view/optionParseDsStore/", nil) +} + +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionParseGit() (map[string]interface{}, error) { return s.c.Request("spider/view/optionParseGit/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionParseRobotsTxt() (map[string]interface{}, error) { return s.c.Request("spider/view/optionParseRobotsTxt/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionParseSVNEntries() (map[string]interface{}, error) { return s.c.Request("spider/view/optionParseSVNEntries/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionParseSitemapXml() (map[string]interface{}, error) { return s.c.Request("spider/view/optionParseSitemapXml/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionPostForm() (map[string]interface{}, error) { return s.c.Request("spider/view/optionPostForm/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionProcessForm() (map[string]interface{}, error) { return s.c.Request("spider/view/optionProcessForm/", nil) } // Gets whether or not the 'Referer' header should be sent while spidering. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionSendRefererHeader() (map[string]interface{}, error) { return s.c.Request("spider/view/optionSendRefererHeader/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) OptionShowAdvancedDialog() (map[string]interface{}, error) { return s.c.Request("spider/view/optionShowAdvancedDialog/", nil) } // Runs the spider against the given URL (or context). Optionally, the 'maxChildren' parameter can be set to limit the number of children scanned, the 'recurse' parameter can be used to prevent the spider from seeding recursively, the parameter 'contextName' can be used to constrain the scan to a Context and the parameter 'subtreeOnly' allows to restrict the spider under a site's subtree (using the specified 'url'). +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) Scan(url string, maxchildren string, recurse string, contextname string, subtreeonly string) (map[string]interface{}, error) { m := map[string]string{ "url": url, @@ -195,6 +236,8 @@ func (s Spider) Scan(url string, maxchildren string, recurse string, contextname } // Runs the spider from the perspective of a User, obtained using the given Context ID and User ID. See 'scan' action for more details. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) ScanAsUser(contextid string, userid string, url string, maxchildren string, recurse string, subtreeonly string) (map[string]interface{}, error) { m := map[string]string{ "contextId": contextid, @@ -207,6 +250,7 @@ func (s Spider) ScanAsUser(contextid string, userid string, url string, maxchild return s.c.Request("spider/action/scanAsUser/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) Pause(scanid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -214,6 +258,7 @@ func (s Spider) Pause(scanid string) (map[string]interface{}, error) { return s.c.Request("spider/action/pause/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) Resume(scanid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -221,6 +266,7 @@ func (s Spider) Resume(scanid string) (map[string]interface{}, error) { return s.c.Request("spider/action/resume/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) Stop(scanid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -228,6 +274,7 @@ func (s Spider) Stop(scanid string) (map[string]interface{}, error) { return s.c.Request("spider/action/stop/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) RemoveScan(scanid string) (map[string]interface{}, error) { m := map[string]string{ "scanId": scanid, @@ -235,28 +282,36 @@ func (s Spider) RemoveScan(scanid string) (map[string]interface{}, error) { return s.c.Request("spider/action/removeScan/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) PauseAllScans() (map[string]interface{}, error) { return s.c.Request("spider/action/pauseAllScans/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) ResumeAllScans() (map[string]interface{}, error) { return s.c.Request("spider/action/resumeAllScans/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) StopAllScans() (map[string]interface{}, error) { return s.c.Request("spider/action/stopAllScans/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) RemoveAllScans() (map[string]interface{}, error) { return s.c.Request("spider/action/removeAllScans/", nil) } // Clears the regexes of URLs excluded from the spider scans. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) ClearExcludedFromScan() (map[string]interface{}, error) { return s.c.Request("spider/action/clearExcludedFromScan/", nil) } // Adds a regex of URLs that should be excluded from the spider scans. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) ExcludeFromScan(regex string) (map[string]interface{}, error) { m := map[string]string{ "regex": regex, @@ -265,6 +320,8 @@ func (s Spider) ExcludeFromScan(regex string) (map[string]interface{}, error) { } // Adds a new domain that's always in scope, using the specified value. Optionally sets if the new entry is enabled (default, true) and whether or not the new value is specified as a regex (default, false). +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) AddDomainAlwaysInScope(value string, isregex string, isenabled string) (map[string]interface{}, error) { m := map[string]string{ "value": value, @@ -275,6 +332,8 @@ func (s Spider) AddDomainAlwaysInScope(value string, isregex string, isenabled s } // Modifies a domain that's always in scope. Allows to modify the value, if enabled or if a regex. The domain is selected with its index, which can be obtained with the view domainsAlwaysInScope. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) ModifyDomainAlwaysInScope(idx string, value string, isregex string, isenabled string) (map[string]interface{}, error) { m := map[string]string{ "idx": idx, @@ -286,6 +345,8 @@ func (s Spider) ModifyDomainAlwaysInScope(idx string, value string, isregex stri } // Removes a domain that's always in scope, with the given index. The index can be obtained with the view domainsAlwaysInScope. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) RemoveDomainAlwaysInScope(idx string) (map[string]interface{}, error) { m := map[string]string{ "idx": idx, @@ -294,15 +355,20 @@ func (s Spider) RemoveDomainAlwaysInScope(idx string) (map[string]interface{}, e } // Enables all domains that are always in scope. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) EnableAllDomainsAlwaysInScope() (map[string]interface{}, error) { return s.c.Request("spider/action/enableAllDomainsAlwaysInScope/", nil) } // Disables all domains that are always in scope. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) DisableAllDomainsAlwaysInScope() (map[string]interface{}, error) { return s.c.Request("spider/action/disableAllDomainsAlwaysInScope/", nil) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionHandleParameters(str string) (map[string]interface{}, error) { m := map[string]string{ "String": str, @@ -310,14 +376,7 @@ func (s Spider) SetOptionHandleParameters(str string) (map[string]interface{}, e return s.c.Request("spider/action/setOptionHandleParameters/", m) } -// Use actions [add|modify|remove]DomainAlwaysInScope instead. -func (s Spider) SetOptionScopeString(str string) (map[string]interface{}, error) { - m := map[string]string{ - "String": str, - } - return s.c.Request("spider/action/setOptionScopeString/", m) -} - +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionSkipURLString(str string) (map[string]interface{}, error) { m := map[string]string{ "String": str, @@ -325,6 +384,7 @@ func (s Spider) SetOptionSkipURLString(str string) (map[string]interface{}, erro return s.c.Request("spider/action/setOptionSkipURLString/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionUserAgent(str string) (map[string]interface{}, error) { m := map[string]string{ "String": str, @@ -333,6 +393,8 @@ func (s Spider) SetOptionUserAgent(str string) (map[string]interface{}, error) { } // Sets whether or not a spider process should accept cookies while spidering. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionAcceptCookies(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -340,6 +402,7 @@ func (s Spider) SetOptionAcceptCookies(boolean bool) (map[string]interface{}, er return s.c.Request("spider/action/setOptionAcceptCookies/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionHandleODataParametersVisited(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -348,6 +411,8 @@ func (s Spider) SetOptionHandleODataParametersVisited(boolean bool) (map[string] } // Sets the maximum number of child nodes (per node) that can be crawled, 0 means no limit. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionMaxChildren(i int) (map[string]interface{}, error) { m := map[string]string{ "Integer": strconv.Itoa(i), @@ -356,6 +421,8 @@ func (s Spider) SetOptionMaxChildren(i int) (map[string]interface{}, error) { } // Sets the maximum depth the spider can crawl, 0 for unlimited depth. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionMaxDepth(i int) (map[string]interface{}, error) { m := map[string]string{ "Integer": strconv.Itoa(i), @@ -363,6 +430,7 @@ func (s Spider) SetOptionMaxDepth(i int) (map[string]interface{}, error) { return s.c.Request("spider/action/setOptionMaxDepth/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionMaxDuration(i int) (map[string]interface{}, error) { m := map[string]string{ "Integer": strconv.Itoa(i), @@ -371,6 +439,8 @@ func (s Spider) SetOptionMaxDuration(i int) (map[string]interface{}, error) { } // Sets the maximum size, in bytes, that a response might have to be parsed. This allows the spider to skip big responses/files. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionMaxParseSizeBytes(i int) (map[string]interface{}, error) { m := map[string]string{ "Integer": strconv.Itoa(i), @@ -378,6 +448,7 @@ func (s Spider) SetOptionMaxParseSizeBytes(i int) (map[string]interface{}, error return s.c.Request("spider/action/setOptionMaxParseSizeBytes/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionMaxScansInUI(i int) (map[string]interface{}, error) { m := map[string]string{ "Integer": strconv.Itoa(i), @@ -385,6 +456,7 @@ func (s Spider) SetOptionMaxScansInUI(i int) (map[string]interface{}, error) { return s.c.Request("spider/action/setOptionMaxScansInUI/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionParseComments(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -392,6 +464,15 @@ func (s Spider) SetOptionParseComments(boolean bool) (map[string]interface{}, er return s.c.Request("spider/action/setOptionParseComments/", m) } +// This component is optional and therefore the API will only work if it is installed +func (s Spider) SetOptionParseDsStore(boolean bool) (map[string]interface{}, error) { + m := map[string]string{ + "Boolean": strconv.FormatBool(boolean), + } + return s.c.Request("spider/action/setOptionParseDsStore/", m) +} + +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionParseGit(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -399,6 +480,7 @@ func (s Spider) SetOptionParseGit(boolean bool) (map[string]interface{}, error) return s.c.Request("spider/action/setOptionParseGit/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionParseRobotsTxt(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -406,6 +488,7 @@ func (s Spider) SetOptionParseRobotsTxt(boolean bool) (map[string]interface{}, e return s.c.Request("spider/action/setOptionParseRobotsTxt/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionParseSVNEntries(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -413,6 +496,7 @@ func (s Spider) SetOptionParseSVNEntries(boolean bool) (map[string]interface{}, return s.c.Request("spider/action/setOptionParseSVNEntries/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionParseSitemapXml(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -420,6 +504,7 @@ func (s Spider) SetOptionParseSitemapXml(boolean bool) (map[string]interface{}, return s.c.Request("spider/action/setOptionParseSitemapXml/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionPostForm(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -427,6 +512,7 @@ func (s Spider) SetOptionPostForm(boolean bool) (map[string]interface{}, error) return s.c.Request("spider/action/setOptionPostForm/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionProcessForm(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -434,6 +520,7 @@ func (s Spider) SetOptionProcessForm(boolean bool) (map[string]interface{}, erro return s.c.Request("spider/action/setOptionProcessForm/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionRequestWaitTime(i int) (map[string]interface{}, error) { m := map[string]string{ "Integer": strconv.Itoa(i), @@ -442,6 +529,8 @@ func (s Spider) SetOptionRequestWaitTime(i int) (map[string]interface{}, error) } // Sets whether or not the 'Referer' header should be sent while spidering. +// +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionSendRefererHeader(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -449,6 +538,7 @@ func (s Spider) SetOptionSendRefererHeader(boolean bool) (map[string]interface{} return s.c.Request("spider/action/setOptionSendRefererHeader/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionShowAdvancedDialog(boolean bool) (map[string]interface{}, error) { m := map[string]string{ "Boolean": strconv.FormatBool(boolean), @@ -456,6 +546,7 @@ func (s Spider) SetOptionShowAdvancedDialog(boolean bool) (map[string]interface{ return s.c.Request("spider/action/setOptionShowAdvancedDialog/", m) } +// This component is optional and therefore the API will only work if it is installed func (s Spider) SetOptionThreadCount(i int) (map[string]interface{}, error) { m := map[string]string{ "Integer": strconv.Itoa(i), diff --git a/zap/stats_generated.go b/zap-api-go/zap/stats_generated.go similarity index 98% rename from zap/stats_generated.go rename to zap-api-go/zap/stats_generated.go index 7de9507..ea96b6e 100644 --- a/zap/stats_generated.go +++ b/zap-api-go/zap/stats_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/users_generated.go b/zap-api-go/zap/users_generated.go similarity index 99% rename from zap/users_generated.go rename to zap-api-go/zap/users_generated.go index 141cf5d..212efca 100644 --- a/zap/users_generated.go +++ b/zap-api-go/zap/users_generated.go @@ -2,7 +2,7 @@ // // ZAP is an HTTP/HTTPS proxy for assessing web application security. // -// Copyright 2022 the ZAP development team +// Copyright 2017 the ZAP development team // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/zap/wappalyzer_generated.go b/zap-api-go/zap/wappalyzer_generated.go similarity index 95% rename from zap/wappalyzer_generated.go rename to zap-api-go/zap/wappalyzer_generated.go index 10a494d..c347681 100644 --- a/zap/wappalyzer_generated.go +++ b/zap-api-go/zap/wappalyzer_generated.go @@ -25,7 +25,7 @@ type Wappalyzer struct { c *Client } -// Lists all the sites recognized by the wappalyzer addon. +// Lists all the sites recognized by the Technology Detection add-on. // // This component is optional and therefore the API will only work if it is installed func (w Wappalyzer) ListSites() (map[string]interface{}, error) { diff --git a/zap/websocket_generated.go b/zap-api-go/zap/websocket_generated.go similarity index 100% rename from zap/websocket_generated.go rename to zap-api-go/zap/websocket_generated.go diff --git a/zap/exportreport_generated.go b/zap/exportreport_generated.go deleted file mode 100644 index 49c0ebb..0000000 --- a/zap/exportreport_generated.go +++ /dev/null @@ -1,45 +0,0 @@ -// Zed Attack Proxy (ZAP) and its related class files. -// -// ZAP is an HTTP/HTTPS proxy for assessing web application security. -// -// Copyright 2017 the ZAP development team -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// *** This file was automatically generated. *** -// - -package zap - -type Exportreport struct { - c *Client -} - -// This component is optional and therefore the API will only work if it is installed -func (e Exportreport) Formats() (map[string]interface{}, error) { - return e.c.Request("exportreport/view/formats/", nil) -} - -// This component is optional and therefore the API will only work if it is installed -func (e Exportreport) Generate(absolutepath string, fileextension string, sourcedetails string, alertseverity string, alertdetails string, scanid string, includepassivealerts string) (map[string]interface{}, error) { - m := map[string]string{ - "absolutePath": absolutepath, - "fileExtension": fileextension, - "sourceDetails": sourcedetails, - "alertSeverity": alertseverity, - "alertDetails": alertdetails, - "scanId": scanid, - "includePassiveAlerts": includepassivealerts, - } - return e.c.Request("exportreport/action/generate/", m) -} diff --git a/zap/import-log-files_generated.go b/zap/import-log-files_generated.go deleted file mode 100644 index 43b4133..0000000 --- a/zap/import-log-files_generated.go +++ /dev/null @@ -1,67 +0,0 @@ -// Zed Attack Proxy (ZAP) and its related class files. -// -// ZAP is an HTTP/HTTPS proxy for assessing web application security. -// -// Copyright 2017 the ZAP development team -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// *** This file was automatically generated. *** -// - -package zap - -type ImportLogFiles struct { - c *Client -} - -// This component is optional and therefore the API will only work if it is installed -func (i ImportLogFiles) ImportZAPLogFromFile(filepath string) (map[string]interface{}, error) { - m := map[string]string{ - "FilePath": filepath, - } - return i.c.Request("importLogFiles/action/ImportZAPLogFromFile/", m) -} - -// This component is optional and therefore the API will only work if it is installed -func (i ImportLogFiles) ImportModSecurityLogFromFile(filepath string) (map[string]interface{}, error) { - m := map[string]string{ - "FilePath": filepath, - } - return i.c.Request("importLogFiles/action/ImportModSecurityLogFromFile/", m) -} - -// This component is optional and therefore the API will only work if it is installed -func (i ImportLogFiles) ImportZAPHttpRequestResponsePair(httprequest string, httpresponse string) (map[string]interface{}, error) { - m := map[string]string{ - "HTTPRequest": httprequest, - "HTTPResponse": httpresponse, - } - return i.c.Request("importLogFiles/action/ImportZAPHttpRequestResponsePair/", m) -} - -// This component is optional and therefore the API will only work if it is installed -func (i ImportLogFiles) PostModSecurityAuditEvent(auditeventstring string) (map[string]interface{}, error) { - m := map[string]string{ - "AuditEventString": auditeventstring, - } - return i.c.Request("importLogFiles/action/PostModSecurityAuditEvent/", m) -} - -// This component is optional and therefore the API will only work if it is installed -func (i ImportLogFiles) OtherPostModSecurityAuditEvent(auditeventstring string) ([]byte, error) { - m := map[string]string{ - "AuditEventString": auditeventstring, - } - return i.c.RequestOther("importLogFiles/other/OtherPostModSecurityAuditEvent/", m) -} diff --git a/zap/local-proxies_generated.go b/zap/local-proxies_generated.go deleted file mode 100644 index d80169e..0000000 --- a/zap/local-proxies_generated.go +++ /dev/null @@ -1,52 +0,0 @@ -// Zed Attack Proxy (ZAP) and its related class files. -// -// ZAP is an HTTP/HTTPS proxy for assessing web application security. -// -// Copyright 2022 the ZAP development team -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// *** This file was automatically generated. *** -// - -package zap - -type LocalProxies struct { - c *Client -} - -// Gets all of the additional proxies that have been configured. -func (l LocalProxies) AdditionalProxies() (map[string]interface{}, error) { - return l.c.Request("localProxies/view/additionalProxies/", nil) -} - -// Adds an new proxy using the details supplied. -func (l LocalProxies) AddAdditionalProxy(address string, port string, behindnat string, alwaysdecodezip string, removeunsupportedencodings string) (map[string]interface{}, error) { - m := map[string]string{ - "address": address, - "port": port, - "behindNat": behindnat, - "alwaysDecodeZip": alwaysdecodezip, - "removeUnsupportedEncodings": removeunsupportedencodings, - } - return l.c.Request("localProxies/action/addAdditionalProxy/", m) -} - -// Removes the additional proxy with the specified address and port. -func (l LocalProxies) RemoveAdditionalProxy(address string, port string) (map[string]interface{}, error) { - m := map[string]string{ - "address": address, - "port": port, - } - return l.c.Request("localProxies/action/removeAdditionalProxy/", m) -}