contrast-agent 6.0.0 → 6.1.0

data/lib/contrast/agent/thread_watcher.rb

@@ -5,46 +5,58 @@ require 'contrast/components/logger'
 require 'contrast/agent/service_heartbeat'
 require 'contrast/api/communication/messaging_queue'
 require 'contrast/agent/reporting/report'
-require 'contrast/agent/telemetry/telemetry'
+require 'contrast/agent/reporting/reporter_heartbeat'
+require 'contrast/agent/telemetry/base'
 
 module Contrast
   module Agent
     # This class used to ensure that our worker threads are running in multi-process environments
-    #
-    # @attr_reader heapdump_util [Contrast::Utils::HeapDumpUtil]
-    # @attr_reader heartbeat [Contrast::Agent::ServiceHeartbeat]
-    # @attr_reader messaging_queue [Contrast::Api::Communication::MessagingQueue]
     class ThreadWatcher
       include Contrast::Components::Logger::InstanceMethods
 
-      attr_reader :heapdump_util, :heartbeat, :messaging_queue
+      # @return [Contrast::Utils::HeapDumpUtil]
+      attr_reader :heapdump_util
+      # @return [Contrast::Agent::ServiceHeartbeat, nil]
+      attr_reader :heartbeat
+      # @return [Contrast::Api::Communication::MessagingQueue, nil]
+      attr_reader :messaging_queue
+      # @return [Contrast::Agent::Reporter]
+      attr_reader :reporter
+      # @return [Contrast::Agent::ReporterHeartbeat]
+      attr_reader :reporter_heartbeat
 
       def initialize
         @pids = {}
         @heapdump_util = Contrast::Utils::HeapDumpUtil.new
-        @heartbeat = Contrast::Agent::ServiceHeartbeat.new
-        @messaging_queue = Contrast::Api::Communication::MessagingQueue.new
-        @telemetry = Contrast::Agent::Telemetry.new if Contrast::Agent::Telemetry.enabled?
-        @reporter = Contrast::Agent::Reporter.new if Contrast::Agent::Reporter.enabled?
+        unless ::Contrast::CONTRAST_SERVICE.unnecessary?
+          @heartbeat = Contrast::Agent::ServiceHeartbeat.new
+          @messaging_queue = Contrast::Api::Communication::MessagingQueue.new
+        end
+        if Contrast::Agent::Reporter.enabled?
+          @reporter = Contrast::Agent::Reporter.new
+          @reporter_heartbeat = Contrast::Agent::ReporterHeartbeat.new
+        end
+        @telemetry = Contrast::Agent::Telemetry::Base.new if Contrast::Agent::Telemetry::Base.enabled?
       end
 
+      # @return [Hash, nil] map of process to thread startup status
       def startup!
         return unless ::Contrast::AGENT.enabled?
 
-        telemetry_status = telemetry_thread_init
-        heartbeat_status = heartbeat_thread_init
-        messaging_status = messaging_thread_init
-        reporter_status = reporter_thread_init
-
         logger.debug('ThreadWatcher started threads')
-
+        heartbeat_status = init_thread(heartbeat)
+        messaging_status = init_thread(messaging_queue)
         @pids[Process.pid] = messaging_status && heartbeat_status
-        return @pids unless Contrast::Agent::Telemetry.enabled?
-
-        @pids[Process.pid] = @pids[Process.pid] && telemetry_status
+        if Contrast::Agent::Telemetry::Base.enabled?
+          telemetry_status = init_thread(telemetry_queue)
+          @pids[Process.pid] = @pids[Process.pid] && telemetry_status
+        end
         return @pids unless Contrast::Agent::Reporter.enabled?
 
-        @pids[Process.pid] = @pids[Process.pid] && reporter_status
+        reporter_status = init_thread(reporter)
+        reporter_heartbeat_status = init_thread(reporter_heartbeat)
+        @pids[Process.pid] = @pids[Process.pid] && reporter_status && reporter_heartbeat_status
+        @pids
       end
 
       def ensure_running?
@@ -55,63 +67,35 @@ module Contrast
       end
 
       def shutdown!
-        heartbeat.stop!
-        messaging_queue.stop!
-        heapdump_util.stop!
+        heartbeat&.stop!
+        messaging_queue&.stop!
+        heapdump_util&.stop!
         telemetry_queue&.stop!
         reporter&.stop!
+        reporter_heartbeat&.stop!
       end
 
-      def heartbeat_thread_init
-        unless heartbeat.running?
-          logger.debug('Attempting to start heartbeat thread')
-          heartbeat.start_thread!
-        end
-        heartbeat_result = heartbeat.running?
-        logger.debug('Heartbeat thread status', alive: heartbeat_result)
-        heartbeat_result
-      end
-
-      def telemetry_thread_init
-        @telemetry.start_thread! if @telemetry&.attempt_to_start?
-        telemetry_result = @telemetry&.running?
-        logger.debug('Telemetry thread status', alive: telemetry_result)
-        telemetry_result
-      end
-
-      def messaging_thread_init
-        unless messaging_queue.running?
-          logger.debug('Attempting to start messaging queue thread')
-          messaging_queue.start_thread!
-        end
-        messaging_result = messaging_queue.running?
-        logger.debug('Messaging thread status', alive: messaging_result)
-        messaging_result
-      end
-
-      def reporter_thread_init
-        @reporter.start_thread! if @reporter&.attempt_to_start?
-        unless @reporter&.running?
-          logger.debug('Attempting to start reporter thread')
-          @reporter&.start_thread!
-        end
-        reporter_result = @reporter&.running?
-        logger.debug('Reporter thread status', alive: reporter_result)
-        reporter_result
-      end
-
-      # @return [Contrast::Agent::Telemetry]
+      # @return [Contrast::Agent::Telemetry::Base]
       def telemetry_queue
-        return if @telemetry.nil?
-
         @telemetry
       end
 
-      # @return [Contrast::Agent::Reporter]
-      def reporter
-        return if @reporter.nil?
+      private
 
-        @reporter
+      # Start the thread governed by the given watcher
+      #
+      # @param watcher [Contrast::Agent::ThreadWatcher]
+      # @return [Boolean] if the watched thread started successfully
+      def init_thread watcher
+        return unless watcher&.attempt_to_start?
+
+        unless watcher.running?
+          logger.debug('Attempting to start thread', type: watcher.to_s)
+          watcher.start_thread!
+        end
+        result = watcher.running?
+        logger.debug('Thread status', type: watcher.to_s, alive: result)
+        result
       end
     end
   end

data/lib/contrast/agent/version.rb

@@ -3,6 +3,6 @@
 
 module Contrast
   module Agent
-    VERSION = '6.0.0'
+    VERSION = '6.1.0'
   end
 end

data/lib/contrast/agent/worker_thread.rb

@@ -15,10 +15,18 @@ module Contrast
 
       def stop!
         return unless running?
+        return unless @_thread
 
         Thread.kill(@_thread)
         @_thread = nil
       end
+
+      # Most threads, we always want to start. Some may be controlled by feature guards though, so we need to check.
+      #
+      # @return [Boolean]
+      def attempt_to_start?
+        true
+      end
     end
   end
 end

data/lib/contrast/agent.rb

@@ -71,10 +71,8 @@ module Contrast
       thread_watcher.messaging_queue
     end
 
-    # @return [nil, Contrast::Agent::Telemetry]
+    # @return [nil, Contrast::Agent::Telemetry::Base]
     def self.telemetry_queue
-      return unless thread_watcher.telemetry_queue
-
       thread_watcher.telemetry_queue
     end
 

data/lib/contrast/api/communication/messaging_queue.rb

@@ -2,8 +2,10 @@
 # frozen_string_literal: true
 
 require 'contrast/components/logger'
+require 'contrast/agent/assess/policy/trigger_method'
 require 'contrast/agent/worker_thread'
 require 'contrast/agent/reporting/reporting_utilities/audit'
+require 'contrast/api/dtm.pb'
 
 module Contrast
   module Api
@@ -12,11 +14,13 @@ module Contrast
       class MessagingQueue < Contrast::Agent::WorkerThread
         include Contrast::Components::Logger::InstanceMethods
 
+        # @return [Contrast::Api::Communication::Speedracer, nil]
         attr_reader :speedracer
 
         def initialize
+          return if ::Contrast::CONTRAST_SERVICE.unnecessary?
+
           @speedracer = Contrast::Api::Communication::Speedracer.new
-          @audit = Contrast::Agent::Reporting::Audit.new if ::Contrast::API.request_audit_enable?
           super
         end
 
@@ -33,18 +37,18 @@ module Contrast
             logger.warn('Attempted to send event immediately with Agent disabled', caller: caller, event: event)
             return
           end
-          response_data = speedracer.return_response(event)
-          return response_data unless ::Contrast::API.request_audit_enable?
+          return if ::Contrast::CONTRAST_SERVICE.unnecessary?
 
-          @audit&.audit_event(event, response_data)
-          response_data
+          speedracer.return_response(event)
         end
 
         # A simple Queue used to hold messages that are ready to be sent to SpeedRacer but for which we do not need an
         # immediate response
         #
-        # @return [Queue]
+        # @return [Queue, nil]
         def queue
+          return if ::Contrast::CONTRAST_SERVICE.unnecessary?
+
           @_queue ||= Queue.new
         end
 
@@ -56,29 +60,42 @@ module Contrast
         #
         # @param event [Contrast::Api::Dtm] One of the DTMs valid for the event field of
         #   Contrast::Api::Dtm::Message|Contrast::Api::Dtm::Activity
-        def send_event_eventually event
+        # @param force [Boolean] if we should always queue this event, even if the service isn't running, in case the
+        #   message may be ready before the service has initiated. usually for those events which happen in a separate
+        #   thread or which may occur during initialization.
+        def send_event_eventually event, force: false
           if ::Contrast::AGENT.disabled?
             logger.warn('Attempted to queue event with Agent disabled', caller: caller, event: event)
             return
           end
+          return if ::Contrast::CONTRAST_SERVICE.unnecessary?
+          # If we're unable to start the Service, then we cannot afford to queue messages as this creates the potential
+          # for a memory leak, especially if the thread responsible for de-queueing the messages is dead.
+          return if !force && !(speedracer.status.connected? && running?)
+
+          # If we're in direct communication mode, the only message we should queue is the heartbeat to keep the
+          # service alive during Protect activities. All other messages should go through direct reporting.
+          if ::Contrast::CONTRAST_SERVICE.use_agent_communication?
+            return unless ::Contrast::PROTECT.enabled?
+            return unless event.cs__is_a?(Contrast::Api::Dtm::Poll)
+          end
+
           logger.debug('Enqueued event for sending', event_type: event.cs__class)
           queue << event if event
-          return unless ::Contrast::API.request_audit_enable?
-
-          @audit&.audit_event(event)
         end
 
         # Create the reporting thread, which will pull from the queue in order to send messages to SpeedRacer. If
         # SpeedRacer is not running and should be, meaning the Agent is configured to control it, then we will also
         # try to start that process.
         def start_thread!
+          return if ::Contrast::CONTRAST_SERVICE.unnecessary?
+
           speedracer.ensure_startup!
           return if running?
 
           @_thread = Contrast::Agent::Thread.new do
             loop do
               event = queue.pop
-
               begin
                 logger.debug('Dequeued event for sending', event_type: event.cs__class)
                 speedracer.process_internally(event)

data/lib/contrast/api/communication/response_processor.rb

@@ -8,12 +8,8 @@ module Contrast
   module Api
     module Communication
       # Handles processing deferred messages sent to SpeedRacer.
-      #
-      # @attr_reader last_app_update_ms [Integer] the time, in ms, that application settings last changed
-      # @attr_reader last_server_update_ms [Integer] the time, in ms, that server settings last changed
       class ResponseProcessor
         include Contrast::Components::Logger::InstanceMethods
-        attr_reader :last_app_update_ms, :last_server_update_ms
 
         # Use the given response to update the Agent's server features and application settings, allowing it to reflect
         # the latest options configured by the user in TeamServer
@@ -48,7 +44,6 @@ module Contrast
           logger.trace('Agent: Received updated server features')
 
           ::Contrast::SETTINGS.update_from_server_features(server_features)
-          @last_server_update_ms = Contrast::Utils::Timer.now_ms
           server_features
         end
 
@@ -58,22 +53,24 @@ module Contrast
         # @param response [Contrast::Api::Settings::AgentSettings]
         # @return [Contrast::Api::Settings::ApplicationSettings]
         def process_application_response response
+          logger.debug('[!] process_application_response', response: response)
           app_settings = response&.application_settings
           return unless app_settings
 
-          logger.debug('Agent: Received updated application settings')
-
+          logger.debug('[!] Agent: Received updated application settings', settings: app_settings)
           ::Contrast::SETTINGS.update_from_application_settings(app_settings)
-          @last_app_update_ms = Contrast::Utils::Timer.now_ms
           app_settings
         end
 
         # This can't go in the Settings component because protect and assess depend on settings
         # I don't think it should go into contrast_service because that only handles connection specific data.
         #
-        # @param server_features [Contrast::Api::Settings::AgentSettings, Array]
-        # @param app_settings [Contrast::Api::Settings::ApplicationSettings, Array]
+        # @param server_features
+        #   [Contrast::Api::Settings::AgentSettings, Contrast::Agent::Reporting::Settings::FeatureSettings]
+        # @param app_settings
+        #   [Contrast::Api::Settings::ApplicationSettings, Contrast::Agent::Reporting::Settings::ApplicationSettings]
         def update_features server_features, app_settings
+          logger.info('Updating features')
           return unless !!(server_features || app_settings)
           return unless ::Contrast::AGENT.enabled?
 

data/lib/contrast/api/communication/speedracer.rb

@@ -42,7 +42,7 @@ module Contrast
                 return
               end
             end
-            unless status.startup_messages_sent? || Contrast::Agent::Reporter.enabled?
+            unless status.startup_messages_sent? || Contrast::CONTRAST_SERVICE.unnecessary?
               startup_responses = send_initialization_messages
               return false unless startup_responses
 

data/lib/contrast/api/decorators/activity.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/utils/string_utils'
+
+module Contrast
+  module Api
+    module Decorators
+      # Used to decorate the {Contrast::Api::Dtm::Activity} protobuf model
+      # to handle conversion between framework route classes and the dtm.
+      module Activity
+        def self.included klass
+          klass.extend(ClassMethods)
+        end
+
+        # Class methods for Activity
+        module ClassMethods
+          def source_or_string obj
+            if obj.cs__is_a?(Regexp)
+              obj.source
+            elsif obj.cs__respond_to?(:safe_string)
+              obj.safe_string
+            else
+              obj.to_s
+            end
+          end
+        end
+      end
+    end
+  end
+end
+
+Contrast::Api::Dtm::Activity.include(Contrast::Api::Decorators::Activity)

data/lib/contrast/api/decorators/http_request.rb

@@ -94,7 +94,7 @@ module Contrast
           return true if ::Contrast::AGENT.omit_body?
           return false if request.document_type != :NORMAL
 
-          request.content_type&.include?('multipart/form-data')
+          request.media_type&.include?('multipart/form-data')
         end
 
         def append_pair map, key, value

data/lib/contrast/components/config.rb

@@ -72,6 +72,19 @@ module Contrast
           @config.loggable
         end
 
+        # Typically, this would be accessed through Contrast::SETTINGS, but we're specifically checking for the user
+        # provided value here rather than that echoed back by TeamServer.
+        #
+        # @return [String,nil] the value of the session id set in the configuration, or nil if unset
+        def session_id
+          root.application.session_id
+        end
+
+        # @return [String,nil] the value of the session metadata set in the configuration, or nil if unset
+        def session_metadata
+          root.application.session_metadata
+        end
+
         private
 
         SESSION_VARIABLES = 'Invalid configuration. '\
@@ -127,28 +140,6 @@ module Contrast
           end
         end
 
-        # Typically, this would be accessed through
-        # Contrast::Components::AppContext, but we're too early in the
-        # initialization of the Agent to use that mechanism, so we look it up
-        # directly for ourselves
-        #
-        # @return [String,nil] the value of the session id set in the
-        #   configuration, or nil if unset
-        def session_id
-          root.application.session_id
-        end
-
-        # Typically, this would be accessed through
-        # Contrast::Components::AppContext, but we're too early in the
-        # initialization of the Agent to use that mechanism, so we look it up
-        # directly for ourselves
-        #
-        # @return [String,nil] the value of the session metadata set in the
-        #   configuration, or nil if unset
-        def session_metadata
-          root.application.session_metadata
-        end
-
         # Typically, the following values would be accessed through Contrast::Components::AppContext
         # and Contrast::Components::API, but we're too early in the initialization of the Agent to use
         # that mechanism, so we look it up directly for ourselves.

data/lib/contrast/components/contrast_service.rb

@@ -38,6 +38,15 @@ module Contrast
           @_use_agent_communication = true?(::Contrast::CONFIG.root.agent.service.bypass)
         end
 
+        # If we're using the agent directly and not using protect, then there is no need to start the service. Because
+        # we only know this at startup when hardcoded as such (b/c TS could turn protect on otherwise), we can only do
+        # so when bypass is on and protect is off in local config
+        #
+        # @return [Boolean]
+        def unnecessary?
+          ::Contrast::CONTRAST_SERVICE.use_agent_communication? && ::Contrast::PROTECT.forcibly_disabled?
+        end
+
         def host
           @_host ||=
             (::Contrast::CONFIG.root.agent.service.host || Contrast::Config::ServiceConfiguration::DEFAULT_HOST).to_s

data/lib/contrast/components/settings.rb

@@ -86,6 +86,10 @@ module Contrast
         #                          Rules to follow when using the masking. Each rules contains Id [String]
         #                          and Keywords [Array<String>].
         attr_reader :sensitive_data_masking
+        # @return [Integer] the time, in ms, that application settings last changed
+        attr_reader :last_app_update_ms
+        # @return [Integer] the time, in ms, that server settings last changed
+        attr_reader :last_server_update_ms
 
         def initialize
           reset_state
@@ -99,6 +103,8 @@ module Contrast
         def update_from_server_features features
           if features.cs__is_a?(Contrast::Agent::Reporting::Response)
             server_features = features.server_features
+            return unless server_features
+
             log_file = server_features.log_file
             log_level = server_features.log_level
             Contrast::Logger::Log.instance.update(log_file, log_level) if log_file || log_level
@@ -110,12 +116,15 @@ module Contrast
             @assess_state.enabled = features.assess_enabled?
             @assess_state.sampling_settings = features.assess.sampling
           end
+          @last_server_update_ms = Contrast::Utils::Timer.now_ms
         end
 
         # @param features [Contrast::Api::Settings::ApplicationSettings, Contrast::Agent::Reporting::Response]
         def update_from_application_settings features
           if features&.class == Contrast::Agent::Reporting::Response
             settings = features.application_settings
+            return unless settings
+
             @application_state.modes_by_id = settings.protect.protection_rules_to_settings_hash
             # TODO: RUBY-1438 this needs to be translated
             # @application_state.exclusion_matchers = new_vals[:exclusion_matchers]
@@ -128,6 +137,7 @@ module Contrast
             @application_state.exclusion_matchers = new_vals[:exclusion_matchers]
             @assess_state.disabled_assess_rules = new_vals[:disabled_assess_rules]
           end
+          @last_app_update_ms = Contrast::Utils::Timer.now_ms
         end
 
         # Wipe state to zero.

data/lib/contrast/config/agent_configuration.rb

@@ -9,23 +9,33 @@ require 'contrast/config/api_configuration'
 
 module Contrast
   module Config
-    # Common Configuration settings. Those in this section pertain to the
-    # core functionality of the Agent.
-    class AgentConfiguration < BaseConfiguration
+    # Common Configuration settings. Those in this section pertain to the core functionality of the Agent.
+    class AgentConfiguration
+      include Contrast::Config::BaseConfiguration
+
       # @return [Boolean, nil]
       attr_accessor :enable
       # @return [Boolean, nil]
       attr_accessor :omit_body
-      attr_writer :ruby, :service, :logger, :heap_dump
+      # @return [Contrast::Config::RubyConfiguration]
+      attr_writer :ruby
+      # @return [Contrast::Config::ServiceConfiguration]
+      attr_writer :service
+      # @return [ Contrast::Config::LoggerConfiguration]
+      attr_writer :logger
+      # @return [Contrast::Config::HeapDumpConfiguration]
+      attr_writer :heap_dump
 
       def initialize hsh = {}
-        @enable = traverse_config(hsh, :enable)
-        @start_bundled_service = traverse_config(hsh, :start_bundled_service)
-        @omit_body = traverse_config(hsh, :omit_body)
-        @service = Contrast::Config::ServiceConfiguration.new(traverse_config(hsh, :service))
-        @logger = Contrast::Config::LoggerConfiguration.new(traverse_config(hsh, :logger))
-        @ruby = Contrast::Config::RubyConfiguration.new(traverse_config(hsh, :ruby))
-        @heap_dump = Contrast::Config::HeapDumpConfiguration.new(traverse_config(hsh, :heap_dump))
+        return unless hsh
+
+        @enable = hsh[:enable]
+        @start_bundled_service = hsh[:start_bundled_service]
+        @omit_body = hsh[:omit_body]
+        @service = Contrast::Config::ServiceConfiguration.new(hsh[:service])
+        @logger = Contrast::Config::LoggerConfiguration.new(hsh[:logger])
+        @ruby = Contrast::Config::RubyConfiguration.new(hsh[:ruby])
+        @heap_dump = Contrast::Config::HeapDumpConfiguration.new(hsh[:heap_dump])
       end
 
       # @return [Boolean, true]

data/lib/contrast/config/api_configuration.rb

@@ -8,7 +8,9 @@ require 'contrast/config/request_audit_configuration'
 module Contrast
   module Config
     # Api keys configuration
-    class ApiConfiguration < BaseConfiguration
+    class ApiConfiguration
+      include Contrast::Config::BaseConfiguration
+
       # @return [String]
       attr_accessor :api_key
       # @return [String]
@@ -20,13 +22,15 @@ module Contrast
       DEFAULT_URL = 'https://app.contrastsecurity.com/Contrast'
 
       def initialize hsh = {}
-        @api_key = traverse_config(hsh, :api_key)
-        @url = traverse_config(hsh, :url)
-        @user_name = traverse_config(hsh, :user_name)
-        @service_key = traverse_config(hsh, :service_key)
-        @proxy = Contrast::Config::ApiProxyConfiguration.new(traverse_config(hsh, :proxy))
-        @request_audit = Contrast::Config::RequestAuditConfiguration.new(traverse_config(hsh, :request_audit))
-        @certificate = Contrast::Config::CertificationConfiguration.new(traverse_config(hsh, :certificate))
+        return unless hsh
+
+        @api_key = hsh[:api_key]
+        @url = hsh[:url]
+        @user_name = hsh[:user_name]
+        @service_key = hsh[:service_key]
+        @proxy = Contrast::Config::ApiProxyConfiguration.new(hsh[:proxy])
+        @request_audit = Contrast::Config::RequestAuditConfiguration.new(hsh[:request_audit])
+        @certificate = Contrast::Config::CertificationConfiguration.new(hsh[:certificate])
       end
 
       def url

data/lib/contrast/config/api_proxy_configuration.rb

@@ -4,14 +4,18 @@
 module Contrast
   module Config
     # Api Proxy keys configuration
-    class ApiProxyConfiguration < BaseConfiguration
+    class ApiProxyConfiguration
+      include Contrast::Config::BaseConfiguration
+
       # @return [String] proxy url
       attr_accessor :url
       attr_writer :enable
 
       def initialize hsh = {}
-        @enable = traverse_config(hsh, :enable)
-        @url = traverse_config(hsh, :url)
+        return unless hsh
+
+        @enable = hsh[:enable]
+        @url = hsh[:url]
       end
 
       # @return [Boolean, false]

data/lib/contrast/config/application_configuration.rb

@@ -7,7 +7,9 @@ module Contrast
   module Config
     # Common Configuration settings. Those in this section pertain to the
     # application identification functionality of the Agent.
-    class ApplicationConfiguration < BaseConfiguration
+    class ApplicationConfiguration
+      include Contrast::Config::BaseConfiguration
+
       # @return [String]
       attr_accessor :name
       # @return [String]
@@ -27,16 +29,18 @@ module Contrast
       attr_writer :session_id, :session_metadata
 
       def initialize hsh = {}
-        @name = traverse_config(hsh, :name)
-        @version = traverse_config(hsh, :version)
-        @language = traverse_config(hsh, :language)
-        @path = traverse_config(hsh, :path)
-        @group = traverse_config(hsh, :group)
-        @tags = traverse_config(hsh, :tags)
-        @code = traverse_config(hsh, :code)
-        @metadata = traverse_config(hsh, :metadata)
-        @session_id = traverse_config(hsh, :session_id)
-        @session_metadata = traverse_config(hsh, :session_metadata)
+        return unless hsh
+
+        @name = hsh[:name]
+        @version = hsh[:version]
+        @language = hsh[:language]
+        @path = hsh[:path]
+        @group = hsh[:group]
+        @tags = hsh[:tags]
+        @code = hsh[:code]
+        @metadata = hsh[:metadata]
+        @session_id = hsh[:session_id]
+        @session_metadata = hsh[:session_metadata]
       end
 
       # @return [String, Contrast::Utils::ObjectShare::EMPTY_STRING]