contrast-agent 6.0.0 → 6.1.2

data/lib/contrast/agent/reporting/reporting_events/observed_library_usage.rb

@@ -1,7 +1,7 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/agent/reporting/reporting_events/reporting_event'
+require 'contrast/agent/reporting/reporting_events/application_reporting_event'
 require 'contrast/agent/reporting/reporting_events/library_usage_observation'
 
 module Contrast
@@ -11,7 +11,7 @@ module Contrast
       #
       # @attr_reader observations - Array[Contrast::Agent::Reporting::LibraryUsageObservation]
       #                            - Hash of LibraryUsageObservations
-      class ObservedLibraryUsage < Contrast::Agent::Reporting::ReportingEvent
+      class ObservedLibraryUsage < Contrast::Agent::Reporting::ApplicationReportingEvent
         attr_reader :observations
 
         class << self
@@ -32,6 +32,10 @@ module Contrast
           super
         end
 
+        def file_name
+          'library-observation'
+        end
+
         def to_controlled_hash
           validate
           { observations: @observations.map(&:to_controlled_hash) }

data/lib/contrast/agent/reporting/reporting_events/observed_route.rb

@@ -3,7 +3,7 @@
 
 require 'json'
 require 'contrast/components/logger'
-require 'contrast/agent/reporting/reporting_events/reporting_event'
+require 'contrast/agent/reporting/reporting_events/application_reporting_event'
 require 'contrast/utils/object_share'
 
 module Contrast
@@ -15,7 +15,7 @@ module Contrast
       # externally accessible endpoints within the application, as registered to the application framework. This also
       # includes the literal URL and HTTP Verb used to invoke them, as they must have been called at this point to be
       # recorded.
-      class ObservedRoute < Contrast::Agent::Reporting::ReportingEvent
+      class ObservedRoute < Contrast::Agent::Reporting::ApplicationReportingEvent
         # @param [String] the method signature used to uniquely identify the coverage report.
         attr_accessor :signature
         # @param [String] the normalized URL used to access the method in the route.
@@ -35,6 +35,10 @@ module Contrast
           super()
         end
 
+        def file_name
+          'routes-observed'
+        end
+
         # Convert the instance variables on the class, and other information, into the identifiers required for
         # TeamServer to process the JSON form of this message.
         #
@@ -44,7 +48,7 @@ module Contrast
           validate
           rc_hash = {
               session_id: @agent_session_id_value,
-              sources: @sources,
+              sources: @sources.map(&:to_controlled_hash),
               signature: @signature,
               verb: @verb,
               url: @url

data/lib/contrast/agent/reporting/reporting_events/poll.rb

@@ -1,19 +1,23 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/agent/reporting/reporting_events/reporting_event'
+require 'contrast/agent/reporting/reporting_events/application_reporting_event'
 
 module Contrast
   module Agent
     module Reporting
       # This is the new Poll class for the Heartbeat Service.
-      class Poll < Contrast::Agent::Reporting::ReportingEvent
+      class Poll < Contrast::Agent::Reporting::ApplicationReportingEvent
         def initialize
           @event_type = :heartbeat
           @event_endpoint = Contrast::Agent::Reporting::Endpoints.heartbeat
           super
         end
 
+        def file_name
+          'applications-heartbeat'
+        end
+
         # This is commented out as I am not aware if we're supposed to send some information and/or parse it to hash
         # In https://github.com/Contrast-Security-Inc/contrast-service/blob/next/reporting/tsreporter.go
         #

data/lib/contrast/agent/reporting/reporting_events/preflight.rb

@@ -1,7 +1,7 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/agent/reporting/reporting_events/reporting_event'
+require 'contrast/agent/reporting/reporting_events/application_reporting_event'
 
 module Contrast
   module Agent
@@ -10,12 +10,10 @@ module Contrast
       # to report a Preflight message to TeamServer. This message represents the identifying information of a
       # collection of Findings/Traces, which TeamServer will use to determine if it requires the full information of
       # any of the Findings/Traces to be reported.
-      #
-      # For our purposes, we'll only ever send one message per request; however, we must use an array to conform to the
-      # specification.
-      #
-      # @attr_reader messages [Array<Contrast::Agent::Reporting::PreflightMessage>]
-      class Preflight < Contrast::Agent::Reporting::ReportingEvent
+      class Preflight < Contrast::Agent::Reporting::ApplicationReportingEvent
+        # For our purposes, we'll only ever send one message per request; however,
+        # we must use an array to conform to the specification.
+        # @return messages [Array<Contrast::Agent::Reporting::PreflightMessage>]
         attr_reader :messages
 
         def initialize
@@ -25,13 +23,17 @@ module Contrast
           super
         end
 
+        def file_name
+          'preflight'
+        end
+
         # Convert the instance variables on the class, and other information, into the identifiers required for
         # TeamServer to process the JSON form of this message.
         #
         # @return [Hash]
         # @raise [ArgumentError]
         def to_controlled_hash
-          { messages: @messages }
+          { messages: @messages.map(&:to_controlled_hash) }
         end
       end
     end

data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb

@@ -12,13 +12,13 @@ module Contrast
       # system to report a single message, part of the main Preflight, to TeamServer. This message represents the
       # identifying information of a Finding/Trace, which TeamServer will use to determine if it requires the full
       # information of the Finding/Trace to be reported.
-      #
-      # @attr_accessor data [String] the message identifier; rule_id,hash
-      # @attr_accessor hash_code [String]
-      # @attr_reader routes [Array<Contrast::Agent::Reporting::RouteDiscovery] the route that triggered the finding
-      #   to which this preflight applies.
       class PreflightMessage
-        attr_accessor :data, :hash_code
+        # @return [String] the message identifier; rule_id,hash
+        attr_accessor :data
+        # @return [String] CRC checksum of the finding to which this message pertains
+        attr_accessor :hash_code
+        # @return [Array<Contrast::Agent::Reporting::RouteDiscovery] the route that triggered the finding to which this
+        #   preflight applies.
         attr_reader :routes
 
         # The type of this event, as understood by TeamServer. While TRACE and APPUPDATE are both technically valid, we
@@ -54,16 +54,12 @@ module Contrast
 
         def validate
           raise(ArgumentError, "#{ cs__class } did not have a proper data. Unable to continue.") unless data
-          raise(ArgumentError, "#{ cs__class } did not have a proper routes. Unable to continue.") if routes.empty?
           unless @app_name
             raise(ArgumentError, "#{ cs__class } did not have a proper application name. Unable to continue.")
           end
           unless @app_language
             raise(ArgumentError, "#{ cs__class } did not have a proper application language. Unable to continue.")
           end
-          unless @app_version
-            raise(ArgumentError, "#{ cs__class } did not have a proper application version. Unable to continue.")
-          end
           unless @agent_session_id_value
             raise(ArgumentError, "#{ cs__class } did not have a proper session id. Unable to continue.")
           end

data/lib/contrast/agent/reporting/reporting_events/server_activity.rb

@@ -1,18 +1,17 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/agent/reporting/reporting_events/reporting_event'
+require 'contrast/agent/reporting/reporting_events/server_reporting_event'
 
 module Contrast
   module Agent
     module Reporting
-      # This class will initialize empty ServerActivity body to be send to TS.
-      # The server activity endpoint records actions taken on the serveror process as a whole.
-      # It currently only reports the number of times a defensive action was taken and is most
-      # likely not populated by most agents. The main purpose of sending this message is for its
-      # response, which contains any updated server feature settings from TeamServer.
-      # The new Server Settings endpoint should let us remove this.
-      class ServerActivity < Contrast::Agent::Reporting::ReportingEvent
+      # This class will initialize empty ServerActivity body to be send to TS. The server activity endpoint records
+      # actions taken on the server or process as a whole. It currently only reports the number of times a defensive
+      # action was taken and is most likely not populated by most agents. The main purpose of sending this message is
+      # for its response, which contains any updated server feature settings from TeamServer. The new Server Settings
+      # endpoint should let us remove this.
+      class ServerActivity < Contrast::Agent::Reporting::ServerReportingEvent
         class << self
           # @param _server_activity_dtm [Contrast::Api::Dtm::ServerActivity]
           # @return [Contrast::Agent::Reporting::ServerActivity]
@@ -27,24 +26,17 @@ module Contrast
           super
         end
 
+        def file_name
+          'server-activity'
+        end
+
         # Convert the instance variables on the class, and other information, into the identifiers required for
         # TeamServer to process the JSON form of this message.
         #
         # @return [Hash]
         # @raise [ArgumentError]
         def to_controlled_hash
-          { lastUpdate: timestamp }
-        end
-
-        private
-
-        # The timestamp field is a bit of a misnomer. It's really the time, in ms, since the settings for this
-        # server have been updated.
-        #
-        # @return [Integer]
-        def timestamp
-          Contrast::Utils::Timer.now_ms -
-              (Contrast::Agent.reporter&.client&.response_handler&.last_server_update_ms || 0)
+          { lastUpdate: since_last_update }
         end
       end
     end

data/lib/contrast/agent/reporting/reporting_events/server_reporting_event.rb

@@ -0,0 +1,27 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/reporting/reporting_events/reporting_event'
+require 'contrast/utils/timer'
+
+module Contrast
+  module Agent
+    module Reporting
+      # This is the new ServerReportingEvent class which will include all the needed and mutual information for those
+      # events which correspond to Servers, such as Servers Activity.
+      #
+      # @abstract
+      class ServerReportingEvent < Contrast::Agent::Reporting::ReportingEvent
+        protected
+
+        # The timestamp field is a bit of a misnomer. It's really the time, in ms, since the settings for this
+        # application have been updated. If I've never updated, then it's been 0ms since then.
+        #
+        # @return [Integer]
+        def since_last_update
+          (update_time = Contrast::SETTINGS.last_server_update_ms) ? Contrast::Utils::Timer.now_ms - update_time : 0
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/reporting_utilities/audit.rb

@@ -22,61 +22,51 @@ module Contrast
         # This method will be handling the auditing of the requests and responses we send to SpeedRacer. If the audit
         # feature is enabled, we'll log to file the request and/or response protobuf objects.
         #
-        # @param event [Contrast::Api::Dtm|Contrast::Agent::Reporting::ReportingEvent] One of the DTMs valid for the
-        #   event field of Contrast::Api::Dtm::Message|Contrast::Agent::Reporting::ReportingEvent
-        # @param response_data [Contrast::Api::Settings::AgentSettings,nil]
+        # @param event [Contrast::Agent::Reporting::ReportingEvent] One of the DTMs valid for the
+        #   event field of Contrast::Agent::Reporting::ReportingEvent
+        # @param response_data [Net::HTTP::Response]
         def audit_event event, response_data = nil
           return unless ::Contrast::API.request_audit_requests? || ::Contrast::API.request_audit_responses?
 
-          type = event.cs__respond_to?(:file_name) ? event.file_name : event.cs__class.cs__name.to_s.downcase
-          if ::Contrast::API.request_audit_requests?
-            data = if event.cs__class < Contrast::Agent::Reporting::ReportingEvent
-                     event.to_controlled_hash.to_json
-                   else # TODO: RUBY-1438 -- remove
-                     event.to_s
-                   end
-            log_data :request, type, data if data
-          end
+          file_name = event.cs__respond_to?(:file_name) ? event.file_name : event.cs__class.cs__name.to_s.downcase
+          data = event.to_controlled_hash.to_json
+          log_data(:request, file_name, data) if data
           return unless ::Contrast::API.request_audit_responses?
 
-          data = response_data.to_s || event.http_response.try(:body) || 'There is no available response'
-          log_data :response, type, data
+          data = response_data&.body || 'There is no available response'
+          log_data(:response, file_name, data)
         end
 
         private
 
         # This method will proceed with passing the data with to the writing method
         # @param type [Symbol] This is the type of the file /:request, :response/
-        # @param data_type[String] DTM type String representation
+        # @param file_name[String] file_name to log
         # @param data[String] String representation if the logged data
-        def log_data type, data_type, data = nil
+        def log_data type, file_name, data = nil
           return unless enabled?
           return unless Contrast::CONTRAST_SERVICE.use_agent_communication?
 
-          write_to_file type, data_type, data
+          logger.debug('logging to file', file_name: file_name) # TODO: RUBY-99999 DO NOT COMMIT THIS
+          write_to_file(type, file_name, data)
         end
 
         # This method will be actually writing to the file
         # @param type [Symbol] This is the type of the file /:request, :response/
-        # @param data_type [String] Data type /Activity/Finding../
+        # @param event_name [String] the type portion of the file to which to write
         # @param data [any] The data to be written to the file
-        def write_to_file type, data_type, data = nil
+        def write_to_file type, event_name, data = nil
           time = Time.now.to_i
           destination = type == :request ? path_for_requests : path_for_responses
           # If the feature is disabled or we have yet to create the directory structure, then we could have a nil
           # destination. In that case, take no action
           return unless destination
 
-          filename = "#{ time }-#{ Thread.current.object_id }-#{ data_type.gsub('::', '_') }-teamserver.json"
+          filename = "#{ time }_#{ Thread.current.object_id }_#{ event_name.gsub('::', '-') }_teamserver_#{ type }.json"
           filepath = File.join(destination, filename)
+          logger.debug('Writing to file', eventname: event_name, filename: filename, filepath: filepath)
           # Here is use append mode, because of a slightly possibility of overwriting an existing file
-          File.open(filepath, 'a') do |f|
-            if data_type.include?('reporting')
-              f.write(Contrast::Utils::StringUtils.force_utf8(data))
-            else
-              f.write({ data_type: Contrast::Utils::StringUtils.force_utf8(data) }.to_json)
-            end
-          end
+          File.open(filepath, 'a') { |f| f.write(Contrast::Utils::StringUtils.force_utf8(data)) }
         rescue StandardError => e
           logger.warn('Saving audit failed', e: e)
         end

data/lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb

@@ -0,0 +1,38 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/reporting/reporting_events/preflight_message'
+require 'contrast/agent/reporting/reporting_events/preflight'
+require 'contrast/agent/reporting/reporting_events/route_discovery'
+require 'contrast/agent/reporting/reporting_utilities/reporting_storage'
+
+module Contrast
+  module Agent
+    module Reporting
+      # This module will handle the building of new preflights prior to
+      # sending them.
+      module BuildPreflight
+        class << self
+          # @param finding [Contrast::Agent::Reporting::Finding]
+          # @param request [Contrast::Agent::Request] current request
+          def build finding, request
+            return unless finding
+
+            # save the current finding
+            Contrast::Agent::Reporting::ReportingStorage[finding.hash_code] = finding
+
+            new_preflight = Contrast::Agent::Reporting::Preflight.new
+            new_preflight_message = Contrast::Agent::Reporting::PreflightMessage.new
+            if request&.route
+              new_preflight_message.routes << Contrast::Agent::Reporting::RouteDiscovery.convert(request.route)
+            end
+            new_preflight_message.hash_code = finding.hash_code
+            new_preflight_message.data = "#{ finding.rule_id },#{ finding.hash_code }"
+            new_preflight.messages << new_preflight_message
+            new_preflight
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 
 require 'contrast/agent/reporting/reporting_events/server_activity'
+require 'contrast/agent/reporting/reporting_events/application_activity'
 require 'contrast/api/dtm.pb'
 
 module Contrast
@@ -43,6 +44,12 @@ module Contrast
             dtm.cs__is_a?(Contrast::Api::Dtm::Finding)
           end
 
+          # @param dtm [Contrast::Api::Dtm::Finding,Object]
+          # @return [Boolean]
+          def activity? dtm
+            dtm.cs__is_a?(Contrast::Api::Dtm::Activity)
+          end
+
           # Converts DTM message to Reporting Event for those messages that have conversion methods crated. We use this
           # as we work to move away from requiring the Service.
           #
@@ -57,6 +64,7 @@ module Contrast
             return Contrast::Agent::Reporting::ObservedLibraryUsage.convert(dtm) if library_usage?(dtm)
             return Contrast::Agent::Reporting::ApplicationUpdate.convert(dtm) if application_update?(dtm)
             return Contrast::Agent::Reporting::Finding.convert(dtm) if finding?(dtm)
+            return Contrast::Agent::Reporting::ApplicationActivity.convert(dtm) if activity?(dtm)
 
             nil
           end

data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb

@@ -43,6 +43,12 @@ module Contrast
             end
           end
 
+          def application_activity
+            with_rescue do
+              NG_ENDPOINTS[:application_activity].cs__freeze
+            end
+          end
+
           # @return [String,nil]
           def library_usage
             with_rescue do

data/lib/contrast/agent/reporting/reporting_utilities/headers.rb

@@ -13,11 +13,10 @@ module Contrast
         attr_reader :app_name, :api_key, :agent_version, :app_language, :app_path, :app_version, :authorization,
                     :server_name, :server_path, :server_type, :content_type, :encoding
 
+        include Contrast::Utils::ObjectShare
         ENCODING = 'base64'
         CONTENT_TYPE = 'application/json'
 
-        include Contrast::Utils::ObjectShare
-
         def initialize
           @app_name = Base64.strict_encode64(Contrast::APP_CONTEXT.app_name)
           @api_key = Contrast::API.api_key

data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb

@@ -21,8 +21,13 @@ module Contrast
 
         include Contrast::Agent::Reporting::Endpoints
         include Contrast::Agent::Reporting::ReporterClientUtils
-        SERVICE_NAME = 'Reporter'
         include Contrast::Components::Logger::InstanceMethods
+        SERVICE_NAME = 'Reporter'
+        def initialize
+          @headers = Contrast::Agent::Reporting::Headers.new
+          super()
+        end
+
         # This method initializes the Net::HTTP client we'll need. it will validate
         # the connection and make the first request. If connection is valid and response
         # is available then the open connection is returned.
@@ -33,11 +38,6 @@ module Contrast
           super(SERVICE_NAME, Contrast::API.api_url, use_proxy: true, use_custom_cert: true)
         end
 
-        def initialize
-          @headers = Contrast::Agent::Reporting::Headers.new
-          super()
-        end
-
         # Start the client for first time and sent startup event
         #
         # @param connection [Net::HTTP] open connection
@@ -50,8 +50,8 @@ module Contrast
 
         # Check event type and send it to appropriate TS endpoint
         #
-        # @param event [Contrast::Api::Dtm,Contrast::Agent::Reporting::ReportingEvent] One of the DTMs valid
-        # for the event field of Contrast::Api::Dtm::Message|Contrast::Api::Dtm::Activity
+        # @param event [Contrast::Agent::Reporting::ReportingEvent] The event to send to TeamServer. Really a
+        #   child of the ReportingEvent rather than a literal one.
         # @param connection [Net::HTTP] open connection
         # @param send_immediately [Boolean] flag for the logger
         # @return response [Net::HTTP::Response, nil] response from TS if no response
@@ -60,9 +60,14 @@ module Contrast
           return unless connection
 
           log_send_event(event) if send_immediately
-          send_events(event, connection)
+          request = build_request(event)
+          response = connection.request(request)
+          audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable?
+          process_settings_response(response)
+          process_preflight_response(event, response, connection)
+          response
         rescue StandardError => e
-          handle_error event, e
+          handle_error(event, e)
         end
 
         def status

data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb

@@ -16,39 +16,34 @@ module Contrast
         include Contrast::Components::Scope::InstanceMethods
         include Contrast::Agent::Reporting::Endpoints
 
-        # List the events that need to be sent when agent starts up
+        # List the events that need to be sent when agent starts up.
+        # The order here matters -- DO NOT CHANGE IT!!! >_< - HM
+        #
+        # If you add more, update the test in reporter_client_spec.rb
         STARTUP_EVENTS = [
-          Contrast::Agent::Reporting::ApplicationStartup,
-          Contrast::Agent::Reporting::AgentStartup
+          Contrast::Agent::Reporting::AgentStartup,
+          Contrast::Agent::Reporting::ApplicationStartup
         ].cs__freeze
 
-        # @param event [Contrast::Agent::Reporting::Preflight] the preflight we handle here
-        # @param response [Net::HTTP::Response,nil] The response we handle and read from
-        # @param connection [Net::HTTP] open connection
-        def handle_response event, response, connection
-          return unless event && response && connection
-          return unless event.cs__is_a?(Contrast::Agent::Reporting::Preflight)
-
-          preflight_message = event.messages[0]
-          # for handling multiple findings
-          # we'll only extract the indexes without *
-          # findings_to_return = response.body.split(',').delete_if { |el| el.include?('*') }
-          # after that we'll do some magic and return them the same way we do for corresponding_finding
-          corresponding_finding = Contrast::Agent::Reporting::ReportingStorage.delete(preflight_message.hash_code)
-          return unless corresponding_finding
-
-          audit&.audit_event(corresponding_finding, response) if ::Contrast::API.request_audit_enable?
-          send_event(corresponding_finding, connection, send_immediately: true)
-          nil
-        rescue StandardError => e
-          logger.error('Unable to handle response', e)
+        def audit
+          @_audit ||= Contrast::Agent::Reporting::Audit.new
         end
 
         private
 
-        # TODO: RUBY-1466 find better home for this?
-        def audit
-          @_audit ||= Contrast::Agent::Reporting::Audit.new
+        # Send Agent Startup event
+        #
+        # @param connection [Net::HTTP] open connection
+        def send_agent_startup connection
+          logger.debug('Preparing to send startup messages')
+
+          STARTUP_EVENTS.each do |event|
+            startup_event = event.new
+            send_event(startup_event, connection, send_immediately: true)
+          rescue StandardError => e
+            handle_error(startup_event, e)
+          end
+          logger.debug('Startup messages sent')
         end
 
         # This method will build headers of the request required for TS communication
@@ -73,8 +68,8 @@ module Contrast
 
         # log the event sent immediately
         #
-        # @param event [Contrast::Api::Dtm,Contrast::Agent::Reporting::ReportingEvent] One of the DTMs valid for the
-        # event field of Contrast::Api::Dtm::Message|Contrast::Api::Dtm::Activity
+        # @param event [Contrast::Agent::Reporting::ReportingEvent] The event to send to TeamServer. Really a
+        #   child of the ReportingEvent rather than a literal one.
         def log_send_event event
           logger.debug("#{ Contrast::Agent::Reporting::ReporterClient::SERVICE_NAME } immediately sending event.",
                        event_id: event.__id__, event_type: event.cs__class.cs__name)
@@ -82,7 +77,7 @@ module Contrast
 
         # Handles standard error case, logs and set status for failure
         #
-        # @param event [Contrast::Api::Dtm, Contrast::Agent::Reporting::ReportingEvent]
+        # @param event [Contrast::Agent::Reporting::ReportingEvent]
         # One of the DTMs valid for the event field of Contrast::Api::Dtm::Message|Contrast::Api::Dtm::Activity
         # @param error_msg [StandardError]
         # @return nil [NilClass] to be passed as response
@@ -99,16 +94,41 @@ module Contrast
         # Handles response processing and sets status
         #
         # @param response [Net::HTTP::Response]
-        def process_response response
+        def process_settings_response response
           response_handler.process(response)
-          logger.debug('Successfully sent startup messages to service.')
+          logger.debug('Successfully sent startup messages to TeamServer.')
           status.success!
         end
 
-        # build the request headers and assign endpoint
+        # Given a response from preflght, when the finding hash is desired, then send the finding to which it pertains.
+        # The method accepts any Contrast::Agent::Reporting::ReportingEvent, but will short circuit if it is not a
+        # Contrast::Agent::Reporting::Preflight.
         #
-        # @param event event [Contrast::Agent::Reporting::ReportingEvent]
-        # One of the DTMs valid for the event field of Contrast::Api::Dtm::Message|Contrast::Api::Dtm::Activity
+        # @param event [Contrast::Agent::Reporting::ReportingEvent] The event to send to TeamServer. Really a
+        #   child of the ReportingEvent rather than a literal one.
+        # @param response [Net::HTTPResponse,nil] The response we handle and read from
+        # @param connection [Net::HTTP] open connection
+        def process_preflight_response event, response, connection
+          return unless event.cs__is_a?(Contrast::Agent::Reporting::Preflight)
+          return unless response && connection
+
+          findings_to_return = response.body.split(',').delete_if { |el| el.include?('*') }
+          findings_to_return.each do |index|
+            preflight_message = event.messages[index.to_i]
+            corresponding_finding = Contrast::Agent::Reporting::ReportingStorage.delete(preflight_message.hash_code)
+            next unless corresponding_finding
+
+            send_event(corresponding_finding, connection)
+          end
+        rescue StandardError => e
+          logger.error('Unable to handle response', e)
+        end
+
+        # Convert the given event into an appropriate Net::HTTPRequest object, setting the request headers and
+        # assigning endpoint the endpoint appropriate for the event and casting its hash to a JSON body.
+        #
+        # @param event event [Contrast::Agent::Reporting::ReportingEvent] The event to send to TeamServer. Really a
+        #   child of the ReportingEvent rather than a literal one.
         # @return [Net::HTTP::Post,Net::HTTP::Put]
         def build_request event
           with_contrast_scope do
@@ -124,39 +144,6 @@ module Contrast
             request
           end
         end
-
-        # Send Agent Startup event
-        #
-        # @param connection [Net::HTTP] open connection
-        def send_agent_startup connection
-          logger.debug('Preparing to send startup messages')
-
-          STARTUP_EVENTS.each do |event|
-            startup_event = event.new
-            request = build_request(startup_event)
-            response = connection.request(request)
-            process_response(response)
-          rescue StandardError => e
-            handle_error(startup_event, e)
-          end
-        end
-
-        # Sent different events to different endpoints
-        #
-        # @param event [Contrast::Api::Dtm,Contrast::Agent::Reporting::ReportingEvent] Main reporting event, all events
-        # inherit it
-        # @param connection [Net::HTTP] open connection
-        # @return [Net::HTTP::Response]
-        def send_events event, connection
-          request = build_request(event)
-          response = connection.request(request)
-          process_response(response)
-          response
-        rescue StandardError => e
-          handle_error(event, e)
-        end
-
-        # Eventually here we'll handle more response types and etc
       end
     end
   end