contrast-agent 6.1.0 → 6.1.1

data/lib/contrast/agent/reporting/reporting_utilities/response.rb

@@ -18,7 +18,7 @@ module Contrast
 
         # All of the feature server_features
         #
-        # @return server_features [Contrast::Agent::Reporting::Settings::FeatureSettings, nil]
+        # @return [Contrast::Agent::Reporting::Settings::FeatureSettings, nil]
         attr_accessor :server_features
 
         class << self

data/lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb

@@ -92,7 +92,7 @@ module Contrast
           sensitive_data = response_data[:settings][:sensitive_data_masking_policy]
           res.application_settings.sensitive_data_masking.mask_http_body = sensitive_data[:mask_http_body]
           res.application_settings.sensitive_data_masking.mask_attack_vector = sensitive_data[:mask_attack_vector]
-          res.application_settings.sensitive_data_masking.build_rules_form_settings sensitive_data[:rules]
+          res.application_settings.sensitive_data_masking.build_rules_form_settings(sensitive_data[:rules])
         end
       end
     end

data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb

@@ -78,17 +78,17 @@ module Contrast
         def handle_error response
           case response&.code
           when ERROR_CODES[:message_not_sent]
-            handle_response_errors response, UNSUCCESSFULLY_RECEIVED_MSG, mode.running
+            handle_response_errors(response, UNSUCCESSFULLY_RECEIVED_MSG, mode.running)
           when ERROR_CODES[:access_forbidden]
-            handle_response_errors response, FORBIDDEN_MSG, mode.running
+            handle_response_errors(response, FORBIDDEN_MSG, mode.running)
           when ERROR_CODES[:access_forbidden_no_action]
-            handle_response_errors response, FORBIDDEN_NO_ACTION_MSG, mode.running
+            handle_response_errors(response, FORBIDDEN_NO_ACTION_MSG, mode.running)
           when ERROR_CODES[:application_do_not_exist]
-            handle_response_errors response, APP_NON_EXISTENT_MSG, mode.disabled
+            handle_response_errors(response, APP_NON_EXISTENT_MSG, mode.disabled)
           when ERROR_CODES[:unprocessable_entity]
-            handle_response_errors response, UNPROCESSABLE_ENTITY_MSG, mode.disabled
+            handle_response_errors(response, UNPROCESSABLE_ENTITY_MSG, mode.disabled)
           when ERROR_CODES[:too_many_requests]
-            handle_response_errors response, RETRY_AFTER_MSG, mode.resending
+            handle_response_errors(response, RETRY_AFTER_MSG, mode.resending)
           else
             logger.debug('Response Error code could not be processed')
           end
@@ -102,7 +102,7 @@ module Contrast
         # @param error_message [String, nil] Error message if any received.
         def suspend_reporting message, timeout, error_message
           @_timeout = timeout || Contrast::Agent::Reporting::ResponseHandler::TIMEOUT
-          log_debug_msg message, timeout: @_timeout, error_message: error_message || 'none'
+          log_debug_msg(message, timeout: @_timeout, error_message: error_message || 'none')
           @_sleep = true
         end
 

data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb

@@ -95,16 +95,16 @@ module Contrast
         def handle_response_errors response, message, mode
           # Set the current mode status.
           @_mode.status = mode
-          ready_after, error_message, auth_error = extract_response_info response
+          ready_after, error_message, auth_error = extract_response_info(response)
           # log, suspend, disable:
           if mode == @_mode.running
-            log_debug_msg message,
+            log_debug_msg(message,
                           response: response.__id__,
                           request: Contrast::Agent::REQUEST_TRACKER.current&.request&.type,
                           error_message: error_message || 'none',
-                          auth_error: auth_error || 'none'
+                          auth_error: auth_error || 'none')
           end
-          suspend_reporting message, ready_after, error_message if mode == @_mode.resending
+          suspend_reporting(message, ready_after, error_message) if mode == @_mode.resending
           return unless mode == @_mode.disabled
 
           stop_reporting(message, application: Contrast::APP_CONTEXT.app_name, error_message: error_message)
@@ -142,8 +142,8 @@ module Contrast
         def update_agent_settings response
           return unless response
 
-          Contrast::SETTINGS.update_from_server_features(response) if response.server_features
-          Contrast::SETTINGS.update_from_application_settings(response) if response.application_settings
+          ::Contrast::SETTINGS.update_from_server_features(response) if response.server_features
+          ::Contrast::SETTINGS.update_from_application_settings(response) if response.application_settings
         end
 
         # Process the given Reactions from the application settings based on what
@@ -152,7 +152,7 @@ module Contrast
         #
         # @param response [Contrast::Agent::Reporting::Response]
         def update_reaction response
-          return unless response.application_settings.reactions&.any?
+          return unless response.application_settings&.reactions&.any?
 
           response.application_settings.reactions.each do |reaction|
             # The enums are all uppercase, we need to downcase them before attempting to log.
@@ -223,11 +223,11 @@ module Contrast
         # @return res [Contrast::Agent::Reporting::Response]
         def build_application_settings response_data
           res = Contrast::Agent::Reporting::Response.application_response
-          extract_assess response_data, res
-          extract_protect response_data, res
-          extract_exclusions response_data, res
-          extract_reactions response_data, res
-          extract_sensitive_data_policy response_data, res
+          extract_assess(response_data, res)
+          extract_protect(response_data, res)
+          extract_exclusions(response_data, res)
+          extract_reactions(response_data, res)
+          extract_sensitive_data_policy(response_data, res)
           res
         end
 
@@ -235,9 +235,9 @@ module Contrast
         # @return res [Contrast::Agent::Reporting::Response]
         def build_feature_settings response_data
           res = Contrast::Agent::Reporting::Response.server_response
-          extract_assess_server_features response_data, res
-          extract_protect_server_features response_data, res
-          extract_protect_lists response_data, res
+          extract_assess_server_features(response_data, res)
+          extract_protect_server_features(response_data, res)
+          extract_protect_lists(response_data, res)
           res.server_features.log_level = response_data[:logLevel]
           res.server_features.log_file = response_data[:logFile]
           res.server_features.telemetry = response_data[:telemetry]

data/lib/contrast/agent/reporting/settings/application_settings.rb

@@ -61,7 +61,7 @@ module Contrast
           #   operation [String] What to do in response to this reaction.[NOOP, DISABLE] }
           # @return [Array<Contrast::Agent::Reporting::Settings::Reaction>]
           def reactions= reactions
-            return unless reactions.is_a? Array
+            return unless reactions.is_a?(Array)
 
             @_reactions = []
             reactions.each do |r|

data/lib/contrast/agent/reporting/settings/assess.rb

@@ -12,7 +12,7 @@ module Contrast
         class Assess
           # Assess rules to disable for this application.
           #
-          # @return disabled_rules [Array<AssessRuleID>] Array with string rule_ids
+          # @return disabled_rules [Array<String>] Array with string rule_ids
           def disabled_rules
             @_disabled_rules ||= []
           end
@@ -20,15 +20,15 @@ module Contrast
           # @param disabled_rules [Array] with AssessRuleID strings
           # @return disabled_rules [Array<AssessRuleID>] Array with string rule_ids
           def disabled_rules= disabled_rules
-            @_disabled_rules = disabled_rules if disabled_rules.is_a? Array
+            @_disabled_rules = disabled_rules if disabled_rules.is_a?(Array)
           end
 
           # The id of a session on TeamServer under which this session of this application should report
           # Overrides that set by application.session_id (should match if provided).
           #
-          # @return session_id [String]
+          # @return session_id [String, nil]
           def session_id
-            @_session_id ||= Contrast::Utils::ObjectShare::EMPTY_STRING
+            @_session_id
           end
 
           # Set the session_id
@@ -36,7 +36,7 @@ module Contrast
           # @param session_id [String]
           # @return session_id [String]
           def session_id= session_id
-            @_session_id = session_id if session_id.is_a? String
+            @_session_id = session_id if session_id.is_a?(String) && !session_id.blank?
           end
         end
       end

data/lib/contrast/agent/reporting/settings/assess_server_feature.rb

@@ -47,7 +47,7 @@ module Contrast
           # }
           # @return [Contrast::Agent::Reporting::Settings::Sampling]
           def sampling= sampling
-            @_sampling = Contrast::Agent::Reporting::Settings::Sampling.new(sampling) if sampling.is_a? Hash
+            @_sampling = Contrast::Agent::Reporting::Settings::Sampling.new(sampling) if sampling.is_a?(Hash)
           end
 
           # The sanitizers defined by the user for use by the agent on this server for this organization.
@@ -72,7 +72,7 @@ module Contrast
           #   tags  [Array[String]]
           #   uuid  [String]
           def sanitizers= sanitizers
-            @_sanitizers = sanitizers if sanitizers.is_a? Array
+            @_sanitizers = sanitizers if sanitizers.is_a?(Array)
           end
 
           # The validators defined by the user for use by the agent on this server for this organization.
@@ -99,7 +99,7 @@ module Contrast
           #   uuid  [String]
           # }
           def validators= validators
-            @_validators = validators if validators.is_a? Array
+            @_validators = validators if validators.is_a?(Array)
           end
         end
       end

data/lib/contrast/agent/reporting/settings/exclusions.rb

@@ -36,7 +36,7 @@ module Contrast
           #   denylist     [String] The call, if in the stack, should result in the agent not taking action.
           # }
           def code_exclusions= code_exclusions
-            @_code_exclusions = code_exclusions if code_exclusions.is_a? Array
+            @_code_exclusions = code_exclusions if code_exclusions.is_a?(Array)
           end
 
           # Cases where rules should be excluded if violated from a given input.
@@ -75,7 +75,7 @@ module Contrast
           #   type           [String] The type of the input [COOKIE, PARAMETER, HEADER, BODY, QUERYSTRING]
           # }
           def input_exclusions= input_exclusions
-            @_input_exclusions = input_exclusions if input_exclusions.is_a? Array
+            @_input_exclusions = input_exclusions if input_exclusions.is_a?(Array)
           end
 
           # A case where rules should be excluded if violated during a call to a given URL.
@@ -114,7 +114,7 @@ module Contrast
           #   type           [String] The type of the input [COOKIE, PARAMETER, HEADER, BODY, QUERYSTRING]
           # }
           def url_exclusions= url_exclusions
-            @_url_exclusions = url_exclusions if url_exclusions.is_a? Array
+            @_url_exclusions = url_exclusions if url_exclusions.is_a?(Array)
           end
         end
       end

data/lib/contrast/agent/reporting/settings/protect.rb

@@ -11,7 +11,7 @@ module Contrast
         # Application level settings for the Protect featureset
         class Protect
           # block at perimeter needs to be check against the blockAtEntry boolean value
-          PROTECT_RULES_MODE = %w[OFF BLOCKING MONITORING].cs__freeze
+          PROTECT_RULES_MODE = %w[OFF MONITORING BLOCKING].cs__freeze
           # The settings for each protect rule for this application
           #
           # @return protection_rules [Array<protectRule>] protectRule: {
@@ -33,7 +33,7 @@ module Contrast
           #   id           [String] The id of a rule in Contrast.
           #   mode         [String] The mode that this rule should run in. [OFF, MONITORING, BLOCKING] }
           def protection_rules= protection_rules
-            @_protection_rules = protection_rules if protection_rules.is_a? Array
+            @_protection_rules = protection_rules if protection_rules.is_a?(Array)
           end
 
           # The virtual patches to apply for this application
@@ -66,7 +66,7 @@ module Contrast
           #   urls       [Array] The urls that must be present in the request to result in the request being blocked.
           #   uuids      [String] The UUID of the Virtual Patch }
           def virtual_patches= virtual_patches
-            @_virtual_patches = virtual_patches if virtual_patches.is_a? Array
+            @_virtual_patches = virtual_patches if virtual_patches.is_a?(Array)
           end
 
           # Converts settings into Agent Settings understandable hash {RULE_ID => MODE}
@@ -77,8 +77,23 @@ module Contrast
 
             modes_by_id = {}
             protection_rules.each do |rule|
-              PROTECT_RULES_MODE.include? rule[:mode]
-              modes_by_id[rule[:id]] = rule[:mode]
+              setting_mode = rule[:mode]
+              next unless PROTECT_RULES_MODE.include?(setting_mode)
+
+              api_mode = case setting_mode
+                         when PROTECT_RULES_MODE[1]
+                           ::Contrast::Api::Settings::ProtectionRule::Mode::MONITORED
+                         when PROTECT_RULES_MODE[2]
+                           if rule[:blockAtEntry]
+                             ::Contrast::Api::Settings::ProtectionRule::Mode::BLOCK_AT_PERIMETER
+                           else
+                             ::Contrast::Api::Settings::ProtectionRule::Mode::BLOCKED
+                           end
+                         else
+                           ::Contrast::Api::Settings::ProtectionRule::Mode::NO_ACTION
+                         end
+
+              modes_by_id[rule[:id]] = api_mode
             end
             modes_by_id
           end

data/lib/contrast/agent/reporting/settings/protect_server_feature.rb

@@ -66,7 +66,7 @@ module Contrast
           #   name    [String] The user defined name of the filter.
           #   uuid    [String] The identifier of the filter as defined by TeamServer.
           def ip_allowlist= allowlist
-            @_ip_allowlist = allowlist if allowlist.is_a? Array
+            @_ip_allowlist = allowlist if allowlist.is_a?(Array)
           end
 
           # The IP addresses for which to disable protection.
@@ -94,7 +94,7 @@ module Contrast
           #                     name    [String] The user defined name of the filter.
           #                     uuid    [String] The identifier of the filter as defined by TeamServer.
           def ip_denylist= denylist
-            @_ip_denylist = denylist if denylist.is_a? Array
+            @_ip_denylist = denylist if denylist.is_a?(Array)
           end
 
           # All of the apis to add new logging calls to the application at runtime.
@@ -134,7 +134,7 @@ module Contrast
           #    type    [String] The type of log message to tenerate. Audit as 0, Security as 2.
           #                     [ AUDIT, ERROR, SECURITY ]
           def log_enchancers= log_enchancers
-            @_log_enchancers = log_enchancers if log_enchancers.is_a? Array
+            @_log_enchancers = log_enchancers if log_enchancers.is_a?(Array)
           end
 
           # The keywords and patterns required for the input analysis of each rule with that capability.
@@ -191,7 +191,7 @@ module Contrast
           #                    value          [String] }
           # }
           def rule_definition_list= list
-            @_rule_definition_list = list if list.is_a? Array
+            @_rule_definition_list = list if list.is_a?(Array)
           end
 
           # Controls for the syslogging feature in the agent.
@@ -234,7 +234,7 @@ module Contrast
           #   syslogSeverityProbed    [String]
           #   syslogSeveritySuspicous [String]
           def syslog= log
-            @_syslog = log if log.is_a? Hash
+            @_syslog = log if log.is_a?(Hash)
           end
         end
       end

data/lib/contrast/agent/reporting/settings/reaction.rb

@@ -19,9 +19,9 @@ module Contrast
           # @param message [String] A message to log when receiving this reaction.
           # @param operation [String] What to do in response to this reaction.[NOOP, DISABLE]
           def initialize level, operation, message
-            @level = level if LEVELS.include? level
-            @operation = operation if OPERATIONS.include? operation
-            @message = message if message.is_a? String
+            @level = level if LEVELS.include?(level)
+            @operation = operation if OPERATIONS.include?(operation)
+            @message = message if message.is_a?(String)
           end
         end
       end

data/lib/contrast/agent/reporting/settings/sensitive_data_masking.rb

@@ -58,7 +58,7 @@ module Contrast
           # @param rules [Array<Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule>]
           # @return rules [Array<Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule>, []]
           def rules= rules
-            @_rules = rules if rules_array? rules
+            @_rules = rules if rules_array?(rules)
           end
 
           # Build rules from hash
@@ -99,7 +99,7 @@ module Contrast
           # @param item [Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule]
           # @return itself [Array<Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule>]
           def << item
-            return itself unless item.instance_of? Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule
+            return itself unless item.instance_of?(Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule)
 
             super
           end

data/lib/contrast/agent/reporting/settings/sensitive_data_masking_rule.rb

@@ -37,7 +37,7 @@ module Contrast
           # @param words_array [Array<String>]
           # @return keywords [Array<String>] set of keywords
           def keywords= words_array
-            @_keywords = words_array if string_array? words_array
+            @_keywords = words_array if string_array?(words_array)
           end
 
           private
@@ -49,7 +49,7 @@ module Contrast
           def string_array? array
             return false unless array.is_a?(Array) && array.any?
 
-            array.all? String
+            array.all?(String)
           end
         end
       end

data/lib/contrast/agent/reporting/settings/server_features.rb

@@ -27,7 +27,7 @@ module Contrast
           # @param log_level [String]
           # @return log_level [String] [ ERROR, WARN, INFO, DEBUG, TRACE ]
           def log_level= log_level
-            @_log_level = log_level if log_level.is_a? String
+            @_log_level = log_level if log_level.is_a?(String)
           end
 
           # Where to log the agent's log file, if set by the user. Overridden by agent.logger.path
@@ -43,7 +43,7 @@ module Contrast
           # @param log_file [String] path
           # @return log_file [String] path
           def log_file= log_file
-            @_log_file = log_file if log_file.is_a? String
+            @_log_file = log_file if log_file.is_a?(String)
           end
 
           # Controls for the reporting of telemetry events from the agent to TeamServer.

data/lib/contrast/agent/request.rb

@@ -34,6 +34,8 @@ module Contrast
       LAST_REST_TOKEN = %r{/\d+$}.cs__freeze
       INNER_NUMBER_MARKER = '/{n}/'
       LAST_NUMBER_MARKER = '/{n}'
+      STATIC_SUFFIXES = /\.(?:js|css|jpeg|jpg|gif|png|ico|woff|svg|pdf|eot|ttf|jar)$/i.cs__freeze
+      MEDIA_TYPE_MARKERS = %w[image/ text/css text/javascript].cs__freeze
 
       attr_reader :rack_request
       attr_accessor :route, :observed_route, :new_observed_route
@@ -181,8 +183,6 @@ module Contrast
         @_hash_id ||= Contrast::Utils::HashDigest.generate_request_hash(self)
       end
 
-      STATIC_SUFFIXES = /\.(?:js|css|jpeg|jpg|gif|png|ico|woff|svg|pdf|eot|ttf|jar)$/i.cs__freeze
-      MEDIA_TYPE_MARKERS = %w[image/ text/css text/javascript].cs__freeze
       # Utility method for checking if a request is for a static resource.
       # @return [Boolean] true, if the request is for a well-known static
       #  type as determined by the request suffix or the accept header.

data/lib/contrast/agent/request_context.rb

@@ -1,6 +1,7 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
+require 'contrast/api/dtm.pb'
 require 'contrast/utils/timer'
 require 'contrast/agent/request'
 require 'contrast/agent/response'
@@ -16,20 +17,6 @@ module Contrast
   module Agent
     # This class acts to encapsulate information about the currently executed request, making it available to the Agent
     # for the duration of the request in a standardized and normalized format which the Agent understands.
-    #
-    # @attr_reader timer [Contrast::Utils::Timer] when the context was created
-    # @attr_reader logging_hash [Hash] context used to log the request
-    # @attr_reader speedracer_input_analysis [Contrast::Api::Settings::InputAnalysis] the protect input analysis of
-    #   sources on this request
-    # @attr_reader request [Contrast::Agent::Request] our wrapper around the Rack::Request for this context
-    # @attr_reader response [Contrast::Agent::Response] our wrapper aroudn the Rack::Response or Array for this context,
-    #   only available after the application has finished its processing
-    # @attr_reader activity [Contrast::Api::Dtm::Activity] the application activity found in this request
-    # @attr_reader server_activity [Contrast::Api::Dtm::ServerActivity] the server activity found in this request
-    # @attr_reader route [Contrast::Api::Dtm::RouteCoverage] the route, used for findings, of this request
-    # @attr_reader observed_route [Contrast::Api::Dtm::ObservedRoute] the route, used for coverage, of this request
-    # @attr_reader new_observed_route [Contrast::Agent::Reporting::ObservedRoute] the route, used for coverage, of this
-    # request
     class RequestContext
       include Contrast::Components::Logger::InstanceMethods
       include Contrast::Components::Scope::InstanceMethods
@@ -37,10 +24,28 @@ module Contrast
       include Contrast::Agent::RequestContextExtend
 
       EMPTY_INPUT_ANALYSIS_PB = Contrast::Api::Settings::InputAnalysis.new
-      INPUT_ANALYSIS = Contrast::Agent::Reporting::InputAnalysis.new
 
-      attr_reader :activity, :logging_hash, :observed_route, :new_observed_route, :request, :response, :route,
-                  :speedracer_input_analysis, :agent_input_analysis, :server_activity, :timer
+      # @return [Contrast::Api::Dtm::Activity] the application activity found in this request
+      attr_reader :activity
+      # @return [Hash] context used to log the request
+      attr_reader :logging_hash
+      # @return [Contrast::Agent::Reporting::ObservedRoute] the route, used for coverage, of this request
+      attr_reader :new_observed_route
+      # @return [Contrast::Api::Dtm::ObservedRoute] the route, used for coverage, of this request
+      attr_reader :observed_route
+      # @return [Contrast::Agent::Request] our wrapper around the Rack::Request for this context
+      attr_reader :request
+      # @return [Contrast::Agent::Response] our wrapper around the Rack::Response or Array for this context,
+      #   only available after the application has finished its processing
+      attr_reader :response
+      # @return [Contrast::Api::Dtm::RouteCoverage] the route, used for findings, of this request
+      attr_reader :route
+      # @return [Contrast::Api::Dtm::ServerActivity] the server activity found in this request
+      attr_reader :server_activity
+      # @return [Contrast::Api::Settings::InputAnalysis] the protect input analysis of sources on this request
+      attr_reader :speedracer_input_analysis
+      # @return [Contrast::Utils::Timer] when the context was created
+      attr_reader :timer
 
       def initialize rack_request, app_loaded: true
         with_contrast_scope do
@@ -61,8 +66,7 @@ module Contrast
           @speedracer_input_analysis = EMPTY_INPUT_ANALYSIS_PB
           speedracer_input_analysis.request = request
 
-          @agent_input_analysis = INPUT_ANALYSIS
-          agent_input_analysis.request = request
+          # TODO: RUBY-1627
 
           # flag to indicate whether the app is fully loaded
           @app_loaded = !!app_loaded

data/lib/contrast/agent/request_context_extend.rb

@@ -82,9 +82,10 @@ module Contrast
         handle_protect_state(service_response)
         ia = service_response.input_analysis
         if ia
-          service_extract_logging ia
+          service_extract_logging(ia)
+          # TODO: RUBY-1629
           # using Agent analysis
-          initialize_agent_input_analysis request
+          # initialize_agent_input_analysis request
 
           @speedracer_input_analysis = ia
           speedracer_input_analysis.request = request
@@ -93,7 +94,7 @@ module Contrast
           false
         end
       rescue Contrast::SecurityException => e
-        raise e
+        raise(e)
       rescue StandardError => e
         logger.warn('Unable to extract Contrast Service information from request', e)
         false
@@ -115,7 +116,7 @@ module Contrast
         # If Contrast Service has NOT handled the input analysis, handle them here
         build_attack_results(agent_settings)
         logger.debug('Contrast Service said to block this request')
-        raise Contrast::SecurityException.new(nil, (state.security_message || 'Blocking suspicious behavior'))
+        raise(Contrast::SecurityException.new(nil, (state.security_message || 'Blocking suspicious behavior')))
       end
 
       # append anything we've learned to the request seen message this is the sum-total of all inventory information
@@ -147,7 +148,7 @@ module Contrast
 
       # This here is for things we don't have implemented
       def log_to_cef
-        activity.results.each { |attack_result| logging_logic attack_result, attack_result.rule_id.downcase }
+        activity.results.each { |attack_result| logging_logic(attack_result, attack_result.rule_id.downcase) }
       end
 
       # @param input_analysis [Contrast::Api::Settings::InputAnalysis]
@@ -172,7 +173,7 @@ module Contrast
           next unless rule
 
           logger.debug(BUILD_ATTACK_LOGGER_MESSAGE, result: ia_result.inspect) if logger.debug?
-          results_by_rule[rule_id] = attack_result rule, rule_id, ia_result, results_by_rule
+          results_by_rule[rule_id] = attack_result(rule, rule_id, ia_result, results_by_rule)
         end
 
         results_by_rule.each_pair do |_, attack_result|
@@ -199,20 +200,6 @@ module Contrast
                           end
       end
 
-      # Sets request to be used with agent and service input analysis.
-      #
-      # @param request [Contrast::Agent::Request] our wrapper around the Rack::Request
-      # for this context
-      def initialize_agent_input_analysis request
-        # using Agent analysis
-        ia = Contrast::Agent::Protect::InputAnalyzer.analyse request
-        if ia
-          @agent_input_analysis = ia
-        else
-          logger.trace('Analysis from Agent was empty.')
-        end
-      end
-
       def logging_logic result, rule_id
         rules = %w[bot_blocker virtual_patch ip_denylist]
         return unless rules.include?(rule_id)
@@ -221,14 +208,14 @@ module Contrast
         outcome = Contrast::Api::Dtm::AttackResult::ResponseType.get_name_by_tag(result.response)
         case rule_id
         when /bot_blocker/i
-          blocker_to_json = Contrast::Api::Dtm::BotBlockerDetails.to_controlled_hash rule_details
+          blocker_to_json = Contrast::Api::Dtm::BotBlockerDetails.to_controlled_hash(rule_details)
           cef_logger.bot_blocking_message(blocker_to_json, outcome)
         when /virtual_patch/i
-          virtual_patch_to_json = Contrast::Api::Dtm::VirtualPatchDetails.to_controlled_hash rule_details
+          virtual_patch_to_json = Contrast::Api::Dtm::VirtualPatchDetails.to_controlled_hash(rule_details)
           cef_logger.virtual_patch_message(virtual_patch_to_json, outcome)
         when /ip_denylist/i
           sender_ip = extract_sender_ip
-          ip_denylist_to_json = Contrast::Api::Dtm::IpDenylistDetails.to_controlled_hash rule_details
+          ip_denylist_to_json = Contrast::Api::Dtm::IpDenylistDetails.to_controlled_hash(rule_details)
           return unless sender_ip
           return unless sender_ip.include?(ip_denylist_to_json[:ip])
 

data/lib/contrast/agent/request_handler.rb

@@ -54,7 +54,7 @@ module Contrast
         return unless reporter
 
         # Mask Sensitive Data
-        Contrast::Agent::Reporting::Masker.mask context.activity
+        Contrast::Agent::Reporting::Masker.mask(context.activity)
 
         Contrast::Agent::Inventory::DependencyUsageAnalysis.instance.generate_library_usage(context.activity)
         [

data/lib/contrast/agent/rule_set.rb

@@ -23,7 +23,7 @@ module Contrast
         end
       rescue Contrast::SecurityException => e
         logger.warn('RASP threw security exception in prefilter', e)
-        raise e
+        raise(e)
       rescue StandardError => e
         logger.error('Unexpected exception during prefilter', e)
       end
@@ -39,7 +39,7 @@ module Contrast
         end
       rescue Contrast::SecurityException => e
         logger.warn('RASP threw security exception in postfilter', e)
-        raise e
+        raise(e)
       rescue StandardError => e
         logger.error('Unexpected exception during postfilter', e)
       end

data/lib/contrast/agent/scope.rb

@@ -142,7 +142,7 @@ module Contrast
         # @param scope_sym [Symbol] scope to check.
         # @return [Boolean] true | false
         def valid_scope? scope_sym
-          Contrast::Agent::Scope::SCOPE_LIST.include? scope_sym
+          Contrast::Agent::Scope::SCOPE_LIST.include?(scope_sym)
         end
       end
     end