contrast-agent 6.6.4 → 6.6.5

data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb

@@ -6,6 +6,8 @@ require 'contrast/agent/protect/rule/deserialization'
 require 'contrast/agent/protect/rule/http_method_tampering'
 require 'contrast/agent/protect/rule/no_sqli'
 require 'contrast/api/dtm.pb'
+require 'contrast/agent/reporting/attack_result/user_input'
+require 'contrast/agent/reporting/attack_result/response_type'
 require 'contrast/components/logger'
 
 module Contrast
@@ -16,12 +18,20 @@ module Contrast
       class ApplicationDefendAttackSample
         include Contrast::Agent::Reporting::InputType
 
-        # @return [Hash] => start: ms, elapsed: ms
-        attr_reader :time_stamp
+        # @return [Contrast::Agent::Reporting::UserInput]
+        attr_accessor :user_input
+        # @return [Array<Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack>]
+        attr_reader :stack
+        # Details are per rule specific and should be set when the sample is build
+        #
+        # @return [Contrast::Agent::Reporting::Details::ProtectRuleDetails, {}]
+        attr_accessor :details
+        # @return [Integer] time in ms
+        attr_accessor :time_stamp
 
         class << self
-          # @param attack_result [Contrast::Api::Dtm::AttackResult]
-          # @param attack_sample [Contrast::Api::Dtm::RaspRuleSample]
+          # @param attack_result [Contrast::Agent::Reporting::AttackResult]
+          # @param attack_sample [Contrast::Agent::Reporting::ApplicationDefendAttackSample]
           def convert attack_result, attack_sample
             activity = new
             activity.attach_data(attack_result, attack_sample)
@@ -30,151 +40,62 @@ module Contrast
         end
 
         def initialize
+          @time_stamp = Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0 # in ms
           @blocked = false
           @event_type = :application_defend_attack_sample
+          @user_input = Contrast::Agent::Reporting::UserInput.new
+          @request = Contrast::Agent::REQUEST_TRACKER.current&.activity&.request
+          @stack = Contrast::Utils::StackTraceUtils.build_protect_report_stack_array
+          @details = {}
         end
 
         def to_controlled_hash
           {
               blocked: @blocked,
-              input: @input,
-              details: @details,
+              input: build_input(@user_input),
+              details: @details&.to_controlled_hash,
               request: @request&.to_controlled_hash,
               stack: @stack&.map(&:to_controlled_hash),
-              timestamp: time_stamp
+              timestamp: build_time_stamp
           }
         end
 
-        # @param attack_result [Contrast::Api::Dtm::AttackResult]
-        # @param attack_sample [Contrast::Api::Dtm::RaspRuleSample]
-        def attach_data attack_result, attack_sample
-          @blocked = attack_result.response == ::Contrast::Api::Dtm::AttackResult::ResponseType::BLOCKED
-          @input = build_input(attack_sample)
-          @details = build_details(attack_result.rule_id, attack_sample)
-          @time_stamp = build_time_stamp(attack_sample.timestamp_ms)
-          @request = FindingRequest.convert(Contrast::Agent::REQUEST_TRACKER.current&.request)
-          @stack = Contrast::Utils::StackTraceUtils.build_protect_report_stack_array
-        end
-
-        # @param start [Integer]
-        # @return [Hash]
-        def build_time_stamp start
-          {
-              start: start,
-              elapsed: Contrast::Utils::Timer.now_ms - start
-          }
+        # @param response_type [Contrast::Api::Dtm::AttackResult::ResponseType]
+        # @return [Boolean] check if response type is blocked
+        def blocked? response_type
+          @blocked = response_type == Contrast::Agent::Reporting::ResponseType::BLOCKED
         end
 
-        # @param attack_sample [Contrast::Api::Dtm::RaspRuleSample]
-        def build_input attack_sample
-          user_input = attack_sample.user_input
+        # @param user_input [Contrast::Agent::Reporting::UserInput]
+        def build_input user_input
           {
               documentPath: user_input.path,
-              documentType: build_document_type(user_input.document_type),
+              documentType: user_input.document_type.to_s,
               filters: user_input.matcher_ids,
               name: user_input.key,
-              time: attack_sample.timestamp_ms,
-              type: build_input_type(user_input.input_type),
+              time: time_stamp,
+              type: user_input.input_type.to_s,
               value: user_input.value
           }
         end
 
-        # Convert the document type api enum to a String constant TeamServer can understand.
-        #
-        # @param type_enum [::Contrast::Api::Dtm::HttpRequest::DocumentType]
-        # @return [String]
-        def build_document_type type_enum
-          case type_enum
-          when ::Contrast::Api::Dtm::HttpRequest::DocumentType::JSON
-            'JSON'
-          when ::Contrast::Api::Dtm::HttpRequest::DocumentType::XML
-            'XML'
-          else
-            'NORMAL'
-          end
-        end
-
-        # Convert the input type api enum to a String constant TeamServer can understand.
-        #
-        # @param type_enum [when ::Contrast::Api::Dtm::UserInput::InputType]
-        # @return [String]
-        def build_input_type type_enum
-          case type_enum
-          when ::Contrast::Api::Dtm::UserInput::InputType::UNDEFINED_TYPE
-            'UNDEFINED_TYPE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::BODY
-            'BODY'
-          when ::Contrast::Api::Dtm::UserInput::InputType::COOKIE_NAME
-            'COOKIE_NAME'
-          when ::Contrast::Api::Dtm::UserInput::InputType::COOKIE_VALUE
-            'COOKIE_VALUE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::HEADER
-            'HEADER'
-          when ::Contrast::Api::Dtm::UserInput::InputType::PARAMETER_NAME
-            'PARAMETER_NAME'
-          when ::Contrast::Api::Dtm::UserInput::InputType::PARAMETER_VALUE
-            'PARAMETER_VALUE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::QUERYSTRING
-            'QUERYSTRING'
-          when ::Contrast::Api::Dtm::UserInput::InputType::URI
-            'URI'
-          when ::Contrast::Api::Dtm::UserInput::InputType::SOCKET
-            'SOCKET'
-          when ::Contrast::Api::Dtm::UserInput::InputType::JSON_VALUE
-            'JSON_VALUE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::JSON_ARRAYED_VALUE
-            'JSON_ARRAYED_VALUE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::MULTIPART_CONTENT_TYPE
-            'MULTIPART_CONTENT_TYPE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::MULTIPART_VALUE
-            'MULTIPART_VALUE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::MULTIPART_FIELD_NAME
-            'MULTIPART_FIELD_NAME'
-          when ::Contrast::Api::Dtm::UserInput::InputType::MULTIPART_NAME
-            'MULTIPART_NAME'
-          when ::Contrast::Api::Dtm::UserInput::InputType::XML_VALUE
-            'XML_VALUE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::DWR_VALUE
-            'DWR_VALUE'
-          when ::Contrast::Api::Dtm::UserInput::InputType::METHOD
-            'METHOD'
-          when ::Contrast::Api::Dtm::UserInput::InputType::REQUEST
-            'REQUEST'
-          when ::Contrast::Api::Dtm::UserInput::InputType::URL_PARAMETER
-            'URL_PARAMETER'
-          else # ::Contrast::Api::Dtm::UserInput::InputType::UNKNOWN
-            'UNKNOWN'
-          end
+        # @param attack_result [Contrast::Agent::Reporting::AttackResult]
+        # @param attack_sample [Contrast::Agent::Reporting::RaspRuleSample]
+        def attach_data attack_result, attack_sample
+          @blocked = attack_result.response == ::Contrast::Agent::Reporting::ResponseType::BLOCKED
+          @user_input = attack_sample.user_input
+          @details = attack_sample.details
+          @time_stamp = attack_sample.time_stamp
+          @request = FindingRequest.convert(Contrast::Agent::REQUEST_TRACKER.current&.request)
+          @stack = Contrast::Utils::StackTraceUtils.build_protect_report_stack_array
         end
 
-        # This is a temporary method to facilitate the translation of API details to Reporting details. As we move off
-        # of protobuf, this responsibility should shift from this class to the individual rules, as they do today when
-        # they populate their details in Contrast::Api::Dtm::RaspRuleSample
-        #
-        # @param rule_id [String]
-        # @param attack_sample [Contrast::Api::Dtm::RaspRuleSample]
-        # @return [Hash] the details for this specific rule
-        def build_details rule_id, attack_sample
-          case rule_id
-          when Contrast::Agent::Protect::Rule::CmdInjection::NAME
-            Contrast::Agent::Protect::Rule::CmdInjection.extract_details(attack_sample)
-          when Contrast::Agent::Protect::Rule::Deserialization::NAME
-            Contrast::Agent::Protect::Rule::Deserialization.extract_details(attack_sample)
-          when Contrast::Agent::Protect::Rule::HttpMethodTampering::NAME
-            Contrast::Agent::Protect::Rule::HttpMethodTampering.extract_details(attack_sample)
-          when Contrast::Agent::Protect::Rule::NoSqli::NAME
-            Contrast::Agent::Protect::Rule::NoSqli.extract_details(attack_sample)
-          when Contrast::Agent::Protect::Rule::PathTraversal::NAME
-            Contrast::Agent::Protect::Rule::PathTraversal.extract_details(attack_sample)
-          when Contrast::Agent::Protect::Rule::Sqli::NAME
-            Contrast::Agent::Protect::Rule::Sqli.extract_details(attack_sample)
-          when Contrast::Agent::Protect::Rule::Xss::NAME
-            Contrast::Agent::Protect::Rule::Xss.extract_details(attack_sample)
-          when Contrast::Agent::Protect::Rule::Xxe::NAME
-            Contrast::Agent::Protect::Rule::Xxe.extract_details(attack_sample)
-          else # something unknown or Contrast::Agent::Protect::Rule::UnsafeFileUpload::NAME
-            Contrast::Utils::ObjectShare::EMPTY_HASH
-          end
+        # @return [Hash]
+        def build_time_stamp
+          {
+              start: time_stamp,
+              elapsed: Contrast::Utils::Timer.now_ms - time_stamp
+          }
         end
       end
     end

data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb

@@ -16,21 +16,11 @@ module Contrast
         # @return [Hash<Integer,Integer>] map of time from start in seconds to number of attacks in that second
         attr_reader :time_map
 
-        class << self
-          # @param attack_result [Contrast::Api::Dtm::AttackResult]
-          def convert attack_result
-            activity = new
-            activity.attach_data(attack_result)
-            activity
-          end
-        end
-
         def initialize
           @samples = []
           @start_time = Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0 # in ms
           @event_type = :application_defend_attack_sample_activity
           @time_map = Hash.new { |h, k| h[k] = 0 }
-          super
         end
 
         def to_controlled_hash
@@ -42,17 +32,16 @@ module Contrast
           }
         end
 
-        # @param attack_result [Contrast::Api::Dtm::AttackResult]
+        # @param attack_result [Contrast::Agent::Reporting::AttackResult]
         def attach_data attack_result
           attack_result.samples.each do |attack_sample|
             base_time = Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0
-            dmt_time = attack_sample.timestamp_ms.to_i
-            converted = Contrast::Agent::Reporting::ApplicationDefendAttackSample.convert(attack_result, attack_sample)
-            samples << converted
-            @start_time = if dmt_time.zero?
+            sample_time = attack_sample.time_stamp.to_i
+            samples << Contrast::Agent::Reporting::ApplicationDefendAttackSample.convert(attack_result, attack_sample)
+            @start_time = if sample_time.zero?
                             @start_time
                           else
-                            dmt_time
+                            sample_time
                           end
             attack_second = (@start_time - base_time) / 1000 # in seconds
             time_map[attack_second] += 1

data/lib/contrast/agent/reporting/reporting_events/application_defend_attacker_activity.rb

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 
 require 'contrast/components/logger'
+require 'contrast/utils/object_share'
 require 'contrast/agent/reporting/reporting_events/application_defend_attack_activity'
 
 module Contrast
@@ -12,7 +13,7 @@ module Contrast
       class ApplicationDefendAttackerActivity
         # @return [Hash<String,Contrast::Agent::Reporting::ApplicationDefendAttackActivity>] map of rule-id to violated
         #   samples for that rule
-        attr_reader :protection_rules
+        attr_accessor :protection_rules
         # @return [String, nil] the IP address of the request from which the attack originated; used to identify unique
         #   attackers
         attr_reader :source_ip
@@ -20,25 +21,14 @@ module Contrast
         #   identify unique attackers
         attr_reader :source_forwarded_for
 
-        class << self
-          # @param attack_result_dtm [Contrast::Api::Dtm::AttackResult]
-          # @return [Contrast::Agent::Reporting::ApplicationDefendAttackerActivity]
-          def convert attack_result_dtm
-            activity = new
-            activity.attach_data(attack_result_dtm)
-            activity
-          end
-        end
-
         def initialize
           @protection_rules = {}
-          req = Contrast::Agent::REQUEST_TRACKER.current.activity.http_request
+          req = Contrast::Agent::REQUEST_TRACKER.current&.request
           if req
-            @source_ip = req.sender.ip
-            @source_forwarded_for = req.request_headers['X-Forwarded-For']
+            @source_ip = req.ip || Contrast::Utils::ObjectShare::EMPTY_STRING
+            @source_forwarded_for = req.headers['X-Forwarded-For']
           end
           @event_type = :application_defend_attacker_activity
-          super
         end
 
         def to_controlled_hash
@@ -51,10 +41,12 @@ module Contrast
           }
         end
 
-        # @param attack_result [Contrast::Api::Dtm::AttackResult]
+        # @param attack_result [Contrast::Agent::Reporting::AttackResult]
         def attach_data attack_result
-          @protection_rules[attack_result.rule_id] =
-            Contrast::Agent::Reporting::ApplicationDefendAttackActivity.convert(attack_result)
+          @protection_rules[attack_result.rule_id] = Contrast::Agent::Reporting::ApplicationDefendAttackActivity.new.
+              tap do |activity|
+            activity.attach_data(attack_result)
+          end
         end
 
         def process_protection_rules

data/lib/contrast/agent/reporting/reporting_events/application_inventory_activity.rb

@@ -18,16 +18,6 @@ module Contrast
         # @ return [Array<String>, nil] - User-Agent Header value
         attr_reader :browsers
 
-        class << self
-          # @param activity_dtm [Contrast::Api::Dtm::ApplicationActivity]
-          # @return [Contrast::Agent::Reporting::ApplicationInventoryActivity]
-          def convert activity_dtm
-            inventory = new
-            inventory.attach_data(activity_dtm)
-            inventory
-          end
-        end
-
         def initialize
           @event_type = :application_inventory_activity
           @browsers = []
@@ -43,11 +33,13 @@ module Contrast
           }
         end
 
-        def attach_data activity
-          activity.architectures.each do |architecture|
-            @components << Contrast::Agent::Reporting::ArchitectureComponent.convert(architecture)
+        # @param architectures [Array<Contrast::Agent::Reporting::ArchitectureComponent>,
+        # Contrast::Agent::Reporting::ArchitectureComponent]
+        def attach_data architectures
+          Array(architectures).each do |architecture|
+            @components << architecture
           end
-          request_headers = activity.http_request&.request_headers
+          request_headers = Contrast::Agent::REQUEST_TRACKER.current&.request&.headers
           @browsers << request_headers['USER_AGENT'] if request_headers
         end
 

data/lib/contrast/agent/reporting/reporting_events/architecture_component.rb

@@ -20,36 +20,45 @@ module Contrast
       class ArchitectureComponent
         include Contrast::Components::Logger::InstanceMethods
         # required attributes
-        attr_reader :type, :url
+        attr_accessor :type, :url
         # optional attributes
-        attr_reader :remote_host, :remote_port, :vendor
+        attr_accessor :remote_host, :remote_port, :vendor
 
         # TeamServer only treats these specific values as valid for Architecture Components. It does not know how to
         # process a message with a different type.
+        AC_TYPE_DB = 'db'
         VALID_TYPES = %w[db ldap ws].cs__freeze
 
+        # class << self
+        #   # Convert a DTM for SpeedRacer to an Event for TeamServer.
+        #   #
+        #   # @param component_dtm [Contrast::Api::Dtm::ArchitectureComponent]
+        #   # @return [Contrast::Agent::Reporting::ArchitectureComponent]
+        #   def convert component_dtm
+        #     report = new
+        #     report.attach_data(component_dtm)
+        #     report
+        #   end
+        # end
+
         class << self
-          # Convert a DTM for SpeedRacer to an Event for TeamServer.
-          #
-          # @param component_dtm [Contrast::Api::Dtm::ArchitectureComponent]
-          # @return [Contrast::Agent::Reporting::ArchitectureComponent]
-          def convert component_dtm
-            report = new
-            report.attach_data(component_dtm)
-            report
+          def build_database
+            msg = new
+            msg.type = AC_TYPE_DB
+            msg
           end
         end
 
-        # Attach the data from the protobuf models to this reporter so that it can be sent to TeamServer directly.
-        #
-        # @param component_dtm [Contrast::Api::Dtm::ArchitectureComponent]
-        def attach_data component_dtm
-          @remote_host = component_dtm.remote_host
-          @remote_port = component_dtm.remote_port
-          @type = component_dtm.type
-          @url = component_dtm.url
-          @vendor = component_dtm.vendor
-        end
+        # # Attach the data from the protobuf models to this reporter so that it can be sent to TeamServer directly.
+        # #
+        # # @param component_dtm [Contrast::Api::Dtm::ArchitectureComponent]
+        # def attach_data component_dtm
+        #   @remote_host = component_dtm.remote_host
+        #   @remote_port = component_dtm.remote_port
+        #   @type = component_dtm.type
+        #   @url = component_dtm.url
+        #   @vendor = component_dtm.vendor
+        # end
 
         # Convert the instance variables on the class, and other information, into the identifiers required for
         # TeamServer to process the JSON form of this message.

data/lib/contrast/agent/reporting/reporting_events/finding_request.rb

@@ -13,10 +13,12 @@ module Contrast
       class FindingRequest
         include Contrast::Components::Logger::InstanceMethods
 
+        OMITTED_BODY = '{{body-omitted-by-contrast}}'
+
         # @return [String] the body of this request
-        attr_reader :body
+        attr_accessor :body
         # @return [Hash<String,Array<String>>] the headers of this request
-        attr_reader :headers
+        attr_accessor :headers
         # @return [String] the HTTP verb of this request
         attr_reader :method
         # @return [Hash<String,Array<String>>] the parameters of this request
@@ -26,16 +28,27 @@ module Contrast
         # @return [String] the HTTP(S) protocol of this request
         attr_reader :protocol
         # @return [String] the query string of this request
-        attr_reader :query_string
+        attr_accessor :query_string
         # @return [String] the url, including path and script, of this request
         attr_reader :uri
         # @return [String] the HTTP version of this request
         attr_reader :version
+        # @return [Integer]
+        attr_reader :ip
+        # @return [String] Byte representation of the body
+        attr_accessor :body_binary
+        # @return [Hash]
+        attr_reader :cookies
+        # REMOVE_DTM_REQUEST
+        # @return [Contrast::Api::Dtm::RawRequest]
+        attr_reader :dtm
 
         class << self
           # @param request [Contrast::Agent::Request]
           # @return [Contrast::Agent::Reporting::FindingRequest]
           def convert request
+            return unless request
+
             report = new
             report.attach_data(request)
             report
@@ -47,15 +60,11 @@ module Contrast
         #
         # @param request [Contrast::Agent::Request]
         def attach_data request
+          # REMOVE_DTM_REQUEST
+          @dtm = request.dtm
           @body = request.body
           @headers = {}
-          request.headers.each_pair do |key, value|
-            # We need to change from the uppercase _ format to capitalized - format.
-            header = key.split('_')
-            header.each(&:capitalize!)
-            header = header.join('-')
-            headers[header] = value.split
-          end
+          extract_headers(request)
           @method = request.request_method
           @parameters = {}
           request.parameters.each_pair { |key, value| @parameters[key] = Array(value) }
@@ -64,6 +73,14 @@ module Contrast
           @query_string = request.query_string
           @uri = request.normalized_uri
           @version = request.version
+          @ip = request.ip || ''
+          @body_binary = if omit_body?(request)
+                           OMITTED_BODY
+                         else
+                           Contrast::Utils::StringUtils.force_utf8(request.body)
+                         end
+          @cookies = {}
+          @cookies = request.cookies unless request.cookies.empty?
         end
 
         # Convert the instance variables on the class, and other information, into the identifiers required for
@@ -92,12 +109,30 @@ module Contrast
           }
         end
 
+        def omit_body? request
+          return true if ::Contrast::AGENT.omit_body?
+          return false if request.document_type != :NORMAL
+
+          request.media_type&.include?('multipart/form-data')
+        end
+
         def validate
           unless method && !method.empty? # rubocop:disable Security/Object/Method
             raise(ArgumentError, "#{ self } did not have a proper method. Unable to continue.")
           end
           raise(ArgumentError, "#{ self } did not have a proper uri. Unable to continue.") unless uri && !uri.empty?
         end
+
+        # @param request [Contrast::Agent::Request]
+        def extract_headers request
+          request.headers.each_pair do |key, value|
+            # We need to change from the uppercase _ format to capitalized - format.
+            header = key.split('_')
+            header.each(&:capitalize!)
+            header = header.join('-')
+            headers[header] = value.split
+          end
+        end
       end
     end
   end

data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb

@@ -18,12 +18,6 @@ module Contrast
             dtm.cs__is_a?(Contrast::Api::Dtm::Finding)
           end
 
-          # @param dtm [Contrast::Api::Dtm::Finding,Object]
-          # @return [Boolean]
-          def activity? dtm
-            dtm.cs__is_a?(Contrast::Api::Dtm::Activity)
-          end
-
           # Converts DTM message to Reporting Event for those messages that have conversion methods crated. We use this
           # as we work to move away from requiring the Service.
           #
@@ -32,7 +26,6 @@ module Contrast
           def dtm_to_event dtm
             # For the others, we convert them.
             return Contrast::Agent::Reporting::Finding.convert(dtm) if finding?(dtm)
-            return Contrast::Agent::Reporting::ApplicationActivity.convert(dtm) if activity?(dtm)
 
             nil
           end

data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb

@@ -43,7 +43,6 @@ module Contrast
         # @param connection [Net::HTTP] open connection
         def startup! connection
           return if status.startup_messages_sent?
-          return unless Contrast::Agent::Reporter.enabled?
 
           send_agent_startup(connection)
         end
@@ -57,6 +56,8 @@ module Contrast
         def send_event event, connection
           return unless connection
 
+          logger.debug('Preparing to send reporting event', event_class: event.cs__class)
+
           request = build_request(event)
           response = connection.request(request)
           audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable

data/lib/contrast/agent/request.rb

@@ -142,6 +142,8 @@ module Contrast
         @_body
       end
 
+      # REMOVE_DTM_REQUEST
+      #
       # Unlike most of our translation, which is called where needed for each
       # message and forgotten, we'll leave this method to call the build as we
       # don't want to pay to reconstruct the DTM for this Request multiple

data/lib/contrast/agent/request_context.rb

@@ -12,6 +12,7 @@ require 'contrast/utils/request_utils'
 require 'contrast/agent/request_context_extend'
 require 'contrast/agent/reporting/reporting_events/observed_route'
 require 'contrast/agent/reporting/input_analysis/input_analysis'
+require 'contrast/agent/reporting/reporting_events/application_activity'
 
 module Contrast
   module Agent
@@ -25,8 +26,12 @@ module Contrast
 
       EMPTY_INPUT_ANALYSIS_PB = Contrast::Api::Settings::InputAnalysis.new
 
-      # @return [Contrast::Api::Dtm::Activity] the application activity found in this request
+      # @return [Contrast::Agent::Reporting:ApplicationActivity] the application activity found in this request
       attr_reader :activity
+      # REMOVE once findings and routes are done.
+      #
+      # @return [Contrast::Api::Dtm::Activity] the application activity found in this request
+      attr_reader :dtm_activity
       # @return [Hash] context used to log the request
       attr_reader :logging_hash
       # @return [Contrast::Agent::Reporting::ObservedRoute] the route, used for coverage, of this request
@@ -53,9 +58,13 @@ module Contrast
 
           # instantiate helper for request and response
           @request = Contrast::Agent::Request.new(rack_request)
+          @activity = Contrast::Agent::Reporting::ApplicationActivity.new
 
-          @activity = Contrast::Api::Dtm::Activity.new
-          @activity.http_request = request.dtm
+          # REMOVE once findings and routes are done.
+          #
+          # We still need the activity to report routes and findings
+          @dtm_activity = Contrast::Api::Dtm::Activity.new
+          @dtm_activity.http_request = request.dtm
 
           # build analyzer
           @do_not_track = false
@@ -125,7 +134,7 @@ module Contrast
       end
 
       def reset_activity
-        @activity = Contrast::Api::Dtm::Activity.new(http_request: request.dtm)
+        @activity = Contrast::Agent::Reporting::ApplicationActivity.new
         @observed_route = Contrast::Agent::Reporting::ObservedRoute.new
       end