nessus_client 0.1.0 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1dda4cc05fbcee8eac14f8469f106944fa356ec74ecb31e3623c13338ec175f9
-  data.tar.gz: db9270a96eb7866357754b65e1d3e17c0c67d9fdc98e5d507104a44fee49ef31
+  metadata.gz: 97155cc8a1019ff1a15883a8b3749b6702a4baf9aed454655a3f92ea49d06c22
+  data.tar.gz: 35b2dc0e7b0bc0ca9f32e92ffcadc8e01fed7de5140f8a9637081c716201438d
 SHA512:
-  metadata.gz: d8c172bec3e3039644a3352dfa279e3799153351936b3d4b9ac86d90e87a31d9d151480e34ef7eb742258b77fdeb28066224216c07ae5a2cf31c9fb5771f8e8b
-  data.tar.gz: 74dff229a778e97680bde8f690c845e84767b3da1847459577a377d2cfea2febc35f53c8fd1aac1befce5138c450cc7092c3b71d5f35cd840edd516dd4012461
+  metadata.gz: 3f4be80be45b124d81426674079fef9315366e91114854e7e20caa0090df53ea9aeb2f60e8f18ebd57ecb3e811846ba5e17cd4b02ffdd8f258d65f2bc27be75b
+  data.tar.gz: 6de44d65aae4427ca4ae24a098012fb2131cc7cd506de51d601a7d5cfe7f058144f0391bfc6234d6fae1d3da3701fe63f761a579980b1c07713618398415e7fb

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,71 @@
+# The NessusClient - Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+  advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+All complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org

data/CONTRIBUTING.md

@@ -0,0 +1,7 @@
+
+## Contributing
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/README.md

@@ -1,14 +1,20 @@
-NessusApi
+NessusClient
 =========
-**Ruby wrapper for Nessus API**
 
-  * [Source Code]
-  * [API documentation]
-  * [Changelog]
-  * [Rubygem]
+Usable, fast, simple Ruby gem for Tenable Nessus Pro from v7.0.1 to  v8.3.1
+NessusClient was designed to be simple, fast and performant through communication with Nessus over REST interface.
 
+[![Gem Version](https://badge.fury.io/rb/nessus_client.svg)](https://badge.fury.io/rb/nessus_client)
+[![Maintainability](https://api.codeclimate.com/v1/badges/9cca9e4260cadd8ab98d/maintainability)](https://codeclimate.com/github/heyder/nessus_client/maintainability)
+[![codecov](https://codecov.io/gh/heyder/nessus_client/branch/master/graph/badge.svg)](https://codecov.io/gh/heyder/nessus_client)
+[![Inline docs](http://inch-ci.org/github/heyder/nessus_client.svg?branch=master)](http://inch-ci.org/github/heyder/nessus_client)
+
+**Ruby gem for Nessus API**
+
+  * [Source Code](https://github.com/heyder/nessus_client)
+  * [API documentation](https://rubydoc.info/github/heyder/nessus_client/master)
+  * [Rubygem](https://rubygems.org/gems/nessus_client)
 
-Ruby wrapper for Nessus API (all verions)
 
 ## Contact
 
@@ -22,17 +28,75 @@ with some common problems to check out before creating an issue.
 Getting started
 ---------------
 
+```ruby
+require 'nessus_client'
+
+nc = NessusClient.new( { :uri=>'https://localhost:8834', :username=>'username',:password=> 'password'} )
+status = nc.server_status 
+puts status
+puts nc.server_properties
+
+if status['status'] == 'ready'
+  scan_id = nc.get_scan_by_name('Monthly Scan')
+  scan_uuid = nc.launch_by_name( 'Monthly Scan', ['127.0.0.1'])['scan_uuid']
+
+  loop do
+   puts `clear`
+   scan_status = nc.scan_details( scan_id )["info"]["status"] 
+   puts " #{scan_id} - #{scan_uuid} - #{scan_status} "
+   sleep 5
+   if ["completed","canceled"].include? scan_status
+      export_request = nc.export_request(scan_id, "nessus" )
+      puts " export request: #{export_request}"
+      while true do
+        puts `clear`
+        export_status =  nc.token_status( export_request['token'])["status"]
+        puts " export status: #{export_status}"
+        sleep 5
+        if export_status == "ready"
+          puts " downloading..."
+          open("scan_report", "wb") do |file|
+            file.write(nc.token_download( export_request['token'] ))
+          end
+          exit 0
+        end
+      end
+   end
+  end
+end
+```
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'nessus_client'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install nessus_client
+
+## Requirements
 
+Requirements are Exon for HTTP(S) and Oj parsing:
 
+```ruby
+require 'excon'
+require 'oj'
+```
 
 ## Code of Conduct
 
 Everyone participating in this project's development, issue trackers and other channels is expected to follow our
-[Code of Conduct](./CODE_OF_CONDUCT.md)
+[Code of Conduct](./CODE_OF_CONDUCT.md).
 
 ## Contributing
 
-See the [contributing guide](https://github.com/heyder/nessus_client/blob/master/CONTRIBUTING.md).
+See the [contributing guide](./CONTRIBUTING.md).
 
 ## Copyright
 

data/lib/modules/exports.rb

@@ -1,15 +1,37 @@
-# require_relative '../nessus_client/request'
+# frozen_string_literal: true
 
-module NessusClient::Exports
- # export scans
-  def export_request( scan_id, format )
-    params = {:format => format }
-    self.request.post("/scans/#{scan_id}/export", params)
+# Namespace for Exports resource.
+module Resource::Exports
+  # Export the given scan. Once requested, the file can be downloaded using the Resource::Tokens.token_download method upon receiving a "ready" status from the Resource::Tokens#token_status method. You can also use the older Resource::Exports#export_status and Resource::Exports#export_download methods.
+  # @param [String] scan_id The export uuid string.
+  # @param [String] format The file format to use (Nessus, HTML, PDF, CSV, or DB).
+  # @return [JSON]
+  def export_request(scan_id, format = 'nessus')
+    payload = { format: format }
+    request.post({ path: "/scans/#{scan_id}/export", payload: payload, headers: headers })
   end
-  def export_status( export_id )
-    self.request.get("/tokens/#{export_id}/status")
+
+  # Check the file status of an exported scan. When an export has been requested, it is necessary to poll this resource until a "ready" status is returned, at which point the file is complete and can be downloaded using the export download resource.
+  # @param [String] scan_id The identifier for the scan. This identifier can be the either the 'schedule_uuid' or the numeric 'id' attribute for the scan. We recommend that you use 'schedule_uuid'.
+  # @param [String] file_id The ID of the file to poll (Included in response from #export_request).
+  # @return [JSON]
+  # @example Checking the status of a export.
+  #   export_status = nc.export_status( "15", "cd956" )
+  #   return true if export_status["status"] == "ready"
+  def export_status(scan_id, file_id)
+    request.get({ path: "/scans/#{scan_id}/export/#{file_id}/status", headers: headers })
   end
-  def export_download( export_id )
-    self.request.get("/tokens/#{export_id}/download")
+
+  # Download exported scan.
+  # @param [String] scan_id The identifier for the scan. This identifier can be the either the 'schedule_uuid' or the numeric 'id' attribute for the scan. We recommend that you use 'schedule_uuid'.
+  # @param [String] file_id The ID of the file to poll (Included in response from #export_request).
+  # @return [JSON]
+  # @example Download a ready export.
+  #   export = nc.export_download( '17', '46b78587')
+  #   open("scan_report", "wb") do |file|
+  #     file.write( export )
+  #   end
+  def export_download(scan_id, file_id)
+    request.get({ path: "/scans/#{scan_id}/export/#{file_id}/download", headers: headers })
   end
-end
+end

data/lib/modules/folders.rb

@@ -1,12 +1,18 @@
-# require_relative '../nessus_client/request'
+# frozen_string_literal: true
 
-module NessusClient::Folders
-# folders
+# Namespace for Folders resource.
+module Resource::Folders
+  # Get the list of folders from the resource.
+  # @return [JSON]
   def list_folders
-    self.request.get("/folders")
+    request.get({ path: '/folders', headers: headers })
   end
-  def create_folder( folder_name )
-    params = {:name => folder_name }.to_json
-    self.request.post("/folders", params)
+
+  # Create a folder into the resource.
+  # @param [String] folder_name The name of the folder the will be created.
+  # @return [JSON]
+  def create_folder(folder_name)
+    payload = { name: folder_name }
+    request.post({ path: '/folders', payload: payload, headers: headers })
   end
-end
+end

data/lib/modules/policies.rb

@@ -1,7 +1,43 @@
-# require_relative '../nessus_client/request'
+# frozen_string_literal: true
 
-module NessusClient::Policies
+# Namespace for Policies resource.
+module Resource::Policies
+  # List the scan polices.
+  # @return [JSON] list of policies.
   def policies
-    self.request.get( "/policies" )
+    request.get({ path: '/policies', headers: headers })
+  end
+
+  # Get id of a policy by its name.
+  # @param [String] policy name.
+  # @return [Integer] ID of a policy.
+  def get_policy_id_by_name(policy_name)
+    policies['policies'].each do |policy|
+      return policy['id'] if policy['name'] == policy_name
+    end
+  end
+
+  # Get a policy by its name.
+  # @param [String] policy name.
+  # @return [JSON] policy object.
+  def get_policy_by_name(policy_name)
+    policy_id = get_policy_id_by_name(policy_name)
+    request.get({ path: "/policies/#{policy_id}", headers: headers })
+  end
+
+  # Get a list of credentials from a policy.
+  # @param [String] policy name.
+  # @return [JSON] credential list
+  def list_credentials_by_policy_name(policy_name)
+    get_policy_by_name(policy_name)['credentials']
+  end
+
+  # update a scan policy.
+  # @param [String] policy name.
+  # @param [String] history_id (nil) The `history_id` of a scan.
+  # @return nil
+  def update_policy_by_name(policy_name, payload)
+    id = get_policy_id_by_name(policy_name)
+    request.put({ path: "/policies/#{id}", headers: headers, payload: payload })
   end
 end

data/lib/modules/scans.rb

@@ -1,27 +1,50 @@
+# frozen_string_literal: true
 
-module NessusClient::Scans
+# Namespace for Scans resource.
+module Resource::Scans
+  # List scans from the resource.
+  # @param [String] folder_id (nil) The name of a alredy created scan.
+  # @return [JSON]
+  def list_scans(folder_id = nil)
+    query = folder_id.nil? ? nil : { 'folder_id' => folder_id }
+    request.get({ path: '/scans', query: query, headers: headers })
+  end
+  alias scans list_scans
 
-  def list_scans( folder_id=nil )
-    query = folder_id.nil? ? nil : { "folder_id" => folder_id }
-    self.request.get( "/scans", nil, query )
+  # See details of a scan.
+  # @param [String] scan_id The `uuid` of a scan.
+  # @param [String] history_id (nil) The `history_id` of a scan.
+  # @return [JSON]
+  def scan_details(scan_id, history_id = nil)
+    query = history_id.nil? ? nil : { 'history_id' => history_id }
+    request.get({ path: "/scans/#{scan_id}", query: query, headers: headers })
   end
-  alias_method :scans, :list_scans 
 
-  def scan_details( scan_id, history_id=nil )
-    query = history_id.nil? ? nil : { "history_id" => history_id }
-    self.request.get( "/scans/#{scan_id}", nil, query )
+  # Lauch a scan by its id
+  # @param [Integer] scan_id The ID of a alredy created scan.
+  # @param [Array<String>] targets comma separeted new target to be scanned.
+  # @return [JSON]
+  def launch(scan_id, targets = [])
+    payload = { alt_targets: targets } unless targets.empty?
+    request.post({ path: "/scans/#{scan_id}/launch", payload: payload, headers: headers })
   end
 
-  def launch_by_name( scan_name, targets=[] )
-    scan_id = get_scan_by_name( scan_name )
-    params = { :alt_targets => targets } unless targets.empty?
-    self.request.post( "/scans/#{scan_id}/launch", params )
+  # Lauch a scan by its name
+  # @param [String] scan_name The name of a alredy created scan.
+  # @param [Array<String>] targets comma separeted new target to be scanned.
+  # @return [JSON]
+  def launch_by_name(scan_name, targets = [])
+    scan_id = get_scan_by_name(scan_name)
+    launch(scan_id, targets)
   end
 
-  def get_scan_by_name( folder_id=nil, name )
-    Oj.load(list_scans( folder_id ))["scans"].each do |scan|
-      return scan['id'] if scan['name'] == name
+  # Get a scan by its name
+  # @param [String] folder_id The id of the folder to look into.
+  # @param [String] scan_name The name of the scan to look for.
+  # @return [String, nil] The uuid of the scan.
+  def get_scan_by_name(scan_name, folder_id = nil)
+    list_scans(folder_id)['scans'].each do |scan|
+      return scan['id'] if scan['name'] == scan_name
     end
   end
-  
-end
+end

data/lib/modules/server.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+# Namespace for Server resource.
+module Resource::Server
+  # Returns the server status.
+  # @return [JSON] Returns the server status
+  def server_status
+    request.get({ path: '/server/status', headers: headers })
+  end
+
+  # Returns the server version and other properties.
+  # @return [JSON] Returns the server properties
+  def server_properties
+    request.get({ path: '/server/properties', headers: headers })
+  end
+end

data/lib/modules/session.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+# Namespace for Session resource.
+module Resource::Session
+  # @return [Boolean] whether has a session.
+  attr_reader :session
+
+  @session = false
+
+  # Autenticate into Nessus resource.
+  # @param [String] username
+  # @param [String] password
+  # @return [nil]
+  # @raise [NessusClient::Error] Unable to authenticate.
+  # @todo Validate response token format
+  def set_session(username, password)
+    payload = {
+      username: username,
+      password: password
+    }
+
+    resp = request.post({ path: '/session', payload: payload, headers: headers })
+    # binding.pry
+    if !resp.key?('token')
+      raise NessusClient::Error, 'Unable to authenticate.'
+    elsif !resp['token'].match(/(?<token>[a-z0-9]{48})/)
+      raise NessusClient::Error, 'The token doesnt match with the pattern.'
+    end
+
+    headers.update('X-Cookie' => 'token=' + resp['token'])
+    @session = true
+    api_token = set_api_token
+    headers.update('X-API-Token' => api_token) if api_token
+  rescue NessusClient::Error => e
+    raise e
+  end
+  alias session_create set_session
+
+  # Destroy the current session.
+  def destroy
+    request.delete({ path: '/session', headers: headers })
+    @session = false
+  end
+  alias logout destroy
+
+  private
+
+  # Set the API Token from legacy Nessus version
+  # @raise [NessusClient::Error] Unable to get API Token.
+  # @todo To get it direct from the session authentication on v6.x
+  def set_api_token
+    response = request.get({ path: '/nessus6.js', headers: headers })
+    response.match(/return"(\w{8}-(?:\w{4}-){3}\w{12})"\}/)
+    unless  Regexp.last_match(1)
+      raise NessusClient::Error, "Unable to get API Token. Some features won't work."
+    end
+  rescue NessusClient::Error => e
+    puts e.message
+  else
+    Regexp.last_match(1)
+  end
+end

data/lib/modules/tokens.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+# Namespace for tokens resource.
+module Resource::Tokens
+  # Check the status of a export request
+  # @param [String] export_uuid The export uuid string.
+  # @return [JSON]
+  # @example Checking the status of a export.
+  #   export_status = nc.export_status( "73376c41-1508-46b7-8587-483d159cd956" )
+  #   return true if export_status["status"] == "ready"
+  def token_status(export_uuid)
+    request.get({ path: "/tokens/#{export_uuid}/status", headers: headers })
+  end
+
+  # Check the download of a export request
+  # @param [String] export_uuid The export uuid string.
+  # @return [JSON] (@see #format)
+  # @example Download a ready export.
+  #   export = nc.export_download( '73376c41-1508-46b7-8587-483d159cd956')
+  #   open("scan_report", "wb") do |file|
+  #     file.write( export )
+  #   end
+  def token_download(export_uuid)
+    request.get({ path: "/tokens/#{export_uuid}/download", headers: headers })
+  end
+end

data/lib/nessus_client.rb

@@ -1,53 +1,54 @@
-# require 'pry'
+# frozen_string_literal: true
+
 require_relative 'nessus_client/version'
 require_relative 'nessus_client/exception'
+require_relative 'nessus_client/resource'
 
-Dir[File.join(__dir__, 'modules', '*.rb')].each { |file| require file }
+Dir[File.join(__dir__, 'modules', '*.rb')].sort.each { |file| require file }
 
+# Nessus resource abstraction.
 class NessusClient
-
-  attr_reader :request, :session
-  
-  include NessusClient::Scans
-  include NessusClient::Exports
-  include NessusClient::Folders
-  include NessusClient::Policies
-
-  autoload :Request, "nessus_client/request"
-  autoload :Session, "nessus_client/session"
-
-  def initialize( params={uri: nil, username: nil, password: nil, :ssl_verify_peer => false} )
-    @has_session = false
-    req_params = params.select {|key, value| [:uri, :ssl_verify_peer].include?(key) } 
-    # session_params = params.select {|key, value| [:username, :password].include?(key) } 
-
-    @request = NessusClient::Request.new( req_params )
-    @session = NessusClient::Session.create( params.fetch(:username), params.fetch(:password) )
-    
-    if @session.token
-      begin
-        @has_session = true
-        # NessusClient::Request.headers.update( 'X-Cookie' => 'token=' + api_session.token )
-        @request.headers.update( 'X-Cookie' => 'token=' + @session.token )
-        @session.set_api_token
-      rescue NessusClient::Error => err
-        puts err.message
-      else
-        request.headers.update( 'X-API-Token' => @session.api_token )
-      ensure
-        return
-      end
-
-    end
-
+  # @return [NessusClient::Request] Instance HTTP request object.
+  # @see NessusClient::Request
+  attr_reader :request
+  # @return [Boolean] whether has a session.
+  attr_reader :session
+  # @return [Hash] Instance current HTTP headers.
+  attr_reader :headers
+
+  include Resource::Exports
+  include Resource::Folders
+  include Resource::Policies
+  include Resource::Scans
+  include Resource::Server
+  include Resource::Session
+  include Resource::Tokens
+
+  autoload :Request, 'nessus_client/request'
+
+  # @param [Hash] params the options to create a NessusClient with.
+  # @option params [String] :uri ('https://localhost:8834/') Nessus resource to connect with
+  # @option params [String] :username (nil) Username to use in the connection
+  # @option params [String] :password (nil) Password  to use in the connection
+  # @option params [String] :ssl_verify_peer (true)  Whether should check valid SSL certificate
+  def initialize(params = {})
+    default_params = {
+      uri: 'https://localhost:8834/',
+      username: nil,
+      password: nil,
+      ssl_verify_peer: true
+    }
+    params = default_params.merge(params)
+    req_params = params.select { |key, _value| %i[uri ssl_verify_peer].include?(key) }
+
+    @request = NessusClient::Request.new(req_params)
+    @headers = NessusClient::Request::DEFAULT_HEADERS.dup
+    set_session(params.fetch(:username), params.fetch(:password))
   end
 
+  # Gets NessusClient::Session authentication status.
+  # @return [Boolean] whether NessusClient has successfully authenticated.
   def has_session?
-    @has_session
+    session
   end
-
-  def status
-    self.request.get( "/server/status" )
-  end
-
-end
+end

data/lib/nessus_client/exception.rb

@@ -1,7 +1,14 @@
+# frozen_string_literal: true
+
 class NessusClient
+  # Abstract Error class for NessusClient.
   class Error < ::StandardError
-    def initialize(msg="message")
+    # Raise a custom error namespace.
+    # @param [String] msg The exception message.
+    # @example
+    #   NessusClient::Error.new('This is a custom error.')
+    def initialize(msg)
       super
     end
   end
-end
+end

data/lib/nessus_client/request.rb

@@ -1,76 +1,108 @@
+# frozen_string_literal: true
+
 require 'excon'
-require 'json'
-# require 'pry'
-class NessusClient
+require 'oj'
 
-  # Excon.defaults[:ssl_verify_peer] = false
-  # This class should be used to in all requests classes
-  
+class NessusClient
+  # Abstract http request class for NessusClient.
+  # Provides some helper methods for perform HTTP requests.
   class Request
-    # attr_accessor :headers
-    attr_reader   :url, :headers
+    # @return [String] The base url of the API.
+    attr_reader :url
 
+    # Default HTTP header to be used on the requests.
     DEFAULT_HEADERS = {
-      "User-Agent" => "Mozilla/5.0 (Linux x86_64)",
-      "Content-Type" => "application/json"
-    }
+      'User-Agent' => 'NessusClient::Request - rubygems.org nessus_client',
+      'Content-Type' => 'application/json'
+    }.freeze
 
-    def initialize( params )
-      params = {:uri => nil, :ssl_verify_peer => false, :headers => {} }.merge( params )
-      @@ssl_verify_peer = params.fetch(:ssl_verify_peer)
-      @url = @@url = NessusClient::Request.uri_parse( params.fetch(:uri) )
-      @headers = params.fetch( :headers ).merge( DEFAULT_HEADERS )
-    end 
+    # @param [Hash] params the options to create a NessusClient::Request with.
+    # @option params [String] :uri ('https://localhost:8834/') Nessus server to connect with
+    # @option params [String] :ssl_verify_peer (true)  Whether should check valid SSL certificate
+    def initialize(params = {})
+      params = { uri: nil }.merge(params)
+      @ssl_verify_peer = params[:ssl_verify_peer] ? true : false
+      @url = NessusClient::Request.uri_parse(params.fetch(:uri))
+    end
 
-    # def self.headers
-    #   @@headers
-    # end
-    def headers=(value)
-      raise NotImplementedError.new("Use update from Hash insted.")
+    # Perform a HTTP GET request.
+    # @param [Hash] opts to use in the request.
+    # @option opts [String] path The URI path to perform the request.
+    # @option opts [String] payload The HTTP body to send.
+    # @option opts [String] query The URI query to send.
+    # @return [Hash, String] The body of the resposnse if there is any.
+    def get(opts = {})
+      http_request(opts, :get)
     end
- 
-    def get( path=nil, payload=nil, query=nil )
-      http_request( :get, path, payload, query )
+
+    # Perform a HTTP POST request.
+    # @param [Hash] opts to use in the request.
+    # @option opts [String] path The URI path to perform the request.
+    # @option opts [String] payload The HTTP body to send.
+    # @option opts [String] query The URI query to send.
+    # @return [Hash, String] The body of the resposnse if there is any.
+    def post(opts = {})
+      http_request(opts, :post)
     end
 
-    def post( path=nil, payload=nil, query=nil )
-      http_request( :post, path, payload, query )
+    # Perform a HTTP PUT request.
+    # @param [Hash] opts to use in the request.
+    # @option opts [String] path The URI path to perform the request.
+    # @option opts [String] payload The HTTP body to send.
+    # @option opts [String] query The URI query to send.
+    # @return [Hash, String] The body of the resposnse if there is any.
+    def put(opts = {})
+      http_request(opts, :put)
     end
 
-    def delete( path=nil, payload=nil, query=nil )
-      http_request( :delete, path, payload, query )
+    # Perform a HTTP DELETE request.
+    # @param [Hash] opts to use in the request.
+    # @option opts [String] path The URI path to perform the request.
+    # @option opts [String] payload The HTTP body to send.
+    # @option opts [String] query The URI query to send.
+    # @return [Hash, String] The body of the resposnse if there is any.
+    def delete(opts = {})
+      http_request(opts, :delete)
     end
 
-    def self.uri_parse( uri )
-      url = URI.parse( uri )
+    # Parse a receiveid string against the URI stantard.
+    # @param [String] uri A string to be validate URI.
+    # @return [String] A string uri.
+    def self.uri_parse(uri)
+      url = URI.parse(uri)
       raise URI::InvalidURIError unless url.scheme
-      return url.to_s
+
+      url.to_s
     end
 
     private
 
-    def http_request( method=:get, path, payload, query )
-      # binding.pry
-      connection = Excon.new( @@url )
-      
-      body = payload ? payload.to_json : ''
+    # @private HTTP request abstraction to be used.
+    # @param [Symbol] method  The HTTP method to be used on the request.
+    # @param [Hash] args  Parameters to use in the request.
+    # @option args [String] path (nil) The URI path to perform the request.
+    # @option args [String] payload (nil) The HTTP body to send.
+    # @option args [String] query (nil) The URI query to send.
+    # @option args [String] headers (nil) The headers to send.
+    # @return [Hash, String] The body of the resposnse if there is any.
+    def http_request(args, method = :get)
+      opts = { path: nil, payload: nil, query: nil, headers: nil }.merge(args)
+      connection = Excon.new(@url, { ssl_verify_peer: @ssl_verify_peer })
+      body = opts[:payload] ? Oj.dump(opts[:payload], mode: :compat) : ''
       options = {
         method: method,
-        path: path,
+        path: opts.fetch(:path),
         body: body,
-        query: query,
-        headers: @headers,
-        ssl_verify_peer: @@ssl_verify_peer,
-        #idempotent: true,
-        #proxy: "http://127.0.0.1:8080",
+        query: opts.fetch(:query),
+        headers: opts.fetch(:headers),
         expects: [200, 201]
       }
-      response = connection.request( options )
-    
-      return response.body if response.body.length > 0
-
+      response = connection.request(options)
+      ret = Oj.load(response.body) # if response.body.length > 0
+    rescue Oj::ParseError
+      response.body
+    else
+      ret
     end
-
   end
-  
 end

data/lib/nessus_client/resource.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+# Namespace for endpoints
+module Resource end

data/lib/nessus_client/version.rb

@@ -1,3 +1,6 @@
+# frozen_string_literal: true
+
 class NessusClient
-  VERSION = '0.1.0'
+  # The current version of the libary.
+  VERSION = '0.1.6'
 end

metadata

@@ -1,11 +1,11 @@
 --- !ruby/object:Gem::Specification
 name: nessus_client
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.6
 platform: ruby
 authors:
 - Heyder
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
 date: 2018-11-28 00:00:00.000000000 Z
@@ -14,16 +14,22 @@ dependencies:
   name: excon
   requirement: !ruby/object:Gem::Requirement
     requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.73.0
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.62'
+        version: '0.73'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.73.0
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.62'
+        version: '0.73'
 - !ruby/object:Gem::Dependency
   name: oj
   requirement: !ruby/object:Gem::Requirement
@@ -39,47 +45,53 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.7'
 - !ruby/object:Gem::Dependency
-  name: json
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
-  type: :runtime
+        version: '1.12'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '1.12'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: codecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: 0.1.14
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: 0.1.14
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.8.5
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: 1.10.10
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.8.5
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: 1.10.10
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -94,6 +106,40 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.12.2
+- !ruby/object:Gem::Dependency
+  name: regexp-examples
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.5.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.5.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -108,31 +154,59 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.17.0
-description: Ruby wrapper for Nessus API (all verions)
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.20
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.20
+description: "\n    Usable, fast, simple Ruby gem for Tenable Nessus Pro from v7.0.1
+  to v8.3.1.\n    NessusClient was designed to be simple, fast and performant through
+  communication with Nessus\n    over REST interface.\n  "
 email: eu@heyderandrade.org
 executables: []
 extensions: []
 extra_rdoc_files:
 - README.md
 - CONTRIBUTING.md
+- CODE_OF_CONDUCT.md
 files:
+- CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
 - README.md
 - lib/modules/exports.rb
 - lib/modules/folders.rb
 - lib/modules/policies.rb
 - lib/modules/scans.rb
+- lib/modules/server.rb
+- lib/modules/session.rb
+- lib/modules/tokens.rb
 - lib/nessus_client.rb
 - lib/nessus_client/exception.rb
 - lib/nessus_client/request.rb
-- lib/nessus_client/session.rb
+- lib/nessus_client/resource.rb
 - lib/nessus_client/version.rb
-homepage: https://rubygemspec.org/gems/nessus_client
+homepage: https://github.com/heyder/nessus_client
 licenses:
 - MIT
 metadata:
+  documentation_uri: https://rubydoc.info/github/heyder/nessus_client/
   source_code_uri: https://github.com/heyder/nessus_client
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -147,8 +221,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.0.6
+signing_key:
 specification_version: 4
-summary: Ruby wrapper for Nessus API
+summary: Usable, fast, simple Ruby gem for Tenable Nessus Pro from v7.0.1 to v8.3.1.
 test_files: []

data/lib/nessus_client/session.rb

@@ -1,56 +0,0 @@
-require 'oj'
-require_relative 'request'
-require_relative 'exception'
-
-class NessusClient
-
-  # This class should be used to get an access token
-  # for use with the main client class.
-  class Session
-    attr_reader :token, :api_token
-
-    @token = @api_token  = nil
-
-    # @param [String] username
-    # @param [String] password
-    def self.create( username, password )
-      
-      payload = {
-        username: username,
-        password: password,
-      }
-
-      response = NessusClient::Request.post( '/session', payload )
-      response = Oj.load(response) if response.length > 0
-
-      if response['token']
-         return self.new( response['token'] )
-      else
-        raise NessusClient::Error.new "#{__method__}::Response did not include a session token."
-      end
-
-    end
-
-    def initialize( token )      
-      @token = token
-    end
-
-    def set_api_token
-      response = NessusClient::Request.get( "/nessus6.js" )
-      response.match( %r{return"(\w{8}-(?:\w{4}-){3}\w{12})"\}} )
-      
-      raise NessusClient::Error.new( "Unable to get API Token. Some features won't work." ) unless $1#.nil?
-      
-      @api_token = $1 
-      
-    end
-
-    def destroy
-      NessusClient::Request.delete( '/session', nil )
-      @token = nil
-    end
-    alias_method :logout , :destroy
-
-  end
-
-end