owasp_zap 0.0.1 → 0.0.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +18 -2
  3. data/lib/owasp_zap.rb +7 -2
  4. data/lib/owasp_zap/auth.rb +13 -12
  5. data/lib/owasp_zap/version.rb +1 -1
  6. data/spec/zap_spec.rb +18 -0
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a80255539473310bacf8733abfdc8f71b4abec7d
4
- data.tar.gz: 508ea5d854379c64d306da68d08a577c90d207c9
3
+ metadata.gz: 0536baa69ad5457c793282408ccf7c8948a1c815
4
+ data.tar.gz: 2f53b51b051b6c902150091e5622cf7d434d6ee2
5
5
  SHA512:
6
- metadata.gz: 3b9147943357fdd6fee21cc68375f419c2cbc46ca8fe6ac3cae2400f5dbdd18f49f755dbabd8a4819be1a82de0e71a25b52e5818a11d254675755c820dd95f1d
7
- data.tar.gz: 56f636883c71f7399bf8008e7bc16f44adbb16bb6fd9a8512a8b5b9bd16bc73cc00f18e1163dac6c9bf1badcdf5cfd5983941d47e35275b2d0c4be4b12e0b291
6
+ metadata.gz: 677a0e20af2976aa15a22f3012dae413ddbeabed580f1eddcd0596635494dd3da6a9a9e682b241ae89832df2d7aae10ba6595682be511de45284f5bd0baf5dbd
7
+ data.tar.gz: b17f2db63579dcf64a237e41ebe2a9abb5b9906693357e2d337f6a96b7602850ef36b90d027ebe18a90ef65c2a176a2bd4c02cbe98f52c65ba56ab54b14aab91
data/README.md CHANGED
@@ -1,6 +1,12 @@
1
1
  # OwaspZap
2
2
 
3
- TODO: Write a gem description
3
+
4
+ A ruby client to access the HTTP API from Zap Proxy (http://code.google.com/p/zaproxy)
5
+
6
+ if you need a rpm, check it here: https://build.opensuse.org/package/show/home:vpereirabr/owasp-zap
7
+
8
+ [![Build Status](https://travis-ci.org/vpereira/owasp_zap.png?branch=master)](https://travis-ci.org/vpereira/owasp_zap)
9
+ [![Code Climate](https://codeclimate.com/github/vpereira/owasp_zap.png)](https://codeclimate.com/github/vpereira/owasp_zap)
4
10
 
5
11
  ## Installation
6
12
 
@@ -18,7 +24,17 @@ Or install it yourself as:
18
24
 
19
25
  ## Usage
20
26
 
21
- TODO: Write usage instructions here
27
+ require 'owasp_zap'
28
+
29
+ include OwaspZap
30
+
31
+ z = Zap.new :target=>'http://xxx.xxx.xxx' #create new Zap instance with default params
32
+ z = Zap.new :target=>'http://yyy.yyy.yyy', :zap=>"/usr/share/owasp-zap/zap.sh" #if you got my obs package
33
+ z.start # start interactive
34
+ # TODO
35
+ # document it further :)
36
+ z.start :daemon=>true # start in daemon mode
37
+ z.shutdown # stop the proxy
22
38
 
23
39
  ## Contributing
24
40
 
data/lib/owasp_zap.rb CHANGED
@@ -67,9 +67,14 @@ module OwaspZap
67
67
 
68
68
  #TODO
69
69
  #DOCUMENT the step necessary: install ZAP under $home/ZAP or should be passed to new as :zap parameter
70
- def start
70
+ def start(params = {})
71
+ cmd_line = if params.key? :daemon
72
+ "#{@zap_bin} -daemon"
73
+ else
74
+ @zap_bin
75
+ end
71
76
  fork do
72
- exec @zap_bin
77
+ exec cmd_line
73
78
  end
74
79
  end
75
80
 
data/lib/owasp_zap/auth.rb CHANGED
@@ -32,30 +32,31 @@ module OwaspZap
32
32
  # post_data: an already encoded string like "email%3Dfoo%2540example.org%26passwd%3Dfoobar"
33
33
  # TODO: offer a way to encode it, giving a hash?
34
34
  def set_login_url(args)
35
- url = Addressable::URI.parse "#{@base}/auth/action/setLoginUrl/"
36
- url.query_values = {:zapapiformat=>"JSON",:url=>args[:url],:postData=>args[:post_data],:contextId=>@ctx}
37
- RestClient::get url.normalize.to_str
35
+ set_query "#{@base}/auth/action/setLoginUrl/",:postData=>args[:post_data]
38
36
  end
39
37
 
40
38
  def set_logout_url(args)
41
- url = Addressable::URI.parse "#{@base}/auth/action/setLogoutUrl/"
42
- url.query_values = {:zapapiformat=>"JSON",:url=>args[:url],:postData=>args[:post_data],:contextId=>@ctx}
43
- RestClient::get url.normalize.to_str
39
+ set_query "#{@base}/auth/action/setLogoutUrl/",:postData=>args[:post_data]
44
40
  end
45
41
 
46
42
  def set_logged_in_indicator(args)
47
- url = Addressable::URI.parse "#{@base}/auth/action/setLoggedInIndicator/"
48
- url.query_values = {:zapapiformat=>"JSON",:url=>args[:url],:postData=>args[:indicator],:contextId=>@ctx}
49
- RestClient::get url.normalize.to_str
43
+ set_query "#{@base}/auth/action/setLoggedInIndicator/",:postData=>args[:indicator]
50
44
  end
51
45
 
52
46
  def set_logged_out_indicator(args)
53
- url = Addressable::URI.parse "#{@base}/auth/action/setLoggedOutIndicator/"
54
- url.query_values = {:zapapiformat=>"JSON",:url=>args[:url],:indicator=>args[:indicator],:contextId=>@ctx}
55
- RestClient::get url.normalize.to_str
47
+ set_query "#{@base}/auth/action/setLoggedOutIndicator/", :indicator=>args[:indicator]
56
48
  end
57
49
 
58
50
  private
51
+
52
+ # addr a string like #{@base}/auth/foo/bar
53
+ # params a hash with custom params that should be added to the query_values
54
+ def set_query(addr, params)
55
+ default_params = {:zapapiformat=>"JSON",:url=>args[:url],:contextId=>@ctx}
56
+ url Addressable::URI.parse addr
57
+ url.query_values = default_params.merge(params)
58
+ RestClient::get url.normalize.to_str
59
+ end
59
60
  def to_url(str)
60
61
  method_str = str.to_s
61
62
  method_str.extend OwaspZap::StringExtension # monkey patch just this instance
data/lib/owasp_zap/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OwaspZap
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.5"
3
3
  end
data/spec/zap_spec.rb CHANGED
@@ -120,3 +120,21 @@ describe "StringExtension" do
120
120
  assert_equal @str.snake_case,"foo_bar"
121
121
  end
122
122
  end
123
+
124
+ describe "status_for" do
125
+ before do
126
+ @h = Zap::Zap.new :target=>"http://127.0.0.1"
127
+ stub_request(:get, "http://127.0.0.1:8080/JSON/spider/view/status/?zapapiformat=JSON").to_return(:status => 200, :body => {:status=>"100"}.to_json, :headers => {})
128
+ stub_request(:get, "http://127.0.0.1:8080/JSON/ascan/view/status/?zapapiformat=JSON").to_return(:status => 200, :body => {:status=>"100"}.to_json, :headers => {})
129
+ end
130
+
131
+ it "should create a ascan" do
132
+ @h.status_for(:ascan).wont_be :nil?
133
+ end
134
+ it "should create a spider" do
135
+ @h.status_for(:spider).wont_be :nil?
136
+ end
137
+ it "should return an unknown" do
138
+ @h.status_for(:foo).wont_be :nil?
139
+ end
140
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: owasp_zap
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Victor Pereira
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-03-31 00:00:00.000000000 Z
11
+ date: 2014-04-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler