owasp_zap 0.0.1 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +18 -2
  3. data/lib/owasp_zap.rb +7 -2
  4. data/lib/owasp_zap/auth.rb +13 -12
  5. data/lib/owasp_zap/version.rb +1 -1
  6. data/spec/zap_spec.rb +18 -0
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a80255539473310bacf8733abfdc8f71b4abec7d
4
- data.tar.gz: 508ea5d854379c64d306da68d08a577c90d207c9
3
+ metadata.gz: 0536baa69ad5457c793282408ccf7c8948a1c815
4
+ data.tar.gz: 2f53b51b051b6c902150091e5622cf7d434d6ee2
5
5
  SHA512:
6
- metadata.gz: 3b9147943357fdd6fee21cc68375f419c2cbc46ca8fe6ac3cae2400f5dbdd18f49f755dbabd8a4819be1a82de0e71a25b52e5818a11d254675755c820dd95f1d
7
- data.tar.gz: 56f636883c71f7399bf8008e7bc16f44adbb16bb6fd9a8512a8b5b9bd16bc73cc00f18e1163dac6c9bf1badcdf5cfd5983941d47e35275b2d0c4be4b12e0b291
6
+ metadata.gz: 677a0e20af2976aa15a22f3012dae413ddbeabed580f1eddcd0596635494dd3da6a9a9e682b241ae89832df2d7aae10ba6595682be511de45284f5bd0baf5dbd
7
+ data.tar.gz: b17f2db63579dcf64a237e41ebe2a9abb5b9906693357e2d337f6a96b7602850ef36b90d027ebe18a90ef65c2a176a2bd4c02cbe98f52c65ba56ab54b14aab91
data/README.md CHANGED
@@ -1,6 +1,12 @@
1
1
  # OwaspZap
2
2
 
3
- TODO: Write a gem description
3
+
4
+ A ruby client to access the HTTP API from Zap Proxy (http://code.google.com/p/zaproxy)
5
+
6
+ if you need a rpm, check it here: https://build.opensuse.org/package/show/home:vpereirabr/owasp-zap
7
+
8
+ [![Build Status](https://travis-ci.org/vpereira/owasp_zap.png?branch=master)](https://travis-ci.org/vpereira/owasp_zap)
9
+ [![Code Climate](https://codeclimate.com/github/vpereira/owasp_zap.png)](https://codeclimate.com/github/vpereira/owasp_zap)
4
10
 
5
11
  ## Installation
6
12
 
@@ -18,7 +24,17 @@ Or install it yourself as:
18
24
 
19
25
  ## Usage
20
26
 
21
- TODO: Write usage instructions here
27
+ require 'owasp_zap'
28
+
29
+ include OwaspZap
30
+
31
+ z = Zap.new :target=>'http://xxx.xxx.xxx' #create new Zap instance with default params
32
+ z = Zap.new :target=>'http://yyy.yyy.yyy', :zap=>"/usr/share/owasp-zap/zap.sh" #if you got my obs package
33
+ z.start # start interactive
34
+ # TODO
35
+ # document it further :)
36
+ z.start :daemon=>true # start in daemon mode
37
+ z.shutdown # stop the proxy
22
38
 
23
39
  ## Contributing
24
40
 
data/lib/owasp_zap.rb CHANGED
@@ -67,9 +67,14 @@ module OwaspZap
67
67
 
68
68
  #TODO
69
69
  #DOCUMENT the step necessary: install ZAP under $home/ZAP or should be passed to new as :zap parameter
70
- def start
70
+ def start(params = {})
71
+ cmd_line = if params.key? :daemon
72
+ "#{@zap_bin} -daemon"
73
+ else
74
+ @zap_bin
75
+ end
71
76
  fork do
72
- exec @zap_bin
77
+ exec cmd_line
73
78
  end
74
79
  end
75
80
 
data/lib/owasp_zap/auth.rb CHANGED
@@ -32,30 +32,31 @@ module OwaspZap
32
32
  # post_data: an already encoded string like "email%3Dfoo%2540example.org%26passwd%3Dfoobar"
33
33
  # TODO: offer a way to encode it, giving a hash?
34
34
  def set_login_url(args)
35
- url = Addressable::URI.parse "#{@base}/auth/action/setLoginUrl/"
36
- url.query_values = {:zapapiformat=>"JSON",:url=>args[:url],:postData=>args[:post_data],:contextId=>@ctx}
37
- RestClient::get url.normalize.to_str
35
+ set_query "#{@base}/auth/action/setLoginUrl/",:postData=>args[:post_data]
38
36
  end
39
37
 
40
38
  def set_logout_url(args)
41
- url = Addressable::URI.parse "#{@base}/auth/action/setLogoutUrl/"
42
- url.query_values = {:zapapiformat=>"JSON",:url=>args[:url],:postData=>args[:post_data],:contextId=>@ctx}
43
- RestClient::get url.normalize.to_str
39
+ set_query "#{@base}/auth/action/setLogoutUrl/",:postData=>args[:post_data]
44
40
  end
45
41
 
46
42
  def set_logged_in_indicator(args)
47
- url = Addressable::URI.parse "#{@base}/auth/action/setLoggedInIndicator/"
48
- url.query_values = {:zapapiformat=>"JSON",:url=>args[:url],:postData=>args[:indicator],:contextId=>@ctx}
49
- RestClient::get url.normalize.to_str
43
+ set_query "#{@base}/auth/action/setLoggedInIndicator/",:postData=>args[:indicator]
50
44
  end
51
45
 
52
46
  def set_logged_out_indicator(args)
53
- url = Addressable::URI.parse "#{@base}/auth/action/setLoggedOutIndicator/"
54
- url.query_values = {:zapapiformat=>"JSON",:url=>args[:url],:indicator=>args[:indicator],:contextId=>@ctx}
55
- RestClient::get url.normalize.to_str
47
+ set_query "#{@base}/auth/action/setLoggedOutIndicator/", :indicator=>args[:indicator]
56
48
  end
57
49
 
58
50
  private
51
+
52
+ # addr a string like #{@base}/auth/foo/bar
53
+ # params a hash with custom params that should be added to the query_values
54
+ def set_query(addr, params)
55
+ default_params = {:zapapiformat=>"JSON",:url=>args[:url],:contextId=>@ctx}
56
+ url Addressable::URI.parse addr
57
+ url.query_values = default_params.merge(params)
58
+ RestClient::get url.normalize.to_str
59
+ end
59
60
  def to_url(str)
60
61
  method_str = str.to_s
61
62
  method_str.extend OwaspZap::StringExtension # monkey patch just this instance
data/lib/owasp_zap/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OwaspZap
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.5"
3
3
  end
data/spec/zap_spec.rb CHANGED
@@ -120,3 +120,21 @@ describe "StringExtension" do
120
120
  assert_equal @str.snake_case,"foo_bar"
121
121
  end
122
122
  end
123
+
124
+ describe "status_for" do
125
+ before do
126
+ @h = Zap::Zap.new :target=>"http://127.0.0.1"
127
+ stub_request(:get, "http://127.0.0.1:8080/JSON/spider/view/status/?zapapiformat=JSON").to_return(:status => 200, :body => {:status=>"100"}.to_json, :headers => {})
128
+ stub_request(:get, "http://127.0.0.1:8080/JSON/ascan/view/status/?zapapiformat=JSON").to_return(:status => 200, :body => {:status=>"100"}.to_json, :headers => {})
129
+ end
130
+
131
+ it "should create a ascan" do
132
+ @h.status_for(:ascan).wont_be :nil?
133
+ end
134
+ it "should create a spider" do
135
+ @h.status_for(:spider).wont_be :nil?
136
+ end
137
+ it "should return an unknown" do
138
+ @h.status_for(:foo).wont_be :nil?
139
+ end
140
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: owasp_zap
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Victor Pereira
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-03-31 00:00:00.000000000 Z
11
+ date: 2014-04-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler