qualys 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 82d46fe75c445a67a07782c8ea2b9f92011e7f9e
+  data.tar.gz: 79fb99dbdcbf7bb6da466cd91b806662c7979c2f
+SHA512:
+  metadata.gz: 90601d93e13d3d24b2779290f5a112a5c8fb2edd84f89f193353364fd9c420390dab5aa7e7e435c9d05725b06b6e70639160618e2797411150715ceff698dc95
+  data.tar.gz: d01666b6aefab5de181db30b3ec30df00aac9531e951f07324234001f770f024f413fbbc149e2e39acae006bb16e5ae57ad1723cdeaf78ff934cdb7571db3cc2

data/.gitignore

@@ -0,0 +1,5 @@
+/.bundle/
+/vendor/
+Gemfile.lock
+*.gem
+/config/qualys.yaml

data/.rock.yml

@@ -0,0 +1,17 @@
+runtime: ruby21
+build_gem: |
+  rm -rf *.gem
+  gem build qualys.gemspec
+
+push_gem: exec gem push *.gem
+
+gem: |
+  rm -rf *.gem
+  gem build qualys.gemspec
+  gem push *.gem
+
+sublime: |
+  rock run bin/test.rb
+
+todo: |
+  find bin lib spec -type f -exec grep -Hni --color "todo" {} \; > TODO

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Mike Mackintosh
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,52 @@
+# Ruby Qualys API v2
+A Ruby extension for interfacing with Qualys v2 API.
+
+[![](http://ruby-gem-downloads-badge.herokuapp.com/qualys)](https://rubygems.org/gems/qualys)
+
+[![Dependency Status](https://gemnasium.com/mikemackintosh/ruby-qualys.svg)](https://gemnasium.com/mikemackintosh/ruby-qualys)
+
+[![Gem Version](https://badge.fury.io/rb/qualys.svg)](https://rubygems.org/gems/qualys)
+
+### Introduction
+
+I had the need to pull stats and details from Qualys automatically to collect and alert on metrics. Let's face it, in 2015, email alerts just don't cut it anymore.
+
+## Installation
+
+Like any other gem:
+
+```shell
+gem install qualys
+```
+
+## Usage
+
+Below you can find details on the configuration and usage of the Qualys API Client.
+
+### Configuration
+
+Before utilizing the API, you must configure it. You can configure it with a block like below, or by passing in a `Hash#` or load a yaml file.
+```ruby
+Qualys.configure do |config|
+  config.username = @email
+  config.password = @password
+end
+```
+
+or configure using a `yaml` doc:
+
+```ruby
+Qualys::Config.load!("config/qualys.yaml")
+```
+
+### Getting Scans
+
+You can easily get a list of all scans within your Qualys account by accessing the following methods:
+
+```ruby
+scans = Qualys::Scans.all
+```
+
+## References
+
+The API was built using the following documentation: https://www.qualys.com/docs/qualys-api-v2-quick-reference.pdf

data/Rakefile

@@ -0,0 +1,27 @@
+#encoding: utf-8 
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+require 'rubocop/rake_task'
+
+task :default => :test
+
+RSpec::Core::RakeTask.new do |spec|
+  spec.verbose = false
+  spec.pattern = './spec/{*/**/}*_spec.rb'
+end
+
+task :test do
+  ENV['RACK_ENV'] = 'test'
+
+  require './spec/spec_helper'
+  Rake::Task['spec'].invoke
+end
+
+desc 'Run RuboCop on the lib directory'
+RuboCop::RakeTask.new(:rubocop) do |task|
+  task.patterns = ['lib/**/*.rb']
+  # only show the files with failures
+  task.formatters = ['progress']
+  # don't abort rake on failure
+  task.fail_on_error = false
+end

data/lib/qualys.rb

@@ -0,0 +1,30 @@
+require 'httparty'
+require 'json'
+require 'erb'
+
+require 'qualys/version'
+
+require 'qualys/config'
+require 'qualys/api'
+require 'qualys/auth'
+
+require 'qualys/scans'
+
+
+module Qualys
+
+  extend self
+
+  def configure
+    block_given? ? yield(Config) : Config
+    %w(username password).each do |key|
+      if Qualys::Config.instance_variable_get("@#{key}").nil?
+        raise Qualys::Config::RequiredOptionMissing,
+          "Configuration parameter missing: '#{key}'. " +
+          "Please add it to the Qualys.configure block"
+      end
+    end
+  end
+  alias_method :config, :configure
+
+end

data/lib/qualys/api.rb

@@ -0,0 +1,66 @@
+module Qualys
+  class Api
+
+    class InvalidResponse < RuntimeError; end
+    class AuthorizationRequired < RuntimeError; end
+    class UnauthorizedRequest < RuntimeError; end
+
+    # Set the current production endpoint
+    PRODUCTION_ENDPOINT = 'https://qualysapi.qualys.com/api/2.0/fo/'
+
+    # Set HTTParty defaults
+    HTTParty::Basement.default_options.update(base_uri: PRODUCTION_ENDPOINT)
+    HTTParty::Basement.default_options.update(headers: {
+        "X-Requested-With" => "Qualys Ruby Client v#{Qualys::VERSION}"
+      })
+
+    #
+    #
+    def self.api_get(url, options={})
+
+      unless Qualys::Config.session_key.nil?
+        HTTParty::Basement.default_cookies.add_cookies(Qualys::Config.session_key)
+      end
+
+      # Send Request
+      response = HTTParty.get(url, options)
+
+      # Check if you need to be authorized
+      if response.code.eql?(401)
+        raise Qualys::Api::AuthorizationRequired, "Please Login Before Communicating With The API"
+      elsif response.code.eql?(403)
+        raise Qualys::Api::UnauthorizedRequest, "You either sent an invalid request or do not have access to that add-on"      
+      elsif !response.code.eql?(200)
+        raise Qualys::Api::InvalidResponse, "Invalid Response Received"
+      end
+
+      # return the response
+      response
+    end
+
+    #
+    #
+    def self.api_post(url, options={})
+      
+      unless Qualys::Config.session_key.nil?
+        HTTParty::Basement.default_cookies.add_cookies(Qualys::Config.session_key)
+      end
+
+      # Send Request
+      response = HTTParty.post(url, options)
+
+      # Check if you need to be authorized
+      if response.code.eql?(401)
+        raise Qualys::Api::AuthorizationRequired, "Please Configure A Username and Password Before Communicating With The API"
+      elsif response.code.eql?(403)
+        raise Qualys::Api::UnauthorizedRequest, "You either sent an invalid request or do not have access to that add-on"      
+      elsif response.code.eql?(500)
+        raise Qualys::Api::InvalidResponse, "Invalid Response Received"
+      end
+
+      # return the response
+      response
+    end
+
+  end
+end

data/lib/qualys/auth.rb

@@ -0,0 +1,42 @@
+module Qualys
+  class Auth < Api
+    class InvalidLogin < RuntimeError; end
+
+    attr_reader :name
+
+    # Do Login
+    def self.login
+
+      # Request a login
+      response = self.api_post('session/', {
+          :body => {
+            :action => 'login', 
+            :username => Qualys::Config.username, 
+            :password => Qualys::Config.password
+          }
+        })
+   
+      # set the session key
+      Qualys::Config.session_key = response.header['Set-Cookie']
+      true
+     
+    end
+
+    # Set Logout
+    def self.logout
+
+      # Request a login
+      response = self.api_post('session/', {
+          :body => {
+            :action => 'logout', 
+          }
+        })
+   
+      # set the session key
+      Qualys::Config.session_key = nil
+      true
+
+    end
+
+  end
+end

data/lib/qualys/config.rb

@@ -0,0 +1,35 @@
+module Qualys
+  module Config
+    class RequiredOptionMissing < RuntimeError; end
+    extend self
+
+    attr_accessor :username, :password, :session_key
+
+    # Configure Qualys from a hash. This is usually called after parsing a
+    # yaml config file such as qualys.yaml.
+    #
+    # @example Configure Qualys.
+    #   config.from_hash({})
+    #
+    # @param [ Hash ] options The settings to use.
+    def from_hash(options = {})
+      options.each_pair do |name, value|
+        send("#{name}=", value) if respond_to?("#{name}=")
+      end
+    end
+
+    # Load the settings from a compliant Qualys.yml file. This can be used for
+    # easy setup with frameworks other than Rails.
+    #
+    # @example Configure Qualys.
+    #   Qualys.load!("/path/to/qualys.yml")
+    #
+    # @param [ String ] path The path to the file.
+    def load!(path)
+      settings = YAML.load(ERB.new(File.new(path).read).result)['api']
+      if settings.is_a? Hash
+        from_hash(settings)
+      end
+    end
+  end
+end

data/lib/qualys/scans.rb

@@ -0,0 +1,20 @@
+module Qualys
+  class Scans < Api
+
+    def self.all
+      response = api_get("scan/", { :query => { :action => 'list' }})
+      scanlist = response.parsed_response['SCAN_LIST_OUTPUT']['RESPONSE']['SCAN_LIST']
+      puts scanlist.inspect
+    end
+
+    def self.each
+      @events.each do |event|
+        yield event
+      end
+    end
+
+  end
+
+  class Scan
+  end
+end

data/lib/qualys/version.rb

@@ -0,0 +1,3 @@
+module Qualys
+  VERSION = '0.1.0'
+end

data/qualys.gemspec

@@ -0,0 +1,37 @@
+# Created by hand, like a real man
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'qualys/version'
+
+Gem::Specification.new do |s|
+
+  s.name        = 'qualys'
+  s.version     = Qualys::VERSION
+  s.date        = '2015-02-25'
+  s.summary     = "qualys API Client"
+  s.description = "Easily interface with the qualys for consuming events"
+  s.authors     = ["Mike Mackintosh"]
+  s.email       = 'm@zyp.io'
+  s.homepage    =
+    'http://github.com/mikemackintosh/ruby-qualys'
+
+  s.license       = 'MIT'
+  
+  s.require_paths = ["lib"]
+  s.files         = `git ls-files -z`.split("\x0")
+  #s.executables   = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  #s.test_files    = s.files.grep(%r{^(test|spec|features)/})
+
+  s.add_dependency 'json'
+  s.add_dependency 'erubis'
+  s.add_dependency 'httparty'
+
+  s.add_development_dependency "bundler"
+  s.add_development_dependency "rake"
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "vcr"
+  s.add_development_dependency "webmock"
+  s.add_development_dependency "rubocop"
+
+end

metadata

@@ -0,0 +1,183 @@
+--- !ruby/object:Gem::Specification
+name: qualys
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Mike Mackintosh
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-02-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: erubis
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: httparty
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Easily interface with the qualys for consuming events
+email: m@zyp.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rock.yml"
+- ".rspec"
+- LICENSE.txt
+- README.md
+- Rakefile
+- config/.gitkeep
+- lib/qualys.rb
+- lib/qualys/api.rb
+- lib/qualys/auth.rb
+- lib/qualys/config.rb
+- lib/qualys/scans.rb
+- lib/qualys/version.rb
+- qualys.gemspec
+homepage: http://github.com/mikemackintosh/ruby-qualys
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: qualys API Client
+test_files: []