sonar-client 0.1.6 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/lib/sonar/cli/cli.rb +0 -2
  3. data/lib/sonar/client.rb +7 -6
  4. data/lib/sonar/search.rb +0 -9
  5. data/lib/sonar/version.rb +1 -1
  6. data/lib/sonar.rb +0 -1
  7. data/sonar-client.gemspec +5 -3
  8. data/spec/fixtures/sonar-stock.rc +1 -1
  9. data/spec/sonar/cli_spec.rb +2 -38
  10. data/spec/sonar/search_spec.rb +12 -117
  11. data/spec/sonar_spec.rb +1 -1
  12. data/spec/spec_helper.rb +1 -1
  13. metadata +53 -27
  14. data/spec/sonar/certificate_spec.rb +0 -13
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e013916a1cf6c42fbd99d568ee88529cc7ac581b83aad80a4b62e4c2175aec7e
4
- data.tar.gz: fb2e18d3b290f1dffb370448c603f3853fd380635ca79c5e8936e124f24fdcd5
3
+ metadata.gz: ce2404af83297d350bc601dc221e8e730421b0cbcb58eececceaa4bd276c0545
4
+ data.tar.gz: 5780f69f285064bdc1c1e987190835bc1eaef7c54386402ac022e82bc83a9c9b
5
5
  SHA512:
6
- metadata.gz: 61c7694ca76d748ad6354f0010ab0891f28d4ed28999e4d57b32d15d5e816e0bf5fd57d311fac06937a19be937a1295016bdf44b9823faa748e51eeaf5b8f71f
7
- data.tar.gz: 6dc07ee303279815e6b88f662be748292875d198f72759a828b4032ce012c27b9915869e89ba197b057261c5e7208db59075959fbef4b0db830cb891b6ad8142
6
+ metadata.gz: 50368c89bc42beb8ef0c835eb66fe61516eb0404b8dce326661f8e8ab79f1a9ae8072820903d7e8bcecd46549a8f3057fa87934f546ebeb5d458b875acde257d
7
+ data.tar.gz: 4f1ed1482aeb61cf6646b58d786a56a8f8d770aaf074ffa94b6262cef8ada673361680c545e474dad10e09ad6815b1f41e8c46d39284c6a2d0ab17014b3d0bb1
data/lib/sonar/cli/cli.rb CHANGED
@@ -29,7 +29,6 @@ module Sonar
29
29
 
30
30
  desc 'search [QUERY TYPE] [QUERY TERM]', 'Search any query type from Sonar or specify \'all\' as QUERY TYPE to search them all.'
31
31
  method_option 'record_limit', type: :numeric, aliases: '-n', desc: 'Maximum number of records to fetch'
32
- method_option 'exact', type: :boolean, aliases: '-e', desc: 'Search for the query string exactly, do not include partial string matches'
33
32
  def search(type, term)
34
33
  types = [type]
35
34
 
@@ -45,7 +44,6 @@ module Sonar
45
44
  @query = {}
46
45
  @query[type.to_sym] = term
47
46
  @query[:limit] = options['record_limit']
48
- @query[:exact] = options['exact']
49
47
  resp = @client.search(@query)
50
48
  handle_search_response(resp)
51
49
  end
data/lib/sonar/client.rb CHANGED
@@ -1,9 +1,9 @@
1
1
  # encoding: utf-8
2
2
  require 'faraday'
3
- require 'faraday_middleware'
3
+ require 'faraday/follow_redirects'
4
+ require 'faraday/rashify'
4
5
  require 'forwardable'
5
6
  require 'sonar/request'
6
- require 'sonar/certificate'
7
7
  require 'sonar/search'
8
8
  require 'sonar/user'
9
9
  require 'sonar/cli/cli'
@@ -14,7 +14,6 @@ module Sonar
14
14
  extend Forwardable
15
15
 
16
16
  include Request
17
- include Certificate
18
17
  include Search
19
18
  include User
20
19
  include Registration
@@ -39,9 +38,11 @@ module Sonar
39
38
  def connection
40
39
  params = {}
41
40
  @conn = Faraday.new(url: api_url, params: params, headers: default_headers, ssl: { verify: true }) do |faraday|
42
- faraday.use FaradayMiddleware::Mashify
43
- faraday.use FaradayMiddleware::ParseJson, content_type: /\bjson$/
44
- faraday.use FaradayMiddleware::FollowRedirects
41
+ faraday.use Faraday::FollowRedirects::Middleware
42
+ faraday.use Faraday::Rashify::Middleware
43
+ faraday.request :json
44
+
45
+ faraday.response :json
45
46
  faraday.adapter Faraday.default_adapter
46
47
  end
47
48
  @conn.headers['X-Sonar-Token'] = access_token
data/lib/sonar/search.rb CHANGED
@@ -8,17 +8,8 @@ module Sonar
8
8
 
9
9
  # Implemented search query types
10
10
  QUERY_TYPES = [
11
- { name: 'certificate', description: 'Certificate lookup', input: 'sha' },
12
- { name: 'certips', description: 'Certificate to IPs', input: 'sha' },
13
- { name: 'rdns', description: 'IP to Reverse DNS Lookup or DNS Lookup to IP', input: 'ip' },
14
11
  { name: 'fdns', description: 'Domains to IP or IPs to Domain', input: 'domain' },
15
- { name: 'ipcerts', description: 'IP to Certificates', input: 'ip' },
16
- { name: 'namecerts', description: 'Domain to Certificates', input: 'domain' },
17
- { name: 'links_to', description: 'HTTP References to Domain', input: 'domain' },
18
12
  { name: 'ports', description: 'Open Ports', input: 'ip' },
19
- { name: 'processed', description: 'Open Ports (Processed)', input: 'ip' },
20
- { name: 'raw', description: 'Open Ports (Raw)', input: 'ip' },
21
- { name: 'sslcert', description: 'Certificate Details', input: 'sha' },
22
13
  { name: 'all', description: 'Search all appropriate search types for an IP or domain', input: 'all' }
23
14
  ]
24
15
 
data/lib/sonar/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Sonar
2
- VERSION = "0.1.6"
2
+ VERSION = "0.2.0"
3
3
  end
data/lib/sonar.rb CHANGED
@@ -1,5 +1,4 @@
1
1
  require "faraday"
2
- require "faraday_middleware"
3
2
  require "sonar/cli/cli"
4
3
  require "sonar/client"
5
4
  require "sonar/version"
data/sonar-client.gemspec CHANGED
@@ -18,7 +18,10 @@ Gem::Specification.new do |spec|
18
18
  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
19
  spec.require_paths = ["lib"]
20
20
 
21
- spec.add_dependency 'faraday_middleware'
21
+ spec.add_dependency 'faraday'
22
+ spec.add_dependency 'faraday-rashify'
23
+ spec.add_dependency 'rash_alt'
24
+ spec.add_dependency 'faraday-follow_redirects'
22
25
  spec.add_dependency 'hashie'
23
26
  spec.add_dependency 'multi_json'
24
27
  spec.add_dependency 'thor'
@@ -31,8 +34,7 @@ Gem::Specification.new do |spec|
31
34
  spec.add_development_dependency "simplecov"
32
35
  spec.add_development_dependency "simplecov-rcov"
33
36
  spec.add_development_dependency "yard"
34
- spec.add_development_dependency "vcr", '~> 4.0.0'
37
+ spec.add_development_dependency "vcr"
35
38
  spec.add_development_dependency "shoulda"
36
- spec.add_development_dependency "webmock", '~> 3.5.1'
37
39
  spec.add_development_dependency "api_matchers"
38
40
  end
data/spec/fixtures/sonar-stock.rc CHANGED
@@ -1,3 +1,3 @@
1
1
  email: YOUR_EMAIL
2
- access_token: SONAR_TOKEN
2
+ access_token: INVALID_SONAR_TOKEN
3
3
  api_url: https://sonar.labs.rapid7.com
data/spec/sonar/cli_spec.rb CHANGED
@@ -7,7 +7,7 @@ describe Sonar::CLI do
7
7
  Sonar::RCFile.instance.path = "#{fixtures_path}/sonar-stock.rc"
8
8
  end
9
9
  it 'throws an exception because of errors' do
10
- expect { run_command('search rdns 8.8.8.8') }.to raise_error(Sonar::Search::SearchError)
10
+ expect { run_command('search fdns 8.8.8.8') }.to raise_error(Sonar::Search::SearchError)
11
11
  end
12
12
  end
13
13
 
@@ -35,17 +35,6 @@ describe Sonar::CLI do
35
35
  expect(output).to eq('{"address":"192.168.1.1"}')
36
36
  end
37
37
  end
38
- context 'client that returns sslcert reply with nested json' do
39
- before do
40
- allow_any_instance_of(Sonar::Client).to receive(:search).and_return(
41
- Sonar::Client.new.search(sslcert: '152a0a633aaf13f02c428ac1a3e672e895512bfd')
42
- )
43
- end
44
- it 'parses the nested values in an array' do
45
- output = run_command('search sslcert 152a0a633aaf13f02c428ac1a3e672e895512bfd')
46
- expect(JSON.parse(output)['collection'].first['details'].first['subject']['ST']).to eq('California')
47
- end
48
- end
49
38
  context 'client that returns processed reply with nested json' do
50
39
  before do
51
40
  allow_any_instance_of(Sonar::Client).to receive(:search).and_return(
@@ -57,36 +46,11 @@ describe Sonar::CLI do
57
46
  expect(JSON.parse(output)['collection'].first['value']['ip']).to eq('8.8.8.8')
58
47
  end
59
48
  end
60
- describe 'searching with #exact --exact option' do
61
- context 'client that returns fdns for rapid7 exact' do
62
- before do
63
- allow_any_instance_of(Sonar::Client).to receive(:search).and_return(
64
- Sonar::Client.new.search(fdns: 'rapid7.com', exact: true)
65
- )
66
- end
67
- it 'matches exactly with --exact' do
68
- output = run_command('search fdns rapid7.com --exact')
69
- expect(JSON.parse(output)['collection'].size).to be >= 1
70
- expect(JSON.parse(output)['collection'].map{ |x| x['name'] }.uniq).to eq ['rapid7.com']
71
- end
72
- end
73
- context 'client that returns fdns for rapid7 IP' do
74
- before do
75
- allow_any_instance_of(Sonar::Client).to receive(:search).and_return(
76
- Sonar::Client.new.search(fdns: 'rapid7.com')
77
- )
78
- end
79
- it 'matches many domains without --exact' do
80
- output = run_command('search fdns rapid7.com')
81
- expect(JSON.parse(output)['collection'].map{ |x| x['name'] }.uniq.size).to be > 1
82
- end
83
- end
84
- end
85
49
 
86
50
  describe 'sonar types command' do
87
51
  it 'returns all sonar search types' do
88
52
  output = run_command('types')
89
- expect(output).to match(/Certificate to IPs/)
53
+ expect(output).to match(/Open Ports/)
90
54
  end
91
55
  end
92
56
 
data/spec/sonar/search_spec.rb CHANGED
@@ -8,8 +8,8 @@ describe Sonar::Search do
8
8
  let(:client) { Sonar::Client.new }
9
9
 
10
10
  describe "#ip_search_type_names" do
11
- it 'includes rdns' do
12
- expect(dummy_class.ip_search_type_names).to include('rdns')
11
+ it 'includes ports' do
12
+ expect(dummy_class.ip_search_type_names).to include('ports')
13
13
  end
14
14
  it 'does not include fdns' do
15
15
  expect(dummy_class.ip_search_type_names).to_not include('fdns')
@@ -34,81 +34,34 @@ describe Sonar::Search do
34
34
  end
35
35
  end
36
36
 
37
- describe "exact" do
38
- it "shouldn't match anything when #exact is true" do
39
- resp = client.search(fdns: ".rapid7.com", exact: true)
40
- expect(resp["collection"].size).to eq(0)
41
- end
42
- it "should match when #exact is false" do
43
- resp = client.search(fdns: ".rapid7.com", exact: false)
44
- expect(resp["collection"].size).to be > 0
45
- end
46
- end
47
-
48
37
  describe "limit" do
49
- # The default size from APIv1/v2 is 1,000 records
38
+ # The default size from APIv1/v2 is 25 records
50
39
  context "specifying the :limit to 3000 on #search" do
51
- let(:resp) { client.search(rdns: '.hp.com', limit: 3000) }
40
+ let(:resp) { client.search(fdns: '.hp.com', limit: 3000) }
52
41
 
53
42
  it "should return a RequestIterator" do
54
43
  expect(resp.class).to eq(Sonar::Request::RequestIterator)
55
44
  end
56
- it "should return 3 x 1,000-record blocks" do
45
+ it "should return 120 x 25-record blocks" do
57
46
  num_blocks = 0
58
47
  resp.each do |resp_block|
59
- expect(resp_block['collection'].size).to eq(1000)
60
- num_blocks += 1
48
+ if resp_block
49
+ expect(resp_block['collection'].size).to eq(25)
50
+ num_blocks += 1
51
+ end
61
52
  end
62
- expect(num_blocks).to eq(3)
53
+ expect(num_blocks).to eq(120)
63
54
  end
64
55
  end
65
56
  end
66
57
  end
67
58
 
68
- context "certificate" do
69
- let(:resp) { client.search(certificate: '.hp.com') }
70
-
71
- it "should provide certificate details" do
72
- expect(resp).to have_key('collection')
73
- end
74
- end
75
-
76
- describe "rdns" do
77
- context "rdnsname" do
78
- let(:resp) { client.search(rdns: '208.118.227.10.rapid7.com') }
79
-
80
- it "returns hashie response of search" do
81
- expect(resp.class).to eq(Hashie::Mash)
82
- end
83
- it "rdnsname finds 208.118.227.10 for 208.118.227.10.rapid7.com" do
84
- expect(resp['collection'].any? { |x| x['address'] == '208.118.227.10' }).to be(true)
85
- end
86
- end
87
-
88
- context "rdnsip" do
89
- let(:resp) { client.search(rdns: '188.40.56.11') }
90
-
91
- it "rdnsip finds static.11.56.40.188.clients.your-server.de for 188.40.56.11" do
92
- expect(resp['collection'].any? { |x| x['name'] == 'static.11.56.40.188.clients.your-server.de' }).to be(true)
93
- end
94
- end
95
-
96
- context "validation" do
97
- let(:resp) { client.search(rdns: '188.40.56.11@#&#') }
98
-
99
- it "should error for invalid domain query type" do
100
- expect(resp["error"]).to eq("Invalid query")
101
- expect(resp["errors"].first).to eq("Expected a domain but got '188.40.56.11@#&#'")
102
- end
103
- end
104
- end
105
-
106
59
  describe "fdns" do
107
60
  context "fdnsname" do
108
61
  let(:resp) { client.search(fdns: 'rapid7.com') }
109
62
 
110
63
  it "returns hashie response of search" do
111
- expect(resp.class).to eq(Hashie::Mash)
64
+ expect(resp.class).to eq(Hashie::Mash::Rash)
112
65
  end
113
66
  it "finds fdnsname multiple IP addresses for rapid7.com" do
114
67
  expect(resp['collection'].select { |x| x['address'] }.size).to be >= 2
@@ -128,69 +81,11 @@ describe Sonar::Search do
128
81
 
129
82
  it "should error for invalid domain query type" do
130
83
  expect(resp["error"]).to eq("Invalid query")
131
- expect(resp["errors"].first).to eq("Expected a domain but got '188.40.56.11@#&#'")
84
+ expect(resp["errors"].first).to eq("An unsupported gTLD or ccTLD was specified for: 188.40.56.11@#&#")
132
85
  end
133
86
  end
134
87
  end
135
88
 
136
- context "links_to" do
137
- let(:resp) { client.search(links_to: 'rapid7.com') }
138
-
139
- it "should provide links_to details" do
140
- expect(resp).to have_key('collection')
141
- end
142
- end
143
-
144
- context "ipcerts" do
145
- let(:resp) { client.search(ipcerts: '208.118.227.10') }
146
-
147
- it "should provide ipcerts details" do
148
- expect(resp).to have_key('collection')
149
- end
150
- end
151
-
152
- context "certips" do
153
- let(:resp) { client.search(certips: '1e80c24b97c928bb1db7d4d3c05475a6a40a1186') }
154
-
155
- it "should provide certips details" do
156
- expect(resp).to have_key('collection')
157
- end
158
- end
159
-
160
- context "namecerts" do
161
- let(:resp) { client.search(namecerts: '.rapid7.com') }
162
-
163
- it "should provide namecerts details" do
164
- expect(resp).to have_key('collection')
165
- end
166
- end
167
-
168
- context "sslcert" do
169
- let(:resp) { client.search(sslcert: '1e80c24b97c928bb1db7d4d3c05475a6a40a1186') }
170
-
171
- it "should provide sslcert details" do
172
- expect(resp).to have_key('collection')
173
- end
174
- end
175
-
176
- # TODO: actually check response
177
- context "raw" do
178
- let(:resp) { client.search(raw: '208.118.227.10') }
179
-
180
- it "should return a collection" do
181
- expect(resp).to have_key('collection')
182
- end
183
- end
184
-
185
- # TODO: actually check response
186
- context "processed" do
187
- let(:resp) { client.search(processed: '208.118.227.10') }
188
-
189
- it "should return a collection" do
190
- expect(resp).to have_key('collection')
191
- end
192
- end
193
-
194
89
  # TODO: actually check response
195
90
  context "ports" do
196
91
  let(:resp) { client.search(ports: '208.118.227.10') }
data/spec/sonar_spec.rb CHANGED
@@ -57,7 +57,7 @@ describe Sonar, skip_autoconfig: true do
57
57
  end
58
58
  puts Sonar.api_url
59
59
  client = Sonar::Client.new
60
- @resp = client.search(rdns: "hp.com")
60
+ @resp = client.search(fdns: "hp.com")
61
61
  end
62
62
 
63
63
  it "should return unauthorized" do
data/spec/spec_helper.rb CHANGED
@@ -20,7 +20,7 @@ end
20
20
  VCR.configure do |c|
21
21
  c.allow_http_connections_when_no_cassette = true
22
22
  c.cassette_library_dir = 'spec/cassette'
23
- c.hook_into :webmock
23
+ c.hook_into :faraday
24
24
  c.configure_rspec_metadata!
25
25
  c.default_cassette_options = { record: :new_episodes }
26
26
  end
metadata CHANGED
@@ -1,17 +1,59 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sonar-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.6
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Paul Deardorff & HD Moore
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-16 00:00:00.000000000 Z
11
+ date: 2022-08-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: faraday_middleware
14
+ name: faraday
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: faraday-rashify
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rash_alt
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: faraday-follow_redirects
15
57
  requirement: !ruby/object:Gem::Requirement
16
58
  requirements:
17
59
  - - ">="
@@ -182,16 +224,16 @@ dependencies:
182
224
  name: vcr
183
225
  requirement: !ruby/object:Gem::Requirement
184
226
  requirements:
185
- - - "~>"
227
+ - - ">="
186
228
  - !ruby/object:Gem::Version
187
- version: 4.0.0
229
+ version: '0'
188
230
  type: :development
189
231
  prerelease: false
190
232
  version_requirements: !ruby/object:Gem::Requirement
191
233
  requirements:
192
- - - "~>"
234
+ - - ">="
193
235
  - !ruby/object:Gem::Version
194
- version: 4.0.0
236
+ version: '0'
195
237
  - !ruby/object:Gem::Dependency
196
238
  name: shoulda
197
239
  requirement: !ruby/object:Gem::Requirement
@@ -206,20 +248,6 @@ dependencies:
206
248
  - - ">="
207
249
  - !ruby/object:Gem::Version
208
250
  version: '0'
209
- - !ruby/object:Gem::Dependency
210
- name: webmock
211
- requirement: !ruby/object:Gem::Requirement
212
- requirements:
213
- - - "~>"
214
- - !ruby/object:Gem::Version
215
- version: 3.5.1
216
- type: :development
217
- prerelease: false
218
- version_requirements: !ruby/object:Gem::Requirement
219
- requirements:
220
- - - "~>"
221
- - !ruby/object:Gem::Version
222
- version: 3.5.1
223
251
  - !ruby/object:Gem::Dependency
224
252
  name: api_matchers
225
253
  requirement: !ruby/object:Gem::Requirement
@@ -266,7 +294,6 @@ files:
266
294
  - spec/cassette/valid_ms_registration.yml
267
295
  - spec/fixtures/sonar-stock.rc
268
296
  - spec/fixtures/sonar.rc
269
- - spec/sonar/certificate_spec.rb
270
297
  - spec/sonar/cli_spec.rb
271
298
  - spec/sonar/client_spec.rb
272
299
  - spec/sonar/registration_spec.rb
@@ -278,7 +305,7 @@ homepage: https://sonar.labs.rapid7.com
278
305
  licenses:
279
306
  - MIT
280
307
  metadata: {}
281
- post_install_message:
308
+ post_install_message:
282
309
  rdoc_options: []
283
310
  require_paths:
284
311
  - lib
@@ -293,16 +320,15 @@ required_rubygems_version: !ruby/object:Gem::Requirement
293
320
  - !ruby/object:Gem::Version
294
321
  version: '0'
295
322
  requirements: []
296
- rubyforge_project:
323
+ rubyforge_project:
297
324
  rubygems_version: 2.7.9
298
- signing_key:
325
+ signing_key:
299
326
  specification_version: 4
300
327
  summary: API Wrapper for Sonar
301
328
  test_files:
302
329
  - spec/cassette/valid_ms_registration.yml
303
330
  - spec/fixtures/sonar-stock.rc
304
331
  - spec/fixtures/sonar.rc
305
- - spec/sonar/certificate_spec.rb
306
332
  - spec/sonar/cli_spec.rb
307
333
  - spec/sonar/client_spec.rb
308
334
  - spec/sonar/registration_spec.rb
data/spec/sonar/certificate_spec.rb DELETED
@@ -1,13 +0,0 @@
1
- # encoding: utf-8
2
- require 'spec_helper'
3
-
4
- describe Sonar::Search do
5
- let(:client) { Sonar::Client.new }
6
-
7
- context "sha1 #get_certificate" do
8
- it "should find the link to certificate by sha1" do
9
- res = client.get_certificate(sha1: "1e80c24b97c928bb1db7d4d3c05475a6a40a1186")
10
- expect(res._links.self.href).to match(/certificates/)
11
- end
12
- end
13
- end