sonar-client 0.1.6 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e013916a1cf6c42fbd99d568ee88529cc7ac581b83aad80a4b62e4c2175aec7e
-  data.tar.gz: fb2e18d3b290f1dffb370448c603f3853fd380635ca79c5e8936e124f24fdcd5
+  metadata.gz: ce2404af83297d350bc601dc221e8e730421b0cbcb58eececceaa4bd276c0545
+  data.tar.gz: 5780f69f285064bdc1c1e987190835bc1eaef7c54386402ac022e82bc83a9c9b
 SHA512:
-  metadata.gz: 61c7694ca76d748ad6354f0010ab0891f28d4ed28999e4d57b32d15d5e816e0bf5fd57d311fac06937a19be937a1295016bdf44b9823faa748e51eeaf5b8f71f
-  data.tar.gz: 6dc07ee303279815e6b88f662be748292875d198f72759a828b4032ce012c27b9915869e89ba197b057261c5e7208db59075959fbef4b0db830cb891b6ad8142
+  metadata.gz: 50368c89bc42beb8ef0c835eb66fe61516eb0404b8dce326661f8e8ab79f1a9ae8072820903d7e8bcecd46549a8f3057fa87934f546ebeb5d458b875acde257d
+  data.tar.gz: 4f1ed1482aeb61cf6646b58d786a56a8f8d770aaf074ffa94b6262cef8ada673361680c545e474dad10e09ad6815b1f41e8c46d39284c6a2d0ab17014b3d0bb1

data/lib/sonar/cli/cli.rb

@@ -29,7 +29,6 @@ module Sonar
 
     desc 'search [QUERY TYPE] [QUERY TERM]', 'Search any query type from Sonar or specify \'all\' as QUERY TYPE to search them all.'
     method_option 'record_limit', type: :numeric, aliases: '-n', desc: 'Maximum number of records to fetch'
-    method_option 'exact', type: :boolean, aliases: '-e', desc: 'Search for the query string exactly, do not include partial string matches'
     def search(type, term)
       types = [type]
 
@@ -45,7 +44,6 @@ module Sonar
         @query = {}
         @query[type.to_sym] = term
         @query[:limit] = options['record_limit']
-        @query[:exact] = options['exact']
         resp = @client.search(@query)
         handle_search_response(resp)
       end

data/lib/sonar/client.rb

@@ -1,9 +1,9 @@
 # encoding: utf-8
 require 'faraday'
-require 'faraday_middleware'
+require 'faraday/follow_redirects'
+require 'faraday/rashify'
 require 'forwardable'
 require 'sonar/request'
-require 'sonar/certificate'
 require 'sonar/search'
 require 'sonar/user'
 require 'sonar/cli/cli'
@@ -14,7 +14,6 @@ module Sonar
     extend Forwardable
 
     include Request
-    include Certificate
     include Search
     include User
     include Registration
@@ -39,9 +38,11 @@ module Sonar
     def connection
       params = {}
       @conn = Faraday.new(url: api_url, params: params, headers: default_headers, ssl: { verify: true }) do |faraday|
-        faraday.use FaradayMiddleware::Mashify
-        faraday.use FaradayMiddleware::ParseJson, content_type: /\bjson$/
-        faraday.use FaradayMiddleware::FollowRedirects
+        faraday.use Faraday::FollowRedirects::Middleware
+        faraday.use Faraday::Rashify::Middleware
+        faraday.request :json
+
+        faraday.response :json
         faraday.adapter Faraday.default_adapter
       end
       @conn.headers['X-Sonar-Token'] = access_token

data/lib/sonar/search.rb

@@ -8,17 +8,8 @@ module Sonar
 
     # Implemented search query types
     QUERY_TYPES = [
-      { name: 'certificate', description: 'Certificate lookup', input: 'sha' },
-      { name: 'certips', description: 'Certificate to IPs', input: 'sha' },
-      { name: 'rdns', description: 'IP to Reverse DNS Lookup or DNS Lookup to IP', input: 'ip' },
       { name: 'fdns', description: 'Domains to IP or IPs to Domain', input: 'domain' },
-      { name: 'ipcerts', description: 'IP to Certificates', input: 'ip' },
-      { name: 'namecerts', description: 'Domain to Certificates', input: 'domain' },
-      { name: 'links_to', description: 'HTTP References to Domain', input: 'domain' },
       { name: 'ports', description: 'Open Ports', input: 'ip' },
-      { name: 'processed', description: 'Open Ports (Processed)', input: 'ip' },
-      { name: 'raw', description: 'Open Ports (Raw)', input: 'ip' },
-      { name: 'sslcert', description: 'Certificate Details', input: 'sha' },
       { name: 'all', description: 'Search all appropriate search types for an IP or domain', input: 'all' }
     ]
 

data/lib/sonar/version.rb

@@ -1,3 +1,3 @@
 module Sonar
-  VERSION = "0.1.6"
+  VERSION = "0.2.0"
 end

data/lib/sonar.rb

@@ -1,5 +1,4 @@
 require "faraday"
-require "faraday_middleware"
 require "sonar/cli/cli"
 require "sonar/client"
 require "sonar/version"

data/sonar-client.gemspec

@@ -18,7 +18,10 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_dependency 'faraday_middleware'
+  spec.add_dependency 'faraday'
+  spec.add_dependency 'faraday-rashify'
+  spec.add_dependency 'rash_alt'
+  spec.add_dependency 'faraday-follow_redirects'
   spec.add_dependency 'hashie'
   spec.add_dependency 'multi_json'
   spec.add_dependency 'thor'
@@ -31,8 +34,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "simplecov"
   spec.add_development_dependency "simplecov-rcov"
   spec.add_development_dependency "yard"
-  spec.add_development_dependency "vcr", '~> 4.0.0'
+  spec.add_development_dependency "vcr"
   spec.add_development_dependency "shoulda"
-  spec.add_development_dependency "webmock", '~> 3.5.1'
   spec.add_development_dependency "api_matchers"
 end

data/spec/fixtures/sonar-stock.rc

@@ -1,3 +1,3 @@
 email: YOUR_EMAIL
-access_token: SONAR_TOKEN
+access_token: INVALID_SONAR_TOKEN
 api_url: https://sonar.labs.rapid7.com

data/spec/sonar/cli_spec.rb

@@ -7,7 +7,7 @@ describe Sonar::CLI do
       Sonar::RCFile.instance.path = "#{fixtures_path}/sonar-stock.rc"
     end
     it 'throws an exception because of errors' do
-      expect { run_command('search rdns 8.8.8.8') }.to raise_error(Sonar::Search::SearchError)
+      expect { run_command('search fdns 8.8.8.8') }.to raise_error(Sonar::Search::SearchError)
     end
   end
 
@@ -35,17 +35,6 @@ describe Sonar::CLI do
         expect(output).to eq('{"address":"192.168.1.1"}')
       end
     end
-    context 'client that returns sslcert reply with nested json' do
-      before do
-        allow_any_instance_of(Sonar::Client).to receive(:search).and_return(
-          Sonar::Client.new.search(sslcert: '152a0a633aaf13f02c428ac1a3e672e895512bfd')
-        )
-      end
-      it 'parses the nested values in an array' do
-        output =  run_command('search sslcert 152a0a633aaf13f02c428ac1a3e672e895512bfd')
-        expect(JSON.parse(output)['collection'].first['details'].first['subject']['ST']).to eq('California')
-      end
-    end
     context 'client that returns processed reply with nested json' do
       before do
         allow_any_instance_of(Sonar::Client).to receive(:search).and_return(
@@ -57,36 +46,11 @@ describe Sonar::CLI do
         expect(JSON.parse(output)['collection'].first['value']['ip']).to eq('8.8.8.8')
       end
     end
-    describe 'searching with #exact --exact option' do
-      context 'client that returns fdns for rapid7 exact' do
-        before do
-          allow_any_instance_of(Sonar::Client).to receive(:search).and_return(
-            Sonar::Client.new.search(fdns: 'rapid7.com', exact: true)
-          )
-        end
-        it 'matches exactly with --exact' do
-          output =  run_command('search fdns rapid7.com --exact')
-          expect(JSON.parse(output)['collection'].size).to be >= 1
-          expect(JSON.parse(output)['collection'].map{ |x| x['name'] }.uniq).to eq ['rapid7.com']
-        end
-      end
-      context 'client that returns fdns for rapid7 IP' do
-        before do
-          allow_any_instance_of(Sonar::Client).to receive(:search).and_return(
-            Sonar::Client.new.search(fdns: 'rapid7.com')
-          )
-        end
-        it 'matches many domains without --exact' do
-          output =  run_command('search fdns rapid7.com')
-          expect(JSON.parse(output)['collection'].map{ |x| x['name'] }.uniq.size).to be >  1
-        end
-      end
-    end
 
     describe 'sonar types command' do
       it 'returns all sonar search types' do
         output = run_command('types')
-        expect(output).to match(/Certificate to IPs/)
+        expect(output).to match(/Open Ports/)
       end
     end
 

data/spec/sonar/search_spec.rb

@@ -8,8 +8,8 @@ describe Sonar::Search do
   let(:client) { Sonar::Client.new }
 
   describe "#ip_search_type_names" do
-    it 'includes rdns' do
-      expect(dummy_class.ip_search_type_names).to include('rdns')
+    it 'includes ports' do
+      expect(dummy_class.ip_search_type_names).to include('ports')
     end
     it 'does not include fdns' do
       expect(dummy_class.ip_search_type_names).to_not include('fdns')
@@ -34,81 +34,34 @@ describe Sonar::Search do
       end
     end
 
-    describe "exact" do
-      it "shouldn't match anything when #exact is true" do
-        resp = client.search(fdns: ".rapid7.com", exact: true)
-        expect(resp["collection"].size).to eq(0)
-      end
-      it "should match when #exact is false" do
-        resp = client.search(fdns: ".rapid7.com", exact: false)
-        expect(resp["collection"].size).to be > 0
-      end
-    end
-
     describe "limit" do
-      # The default size from APIv1/v2 is 1,000 records
+      # The default size from APIv1/v2 is 25 records
       context "specifying the :limit to 3000 on #search" do
-        let(:resp) { client.search(rdns: '.hp.com', limit: 3000) }
+        let(:resp) { client.search(fdns: '.hp.com', limit: 3000) }
 
         it "should return a RequestIterator" do
           expect(resp.class).to eq(Sonar::Request::RequestIterator)
         end
-        it "should return 3 x 1,000-record blocks" do
+        it "should return 120 x 25-record blocks" do
           num_blocks = 0
           resp.each do |resp_block|
-            expect(resp_block['collection'].size).to eq(1000)
-            num_blocks += 1
+            if resp_block
+              expect(resp_block['collection'].size).to eq(25)
+              num_blocks += 1
+            end
           end
-          expect(num_blocks).to eq(3)
+          expect(num_blocks).to eq(120)
         end
       end
     end
   end
 
-  context "certificate" do
-    let(:resp) { client.search(certificate: '.hp.com') }
-
-    it "should provide certificate details" do
-      expect(resp).to have_key('collection')
-    end
-  end
-
-  describe "rdns" do
-    context "rdnsname" do
-      let(:resp) { client.search(rdns: '208.118.227.10.rapid7.com') }
-
-      it "returns hashie response of search" do
-        expect(resp.class).to eq(Hashie::Mash)
-      end
-      it "rdnsname finds 208.118.227.10 for 208.118.227.10.rapid7.com" do
-        expect(resp['collection'].any? { |x| x['address'] == '208.118.227.10' }).to be(true)
-      end
-    end
-
-    context "rdnsip" do
-      let(:resp) { client.search(rdns: '188.40.56.11') }
-
-      it "rdnsip finds static.11.56.40.188.clients.your-server.de for 188.40.56.11" do
-        expect(resp['collection'].any? { |x| x['name'] == 'static.11.56.40.188.clients.your-server.de' }).to be(true)
-      end
-    end
-
-    context "validation" do
-      let(:resp) { client.search(rdns: '188.40.56.11@#&#') }
-
-      it "should error for invalid domain query type" do
-        expect(resp["error"]).to eq("Invalid query")
-        expect(resp["errors"].first).to eq("Expected a domain but got '188.40.56.11@#&#'")
-      end
-    end
-  end
-
   describe "fdns" do
     context "fdnsname" do
       let(:resp) { client.search(fdns: 'rapid7.com') }
 
       it "returns hashie response of search" do
-        expect(resp.class).to eq(Hashie::Mash)
+        expect(resp.class).to eq(Hashie::Mash::Rash)
       end
       it "finds fdnsname multiple IP addresses for rapid7.com" do
         expect(resp['collection'].select { |x| x['address'] }.size).to be >= 2
@@ -128,69 +81,11 @@ describe Sonar::Search do
 
       it "should error for invalid domain query type" do
         expect(resp["error"]).to eq("Invalid query")
-        expect(resp["errors"].first).to eq("Expected a domain but got '188.40.56.11@#&#'")
+        expect(resp["errors"].first).to eq("An unsupported gTLD or ccTLD was specified for: 188.40.56.11@#&#")
       end
     end
   end
 
-  context "links_to" do
-    let(:resp) { client.search(links_to: 'rapid7.com') }
-
-    it "should provide links_to details" do
-      expect(resp).to have_key('collection')
-    end
-  end
-
-  context "ipcerts" do
-    let(:resp) { client.search(ipcerts: '208.118.227.10') }
-
-    it "should provide ipcerts details" do
-      expect(resp).to have_key('collection')
-    end
-  end
-
-  context "certips" do
-    let(:resp) { client.search(certips: '1e80c24b97c928bb1db7d4d3c05475a6a40a1186') }
-
-    it "should provide certips details" do
-      expect(resp).to have_key('collection')
-    end
-  end
-
-  context "namecerts" do
-    let(:resp) { client.search(namecerts: '.rapid7.com') }
-
-    it "should provide namecerts details" do
-      expect(resp).to have_key('collection')
-    end
-  end
-
-  context "sslcert" do
-    let(:resp) { client.search(sslcert: '1e80c24b97c928bb1db7d4d3c05475a6a40a1186') }
-
-    it "should provide sslcert details" do
-      expect(resp).to have_key('collection')
-    end
-  end
-
-  # TODO: actually check response
-  context "raw" do
-    let(:resp) { client.search(raw: '208.118.227.10') }
-
-    it "should return a collection" do
-      expect(resp).to have_key('collection')
-    end
-  end
-
-  # TODO: actually check response
-  context "processed" do
-    let(:resp) { client.search(processed: '208.118.227.10') }
-
-    it "should return a collection" do
-      expect(resp).to have_key('collection')
-    end
-  end
-
   # TODO: actually check response
   context "ports" do
     let(:resp) { client.search(ports: '208.118.227.10') }

data/spec/sonar_spec.rb

@@ -57,7 +57,7 @@ describe Sonar, skip_autoconfig: true do
       end
       puts Sonar.api_url
       client = Sonar::Client.new
-      @resp = client.search(rdns: "hp.com")
+      @resp = client.search(fdns: "hp.com")
     end
 
     it "should return unauthorized" do

data/spec/spec_helper.rb

@@ -20,7 +20,7 @@ end
 VCR.configure do |c|
   c.allow_http_connections_when_no_cassette = true
   c.cassette_library_dir = 'spec/cassette'
-  c.hook_into :webmock
+  c.hook_into :faraday
   c.configure_rspec_metadata!
   c.default_cassette_options = { record: :new_episodes }
 end

metadata

@@ -1,17 +1,59 @@
 --- !ruby/object:Gem::Specification
 name: sonar-client
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.2.0
 platform: ruby
 authors:
 - Paul Deardorff & HD Moore
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-09-16 00:00:00.000000000 Z
+date: 2022-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: faraday_middleware
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faraday-rashify
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rash_alt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faraday-follow_redirects
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -182,16 +224,16 @@ dependencies:
   name: vcr
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 4.0.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 4.0.0
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: shoulda
   requirement: !ruby/object:Gem::Requirement
@@ -206,20 +248,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: webmock
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 3.5.1
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 3.5.1
 - !ruby/object:Gem::Dependency
   name: api_matchers
   requirement: !ruby/object:Gem::Requirement
@@ -266,7 +294,6 @@ files:
 - spec/cassette/valid_ms_registration.yml
 - spec/fixtures/sonar-stock.rc
 - spec/fixtures/sonar.rc
-- spec/sonar/certificate_spec.rb
 - spec/sonar/cli_spec.rb
 - spec/sonar/client_spec.rb
 - spec/sonar/registration_spec.rb
@@ -278,7 +305,7 @@ homepage: https://sonar.labs.rapid7.com
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -293,16 +320,15 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
+rubyforge_project:
 rubygems_version: 2.7.9
-signing_key: 
+signing_key:
 specification_version: 4
 summary: API Wrapper for Sonar
 test_files:
 - spec/cassette/valid_ms_registration.yml
 - spec/fixtures/sonar-stock.rc
 - spec/fixtures/sonar.rc
-- spec/sonar/certificate_spec.rb
 - spec/sonar/cli_spec.rb
 - spec/sonar/client_spec.rb
 - spec/sonar/registration_spec.rb

data/spec/sonar/certificate_spec.rb

@@ -1,13 +0,0 @@
-# encoding: utf-8
-require 'spec_helper'
-
-describe Sonar::Search do
-  let(:client) { Sonar::Client.new }
-
-  context "sha1 #get_certificate" do
-    it "should find the link to certificate by sha1" do
-      res = client.get_certificate(sha1: "1e80c24b97c928bb1db7d4d3c05475a6a40a1186")
-      expect(res._links.self.href).to match(/certificates/)
-    end
-  end
-end