wazuh-ruby-client 0.2.8 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 746c2c4b14d229263708a8854f296a4d08c06d80ae13388be2adaffc72782599
-  data.tar.gz: 0564ac92757c2eb98337d530896967d6262a8d8fc4770499a6564edac0f36572
+  metadata.gz: a6e610f82ce00aeba7a7b9b3d55e94c0e863656ab4b8d898b579d5bda55f8d1c
+  data.tar.gz: 94fd38efd2f6c42deedcf880ddfa9fcf9b6ebc0f9c77f56b2856333dea3acde2
 SHA512:
-  metadata.gz: c49deaea2b969573c8e2c355a0b992031675d2a5b3e2595b1b34d7883544f16688e5ad0fa20c52fa79b103bd74cfbe11725ce93693f7bf7d5245e893e559d2f0
-  data.tar.gz: 328e0b1291583ab30b71f8e90da84ed93e41af6fdce34f20fb881ae305e5faf59d57d01f81c94d776268218e67a3ee5f9aca9a6e8a262ea5975f78b299d2ce2e
+  metadata.gz: d4bf8fbf93e1c857639bd552de603f2314171e13ad18dff2966136382b6ae2f78d0c275699368c9fcb45f3cd1239f7343a611438571a5d743bb41a71708fff63
+  data.tar.gz: 3ca2535d7440e5d5c360b43b5448b76aad0644cfa0978e82179d59538b91eaf39ded995c5a86d95ab5af31704f643ddbdb84ddc74333d521e8622c03b422c47e

data/.gitignore

@@ -1,4 +1,5 @@
 /.bundle/
+/vendor
 /.yardoc
 /_yardoc/
 /coverage/

data/CHANGELOG.md

@@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
 
+## [0.2.9]
+
+- Adds availability to ignore env proxy settings [#25](https://github.com/mrtc0/wazuh-ruby-client/pull/25). Thanks @falegk
+- Add the `ca_file` option to Wazuh.Config to specify a CA file [#26](https://github.com/mrtc0/wazuh-ruby-client/pull/26). Thanks @k1LoW
+
 ## [0.2.8]
 
 - fix bug. return with response body.

data/README.md

@@ -63,6 +63,7 @@ The following global settings are supported via `Wazuh.configure` .
 | setting | description |
 |:--------|:------------|
 | user_agent | User-Agent |
+| ca_file | CA file (if use Client Certificate Authentication and specify CA file) |
 | client_cert | Client certificate (if use Client Certificate Authentication) |
 | client_key | Client Key (if use Client Certificate Authentication) |
 | basic_user | Basic Authentication user name |
@@ -70,6 +71,7 @@ The following global settings are supported via `Wazuh.configure` .
 | verify_ssl | Skip the SSL/TLS verify |
 | logger | loggeer object |
 | endpoint | Wazuh API endpoint URL |
+| ignore_env_proxy | Ignores ENV proxy settings |
 
 
 ### Agents

data/lib/wazuh/api/endpoints/v4/active_response.rb

@@ -0,0 +1,19 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module ActiveResponse
+          include ::Wazuh::Api::Endpoints::ActiveResponse
+          def run_active_response_command(options = {})
+            query_options = {}
+            %w(agents_list pretty wait_for_complete).each do |c|
+              query_options[c.to_sym] = options.delete(c.to_sym)
+            end
+            put "/active-response", options, query_options
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/agents.rb

@@ -0,0 +1,82 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Agents
+          include ::Wazuh::Api::Endpoints::Agents
+          def delete_agent(agent_ids, options = {})
+            delete "/agents", options.merge({ agents_list: agent_ids })
+          end
+
+          def remove_agents_of_group(ids, group)
+            delete "/agents/group", {group_id: group, agents_list: ids }
+          end
+
+          def delete_agent_by_group(ids)
+            delete '/agents/groups', {groups_list: ids}
+          end
+
+          def remove_group(group_id)
+            delete "/agents/groups", { groups_list: group_id }
+          end
+
+          def agent(agent_id, options = {})
+            get "/agents", options.merge({ agents_list: agent_id})
+          end
+
+          def upgrade_result_from_agent(agent_id, options = {})
+            get "/agents/upgrade_result", options.merge({ agents_list: agent_id})
+          end
+
+          def groups(options = {})
+            get '/groups', options
+          end
+
+          def agents_by_group(group_id, options = {})
+            offset_request('get', "/groups", options.merge({groups_list: group_id}))
+          end
+
+          def group_configuration(group_id, options = {})
+            get "/groups/#{group_id}/configuration", options
+          end
+
+          def group_files(group_id, options = {})
+            get "/groups/#{group_id}/files", options
+          end
+
+          def get_file_in_group(group_id, filename, options = {})
+            get "groups/#{group_id}/files/#{filename}", options
+          end
+
+          def agent_by_name(agent_name, options = {})
+            get "/agents", options.merge({name: agent_name})
+          end
+
+          def agent_summary
+            get "/agents/summary/status"
+          end
+
+          def add_agents_to_group(ids, group_id)
+            put "/agents/group", {group_id: group_id, agents_list: ids}
+          end
+
+          def agent_upgrade(agent_id, options = {})
+            put "/agents/upgrade", options.merge({agents_list: agent_id})
+          end
+
+          def agent_upgrade_custom(agent_id, options = {})
+            put "/agents/upgrade_custom", options.merge({agents_list: agent_id})
+          end
+
+          def add_agent_quick(agent_name)
+            post "/agents/insert/quick/", {}, {agent_name: agent_name}
+          end
+
+          def create_group(group_id)
+            post "/agents/groups", {group_id: group_id}
+          end
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/cache.rb

@@ -0,0 +1,14 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Cache
+          include ::Wazuh::Api::Endpoints::Cache
+          def cache_config
+            get "/cluster/api/config"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/ciscat.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Ciscat
+          include ::Wazuh::Api::Endpoints::Ciscat
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/cluster.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Cluster
+          include ::Wazuh::Api::Endpoints::Cluster
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/decoders.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Decoders
+          include ::Wazuh::Api::Endpoints::Decoders
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/experimental.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Experimental
+          include ::Wazuh::Api::Endpoints::Experimental
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/lists.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Lists
+          include ::Wazuh::Api::Endpoints::Lists
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/manager.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Manager
+          include ::Wazuh::Api::Endpoints::Manager
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/rootcheck.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Rootcheck
+          include ::Wazuh::Api::Endpoints::Rootcheck
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/rules.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Rules
+          include ::Wazuh::Api::Endpoints::Rules
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/security_configuration_assessment.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module SecurityConfigurationAssessment
+          include ::Wazuh::Api::Endpoints::SecurityConfigurationAssessment
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/summary.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Summary
+          include ::Wazuh::Api::Endpoints::Summary
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/syscheck.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Syscheck
+          include ::Wazuh::Api::Endpoints::Syscheck
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/syscollector.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Syscollector
+          include ::Wazuh::Api::Endpoints::Syscollector
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4.rb

@@ -0,0 +1,40 @@
+require_relative 'v4/active_response'
+require_relative 'v4/agents'
+require_relative 'v4/cache'
+require_relative 'v4/ciscat'
+require_relative 'v4/cluster'
+require_relative 'v4/decoders'
+require_relative 'v4/experimental'
+require_relative 'v4/lists'
+require_relative 'v4/manager'
+require_relative 'v4/rootcheck'
+require_relative 'v4/rules'
+require_relative 'v4/security_configuration_assessment'
+require_relative 'v4/summary'
+require_relative 'v4/syscheck'
+require_relative 'v4/syscollector'
+
+
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        include ActiveResponse
+        include Agents
+        include Cache
+        include Ciscat
+        include Cluster
+        include Decoders
+        include Experimental
+        include Lists
+        include Manager
+        include Rootcheck
+        include Rules
+        include Summary
+        include Syscheck
+        include Syscollector
+        include SecurityConfigurationAssessment
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints.rb

@@ -13,6 +13,7 @@ require_relative 'endpoints/security_configuration_assessment'
 require_relative 'endpoints/summary'
 require_relative 'endpoints/syscheck'
 require_relative 'endpoints/syscollector'
+require_relative 'endpoints/v4'
 
 module Wazuh
   module Api

data/lib/wazuh/client.rb

@@ -2,7 +2,6 @@ module Wazuh
   class Client
     include Sawyer::Connection
     include Sawyer::Request
-    include Api::Endpoints
 
     attr_accessor(*Config::ATTRIBUTES)
 
@@ -11,6 +10,14 @@ module Wazuh
         send("#{key}=", options[key] || Wazuh.config.send(key))
       end
       @logger ||= Wazuh::Config.logger || Wazuh::Logger.default
+      case api_version
+      when 3
+        extend Api::Endpoints
+      when 4
+        extend Api::Endpoints::V4
+      else
+        raise "unsupported api version #{api_version}"
+      end
     end
 
     class << self

data/lib/wazuh/config.rb

@@ -5,6 +5,7 @@ module Wazuh
 
     ATTRIBUTES = %i[
       user_agent
+      ca_file
       client_cert
       client_key
       basic_user
@@ -12,6 +13,8 @@ module Wazuh
       verify_ssl
       logger
       endpoint
+      ignore_env_proxy
+      api_version
     ].freeze
 
     attr_accessor(*Config::ATTRIBUTES)
@@ -19,12 +22,15 @@ module Wazuh
     def reset
       self.endpoint = nil
       self.user_agent = "Wazuh Ruby Client/#{Wazuh::VERSION}"
+      self.ca_file = nil
       self.client_cert = nil
       self.client_key = nil
       self.basic_user = nil
       self.basic_password = nil
       self.verify_ssl = true
       self.logger = nil
+      self.ignore_env_proxy = false
+      self.api_version = 3
     end
   end
 

data/lib/wazuh/sawyer/connection.rb

@@ -2,7 +2,6 @@ module Wazuh
   module Sawyer
     module Connection
       private
-
       def connection
         options = {
           headers: {
@@ -14,11 +13,7 @@ module Wazuh
 
         options[:headers]['User-Agent'] = user_agent if user_agent
         options[:ssl].merge!({ client_cert: client_cert, client_key: client_key }) if client_cert || client_key
-
-        if basic_user || basic_password
-          authorization_header = "Basic " + Base64.encode64(basic_user + ':' + basic_password).strip
-          options[:headers].merge!({'Authorization' => authorization_header})
-        end
+        options[:ssl][:ca_file] = ca_file if ca_file
 
         options[:ssl].merge!({ verify: false }) unless verify_ssl
 
@@ -26,9 +21,21 @@ module Wazuh
           :links_parser => ::Sawyer::LinkParsers::Simple.new
         }
 
-        opts[:faraday] = ::Faraday.new(options)
+        case api_version
+        when 3
+          if basic_user || basic_password
+            options[:headers].merge!({'Authorization' => "Basic " + Base64.strict_encode64(basic_user + ':' + basic_password).strip})
+          end
+        when 4
+          raise "user and password is required on v4 api" if !basic_user || !basic_password
+          opts[:faraday] = ::Faraday.new(options) do |conn|
+            conn.request :authorization, 'Bearer', -> { Token.jwt(endpoint, options, basic_user, basic_password) }
+          end
+        end
+
+        opts[:faraday].proxy = nil if ignore_env_proxy
 
-        ::Sawyer::Agent.new(endpoint, opts)
+        conn = ::Sawyer::Agent.new(endpoint, opts)
       end
     end
   end

data/lib/wazuh/sawyer/request.rb

@@ -21,24 +21,27 @@ module Wazuh
       def offset_request(method, path, options = {})
         items = []
         data = send(method, path, options)
-        0.step(data.totalItems, 500) { |offset|
+        total_items = api_version == 3 ? data.totalItems : data.total_affected_items
+        0.step(total_items, 500) { |offset|
           options[:offset] = offset
           d = send(method, path, options)
-          items.concat(d.items)
+          _items = api_version == 3 ? data.items : d.affected_items
+          items.concat(_items)
         }
 
         items
       end
 
+
       private
 
-      def request(method, path, options)
+      def request(method, path, options, query_options={})
         response = case method
         when :get, :delete
           connection.call(method, URI::Parser.new.escape(path), nil, {query: options})
         when :post, :put
           data = options unless options.empty?
-          connection.call(method, URI::Parser.new.escape(path), data)
+          connection.call(method, URI::Parser.new.escape(path), data, {query: query_options})
         end
 
         return response.data.data if response.status == 200

data/lib/wazuh/sawyer/token.rb

@@ -0,0 +1,20 @@
+module Wazuh
+  module Sawyer
+    module Connection
+      class Token
+        def self.jwt(endpoint, options, basic_user, basic_password)
+          if !@_token || (@_exp && @_exp -3 <= Time.now.to_i)
+            options[:url] = endpoint
+            options[:headers].merge!({'Authorization' => "Basic " + Base64.strict_encode64(basic_user + ':' + basic_password).strip})
+
+            token = ::Faraday.new(options) {|f| f.response :json }.get('/security/user/authenticate').body['data']['token']
+            @_exp = ::JWT.decode(token, nil, false).first['exp'].to_i
+            ::JWT.decode(token, nil, false).first
+            @_token = token
+          end
+          @_token
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module Wazuh
-  VERSION = '0.2.8'
+  VERSION = '0.3.2'
 end

data/lib/wazuh-ruby-client/version.rb

@@ -1,3 +1,3 @@
 module WazuhRubyClient
-  VERSION = "0.2.8"
+  VERSION = "0.3.2"
 end

data/lib/wazuh-ruby-client.rb

@@ -6,8 +6,11 @@ require 'logger'
 require 'base64'
 require 'faraday'
 require 'sawyer'
+require 'jwt'
+require 'faraday_middleware'
 
 require_relative 'wazuh/config'
+require_relative 'wazuh/sawyer/token'
 require_relative 'wazuh/sawyer/connection'
 require_relative 'wazuh/sawyer/request'
 require_relative 'wazuh/api/endpoints'

data/wazuh-ruby-client.gemspec

@@ -34,14 +34,17 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 2.1.4"
+  spec.add_development_dependency "bundler", "~> 2.2"
   spec.add_development_dependency "rake", ">= 12.3.3"
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency "vcr"
   spec.add_development_dependency "webmock"
   spec.add_development_dependency "pry"
   spec.add_development_dependency "pry-byebug"
+  spec.add_development_dependency "timecop"
 
   spec.add_dependency 'faraday'
+  spec.add_dependency 'faraday_middleware'
   spec.add_dependency 'sawyer'
+  spec.add_dependency 'jwt'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wazuh-ruby-client
 version: !ruby/object:Gem::Version
-  version: 0.2.8
+  version: 0.3.2
 platform: ruby
 authors:
 - mrtc0
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-04-20 00:00:00.000000000 Z
+date: 2021-11-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.1.4
+        version: '2.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.1.4
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -108,6 +108,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
@@ -122,6 +136,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: faraday_middleware
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: sawyer
   requirement: !ruby/object:Gem::Requirement
@@ -136,6 +164,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Wazuh API client for Ruby
 email:
 - mrtc0@ssrf.in
@@ -211,6 +253,22 @@ files:
 - lib/wazuh/api/endpoints/summary.rb
 - lib/wazuh/api/endpoints/syscheck.rb
 - lib/wazuh/api/endpoints/syscollector.rb
+- lib/wazuh/api/endpoints/v4.rb
+- lib/wazuh/api/endpoints/v4/active_response.rb
+- lib/wazuh/api/endpoints/v4/agents.rb
+- lib/wazuh/api/endpoints/v4/cache.rb
+- lib/wazuh/api/endpoints/v4/ciscat.rb
+- lib/wazuh/api/endpoints/v4/cluster.rb
+- lib/wazuh/api/endpoints/v4/decoders.rb
+- lib/wazuh/api/endpoints/v4/experimental.rb
+- lib/wazuh/api/endpoints/v4/lists.rb
+- lib/wazuh/api/endpoints/v4/manager.rb
+- lib/wazuh/api/endpoints/v4/rootcheck.rb
+- lib/wazuh/api/endpoints/v4/rules.rb
+- lib/wazuh/api/endpoints/v4/security_configuration_assessment.rb
+- lib/wazuh/api/endpoints/v4/summary.rb
+- lib/wazuh/api/endpoints/v4/syscheck.rb
+- lib/wazuh/api/endpoints/v4/syscollector.rb
 - lib/wazuh/api/error.rb
 - lib/wazuh/api/errors/wazuh_error.rb
 - lib/wazuh/client.rb
@@ -218,6 +276,7 @@ files:
 - lib/wazuh/logger.rb
 - lib/wazuh/sawyer/connection.rb
 - lib/wazuh/sawyer/request.rb
+- lib/wazuh/sawyer/token.rb
 - lib/wazuh/version.rb
 - lib/wazuh_ruby_client.rb
 - wazuh-ruby-client.gemspec
@@ -227,7 +286,7 @@ metadata:
   homepage_uri: https://github.com/mrtc0/wazuh-ruby-client
   source_code_uri: https://github.com/mrtc0/wazuh-ruby-client
   changelog_uri: https://github.com/mrtc0/wazuh-ruby-client/blob/master/CHANGELOG.md
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -242,8 +301,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Wazuh API client for Ruby
 test_files: []