wazuh-ruby-client 0.2.9 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d112a0cd50547b2e1884a85c76754903fe0e425b1eea395a88d2073ef940e484
-  data.tar.gz: 875c1f5079579d1a29b9a34bff59a721c614447770696d8a7e50fd9efbf82383
+  metadata.gz: adc2a9b5045731781148915105090a022f56f6a0b9e5f829edbd858ba719cf35
+  data.tar.gz: 4737d13698d4983280f452d099285c4b5be49d5ee2a8e1e174c260b50ab44327
 SHA512:
-  metadata.gz: cfe8b91a45b82511920cd43eb8ed477b2694560ef8d5215f93c4dc4d04792295336e9051d90d99c87d17d5e4611b7a2c52677670ef40da7358cd204af6a17582
-  data.tar.gz: 112107a8acdc5f84714932e84c207d95c1b07a685a91ae83cabb5cbbdf5849f088e6e0d9cdb0c1fca9a1c96ad24b37abe1db26a0e67bfdc224783de9ce1390c6
+  metadata.gz: 9a2797197ba7db64967a51bfb4993ff42f4928cfd452a73b7629bd7c64e3c1d35f61157eb8191433fd7f21ddde6eefcecead1fd30e95109ac47423439fffd212
+  data.tar.gz: 12bdc3ff57b5f77b602d87889881f7d46868cf49cdeaa4ef92a0d408ddb8ca90b3a2f06bfed5707bbd8b70c6536db21ed617d1cfe36b6abd37a702d325344917

data/.gitignore

@@ -1,4 +1,5 @@
 /.bundle/
+/vendor
 /.yardoc
 /_yardoc/
 /coverage/

data/lib/wazuh/api/endpoints/v4/active_response.rb

@@ -0,0 +1,19 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module ActiveResponse
+          include ::Wazuh::Api::Endpoints::ActiveResponse
+          def run_active_response_command(options = {})
+            query_options = {}
+            %w(agents_list pretty wait_for_complete).each do |c|
+              query_options[c.to_sym] = options.delete(c.to_sym)
+            end
+            put "/active-response", options, query_options
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/agents.rb

@@ -0,0 +1,82 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Agents
+          include ::Wazuh::Api::Endpoints::Agents
+          def delete_agent(agent_ids, options = {})
+            delete "/agents", options.merge({ agents_list: agent_ids })
+          end
+
+          def remove_agents_of_group(ids, group)
+            delete "/agents/group", {group_id: group, agents_list: ids }
+          end
+
+          def delete_agent_by_group(ids)
+            delete '/agents/groups', {groups_list: ids}
+          end
+
+          def remove_group(group_id)
+            delete "/agents/groups", { groups_list: group_id }
+          end
+
+          def agent(agent_id, options = {})
+            get "/agents", options.merge({ agents_list: agent_id})
+          end
+
+          def upgrade_result_from_agent(agent_id, options = {})
+            get "/agents/upgrade_result", options.merge({ agents_list: agent_id})
+          end
+
+          def groups(options = {})
+            get '/groups', options
+          end
+
+          def agents_by_group(group_id, options = {})
+            offset_request('get', "/groups", options.merge({groups_list: group_id}))
+          end
+
+          def group_configuration(group_id, options = {})
+            get "/groups/#{group_id}/configuration", options
+          end
+
+          def group_files(group_id, options = {})
+            get "/groups/#{group_id}/files", options
+          end
+
+          def get_file_in_group(group_id, filename, options = {})
+            get "groups/#{group_id}/files/#{filename}", options
+          end
+
+          def agent_by_name(agent_name, options = {})
+            get "/agents", options.merge({name: agent_name})
+          end
+
+          def agent_summary
+            get "/agents/summary/status"
+          end
+
+          def add_agents_to_group(ids, group_id)
+            put "/agents/group", {group_id: group_id, agents_list: ids}
+          end
+
+          def agent_upgrade(agent_id, options = {})
+            put "/agents/upgrade", options.merge({agents_list: agent_id})
+          end
+
+          def agent_upgrade_custom(agent_id, options = {})
+            put "/agents/upgrade_custom", options.merge({agents_list: agent_id})
+          end
+
+          def add_agent_quick(agent_name)
+            post "/agents/insert/quick/", {}, {agent_name: agent_name}
+          end
+
+          def create_group(group_id)
+            post "/agents/groups", {group_id: group_id}
+          end
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/cache.rb

@@ -0,0 +1,14 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Cache
+          include ::Wazuh::Api::Endpoints::Cache
+          def cache_config
+            get "/cluster/api/config"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/ciscat.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Ciscat
+          include ::Wazuh::Api::Endpoints::Ciscat
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/cluster.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Cluster
+          include ::Wazuh::Api::Endpoints::Cluster
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/decoders.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Decoders
+          include ::Wazuh::Api::Endpoints::Decoders
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/experimental.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Experimental
+          include ::Wazuh::Api::Endpoints::Experimental
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/lists.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Lists
+          include ::Wazuh::Api::Endpoints::Lists
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/manager.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Manager
+          include ::Wazuh::Api::Endpoints::Manager
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/rootcheck.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Rootcheck
+          include ::Wazuh::Api::Endpoints::Rootcheck
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/rules.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Rules
+          include ::Wazuh::Api::Endpoints::Rules
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/security_configuration_assessment.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module SecurityConfigurationAssessment
+          include ::Wazuh::Api::Endpoints::SecurityConfigurationAssessment
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/summary.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Summary
+          include ::Wazuh::Api::Endpoints::Summary
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/syscheck.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Syscheck
+          include ::Wazuh::Api::Endpoints::Syscheck
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4/syscollector.rb

@@ -0,0 +1,11 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        module Syscollector
+          include ::Wazuh::Api::Endpoints::Syscollector
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/v4.rb

@@ -0,0 +1,40 @@
+require_relative 'v4/active_response'
+require_relative 'v4/agents'
+require_relative 'v4/cache'
+require_relative 'v4/ciscat'
+require_relative 'v4/cluster'
+require_relative 'v4/decoders'
+require_relative 'v4/experimental'
+require_relative 'v4/lists'
+require_relative 'v4/manager'
+require_relative 'v4/rootcheck'
+require_relative 'v4/rules'
+require_relative 'v4/security_configuration_assessment'
+require_relative 'v4/summary'
+require_relative 'v4/syscheck'
+require_relative 'v4/syscollector'
+
+
+module Wazuh
+  module Api
+    module Endpoints
+      module V4
+        include ActiveResponse
+        include Agents
+        include Cache
+        include Ciscat
+        include Cluster
+        include Decoders
+        include Experimental
+        include Lists
+        include Manager
+        include Rootcheck
+        include Rules
+        include Summary
+        include Syscheck
+        include Syscollector
+        include SecurityConfigurationAssessment
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints.rb

@@ -13,6 +13,7 @@ require_relative 'endpoints/security_configuration_assessment'
 require_relative 'endpoints/summary'
 require_relative 'endpoints/syscheck'
 require_relative 'endpoints/syscollector'
+require_relative 'endpoints/v4'
 
 module Wazuh
   module Api

data/lib/wazuh/client.rb

@@ -2,7 +2,6 @@ module Wazuh
   class Client
     include Sawyer::Connection
     include Sawyer::Request
-    include Api::Endpoints
 
     attr_accessor(*Config::ATTRIBUTES)
 
@@ -11,6 +10,14 @@ module Wazuh
         send("#{key}=", options[key] || Wazuh.config.send(key))
       end
       @logger ||= Wazuh::Config.logger || Wazuh::Logger.default
+      case api_version
+      when 3
+        extend Api::Endpoints
+      when 4
+        extend Api::Endpoints::V4
+      else
+        raise "unsupported api version #{api_version}"
+      end
     end
 
     class << self

data/lib/wazuh/config.rb

@@ -14,6 +14,7 @@ module Wazuh
       logger
       endpoint
       ignore_env_proxy
+      api_version
     ].freeze
 
     attr_accessor(*Config::ATTRIBUTES)
@@ -29,6 +30,7 @@ module Wazuh
       self.verify_ssl = true
       self.logger = nil
       self.ignore_env_proxy = false
+      self.api_version = 3
     end
   end
 

data/lib/wazuh/sawyer/connection.rb

@@ -2,7 +2,6 @@ module Wazuh
   module Sawyer
     module Connection
       private
-
       def connection
         options = {
           headers: {
@@ -16,21 +15,27 @@ module Wazuh
         options[:ssl].merge!({ client_cert: client_cert, client_key: client_key }) if client_cert || client_key
         options[:ssl][:ca_file] = ca_file if ca_file
 
-        if basic_user || basic_password
-          authorization_header = "Basic " + Base64.encode64(basic_user + ':' + basic_password).strip
-          options[:headers].merge!({'Authorization' => authorization_header})
-        end
-
         options[:ssl].merge!({ verify: false }) unless verify_ssl
 
         opts = {
           :links_parser => ::Sawyer::LinkParsers::Simple.new
         }
 
-        opts[:faraday] = ::Faraday.new(options)
+        case api_version
+        when 3
+          if basic_user || basic_password
+            options[:headers].merge!({'Authorization' => "Basic " + Base64.encode64(basic_user + ':' + basic_password).strip})
+          end
+        when 4
+          raise "user and password is required on v4 api" if !basic_user || !basic_password
+          opts[:faraday] = ::Faraday.new(options) do |conn|
+            conn.request :authorization, 'Bearer', -> { Token.jwt(endpoint, options, basic_user, basic_password) }
+          end
+        end
+
         opts[:faraday].proxy = nil if ignore_env_proxy
 
-        ::Sawyer::Agent.new(endpoint, opts)
+        conn = ::Sawyer::Agent.new(endpoint, opts)
       end
     end
   end

data/lib/wazuh/sawyer/request.rb

@@ -32,13 +32,13 @@ module Wazuh
 
       private
 
-      def request(method, path, options)
+      def request(method, path, options, query_options={})
         response = case method
         when :get, :delete
           connection.call(method, URI::Parser.new.escape(path), nil, {query: options})
         when :post, :put
           data = options unless options.empty?
-          connection.call(method, URI::Parser.new.escape(path), data)
+          connection.call(method, URI::Parser.new.escape(path), data, {query: query_options})
         end
 
         return response.data.data if response.status == 200

data/lib/wazuh/sawyer/token.rb

@@ -0,0 +1,20 @@
+module Wazuh
+  module Sawyer
+    module Connection
+      class Token
+        def self.jwt(endpoint, options, basic_user, basic_password)
+          if !@_token || (@_exp && @_exp -3 <= Time.now.to_i)
+            options[:url] = endpoint
+            options[:headers].merge!({'Authorization' => "Basic " + Base64.encode64(basic_user + ':' + basic_password).strip})
+
+            token = ::Faraday.new(options) {|f| f.response :json }.get('/security/user/authenticate').body['data']['token']
+            @_exp = ::JWT.decode(token, nil, false).first['exp'].to_i
+            ::JWT.decode(token, nil, false).first
+            @_token = token
+          end
+          @_token
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module Wazuh
-  VERSION = '0.2.9'
+  VERSION = '0.3.0'
 end

data/lib/wazuh-ruby-client/version.rb

@@ -1,3 +1,3 @@
 module WazuhRubyClient
-  VERSION = "0.2.9"
+  VERSION = "0.3.0"
 end

data/lib/wazuh-ruby-client.rb

@@ -6,8 +6,11 @@ require 'logger'
 require 'base64'
 require 'faraday'
 require 'sawyer'
+require 'jwt'
+require 'faraday_middleware'
 
 require_relative 'wazuh/config'
+require_relative 'wazuh/sawyer/token'
 require_relative 'wazuh/sawyer/connection'
 require_relative 'wazuh/sawyer/request'
 require_relative 'wazuh/api/endpoints'

data/wazuh-ruby-client.gemspec

@@ -34,14 +34,17 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 2.1.4"
+  spec.add_development_dependency "bundler", "~> 2.2"
   spec.add_development_dependency "rake", ">= 12.3.3"
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency "vcr"
   spec.add_development_dependency "webmock"
   spec.add_development_dependency "pry"
   spec.add_development_dependency "pry-byebug"
+  spec.add_development_dependency "timecop"
 
   spec.add_dependency 'faraday'
+  spec.add_dependency 'faraday_middleware'
   spec.add_dependency 'sawyer'
+  spec.add_dependency 'jwt'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wazuh-ruby-client
 version: !ruby/object:Gem::Version
-  version: 0.2.9
+  version: 0.3.0
 platform: ruby
 authors:
 - mrtc0
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-09-23 00:00:00.000000000 Z
+date: 2021-11-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.1.4
+        version: '2.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.1.4
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -108,6 +108,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
@@ -122,6 +136,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: faraday_middleware
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: sawyer
   requirement: !ruby/object:Gem::Requirement
@@ -136,6 +164,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Wazuh API client for Ruby
 email:
 - mrtc0@ssrf.in
@@ -211,6 +253,22 @@ files:
 - lib/wazuh/api/endpoints/summary.rb
 - lib/wazuh/api/endpoints/syscheck.rb
 - lib/wazuh/api/endpoints/syscollector.rb
+- lib/wazuh/api/endpoints/v4.rb
+- lib/wazuh/api/endpoints/v4/active_response.rb
+- lib/wazuh/api/endpoints/v4/agents.rb
+- lib/wazuh/api/endpoints/v4/cache.rb
+- lib/wazuh/api/endpoints/v4/ciscat.rb
+- lib/wazuh/api/endpoints/v4/cluster.rb
+- lib/wazuh/api/endpoints/v4/decoders.rb
+- lib/wazuh/api/endpoints/v4/experimental.rb
+- lib/wazuh/api/endpoints/v4/lists.rb
+- lib/wazuh/api/endpoints/v4/manager.rb
+- lib/wazuh/api/endpoints/v4/rootcheck.rb
+- lib/wazuh/api/endpoints/v4/rules.rb
+- lib/wazuh/api/endpoints/v4/security_configuration_assessment.rb
+- lib/wazuh/api/endpoints/v4/summary.rb
+- lib/wazuh/api/endpoints/v4/syscheck.rb
+- lib/wazuh/api/endpoints/v4/syscollector.rb
 - lib/wazuh/api/error.rb
 - lib/wazuh/api/errors/wazuh_error.rb
 - lib/wazuh/client.rb
@@ -218,6 +276,7 @@ files:
 - lib/wazuh/logger.rb
 - lib/wazuh/sawyer/connection.rb
 - lib/wazuh/sawyer/request.rb
+- lib/wazuh/sawyer/token.rb
 - lib/wazuh/version.rb
 - lib/wazuh_ruby_client.rb
 - wazuh-ruby-client.gemspec
@@ -227,7 +286,7 @@ metadata:
   homepage_uri: https://github.com/mrtc0/wazuh-ruby-client
   source_code_uri: https://github.com/mrtc0/wazuh-ruby-client
   changelog_uri: https://github.com/mrtc0/wazuh-ruby-client/blob/master/CHANGELOG.md
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -242,8 +301,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Wazuh API client for Ruby
 test_files: []