@itentialopensource/adapter-checkpoint_reputation_service 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/.eslintignore +5 -0
  2. package/.eslintrc.js +18 -0
  3. package/.jshintrc +3 -0
  4. package/AUTH.md +44 -0
  5. package/BROKER.md +211 -0
  6. package/CALLS.md +207 -0
  7. package/CHANGELOG.md +9 -0
  8. package/CODE_OF_CONDUCT.md +43 -0
  9. package/CONTRIBUTING.md +13 -0
  10. package/ENHANCE.md +69 -0
  11. package/LICENSE +201 -0
  12. package/PROPERTIES.md +646 -0
  13. package/README.md +343 -0
  14. package/SUMMARY.md +9 -0
  15. package/SYSTEMINFO.md +18 -0
  16. package/TAB1.md +10 -0
  17. package/TAB2.md +318 -0
  18. package/TROUBLESHOOT.md +47 -0
  19. package/adapter.js +919 -0
  20. package/adapterBase.js +1452 -0
  21. package/changelogs/CHANGELOG.md +0 -0
  22. package/entities/.generic/action.json +214 -0
  23. package/entities/.generic/schema.json +28 -0
  24. package/entities/.system/action.json +50 -0
  25. package/entities/.system/mockdatafiles/getToken-default.json +1 -0
  26. package/entities/.system/mockdatafiles/healthcheck-default.json +3 -0
  27. package/entities/.system/schema.json +19 -0
  28. package/entities/.system/schemaTokenReq.json +53 -0
  29. package/entities/.system/schemaTokenResp.json +31 -0
  30. package/entities/Authentication/action.json +25 -0
  31. package/entities/Authentication/schema.json +19 -0
  32. package/entities/Query/action.json +24 -0
  33. package/entities/Query/schema.json +19 -0
  34. package/error.json +190 -0
  35. package/metadata.json +82 -0
  36. package/package.json +81 -0
  37. package/pronghorn.json +1092 -0
  38. package/propertiesDecorators.json +14 -0
  39. package/propertiesSchema.json +1574 -0
  40. package/refs?service=git-upload-pack +0 -0
  41. package/report/adapter-openapi.json +502 -0
  42. package/report/adapter-openapi.yaml +333 -0
  43. package/report/auto-adapter-openapi.json +95 -0
  44. package/report/checkpoint.yaml +333 -0
  45. package/report/creationReport.json +235 -0
  46. package/sampleProperties.json +260 -0
  47. package/test/integration/adapterTestBasicGet.js +83 -0
  48. package/test/integration/adapterTestConnectivity.js +118 -0
  49. package/test/integration/adapterTestIntegration.js +533 -0
  50. package/test/unit/adapterBaseTestUnit.js +1024 -0
  51. package/test/unit/adapterTestUnit.js +1579 -0
  52. package/utils/adapterInfo.js +206 -0
  53. package/utils/addAuth.js +94 -0
  54. package/utils/artifactize.js +146 -0
  55. package/utils/basicGet.js +50 -0
  56. package/utils/checkMigrate.js +63 -0
  57. package/utils/entitiesToDB.js +179 -0
  58. package/utils/findPath.js +74 -0
  59. package/utils/methodDocumentor.js +273 -0
  60. package/utils/modify.js +152 -0
  61. package/utils/packModificationScript.js +35 -0
  62. package/utils/patches2bundledDeps.js +90 -0
  63. package/utils/pre-commit.sh +32 -0
  64. package/utils/removeHooks.js +20 -0
  65. package/utils/setup.js +33 -0
  66. package/utils/taskMover.js +309 -0
  67. package/utils/tbScript.js +239 -0
  68. package/utils/tbUtils.js +489 -0
  69. package/utils/testRunner.js +298 -0
  70. package/utils/troubleshootingAdapter.js +193 -0
package/refs?service=git-upload-pack ADDED
Binary file
package/report/adapter-openapi.json ADDED
@@ -0,0 +1,502 @@
1
+ {
2
+ "openapi": "3.0.0",
3
+ "info": {
4
+ "title": "Check Point Reputation Service API",
5
+ "description": "## Introduction\nLeverage the Check Point’s threat intelligence to enrich your SIEM and SOAR solutions and to secure your business applications and websites by using simple RESTful APIs. \n\n| **Input** | **Output** |\n|-------|--------|\n| **URL, IP, File digest (md5/sha1/sha256)** | classification and risk |\n\n## Getting Started with the Reputation Service API \n### 1. Get your API Key \n[Contact us](mailto:TCAPI_SUPPORT@checkpoint.com) to get an API key\n### 2. Request a session token\nThe session token is valid for 30min. \n\nRequest example: \n```linux\ncurl -X GET \"https://rep.checkpoint.com/rep-auth/service/v1.0/request\" -H \"Client-Key: XXXXXXXXXXXXX\"\n```\n\nResponse example:\n```\nexp=XXXXXXX~acl=XXXX/*~hmac=XXXXXXXXX\n```\n### 3. Use your API Key and your session token for a Reputation Service Query\nNote: you have to provide the resource to be queried both in the **message body** and in the **URL request**. \n\nRequest example: \n```linux\ncurl -X POST \"https://rep.checkpoint.com/url-rep/service/v2.0/query?resource=ynet.co.il\" -H \"accept: application/json\" -H \"Client-Key: XXXXXXX\" -H \"token: exp=XXXXX~acl=XXXXX\" -H \"Content-Type: application/json\" -d \"{\\\"request\\\":[{\\\"resource\\\":\\\"ynet.co.il\\\"}]}\"\n```\n\nResponse example:\n```json\n{\n \"response\": [\n {\n \"status\": {\n \"code\": 2001,\n \"label\": \"SUCCESS\",\n \"message\": \"Succeeded to generate reputation\"\n },\n \"resource\": \"ynet.co.il\",\n \"reputation\": {\n \"classification\": \"Benign\",\n \"severity\": \"N/A\",\n \"confidence\": \"High\"\n },\n \"risk\": 0,\n \"context\": {\n \"categories\": [\n {\n \"id\": 24,\n \"name\": \"News / Media\"\n }\n ],\n \"indications\": [\n \"The domain is popular among websites with good reputation\",\n \"The domain has good reputation\",\n \"The domain is popular in the world\",\n \"Check Point's URL Filtering category is News / Media\",\n \"VirusTotal vendors detected benign URLs of the domain\",\n \"The IP address is involved with benign activity\"\n ],\n \"vt_positives\": 0,\n \"safe\": true,\n \"creation_date\": \"2001:01:07 00:00:00\",\n \"related_ips\": [\n {\n \"ip\": \"104.123.201.212\",\n \"classification\": \"Benign\",\n \"confidence\": \"Low\"\n }\n ]\n }\n }\n ]\n}\n```\n",
6
+ "contact": {},
7
+ "version": "1.0.0"
8
+ },
9
+ "servers": [
10
+ {
11
+ "url": "https://rep.checkpoint.com",
12
+ "variables": {}
13
+ }
14
+ ],
15
+ "paths": {
16
+ "/rep-auth/service/v1.0/request": {
17
+ "get": {
18
+ "tags": [
19
+ "Authentication"
20
+ ],
21
+ "summary": "getSessionToken",
22
+ "description": "",
23
+ "operationId": "getSessionToken",
24
+ "parameters": [
25
+ {
26
+ "name": "Client-Key",
27
+ "in": "header",
28
+ "description": "",
29
+ "required": true,
30
+ "style": "simple",
31
+ "schema": {
32
+ "type": "string",
33
+ "format": "uuid"
34
+ }
35
+ }
36
+ ],
37
+ "responses": {
38
+ "200": {
39
+ "description": "The token to use in reputation",
40
+ "headers": {},
41
+ "content": {}
42
+ },
43
+ "401": {
44
+ "description": "Invalid Client-Key header",
45
+ "headers": {},
46
+ "content": {}
47
+ }
48
+ },
49
+ "deprecated": false
50
+ }
51
+ },
52
+ "/{service}-rep/service/v2.0/query": {
53
+ "post": {
54
+ "tags": [
55
+ "Query"
56
+ ],
57
+ "summary": "postQueryResource",
58
+ "description": "",
59
+ "operationId": "postQueryResource",
60
+ "parameters": [
61
+ {
62
+ "name": "Client-Key",
63
+ "in": "header",
64
+ "description": "",
65
+ "required": true,
66
+ "style": "simple",
67
+ "schema": {
68
+ "type": "string",
69
+ "format": "uuid"
70
+ }
71
+ },
72
+ {
73
+ "name": "token",
74
+ "in": "header",
75
+ "description": "",
76
+ "required": true,
77
+ "style": "simple",
78
+ "schema": {
79
+ "type": "string"
80
+ }
81
+ },
82
+ {
83
+ "name": "service",
84
+ "in": "path",
85
+ "description": "The service you want to query",
86
+ "required": true,
87
+ "style": "simple",
88
+ "schema": {
89
+ "allOf": [
90
+ {
91
+ "$ref": "#/components/schemas/service"
92
+ },
93
+ {
94
+ "description": "The service you want to query"
95
+ }
96
+ ]
97
+ }
98
+ },
99
+ {
100
+ "name": "resource",
101
+ "in": "query",
102
+ "description": "The resource you want to query",
103
+ "required": true,
104
+ "style": "form",
105
+ "explode": true,
106
+ "schema": {
107
+ "type": "string"
108
+ }
109
+ }
110
+ ],
111
+ "requestBody": {
112
+ "description": "",
113
+ "content": {
114
+ "application/json": {
115
+ "schema": {
116
+ "$ref": "#/components/schemas/ReputationRequest"
117
+ }
118
+ }
119
+ },
120
+ "required": true
121
+ },
122
+ "responses": {
123
+ "200": {
124
+ "description": "OK",
125
+ "headers": {},
126
+ "content": {
127
+ "application/json": {
128
+ "schema": {
129
+ "$ref": "#/components/schemas/ReputationResponse"
130
+ }
131
+ }
132
+ }
133
+ },
134
+ "400": {
135
+ "description": "Bad Request - Check your resource",
136
+ "headers": {},
137
+ "content": {}
138
+ },
139
+ "401": {
140
+ "description": "Invalid Client-Key header",
141
+ "headers": {},
142
+ "content": {}
143
+ },
144
+ "403": {
145
+ "description": "Invalid token header",
146
+ "headers": {},
147
+ "content": {}
148
+ },
149
+ "429": {
150
+ "description": "Quota exceeded",
151
+ "headers": {},
152
+ "content": {}
153
+ }
154
+ },
155
+ "deprecated": false
156
+ }
157
+ }
158
+ },
159
+ "components": {
160
+ "schemas": {
161
+ "ReputationSingleRequest": {
162
+ "title": "ReputationSingleRequest",
163
+ "type": "object",
164
+ "properties": {
165
+ "resource": {
166
+ "type": "string"
167
+ }
168
+ }
169
+ },
170
+ "ReputationRequest": {
171
+ "title": "ReputationRequest",
172
+ "required": [
173
+ "request"
174
+ ],
175
+ "type": "object",
176
+ "properties": {
177
+ "request": {
178
+ "type": "array",
179
+ "items": {
180
+ "$ref": "#/components/schemas/ReputationSingleRequest"
181
+ },
182
+ "description": ""
183
+ }
184
+ }
185
+ },
186
+ "ReputationResponse": {
187
+ "title": "ReputationResponse",
188
+ "type": "object",
189
+ "properties": {
190
+ "risk": {
191
+ "type": "number",
192
+ "example": 0
193
+ },
194
+ "resource": {
195
+ "type": "string",
196
+ "example": "http://google.com"
197
+ },
198
+ "reputation": {
199
+ "$ref": "#/components/schemas/ReputationClassification"
200
+ },
201
+ "status": {
202
+ "$ref": "#/components/schemas/ReputationStatus"
203
+ },
204
+ "context": {
205
+ "allOf": [
206
+ {
207
+ "$ref": "#/components/schemas/ReputationResponseContext"
208
+ },
209
+ {
210
+ "description": "In parentheses, the service returning the field"
211
+ }
212
+ ]
213
+ }
214
+ }
215
+ },
216
+ "ReputationClassification": {
217
+ "title": "ReputationClassification",
218
+ "type": "object",
219
+ "properties": {
220
+ "classification": {
221
+ "type": "string",
222
+ "example": "Benign"
223
+ },
224
+ "severity": {
225
+ "$ref": "#/components/schemas/Severity"
226
+ },
227
+ "Confidence": {
228
+ "$ref": "#/components/schemas/Confidence"
229
+ }
230
+ }
231
+ },
232
+ "ReputationStatus": {
233
+ "title": "ReputationStatus",
234
+ "type": "object",
235
+ "properties": {
236
+ "code": {
237
+ "$ref": "#/components/schemas/Code"
238
+ },
239
+ "label": {
240
+ "$ref": "#/components/schemas/Label"
241
+ },
242
+ "message": {
243
+ "$ref": "#/components/schemas/Message"
244
+ }
245
+ }
246
+ },
247
+ "ReputationResponseContext": {
248
+ "title": "ReputationResponseContext",
249
+ "type": "object",
250
+ "properties": {
251
+ "asn": {
252
+ "type": "number",
253
+ "description": "ASN of the IP (IP)"
254
+ },
255
+ "as_owner": {
256
+ "type": "string",
257
+ "description": "ASN owner of the IP (IP)"
258
+ },
259
+ "safe": {
260
+ "type": "boolean",
261
+ "description": "exists and true if certified safe (URL)"
262
+ },
263
+ "malware_family": {
264
+ "type": "string",
265
+ "description": "the malware family associated with the resource (URL/FILE/IP)"
266
+ },
267
+ "protection_name": {
268
+ "type": "string",
269
+ "description": "The protection name returned from Malware Service / AntiVirus (URL/FILE)"
270
+ },
271
+ "redirections": {
272
+ "type": "array",
273
+ "items": {
274
+ "type": "string"
275
+ },
276
+ "description": "The redirections of the resource (URL)"
277
+ },
278
+ "malware_types": {
279
+ "type": "array",
280
+ "items": {
281
+ "type": "string"
282
+ },
283
+ "description": "The malware types based on VT scans (FILE)"
284
+ },
285
+ "categories": {
286
+ "type": "array",
287
+ "items": {
288
+ "type": "string"
289
+ },
290
+ "description": "URLF categories (URL)"
291
+ },
292
+ "google_safe_browsing_categories": {
293
+ "type": "array",
294
+ "items": {
295
+ "type": "string"
296
+ },
297
+ "description": "Google safe browsing categories (URL)"
298
+ },
299
+ "location": {
300
+ "allOf": [
301
+ {
302
+ "$ref": "#/components/schemas/Location"
303
+ },
304
+ {
305
+ "description": "geo location information (IP)"
306
+ }
307
+ ]
308
+ },
309
+ "related_resources": {
310
+ "allOf": [
311
+ {
312
+ "$ref": "#/components/schemas/RelatedResources"
313
+ },
314
+ {
315
+ "description": "(FILE)"
316
+ }
317
+ ]
318
+ },
319
+ "phishing": {
320
+ "allOf": [
321
+ {
322
+ "$ref": "#/components/schemas/Phishing"
323
+ },
324
+ {
325
+ "description": "(URL)"
326
+ }
327
+ ]
328
+ }
329
+ },
330
+ "description": "In parentheses, the service returning the field"
331
+ },
332
+ "Code": {
333
+ "title": "Code",
334
+ "enum": [
335
+ 2001,
336
+ 2002,
337
+ 2003
338
+ ],
339
+ "type": "integer"
340
+ },
341
+ "Confidence": {
342
+ "title": "Confidence",
343
+ "enum": [
344
+ "Low",
345
+ "Medium",
346
+ "High"
347
+ ],
348
+ "type": "string"
349
+ },
350
+ "Label": {
351
+ "title": "Label",
352
+ "enum": [
353
+ "SUCCESS",
354
+ "PARTIAL_SUCCESS",
355
+ "FAILED"
356
+ ],
357
+ "type": "string"
358
+ },
359
+ "Location": {
360
+ "title": "Location",
361
+ "type": "object",
362
+ "properties": {
363
+ "region": {
364
+ "type": "string"
365
+ },
366
+ "city": {
367
+ "type": "string"
368
+ },
369
+ "postalCode": {
370
+ "type": "string"
371
+ },
372
+ "latitude": {
373
+ "type": "number"
374
+ },
375
+ "longitude": {
376
+ "type": "number"
377
+ },
378
+ "dma_code": {
379
+ "type": "integer",
380
+ "format": "int32"
381
+ },
382
+ "area_code": {
383
+ "type": "integer",
384
+ "format": "int32"
385
+ },
386
+ "metro_code": {
387
+ "type": "integer",
388
+ "format": "int32"
389
+ }
390
+ },
391
+ "description": "geo location information (IP)"
392
+ },
393
+ "Message": {
394
+ "title": "Message",
395
+ "enum": [
396
+ "Succeeded to generate reputation",
397
+ "Some vendors are unavailable",
398
+ "Failed to process"
399
+ ],
400
+ "type": "string"
401
+ },
402
+ "Phishing": {
403
+ "title": "Phishing",
404
+ "type": "object",
405
+ "properties": {
406
+ "brand": {
407
+ "type": "string",
408
+ "description": "brand of the phishing resource"
409
+ },
410
+ "type": {
411
+ "type": "string",
412
+ "description": "type of brand"
413
+ },
414
+ "domain": {
415
+ "type": "string",
416
+ "description": "the primary domain"
417
+ }
418
+ },
419
+ "description": "(URL)"
420
+ },
421
+ "RelatedResources": {
422
+ "title": "RelatedResources",
423
+ "type": "object",
424
+ "properties": {
425
+ "similar_files_found": {
426
+ "type": "number",
427
+ "description": "How many similar files found"
428
+ },
429
+ "similar_files_details": {
430
+ "allOf": [
431
+ {
432
+ "$ref": "#/components/schemas/SimilarFilesDetails"
433
+ },
434
+ {
435
+ "description": "Information about the similar file"
436
+ }
437
+ ]
438
+ }
439
+ },
440
+ "description": "(FILE)"
441
+ },
442
+ "service": {
443
+ "title": "service",
444
+ "enum": [
445
+ "url",
446
+ "ip",
447
+ "file"
448
+ ],
449
+ "type": "string"
450
+ },
451
+ "Severity": {
452
+ "title": "Severity",
453
+ "enum": [
454
+ "N/A",
455
+ "Low",
456
+ "Medium",
457
+ "High",
458
+ "Critical"
459
+ ],
460
+ "type": "string"
461
+ },
462
+ "SimilarFilesDetails": {
463
+ "title": "SimilarFilesDetails",
464
+ "type": "object",
465
+ "properties": {
466
+ "md5": {
467
+ "type": "string"
468
+ },
469
+ "ssdeep": {
470
+ "type": "string"
471
+ },
472
+ "ssdeep_similarity": {
473
+ "type": "string"
474
+ },
475
+ "file_type": {
476
+ "type": "string"
477
+ },
478
+ "classification": {
479
+ "type": "string"
480
+ },
481
+ "malware_family": {
482
+ "type": "string"
483
+ },
484
+ "confidence": {
485
+ "type": "string"
486
+ }
487
+ },
488
+ "description": "Information about the similar file"
489
+ }
490
+ }
491
+ },
492
+ "tags": [
493
+ {
494
+ "name": "Authentication",
495
+ "description": ""
496
+ },
497
+ {
498
+ "name": "Query",
499
+ "description": ""
500
+ }
501
+ ]
502
+ }