splunk-soar-sdk 3.2.3__py3-none-any.whl → 3.3.1__py3-none-any.whl

soar_sdk/abstract.py

@@ -90,7 +90,7 @@ class SOARClient(Generic[SummaryType]):
             headers=headers,
             cookies=cookies,
             timeout=timeout,
-            auth=auth,
+            auth=auth or httpx.USE_CLIENT_DEFAULT,
             follow_redirects=follow_redirects,
             extensions=extensions,
         )
@@ -125,7 +125,7 @@ class SOARClient(Generic[SummaryType]):
             json=json,
             params=params,
             cookies=cookies,
-            auth=auth,  # type: ignore[arg-type]
+            auth=auth or httpx.USE_CLIENT_DEFAULT,
             timeout=timeout,
             follow_redirects=follow_redirects,
             extensions=extensions,
@@ -161,7 +161,7 @@ class SOARClient(Generic[SummaryType]):
             json=json,
             params=params,
             cookies=cookies,
-            auth=auth,  # type: ignore[arg-type]
+            auth=auth or httpx.USE_CLIENT_DEFAULT,
             timeout=timeout,
             follow_redirects=follow_redirects,
             extensions=extensions,
@@ -189,7 +189,7 @@ class SOARClient(Generic[SummaryType]):
             params=params,
             headers=headers,
             cookies=cookies,
-            auth=auth,  # type: ignore[arg-type]
+            auth=auth or httpx.USE_CLIENT_DEFAULT,
             timeout=timeout,
             follow_redirects=follow_redirects,
             extensions=extensions,

soar_sdk/actions_manager.py

@@ -1,5 +1,6 @@
 from typing import Any
 import os
+from pathlib import Path
 
 from soar_sdk.compat import remove_when_soar_newer_than
 from soar_sdk.input_spec import InputSpecification
@@ -12,11 +13,6 @@ from soar_sdk.shims.phantom.action_result import ActionResult as PhantomActionRe
 from soar_sdk.shims.phantom.install_info import is_onprem_broker_install
 from soar_sdk.logging import getLogger
 
-
-_INGEST_STATE_KEY = "ingestion_state"
-_AUTH_STATE_KEY = "auth_state"
-_CACHE_STATE_KEY = "asset_cache"
-
 logger = getLogger()
 
 
@@ -27,9 +23,7 @@ class ActionsManager(BaseConnector):
         super().__init__()
 
         self._actions: dict[str, Action] = {}
-        self.ingestion_state: dict = {}
-        self.auth_state: dict = {}
-        self.asset_cache: dict = {}
+        self.__app_dir: Path | None = None
 
     def get_action(self, identifier: str) -> Action | None:
         """Convenience method for getting an Action callable from its identifier.
@@ -95,35 +89,6 @@ class ActionsManager(BaseConnector):
         else:
             raise RuntimeError(f"Action {action_id} not found.")
 
-    def initialize(self) -> bool:
-        """Load asset state into memory at initialization, splitting it into 3 categories.
-
-        Asset state is used to store data that needs to be accessed across actions.
-        Chiefly, it is used to store ingestion state, authentication state, and/or
-        used as an asset cache. Returns True only to conform with the BaseConnector interface.
-        """
-        state = self.load_state() or {}
-        self.ingestion_state = state.get(_INGEST_STATE_KEY, {})
-        self.auth_state = state.get(_AUTH_STATE_KEY, {})
-        self.asset_cache = state.get(_CACHE_STATE_KEY, {})
-
-        return True
-
-    def finalize(self) -> bool:
-        """Save asset state from memory into persistent storage at finalization.
-
-        Joins the SDK's 3 categories of asset state into a single dictionary, conforming
-        to the platform's expectations, and saves it.
-        Returns True only to conform with the BaseConnector interface.
-        """
-        state = {
-            _INGEST_STATE_KEY: self.ingestion_state,
-            _AUTH_STATE_KEY: self.auth_state,
-            _CACHE_STATE_KEY: self.asset_cache,
-        }
-        self.save_state(state)
-        return True
-
     def add_result(self, action_result: PhantomActionResult) -> PhantomActionResult:
         """Wrapper for BaseConnector's add_action_result method."""
         return self.add_action_result(action_result)
@@ -145,6 +110,10 @@ class ActionsManager(BaseConnector):
 
         Returns APP_HOME directly on brokers, which contains the correct SDK app path.
         """
+        # If the app dir has been overridden by calling `override_app_dir`, return that
+        if self.__app_dir:
+            return self.__app_dir.as_posix()
+
         # Remove when 7.1.0 is the min supported broker version
         remove_when_soar_newer_than("7.1.1")
         # On AB, APP_HOME is set by spawn to the full app path at runtime
@@ -165,3 +134,10 @@ class ActionsManager(BaseConnector):
     def get_soar_base_url(cls) -> str:
         """Get the base URL of the Splunk SOAR instance this app is running on."""
         return cls._get_phantom_base_url()
+
+    def override_app_dir(self, app_dir: Path) -> None:
+        """Request that the given app_dir be used, instead of whatever super().get_app_dir() returns.
+
+        This is useful for contexts such as Webhooks, where the app dir isn't necessarily the cwd, but we still need to load the app JSON reliably.
+        """
+        self.__app_dir = app_dir

soar_sdk/app.py

@@ -31,6 +31,7 @@ from soar_sdk.types import Action
 from soar_sdk.webhooks.routing import Router
 from soar_sdk.webhooks.models import WebhookRequest, WebhookResponse
 from soar_sdk.exceptions import ActionRegistrationError
+from soar_sdk.asset_state import AssetState
 
 import uuid
 from soar_sdk.decorators import (
@@ -134,6 +135,8 @@ class App:
         self.actions_manager: ActionsManager = ActionsManager()
         self.soar_client: SOARClient = AppClient()
 
+        self.app_root = Path(inspect.stack()[1].filename).parent.parent
+
     def get_actions(self) -> dict[str, Action]:
         """Returns the list of actions registered in the app."""
         return self.actions_manager.get_actions()
@@ -224,6 +227,15 @@ class App:
         """Returns the asset instance for the app."""
         if not hasattr(self, "_asset"):
             self._asset = self.asset_cls.model_validate(self._raw_asset_config)
+
+            asset_id = self.soar_client.get_asset_id()
+            self._asset._auth_state = AssetState(self.actions_manager, "auth", asset_id)
+            self._asset._cache_state = AssetState(
+                self.actions_manager, "cache", asset_id
+            )
+            self._asset._ingest_state = AssetState(
+                self.actions_manager, "ingest", asset_id
+            )
         return self._asset
 
     def register_action(
@@ -799,6 +811,7 @@ class App:
         _, soar_auth_token = soar_rest_client.session.headers["Cookie"].split("=")
         asset_id = soar_rest_client.asset_id
         soar_base_url = soar_rest_client.base_url
+        soar_base_url = soar_base_url.removesuffix("/rest")
         soar_auth = SOARClientAuth(
             user_session_token=soar_auth_token,
             base_url=soar_base_url,
@@ -817,6 +830,8 @@ class App:
             else:
                 normalized_query[key] = [value]
 
+        self.actions_manager.override_app_dir(self.app_root)
+        self.actions_manager._load_app_json()
         request = WebhookRequest(
             method=method,
             headers=headers,

soar_sdk/app_client.py

@@ -93,6 +93,7 @@ class AppClient(SOARClient[SummaryType]):
             verify=False,  # noqa: S501
         )
         if session_id:
+            self._client.cookies.set("sessionid", session_id)
             self.__login()
         else:
             if soar_auth.username:
@@ -106,7 +107,7 @@ class AppClient(SOARClient[SummaryType]):
             self._client.headers.update({"Cookie": update_cookies})
 
     def __login(self) -> None:
-        response = self._client.get("/login")
+        response = self._client.get("/login", follow_redirects=True)
         response.raise_for_status()
         self.csrf_token = response.cookies.get("csrftoken") or ""
         self._client.cookies.update(response.cookies)

soar_sdk/asset.py

@@ -11,6 +11,8 @@ from soar_sdk.compat import remove_when_soar_newer_than
 from soar_sdk.meta.datatypes import as_datatype
 from soar_sdk.input_spec import AppConfig
 from soar_sdk.field_utils import parse_json_schema_extra
+from soar_sdk.asset_state import AssetState
+from soar_sdk.exceptions import AppContextRequired
 
 remove_when_soar_newer_than(
     "7.0.0", "NotRequired from typing_extensions is in typing in Python 3.11+"
@@ -283,3 +285,28 @@ class BaseAsset(BaseModel):
             for field_name, field in cls.model_fields.items()
             if field.annotation is ZoneInfo
         }
+
+    _auth_state: AssetState | None = None
+    _cache_state: AssetState | None = None
+    _ingest_state: AssetState | None = None
+
+    @property
+    def auth_state(self) -> AssetState:
+        """A place to store authentication data, such as session and refresh tokens, between action runs. This data is stored by the SOAR service, and is encrypted at rest."""
+        if self._auth_state is None:
+            raise AppContextRequired()
+        return self._auth_state
+
+    @property
+    def cache_state(self) -> AssetState:
+        """A place to cache miscellaneous data between action runs. This data is stored by the SOAR service, and is encrypted at rest."""
+        if self._cache_state is None:
+            raise AppContextRequired()
+        return self._cache_state
+
+    @property
+    def ingest_state(self) -> AssetState:
+        """A place to store ingestion information, such as checkpoints, between action runs. This data is stored by the SOAR service, and is encrypted at rest."""
+        if self._ingest_state is None:
+            raise AppContextRequired()
+        return self._ingest_state

soar_sdk/asset_state.py

@@ -0,0 +1,54 @@
+import json
+from collections.abc import MutableMapping, Iterator
+
+from soar_sdk.shims.phantom.base_connector import BaseConnector
+from soar_sdk.shims.phantom.encryption_helper import encryption_helper
+
+
+AssetStateKeyType = str
+AssetStateValueType = str | bool | int | float | None
+AssetStateType = dict[AssetStateKeyType, AssetStateValueType]
+
+
+class AssetState(MutableMapping[AssetStateKeyType, AssetStateValueType]):
+    """An adapter to the asset state stored within SOAR. The state can be split into multiple partitions; this object represents a single partition. State is automatically encrypted at rest."""
+
+    def __init__(self, backend: BaseConnector, state_key: str, asset_id: str) -> None:
+        self.backend = backend
+        self.state_key = state_key
+        self.asset_id = asset_id
+
+    def get_all(self) -> AssetStateType:
+        """Get the entirety of this part of the asset state."""
+        state = self.backend.load_state() or {}
+        if not (part_encrypted := state.get(self.state_key)):
+            return {}
+        part_json = encryption_helper.decrypt(part_encrypted, self.asset_id)
+        return json.loads(part_json)
+
+    def put_all(self, new_value: AssetStateType) -> None:
+        """Entirely replace this part of the asset state."""
+        part_json = json.dumps(new_value)
+        part_encrypted = encryption_helper.encrypt(part_json, salt=self.asset_id)
+        state = self.backend.load_state() or {}
+        state[self.state_key] = part_encrypted
+        self.backend.save_state(state)
+
+    def __getitem__(self, key: AssetStateKeyType) -> AssetStateValueType:
+        return self.get_all()[key]
+
+    def __setitem__(self, key: AssetStateKeyType, value: AssetStateValueType) -> None:
+        s = self.get_all()
+        s[key] = value
+        self.put_all(s)
+
+    def __delitem__(self, key: AssetStateKeyType) -> None:
+        s = self.get_all()
+        del s[key]
+        self.put_all(s)
+
+    def __iter__(self) -> Iterator[AssetStateKeyType]:
+        yield from self.get_all().keys()
+
+    def __len__(self) -> int:
+        return len(self.get_all().keys())

soar_sdk/cli/cli.py

@@ -5,6 +5,7 @@ from soar_sdk.paths import SDK_ROOT
 from soar_sdk.cli.manifests.cli import manifests
 from soar_sdk.cli.package.cli import package
 from soar_sdk.cli.init.cli import init, convert
+from soar_sdk.cli.test.cli import test
 
 CONTEXT_SETTINGS = {"help_option_names": ["-h", "--help"]}
 HELP = """A command-line tool for helping with SOAR Apps development"""
@@ -18,6 +19,7 @@ app.add_typer(manifests, name="manifests")
 app.add_typer(package, name="package")
 app.add_typer(init, name="init")
 app.add_typer(convert, name="convert")
+app.add_typer(test, name="test")
 
 
 @app.command("version")

soar_sdk/cli/manifests/processors.py

@@ -68,6 +68,11 @@ class ManifestProcessor:
 
         if app.webhook_meta is not None:
             app_meta.webhook = app.webhook_meta
+            module_name = self.get_module_dot_path(app_meta.main_module)
+            app_instance_name = app_meta.main_module.split(":")[-1]
+            app_meta.webhook.handler = (
+                f"{module_name}.{app_instance_name}.handle_webhook"
+            )
 
         return app_meta
 

soar_sdk/cli/package/cli.py

@@ -206,7 +206,11 @@ def build(
 
 
 async def upload_app(
-    soar_instance: str, username: str, password: str, app_tarball: Path
+    soar_instance: str,
+    username: str,
+    password: str,
+    app_tarball: Path,
+    force: bool = False,
 ) -> httpx.Response:
     """Asynchronously upload an app tgz to a Splunk SOAR system, via REST API."""
     base_url = (
@@ -217,12 +221,14 @@ async def upload_app(
 
     payload = {"app": app_tarball.read_bytes()}
     async with phantom_get_login_session(base_url, username, password) as client:
-        response = await phantom_install_app(client, "app_install", payload)
+        response = await phantom_install_app(client, "app_install", payload, force)
     return response
 
 
 @package.command()
-def install(app_tarball: Path, soar_instance: str, username: str = "") -> None:
+def install(
+    app_tarball: Path, soar_instance: str, username: str = "", force: bool = False
+) -> None:
     """Install the app tgz to the specified Splunk SOAR system.
 
     ..note:
@@ -243,7 +249,7 @@ def install(app_tarball: Path, soar_instance: str, username: str = "") -> None:
         password = typer.prompt("Please enter your SOAR password", hide_input=True)
 
     app_install_request = asyncio.run(
-        upload_app(soar_instance, username, password, app_tarball)
+        upload_app(soar_instance, username, password, app_tarball, force)
     )
 
     try:

soar_sdk/cli/package/utils.py

@@ -14,37 +14,38 @@ async def phantom_get_login_session(
         base_url=base_url,
         verify=False,  # noqa: S501
         timeout=timeout,
+        auth=(username, password),  # Use HTTP Basic Auth
     ) as client:
-        # get the cookies from the get method
-        response = await client.get("/login")
+        # Get CSRF token by hitting home page (follow redirects)
+        response = await client.get("/", follow_redirects=True)
         response.raise_for_status()
         csrf_token = response.cookies.get("csrftoken")
+        if not csrf_token:
+            raise RuntimeError("Could not obtain CSRF token from SOAR instance")
         client.cookies.update(response.cookies)
 
-        await client.post(
-            "/login",
-            data={
-                "username": username,
-                "password": password,
-                "csrfmiddlewaretoken": csrf_token,
-            },
-            headers={"Referer": f"{base_url}/login"},
-        )
-
         yield client
 
 
 async def phantom_install_app(
-    client: httpx.AsyncClient, endpoint: str, files: dict[str, bytes]
+    client: httpx.AsyncClient,
+    endpoint: str,
+    files: dict[str, bytes],
+    force: bool = False,
 ) -> httpx.Response:
     """Send a POST request with a CSRF token to the specified endpoint using an authenticated token."""
     csrftoken = client.cookies.get("csrftoken")
+    if not csrftoken:
+        raise RuntimeError("CSRF token not found in cookies")
 
     response = await client.post(
         endpoint,
         files=files,
-        data={"csrfmiddlewaretoken": csrftoken},
-        headers={"Referer": f"{client.base_url}/{endpoint}"},
+        data={"csrfmiddlewaretoken": csrftoken, "forced_installation": force},
+        headers={
+            "Referer": f"{client.base_url}/",
+            "X-CSRFToken": csrftoken,
+        },
     )
 
     return response

soar_sdk/cli/path_utils.py

@@ -36,8 +36,3 @@ def context_directory(path: Path) -> Iterator[None]:
             yield
     finally:
         os.chdir(original_dir)
-
-
-def relative_to_cwd(path: Path) -> str:
-    """Reinterpret the given path as relative to the current working directory."""
-    return path.relative_to(Path.cwd()).as_posix()

soar_sdk/cli/test/cli.py

@@ -0,0 +1,296 @@
+from __future__ import annotations
+
+import os
+import subprocess
+import sys
+from pathlib import Path
+from typing import Annotated
+
+import typer
+from rich.console import Console
+
+test = typer.Typer(
+    help="Run unit and integration tests",
+)
+
+console = Console()
+
+
+@test.command()
+def unit(
+    parallel: Annotated[
+        bool,
+        typer.Option(
+            "--parallel/--no-parallel",
+            "-p",
+            help="Run tests in parallel using pytest-xdist",
+        ),
+    ] = True,
+    coverage: Annotated[
+        bool,
+        typer.Option(
+            "--coverage",
+            "-c",
+            help="Run with coverage reporting",
+        ),
+    ] = False,
+    verbose: Annotated[
+        bool,
+        typer.Option(
+            "--verbose",
+            "-v",
+            help="Verbose test output",
+        ),
+    ] = False,
+    test_path: Annotated[
+        Path | None,
+        typer.Option(
+            "--test-path",
+            "-t",
+            help="Path to specific test file or directory",
+        ),
+    ] = None,
+    junit_xml: Annotated[
+        Path | None,
+        typer.Option(
+            "--junit-xml",
+            help="Path to save JUnit XML test results",
+        ),
+    ] = None,
+) -> None:
+    """Run unit tests.
+
+    This command runs the unit test suite, excluding integration tests.
+    By default, tests run in parallel for faster execution.
+
+    Examples:
+        # Run all unit tests in parallel
+        soarapps test unit
+
+        # Run unit tests with coverage
+        soarapps test unit --coverage
+
+        # Run specific test file
+        soarapps test unit -t tests/test_decorators.py
+
+        # Run without parallelism
+        soarapps test unit --no-parallel
+    """
+    pytest_args = [
+        sys.executable,
+        "-m",
+        "pytest",
+    ]
+
+    if test_path:
+        pytest_args.append(str(test_path))
+
+    pytest_args.extend(
+        [
+            "-m",
+            "not integration",
+            "--tb=short",
+            "--color=yes",
+            "-o",
+            "addopts=",
+        ]
+    )
+
+    if parallel:
+        pytest_args.extend(["-n", "auto"])
+
+    if not coverage:
+        pytest_args.append("--no-cov")
+
+    if verbose:
+        pytest_args.append("-v")
+
+    if junit_xml:
+        pytest_args.append(f"--junitxml={junit_xml}")
+
+    console.print("[bold green]Running unit tests[/bold green]")
+    if test_path:
+        console.print(f"[dim]Test path: {test_path}[/dim]")
+    console.print(f"[dim]Parallel: {parallel}[/dim]")
+    console.print(f"[dim]Coverage: {coverage}[/dim]")
+
+    try:
+        result = subprocess.run(  # noqa: S603
+            pytest_args,
+            check=False,
+        )
+        if result.returncode != 0:
+            console.print(f"[red]Tests failed with exit code {result.returncode}[/red]")
+            raise typer.Exit(result.returncode)
+        else:
+            console.print("[bold green]All tests passed![/bold green]")
+    except KeyboardInterrupt:
+        console.print("[yellow]Tests interrupted by user[/yellow]")
+        raise typer.Exit(130) from None
+
+
+@test.command()
+def integration(
+    instance_ip: Annotated[
+        str,
+        typer.Argument(
+            help="SOAR instance IP address or hostname",
+        ),
+    ],
+    username: Annotated[
+        str | None,
+        typer.Option(
+            "--username",
+            "-u",
+            help="SOAR instance username",
+            envvar="PHANTOM_USERNAME",
+        ),
+    ] = None,
+    password: Annotated[
+        str | None,
+        typer.Option(
+            "--password",
+            "-p",
+            help="SOAR instance password",
+            envvar="PHANTOM_PASSWORD",
+        ),
+    ] = None,
+    retries: Annotated[
+        int,
+        typer.Option(
+            "--retries",
+            "-r",
+            help="Number of test retries on failure",
+        ),
+    ] = 2,
+    automation_broker: Annotated[
+        str | None,
+        typer.Option(
+            "--automation-broker",
+            "-ab",
+            help="Automation broker name for on-prem tests",
+            envvar="AUTOMATION_BROKER_NAME",
+        ),
+    ] = None,
+    force_automation_broker: Annotated[
+        bool,
+        typer.Option(
+            "--force-automation-broker",
+            help="Force use of automation broker for all tests",
+            envvar="FORCE_AUTOMATION_BROKER",
+        ),
+    ] = False,
+    verbose: Annotated[
+        bool,
+        typer.Option(
+            "--verbose",
+            "-v",
+            help="Verbose test output",
+        ),
+    ] = False,
+    test_path: Annotated[
+        Path | None,
+        typer.Option(
+            "--test-path",
+            "-t",
+            help="Path to specific test file or directory",
+        ),
+    ] = None,
+    junit_xml: Annotated[
+        Path | None,
+        typer.Option(
+            "--junit-xml",
+            help="Path to save JUnit XML test results",
+        ),
+    ] = None,
+) -> None:
+    """Run integration tests against a SOAR instance.
+
+    This command runs the integration test suite against a specified SOAR instance.
+    Tests run similar to the GitHub CI workflow.
+
+    Examples:
+        # Run integration tests against a specific instance
+        soarapps test integration 10.1.19.88 -u admin -p password
+
+        # Run tests with automation broker
+        soarapps test integration 10.1.19.88 --automation-broker my-broker
+
+        # Run specific test file
+        soarapps test integration 10.1.19.88 -t tests/integration/test_example_app.py
+
+        # Save test results to file
+        soarapps test integration 10.1.19.88 --junit-xml results.xml
+    """
+    if not username:
+        console.print(
+            "[red]Error: Username is required (use -u or PHANTOM_USERNAME env var)[/red]"
+        )
+        raise typer.Exit(1)
+
+    if not password:
+        console.print(
+            "[red]Error: Password is required (use -p or PHANTOM_PASSWORD env var)[/red]"
+        )
+        raise typer.Exit(1)
+
+    phantom_url = f"https://{instance_ip}"
+
+    env = os.environ.copy()
+    env["PHANTOM_URL"] = phantom_url
+    env["PHANTOM_USERNAME"] = username
+    env["PHANTOM_PASSWORD"] = password
+
+    if automation_broker:
+        env["AUTOMATION_BROKER_NAME"] = automation_broker
+
+    if force_automation_broker:
+        env["FORCE_AUTOMATION_BROKER"] = "true"
+
+    test_dir = Path("tests/integration/")
+    if test_path:
+        test_dir = test_path
+
+    pytest_args = [
+        sys.executable,
+        "-m",
+        "pytest",
+        str(test_dir),
+        "-m",
+        "integration",
+        "--no-cov",
+        "--tb=short",
+        "--color=yes",
+        "-o",
+        "addopts=",
+        f"--reruns={retries}",
+    ]
+
+    if verbose:
+        pytest_args.append("-v")
+
+    if junit_xml:
+        pytest_args.append(f"--junitxml={junit_xml}")
+
+    console.print(
+        f"[bold green]Running integration tests against {instance_ip}[/bold green]"
+    )
+    console.print(f"[dim]Test directory: {test_dir}[/dim]")
+    console.print(f"[dim]Retries: {retries}[/dim]")
+    if automation_broker:
+        console.print(f"[dim]Automation broker: {automation_broker}[/dim]")
+
+    try:
+        result = subprocess.run(  # noqa: S603
+            pytest_args,
+            env=env,
+            check=False,
+        )
+        if result.returncode != 0:
+            console.print(f"[red]Tests failed with exit code {result.returncode}[/red]")
+            raise typer.Exit(result.returncode)
+        else:
+            console.print("[bold green]All tests passed![/bold green]")
+    except KeyboardInterrupt:
+        console.print("[yellow]Tests interrupted by user[/yellow]")
+        raise typer.Exit(130) from None

soar_sdk/decorators/webhook.py

@@ -2,7 +2,6 @@ import inspect
 from functools import wraps
 from pathlib import Path
 
-from soar_sdk.cli.path_utils import relative_to_cwd
 from soar_sdk.webhooks.models import WebhookRequest, WebhookResponse, WebhookHandler
 from soar_sdk.meta.webhooks import WebhookRouteMeta
 from soar_sdk.async_utils import run_async_if_needed
@@ -47,7 +46,9 @@ class WebhookDecorator:
 
         stack = inspect.stack()
         declaration_path_absolute = stack[1].filename
-        declaration_path = relative_to_cwd(Path(declaration_path_absolute))
+        declaration_path = (
+            Path(declaration_path_absolute).relative_to(self.app.app_root).as_posix()
+        )
         _, declaration_lineno = inspect.getsourcelines(function)
 
         self.app.webhook_router.add_route(

soar_sdk/exceptions.py

@@ -51,6 +51,15 @@ class ActionRegistrationError(Exception):
         super().__init__(f"Error registering action: {action}")
 
 
+class AppContextRequired(Exception):
+    """Exception raised when trying to access certain features outside the proper context."""
+
+    def __init__(self) -> None:
+        super().__init__(
+            "This feature is only available in the context of an action run or webhook handler."
+        )
+
+
 __all__ = [
     "ActionFailure",
     "ActionRegistrationError",

soar_sdk/meta/actions.py

@@ -39,6 +39,15 @@ class ActionMeta(BaseModel):
                 "type": self.render_as,
             }
 
+        if self.view_handler:
+            module = self.view_handler.__module__
+            module_parts = module.split(".")
+            if len(module_parts) > 1:
+                relative_module = ".".join(module_parts[1:])
+            else:
+                relative_module = module
+            data["render"]["view"] = f"{relative_module}.{self.view_handler.__name__}"
+
         # Remove view_handler from the output since in render
         data.pop("view_handler", None)
         data.pop("render_as", None)

soar_sdk/shims/phantom/base_connector.py

@@ -27,6 +27,8 @@ if TYPE_CHECKING or not _soar_is_available:
             self.action_results: list[ActionResult] = []
             self.__conn_result: ConnectorResult
             self.__conn_result = ConnectorResult()
+            self.__state: dict = {}
+            self.__app_json: dict = {}
 
         @staticmethod
         def _get_phantom_base_url() -> str:
@@ -121,10 +123,10 @@ if TYPE_CHECKING or not _soar_is_available:
             return self.config
 
         def save_state(self, state: dict) -> None:
-            self.state = state
+            self.__state = state
 
         def load_state(self) -> dict:
-            return self.state
+            return self.__state
 
         def _set_csrf_info(self, token: str, referer: str) -> None:
             pass
@@ -140,5 +142,8 @@ if TYPE_CHECKING or not _soar_is_available:
             remove_when_soar_newer_than("7.1.1")
             return Path.cwd().as_posix()
 
+        def _load_app_json(self) -> None:
+            pass
+
 
 __all__ = ["BaseConnector"]

soar_sdk/shims/phantom/encryption_helper.py

@@ -11,16 +11,18 @@ if TYPE_CHECKING or not _soar_is_available:
     import base64
 
     class encryption_helper:  # type: ignore[no-redef]
-        """Simulated encryption helper for environments without BaseConnector."""
+        """Simulated encryption helper for environments without BaseConnector.
+
+        Salt values are optional, as newer versions of SOAR no longer accept them."""
 
         @staticmethod
-        def encrypt(plain: str, salt: str) -> str:
+        def encrypt(plain: str, salt: str = "unused-salt") -> str:
             """Simulates the behavior of encryption_helper.encrypt."""
             salted = plain + ":" + salt
             return base64.b64encode(salted.encode("utf-8")).decode("utf-8")
 
         @staticmethod
-        def decrypt(cipher: str, salt: str) -> str:
+        def decrypt(cipher: str, salt: str = "unused-salt") -> str:
             """Simulate the behavior of encryption_helper.decrypt."""
 
             if len(cipher) == 0:
@@ -29,7 +31,7 @@ if TYPE_CHECKING or not _soar_is_available:
                     "Parameter validation failed: Invalid length for parameter SecretId, value: 0, valid min length: 1"
                 )
             decoded = base64.b64decode(cipher.encode("utf-8")).decode("utf-8")
-            plain, decrypted_salt = decoded.split(":", 1)
+            plain, decrypted_salt = decoded.rsplit(":", 1)
             if salt != decrypted_salt:
                 raise ValueError("Salt does not match")
             return plain

{splunk_soar_sdk-3.2.3.dist-info → splunk_soar_sdk-3.3.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: splunk-soar-sdk
-Version: 3.2.3
+Version: 3.3.1
 Summary: The official framework for developing and testing Splunk SOAR Apps
 Project-URL: Homepage, https://github.com/phantomcyber/splunk-soar-sdk
 Project-URL: Documentation, https://github.com/phantomcyber/splunk-soar-sdk

{splunk_soar_sdk-3.2.3.dist-info → splunk_soar_sdk-3.3.1.dist-info}/RECORD

@@ -1,16 +1,17 @@
 soar_sdk/__init__.py,sha256=RzAng-ARqpK01SY82lNy4uYJFVG0yW6Q3CccEqbToJ4,726
-soar_sdk/abstract.py,sha256=3oJvWljqDTr2nucf-9IdBRMDJwRnDe6nISYKyGuLMxw,7752
+soar_sdk/abstract.py,sha256=0iNvoPNX1DA7ZffYU5Tg7chuQBoiNOXMK1WumHA_1T4,7786
 soar_sdk/action_results.py,sha256=ajlsed6ZkCyOTra4SFy31iYZO2a6mlvBK2-zIyO09q4,11928
-soar_sdk/actions_manager.py,sha256=Ce4zU06QJlbTP3TONfxsS4CWuykcZpQ0mw3ir8ThLsw,6663
-soar_sdk/app.py,sha256=xCdBHQgzdIwfyYRHSGFRYpEu8nKPMsULZCrdm5CbRrY,34512
+soar_sdk/actions_manager.py,sha256=0moWQuKNGMFZqhiINtEoLw45SNHhFbC0jzZ9Puv6wgc,5820
+soar_sdk/app.py,sha256=7pJ-t9uQFaIxCTfHXy9hLRRgnRz9y03bMBObCrsNe_g,35185
 soar_sdk/app_cli_runner.py,sha256=tdglXCIRZS3dc3P18Tha7yUJQX9zIDxJFdST02LL9xY,11644
-soar_sdk/app_client.py,sha256=p5dsgxmMK61qLFIn7pATEQkVWldTtQhJPcMs4Idv2Lw,6197
-soar_sdk/asset.py,sha256=b4-f7r3JSfR-nUzalpgJnoXAIEHQ34yvIuoyoAFvye0,11055
+soar_sdk/app_client.py,sha256=maoIR0NqACdjb-0noWIyjAz3LMTtvi4EBMO5dBclab0,6282
+soar_sdk/asset.py,sha256=y9ar5yXA8AKCUuVXnLpRn4BYDklf0mxzB24Hw9q58QY,12255
+soar_sdk/asset_state.py,sha256=u71oUfIH0LOZQ2bNkYsC2A_dZp3KA1JzMTd0ujDd3Qw,2102
 soar_sdk/async_utils.py,sha256=6JtSDd_RKKT85TaUjxofZTKrZr24z74WSljkX47KZqg,1429
 soar_sdk/colors.py,sha256=--i_iXqfyITUz4O95HMjfZQGbwFZ34bLmBhtfpXXqlQ,1095
 soar_sdk/compat.py,sha256=-Z9i9azaW4w0ZGEX2GoukseDglLNRWiBsV7auJAyZbs,3061
 soar_sdk/crypto.py,sha256=qiBMHUQqgn5lPI1DbujSj700s89FuLJrkQgCO9_eBn4,392
-soar_sdk/exceptions.py,sha256=bzydqdpzwG5VaVkZBiUEcf9Wp0clMdzqdUBZHzpfqT0,1830
+soar_sdk/exceptions.py,sha256=413-AcIM7IMixoyVk_0yDaqsUhommb784uH5vSv18lU,2129
 soar_sdk/field_utils.py,sha256=Jb0HteUPd-CtuDM7rNXVLy4uRxl419zeDxY_oOpU8GM,287
 soar_sdk/input_spec.py,sha256=79MFGF2IkAAoWpHmZYP0VqUBu10SkvmF_RPmXkf8bQ4,4677
 soar_sdk/logging.py,sha256=30cUxU7Tjf_OY4rUOrvjDoqPH7pcFydrdDbcG4ppY_s,11424
@@ -30,18 +31,20 @@ soar_sdk/app_templates/basic_app/logo_dark.svg,sha256=PTxIs_1CKK9ZY3v-K1QoGwaUng
 soar_sdk/app_templates/basic_app/uv.lock,sha256=AfgaIBg88KH-0iyXpCXacXAwHYKm0c-on2gWXjV9L-Y,80216
 soar_sdk/app_templates/basic_app/src/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 soar_sdk/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-soar_sdk/cli/cli.py,sha256=62n6b41bjXILtkqLTpeID8JyDYMbkfXNV1LCo52YUsA,926
-soar_sdk/cli/path_utils.py,sha256=rFJDAe-sTC_6KgSiidlD3JcpygFmyHAEsn1j_6eWpIc,1263
+soar_sdk/cli/cli.py,sha256=dMb9yPyYphvr9wtk2oG8fEw6n_p4WZ7liK5u6-H8ppg,998
+soar_sdk/cli/path_utils.py,sha256=gNqvSlltDGvbydpOm5RKgjwLs7J9YTqqmyiBIXxaX7c,1087
 soar_sdk/cli/utils.py,sha256=GNZLFAMH_BKQo2-D5GvweWxeuR7DfR8eMZS4-sJUggU,1441
 soar_sdk/cli/init/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 soar_sdk/cli/init/cli.py,sha256=LWwGb_N5KPpKjnk8Kn3IppSrGsHQb65CvDn2NXPokAE,14618
 soar_sdk/cli/manifests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 soar_sdk/cli/manifests/cli.py,sha256=cly5xVdj4bBIdZVMQPIWTXRgUfd1ON3qKO-76Fwql18,524
 soar_sdk/cli/manifests/deserializers.py,sha256=TjcmPvcfr1auGkf3hBRwjVc0dSuuDNmH5jMOqXHz27s,16515
-soar_sdk/cli/manifests/processors.py,sha256=PbzARZvMUCkQrrzjRVVOsb0dTV_u5BMXx52e3t0V9-w,4797
+soar_sdk/cli/manifests/processors.py,sha256=uuW_5gCPgpUB3o5L3KMo_eqw9Jm5ps1ga4ZqiYLtEJE,5061
 soar_sdk/cli/manifests/serializers.py,sha256=hSfOcBNhv7s437A7t5BM1NXG5dfjKmh_xbHXQTuBklA,3632
-soar_sdk/cli/package/cli.py,sha256=8AWItAAXzfjJMRLwDIRbrN9cQhy7clBX7WrOmdcGClw,9499
-soar_sdk/cli/package/utils.py,sha256=zZmpWg76Vb3rtGn28aPhPHt1JUWR6eIByU6DTTRC3ng,1584
+soar_sdk/cli/package/cli.py,sha256=l2AygRmUcvmiXbQhRxSnz8lEK6_nLgWoKpwxY44r9SE,9578
+soar_sdk/cli/package/utils.py,sha256=2qLGpR77t6KJABg4q2iMc2ywOChW4W5D10Ct58v89Is,1711
+soar_sdk/cli/test/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+soar_sdk/cli/test/cli.py,sha256=iDrthN8L7B1RplLhq0EI69MndaOhvAXn7bqv3XzlfpM,7655
 soar_sdk/code_renderers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 soar_sdk/code_renderers/action_renderer.py,sha256=nPbB3SJLm4VDu_zuwY6vO_LgVg1tvW5ZTrzeS7JdyF8,16489
 soar_sdk/code_renderers/app_renderer.py,sha256=OCNNhXc36Amcg1kUUayyyzWx_M2RY8W8wvy0ppujLaE,7791
@@ -56,9 +59,9 @@ soar_sdk/decorators/on_es_poll.py,sha256=5wiAcboG45ut7dLr0ZRcKOU01yIBfBrq00laGtv
 soar_sdk/decorators/on_poll.py,sha256=H_aijFWKeZKwiS72Vsa9uolmj8sziGW2lZF6EhjEDjs,8276
 soar_sdk/decorators/test_connectivity.py,sha256=tZt7w-BnZUpxCyixblXts4tsUp8z-Kmz-JGJ5i5LQs8,3564
 soar_sdk/decorators/view_handler.py,sha256=_qjfk2nQxPwraldjRIl4DWdW-tvANJfdVDU_lLA3UvE,7075
-soar_sdk/decorators/webhook.py,sha256=buQ9OXVHYc9AwOVoTC0E4fszhmKniW8rmPvaRpKCZko,2369
+soar_sdk/decorators/webhook.py,sha256=PE37CcGzGYykJpU9AVDVtajENLrOIUA0su28lVDQ76M,2366
 soar_sdk/meta/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-soar_sdk/meta/actions.py,sha256=YadG8Zkc0SWmcG5-Dj4NyWlYYAh4CyJksLYp_GmNZNM,1818
+soar_sdk/meta/actions.py,sha256=UDf_0cZ8lsAhkyhDIWonneNshUG9pzciG1Go9e7NJ6k,2189
 soar_sdk/meta/adapters.py,sha256=KjSYIUtkCz2eesA_vhsNCjfi5C-Uz71tbSuDIjhuB8U,1112
 soar_sdk/meta/app.py,sha256=eZlM8GIY1B_o-RzJrRNCNVEQSx0sFupxZqCM7sIWGv4,2777
 soar_sdk/meta/datatypes.py,sha256=piR-oBVAATiRciXSdVE7XaqjUZTgSaOvTEqcOcNvCS0,795
@@ -73,10 +76,10 @@ soar_sdk/models/vault_attachment.py,sha256=IQPX239OFClVfOKr9nHIu9Is55cXWBaOgM2lG
 soar_sdk/models/view.py,sha256=frfbNdWfzc0XjiU3CY79zBJxvzUsgLdFmphVeZ6QqTc,777
 soar_sdk/shims/phantom/action_result.py,sha256=yDiV2f3kt5G9UYejpe0JFeo651f3Uv-fTSoIlfg3DGg,1606
 soar_sdk/shims/phantom/app.py,sha256=PpNj9FoXjyj6r5w9S2fpElKFS6EcBIqsnpaTSvnIzyI,303
-soar_sdk/shims/phantom/base_connector.py,sha256=-uoPGNu0J6Cm8-BMvvlwbaKGTyImbh4dCJXz6HFDiNs,4734
+soar_sdk/shims/phantom/base_connector.py,sha256=85K1vlWXNPHPrHSYDLYiz0aOHD_dKUGHOra_FSSj17o,4873
 soar_sdk/shims/phantom/connector_result.py,sha256=T6eDXdMyblWB0Xa3RW4ojuhy9wJmWZTpY8Oojl5sYYk,641
 soar_sdk/shims/phantom/consts.py,sha256=eq6AIuDhb2Z-CJORwv98D3JbcIOW8CC673zx5dNPFKU,404
-soar_sdk/shims/phantom/encryption_helper.py,sha256=kiZNwBMgrhvVtNjKVP7ZswEn4DXxH8gTC-9tuxjVzTc,1386
+soar_sdk/shims/phantom/encryption_helper.py,sha256=20VqqSFuftjB8bMriP6mjgvYWpYqYZyokYzq_aydkqU,1503
 soar_sdk/shims/phantom/install_info.py,sha256=hR3W8pKlNUVlE1jOwGT_o2f6uTGQknPG3GLRDHrGSUQ,994
 soar_sdk/shims/phantom/json_keys.py,sha256=QgDO5qGlcNNqJBsolJQs0UOW1sa8xMYIubqfCXeP4C4,528
 soar_sdk/shims/phantom/ph_ipc.py,sha256=RSL_qB64OSsy0B8AvqDh_biR9lqAHKdRkIj973UQfoU,1381
@@ -100,8 +103,8 @@ soar_sdk/views/components/pie_chart.py,sha256=LVTeHVJN6nf2vjUs9y7PDBhS0U1fKW750l
 soar_sdk/webhooks/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 soar_sdk/webhooks/models.py,sha256=PG9SDs5xXqtFndm5C8AsJOTYXU5v_UTY7SpYosWT_CA,4542
 soar_sdk/webhooks/routing.py,sha256=MnzbnIDy2uG_5mJzsTeX-NsE6QYvzyqEGbHmEFj-DG8,6900
-splunk_soar_sdk-3.2.3.dist-info/METADATA,sha256=Efb648n3bteCzbGGNio5f3hU57YeKqOeGVZgI9dMxSs,7334
-splunk_soar_sdk-3.2.3.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-splunk_soar_sdk-3.2.3.dist-info/entry_points.txt,sha256=CgBjo2ZWpYNkt9TgvToL26h2Tg1yt8FbvYTb5NVgNuc,51
-splunk_soar_sdk-3.2.3.dist-info/licenses/LICENSE,sha256=gNCGrGhrSQb1PUzBOByVUN1tvaliwLZfna-QU2r2hQ8,11345
-splunk_soar_sdk-3.2.3.dist-info/RECORD,,
+splunk_soar_sdk-3.3.1.dist-info/METADATA,sha256=3Y2eWE1VKaxWd8ZDzrvflA5jt2ZCX6LdwR2JRUe7VeY,7334
+splunk_soar_sdk-3.3.1.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+splunk_soar_sdk-3.3.1.dist-info/entry_points.txt,sha256=CgBjo2ZWpYNkt9TgvToL26h2Tg1yt8FbvYTb5NVgNuc,51
+splunk_soar_sdk-3.3.1.dist-info/licenses/LICENSE,sha256=gNCGrGhrSQb1PUzBOByVUN1tvaliwLZfna-QU2r2hQ8,11345
+splunk_soar_sdk-3.3.1.dist-info/RECORD,,

{splunk_soar_sdk-3.2.3.dist-info → splunk_soar_sdk-3.3.1.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: hatchling 1.27.0
+Generator: hatchling 1.28.0
 Root-Is-Purelib: true
 Tag: py3-none-any