diff --git a/sechub-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/JWTSupport.java b/sechub-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/JWTSupport.java
index a35d298f4..b144f4560 100644
--- a/sechub-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/JWTSupport.java
+++ b/sechub-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/JWTSupport.java
@@ -3,18 +3,19 @@
import java.util.regex.Pattern;
-public class JWTSupport {
+class JWTSupport {
private static final Pattern JWT_PATTERN = Pattern.compile("^[A-Za-z0-9-_=]+\\.[A-Za-z0-9-_=]+\\.[A-Za-z0-9-_.+/=]*$");
/**
* Performs some tests to see if the given value is a JWT.
*
- * @param value
+ * @param value a string which could represent a JWT token (look at
+ * https://jwt.io/ for detailed description about JWT content)
* @return true if all tests pass and the value is a JWT,
* false otherwise.
*/
- public boolean isJWT(String value) {
+ boolean isJWT(String value) {
if (value == null) {
return false;
}
@@ -22,6 +23,10 @@ public boolean isJWT(String value) {
return false;
}
String[] split = value.split("\\.");
+ // Simple way to check it is a JWT: When looking at https://jwt.io/ we can see,
+ // that every JWT has the structure "eyJ${someData}.eyJ${OtherData}" so we use
+ // this to identify JWT. Since this is only used for data extracted from HTTP
+ // sessions the test should be sufficient.
return split[0].startsWith("eyJ") && split[1].startsWith("eyJ");
}
}
diff --git a/sechub-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapWrapperGroovyScriptExecutor.java b/sechub-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapWrapperGroovyScriptExecutor.java
index cd89f5071..3eb49de14 100644
--- a/sechub-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapWrapperGroovyScriptExecutor.java
+++ b/sechub-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapWrapperGroovyScriptExecutor.java
@@ -65,7 +65,7 @@ public ScriptLoginResult executeScript(File scriptFile, ZapScanContext scanConte
LOG.info("Execute groovy login script.");
scriptEngine.eval(script, bindings);
- LOG.info("Execution successful, perparing login result with session data.");
+ LOG.info("Execution successful, preparing login result with session data.");
loginResult.setSessionCookies(firefox.manage().getCookies());
loginResult.setSessionStorage(retrieveStorage(firefox, SESSION_STORAGE));
loginResult.setLocalStorage(retrieveStorage(firefox, LOCAL_STORAGE));
diff --git a/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/config/ZapScanContextFactoryTest.java b/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/config/ZapScanContextFactoryTest.java
index a5f4ef3f3..cd1701f58 100644
--- a/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/config/ZapScanContextFactoryTest.java
+++ b/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/config/ZapScanContextFactoryTest.java
@@ -159,15 +159,15 @@ void result_contains_server_config_with_arguments_from_environment_when_command_
ZapScanContext result = factoryToTest.create(settings);
/* test */
- verify(envVariableReader, times(1)).readAsInt(ZAP_PORT_ENV_VARIABLE_NAME);
- verify(envVariableReader, times(1)).readAsString(ZAP_HOST_ENV_VARIABLE_NAME);
- verify(envVariableReader, times(1)).readAsString(ZAP_API_KEY_ENV_VARIABLE_NAME);
+ verify(envVariableReader).readAsInt(ZAP_PORT_ENV_VARIABLE_NAME);
+ verify(envVariableReader).readAsString(ZAP_HOST_ENV_VARIABLE_NAME);
+ verify(envVariableReader).readAsString(ZAP_API_KEY_ENV_VARIABLE_NAME);
- verify(envVariableReader, times(1)).readAsString(PROXY_HOST_ENV_VARIABLE_NAME);
- verify(envVariableReader, times(1)).readAsInt(PROXY_PORT_ENV_VARIABLE_NAME);
- verify(envVariableReader, times(1)).readAsString(PROXY_REALM_ENV_VARIABLE_NAME);
- verify(envVariableReader, times(1)).readAsString(PROXY_USERNAME_ENV_VARIABLE_NAME);
- verify(envVariableReader, times(1)).readAsString(PROXY_PASSWORD_ENV_VARIABLE_NAME);
+ verify(envVariableReader).readAsString(PROXY_HOST_ENV_VARIABLE_NAME);
+ verify(envVariableReader).readAsInt(PROXY_PORT_ENV_VARIABLE_NAME);
+ verify(envVariableReader).readAsString(PROXY_REALM_ENV_VARIABLE_NAME);
+ verify(envVariableReader).readAsString(PROXY_USERNAME_ENV_VARIABLE_NAME);
+ verify(envVariableReader).readAsString(PROXY_PASSWORD_ENV_VARIABLE_NAME);
ZapServerConfiguration serverConfig = result.getServerConfig();
assertNotNull(serverConfig);
@@ -330,7 +330,7 @@ void fullruleset_returned_by_provider_is_in_result() {
ZapFullRuleset fullRuleset = result.getFullRuleset();
/* test */
- verify(ruleProvider, times(1)).fetchFullRuleset(any());
+ verify(ruleProvider).fetchFullRuleset(any());
assertNotNull(fullRuleset);
assertNotNull(fullRuleset.getRules());
assertEquals("https://www.zaproxy.org/docs/alerts/", fullRuleset.getOrigin());
@@ -349,7 +349,7 @@ void rules_to_deactivate_returned_by_provider_is_inside_result() {
DeactivatedRuleReferences deactivatedRuleReferences = result.getDeactivatedRuleReferences();
/* test */
- verify(ruleProvider, times(1)).fetchDeactivatedRuleReferences(any());
+ verify(ruleProvider).fetchDeactivatedRuleReferences(any());
assertNotNull(deactivatedRuleReferences);
assertNotNull(deactivatedRuleReferences.getDeactivatedRuleReferences());
assertEquals(2, deactivatedRuleReferences.getDeactivatedRuleReferences().size());
@@ -419,7 +419,7 @@ void rules_to_deactivate_returned_by_command_line_is_null_environment_varibale_r
factoryToTest.create(settings);
/* test */
- verify(envVariableReader, times(1)).readAsString(ZAP_DEACTIVATED_RULE_REFERENCES);
+ verify(envVariableReader).readAsString(ZAP_DEACTIVATED_RULE_REFERENCES);
}
@Test
@@ -573,7 +573,7 @@ void no_template_data_results_in_no_template_data_set() {
ZapScanContext result = factoryToTest.create(settings);
/* test */
- verify(envVariableReader, times(1)).readAsString(ZAP_GROOVY_LOGIN_SCRIPT_FILE);
+ verify(envVariableReader).readAsString(ZAP_GROOVY_LOGIN_SCRIPT_FILE);
assertNull(result.getGroovyScriptLoginFile());
}
@@ -609,7 +609,7 @@ void cmd_param_not_set_results_in_environment_variable_reader_being_called_as_fa
ZapScanContext result = factoryToTest.create(settings);
/* test */
- verify(envVariableReader, times(1)).readAsString(ZAP_GROOVY_LOGIN_SCRIPT_FILE);
+ verify(envVariableReader).readAsString(ZAP_GROOVY_LOGIN_SCRIPT_FILE);
assertEquals(groovyScriptFile, result.getGroovyScriptLoginFile().getName());
}
diff --git a/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/ZapScannerTest.java b/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/ZapScannerTest.java
index e4260a048..03b48e266 100644
--- a/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/ZapScannerTest.java
+++ b/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/ZapScannerTest.java
@@ -117,11 +117,11 @@ void setup_standard_configuration_results_in_expected_calls() throws ClientApiEx
scannerToTest.setupStandardConfiguration();
/* test */
- verify(clientApiWrapper, times(1)).createNewSession(scanContext.getContextName(), true);
- verify(clientApiWrapper, times(1)).setMaximumAlertsForEachRuleToUnlimited();
- verify(clientApiWrapper, times(1)).enableAllPassiveScannerRules();
- verify(clientApiWrapper, times(1)).enableAllActiveScannerRulesForDefaultPolicy();
- verify(clientApiWrapper, times(1)).setAjaxSpiderBrowserId(BROWSER_ID);
+ verify(clientApiWrapper).createNewSession(scanContext.getContextName(), true);
+ verify(clientApiWrapper).setMaximumAlertsForEachRuleToUnlimited();
+ verify(clientApiWrapper).enableAllPassiveScannerRules();
+ verify(clientApiWrapper).enableAllActiveScannerRulesForDefaultPolicy();
+ verify(clientApiWrapper).setAjaxSpiderBrowserId(BROWSER_ID);
}
@Test
@@ -161,7 +161,7 @@ void deactivate_rules_results_in_rules_are_deactivated() throws ClientApiExcepti
scannerToTest.deactivateRules(ruleSet, deactivatedReferences);
/* test */
- verify(clientApiWrapper, times(1)).disablePassiveScannerRule(any());
+ verify(clientApiWrapper).disablePassiveScannerRule(any());
verify(clientApiWrapper, times(2)).disableActiveScannerRuleForDefaultPolicy(any());
}
@@ -175,7 +175,7 @@ void setup_addtional_proxy_information_with_proxy_information_null_results_in_pr
scannerToTest.setupAdditonalProxyConfiguration(null);
/* test */
- verify(clientApiWrapper, times(1)).setHttpProxyEnabled(false);
+ verify(clientApiWrapper).setHttpProxyEnabled(false);
}
@Test
@@ -193,9 +193,9 @@ void setup_addtional_proxy_information_results_in_proxy_enabled() throws ClientA
scannerToTest.setupAdditonalProxyConfiguration(proxyInformation);
/* test */
- verify(clientApiWrapper, times(1)).configureHttpProxy(proxyInformation);
- verify(clientApiWrapper, times(1)).setHttpProxyEnabled(true);
- verify(clientApiWrapper, times(1)).setHttpProxyAuthEnabled(false);
+ verify(clientApiWrapper).configureHttpProxy(proxyInformation);
+ verify(clientApiWrapper).setHttpProxyEnabled(true);
+ verify(clientApiWrapper).setHttpProxyAuthEnabled(false);
}
@Test
@@ -210,7 +210,7 @@ void create_context_results_in_expected_calls() throws ClientApiException {
/* test */
assertEquals(expectedContextId, contextId);
verify(scanContext, times(2)).getContextName();
- verify(clientApiWrapper, times(1)).createNewContext(CONTEXT_NAME);
+ verify(clientApiWrapper).createNewContext(CONTEXT_NAME);
}
@Test
@@ -318,8 +318,8 @@ void add_replacer_rules_for_headers_with_data_section_results_add_replacer_rule_
scannerToTest.addReplacerRulesForHeaders();
/* test */
- verify(clientApiWrapper, times(1)).addReplacerRule("Key", true, "REQ_HEADER", false, "Key", "header-token", null, null);
- verify(clientApiWrapper, times(1)).addReplacerRule("Other", true, "REQ_HEADER", false, "Other", "token", null, null);
+ verify(clientApiWrapper).addReplacerRule("Key", true, "REQ_HEADER", false, "Key", "header-token", null, null);
+ verify(clientApiWrapper).addReplacerRule("Other", true, "REQ_HEADER", false, "Other", "token", null, null);
}
@ParameterizedTest
@@ -397,7 +397,7 @@ void import_openapi_file_api_support_is_called_once(String sechubConfigFile) thr
scannerToTest.loadApiDefinitions(contextId);
/* test */
- verify(clientApiWrapper, times(1)).importOpenApiFile(any(), any(), anyInt());
+ verify(clientApiWrapper).importOpenApiFile(any(), any(), anyInt());
}
@ParameterizedTest
@@ -417,7 +417,7 @@ void import_openapi_defintion_from_url_api_support_is_called_once(String sechubC
/* test */
verify(clientApiWrapper, never()).importOpenApiFile(any(), any(), anyInt());
- verify(clientApiWrapper, times(1)).importOpenApiDefintionFromUrl(any(), any(), anyInt());
+ verify(clientApiWrapper).importOpenApiDefintionFromUrl(any(), any(), anyInt());
}
@ParameterizedTest
@@ -440,8 +440,8 @@ void import_openapi_from_file_and_from_url_api_support_is_called_once(String sec
scannerToTest.loadApiDefinitions(contextId);
/* test */
- verify(clientApiWrapper, times(1)).importOpenApiFile(any(), any(), anyInt());
- verify(clientApiWrapper, times(1)).importOpenApiDefintionFromUrl(any(), any(), anyInt());
+ verify(clientApiWrapper).importOpenApiFile(any(), any(), anyInt());
+ verify(clientApiWrapper).importOpenApiDefintionFromUrl(any(), any(), anyInt());
}
@Test
@@ -516,7 +516,7 @@ void import_client_certificate_file_api_support_is_called_once() throws ClientAp
scannerToTest.importClientCertificate();
/* test */
- verify(clientApiWrapper, times(1)).importPkcs12ClientCertificate(any(), any());
+ verify(clientApiWrapper).importPkcs12ClientCertificate(any(), any());
}
@Test
@@ -549,7 +549,7 @@ void import_client_certificate_file_but_without_password_api_support_is_called_o
scannerToTest.importClientCertificate();
/* test */
- verify(clientApiWrapper, times(1)).importPkcs12ClientCertificate(any(), any());
+ verify(clientApiWrapper).importPkcs12ClientCertificate(any(), any());
}
@ParameterizedTest
@@ -603,12 +603,12 @@ void configure_login_inside_zap_using_basic_auth_results_in_expected_calls() thr
verify(scanContext, times(2)).getTargetUrl();
- verify(clientApiWrapper, times(1)).setAuthenticationMethod(eq(contextId), eq(zapAuthenticationMethod), any());
- verify(clientApiWrapper, times(1)).setSessionManagementMethod(eq(contextId), eq(zapSessionManagementMethod), any());
- verify(clientApiWrapper, times(1)).createNewUser(contextId, userName);
- verify(clientApiWrapper, times(1)).configureAuthenticationCredentials(eq(contextId), eq(userId), any());
- verify(clientApiWrapper, times(1)).setForcedUser(contextId, userId);
- verify(clientApiWrapper, times(1)).setForcedUserModeEnabled(true);
+ verify(clientApiWrapper).setAuthenticationMethod(eq(contextId), eq(zapAuthenticationMethod), any());
+ verify(clientApiWrapper).setSessionManagementMethod(eq(contextId), eq(zapSessionManagementMethod), any());
+ verify(clientApiWrapper).createNewUser(contextId, userName);
+ verify(clientApiWrapper).configureAuthenticationCredentials(eq(contextId), eq(userId), any());
+ verify(clientApiWrapper).setForcedUser(contextId, userId);
+ verify(clientApiWrapper).setForcedUserModeEnabled(true);
}
@Test
@@ -645,7 +645,7 @@ void configure_login_inside_zap_using_script_auth_without_script_file_results_in
/* test */
assertNull(userInformation);
verify(scriptLogin, never()).login(scanContext, clientApiWrapper);
- verify(scanContext, times(1)).getGroovyScriptLoginFile();
+ verify(scanContext).getGroovyScriptLoginFile();
}
@Test
@@ -682,15 +682,15 @@ void configure_login_inside_zap_using_script_auth_with_existing_script_file_resu
assertEquals(userName, userInformation.userName());
assertEquals(userId, userInformation.zapuserId());
- verify(scriptLogin, times(1)).login(scanContext, clientApiWrapper);
- verify(scanContext, times(1)).getGroovyScriptLoginFile();
+ verify(scriptLogin).login(scanContext, clientApiWrapper);
+ verify(scanContext).getGroovyScriptLoginFile();
- verify(clientApiWrapper, times(1)).setManualAuthenticationMethod(contextId);
- verify(clientApiWrapper, times(1)).setCookieBasedSessionManagementMethod(contextId);
- verify(clientApiWrapper, times(1)).createNewUser(contextId, userName);
- verify(clientApiWrapper, times(1)).configureAuthenticationCredentials(eq(contextId), eq(userId), any());
- verify(clientApiWrapper, times(1)).setForcedUser(contextId, userId);
- verify(clientApiWrapper, times(1)).setForcedUserModeEnabled(true);
+ verify(clientApiWrapper).setManualAuthenticationMethod(contextId);
+ verify(clientApiWrapper).setCookieBasedSessionManagementMethod(contextId);
+ verify(clientApiWrapper).createNewUser(contextId, userName);
+ verify(clientApiWrapper).configureAuthenticationCredentials(eq(contextId), eq(userId), any());
+ verify(clientApiWrapper).setForcedUser(contextId, userId);
+ verify(clientApiWrapper).setForcedUserModeEnabled(true);
}
@Test
@@ -706,7 +706,7 @@ void generate_report_calls_api_support_once() throws ClientApiException {
scannerToTest.generateZapReport();
/* test */
- verify(clientApiWrapper, times(1)).generateReport(any(), any(), any(), any(), any(), any(), any(), any(),
+ verify(clientApiWrapper).generateReport(any(), any(), any(), any(), any(), any(), any(), any(),
any(), any(), any(), any(), any());
}
@@ -721,8 +721,8 @@ void cleanup_after_scan() throws ClientApiException {
scannerToTest.cleanUp();
/* test */
- verify(clientApiWrapper, times(1)).removeReplacerRule(ZapScanner.X_SECHUB_DAST_HEADER_NAME);
- verify(scriptLogin, times(1)).cleanUpScriptLoginData(scanContext.getTargetUrlAsString(), clientApiWrapper);
+ verify(clientApiWrapper).removeReplacerRule(ZapScanner.X_SECHUB_DAST_HEADER_NAME);
+ verify(scriptLogin).cleanUpScriptLoginData(scanContext.getTargetUrlAsString(), clientApiWrapper);
}
@ParameterizedTest
@@ -739,9 +739,9 @@ void cleanup_after_scan_without_onylForUrls_headers_set_cleans_up_all_replacer_r
/* test */
int times = sechubWebScanConfig.getHeaders().get().size();
- verify(clientApiWrapper, times(1)).removeReplacerRule(ZapScanner.X_SECHUB_DAST_HEADER_NAME);
+ verify(clientApiWrapper).removeReplacerRule(ZapScanner.X_SECHUB_DAST_HEADER_NAME);
verify(clientApiWrapper, times(times + 1)).removeReplacerRule(any());
- verify(scriptLogin, times(1)).cleanUpScriptLoginData(scanContext.getTargetUrlAsString(), clientApiWrapper);
+ verify(scriptLogin).cleanUpScriptLoginData(scanContext.getTargetUrlAsString(), clientApiWrapper);
}
@ParameterizedTest
@@ -764,9 +764,9 @@ void cleanup_after_scan_with_onylForUrls_headers_set_cleans_up_all_replacer_rule
times += header.getOnlyForUrls().get().size() - 1;
}
}
- verify(clientApiWrapper, times(1)).removeReplacerRule(ZapScanner.X_SECHUB_DAST_HEADER_NAME);
+ verify(clientApiWrapper).removeReplacerRule(ZapScanner.X_SECHUB_DAST_HEADER_NAME);
verify(clientApiWrapper, times(times + 1)).removeReplacerRule(any());
- verify(scriptLogin, times(1)).cleanUpScriptLoginData(scanContext.getTargetUrlAsString(), clientApiWrapper);
+ verify(scriptLogin).cleanUpScriptLoginData(scanContext.getTargetUrlAsString(), clientApiWrapper);
}
@Test
@@ -786,7 +786,7 @@ void wait_for_ajaxSpider_scan_is_cancelled_results_in_exception_with_dedicated_e
/* test */
assertEquals(ZapWrapperExitCode.SCAN_JOB_CANCELLED, exception.getExitCode());
verify(zapPDSEventHandler, times(2)).isScanCancelled();
- verify(clientApiWrapper, times(1)).stopAjaxSpider();
+ verify(clientApiWrapper).stopAjaxSpider();
}
@Test
@@ -802,7 +802,7 @@ void wait_for_ajaxSpider_scan_ended_results_in_expected_calls() throws ClientApi
/* test */
verify(clientApiWrapper, times(2)).getAjaxSpiderStatus();
- verify(clientApiWrapper, times(1)).stopAjaxSpider();
+ verify(clientApiWrapper).stopAjaxSpider();
}
@Test
@@ -822,7 +822,7 @@ void wait_for_spider_scan_is_cancelled_results_in_exception_with_dedicated_exit_
/* test */
assertEquals(ZapWrapperExitCode.SCAN_JOB_CANCELLED, exception.getExitCode());
verify(zapPDSEventHandler, times(2)).isScanCancelled();
- verify(clientApiWrapper, times(1)).stopSpiderScan(scanId);
+ verify(clientApiWrapper).stopSpiderScan(scanId);
}
@Test
@@ -858,7 +858,7 @@ void wait_for_passiveScan_scan_is_ended_results_in_expected_calls() throws Clien
scannerToTest.runAndWaitForPassiveScan();
/* test */
- verify(clientApiWrapper, times(1)).getNumberOfPassiveScannerRecordsToScan();
+ verify(clientApiWrapper).getNumberOfPassiveScannerRecordsToScan();
}
@Test
@@ -880,7 +880,7 @@ void wait_for_activeScan_scan_is_cancelled_results_in_exception_with_dedicated_e
assertEquals(ZapWrapperExitCode.SCAN_JOB_CANCELLED, exception.getExitCode());
verify(zapPDSEventHandler, times(2)).isScanCancelled();
verify(clientApiWrapper, never()).getActiveScannerStatusForScan(scanId);
- verify(clientApiWrapper, times(1)).stopActiveScan(scanId);
+ verify(clientApiWrapper).stopActiveScan(scanId);
}
@Test
@@ -897,7 +897,7 @@ void wait_for_activeScan_scan_is_ended_results_in_expected_calls() throws Client
/* test */
verify(clientApiWrapper, atLeast(1)).getActiveScannerStatusForScan(scanId);
- verify(clientApiWrapper, times(1)).stopActiveScan(scanId);
+ verify(clientApiWrapper).stopActiveScan(scanId);
}
@Test
@@ -913,7 +913,7 @@ void run_ajaxSpider_scan_ended_results_in_expected_calls() throws ClientApiExcep
/* test */
verify(clientApiWrapper, times(2)).getAjaxSpiderStatus();
- verify(clientApiWrapper, times(1)).stopAjaxSpider();
+ verify(clientApiWrapper).stopAjaxSpider();
}
@Test
@@ -934,11 +934,11 @@ void run_spider_scan_ended_results_in_expected_calls() throws ClientApiException
scannerToTest.runAndWaitForSpider();
/* test */
- verify(scanContext, times(1)).getZapProductMessageHelper();
+ verify(scanContext).getZapProductMessageHelper();
verify(clientApiWrapper, times(2)).getSpiderStatusForScan(scanId);
- verify(clientApiWrapper, times(1)).stopSpiderScan(scanId);
- verify(clientApiWrapper, times(1)).logFullSpiderResults(scanId);
- verify(clientApiWrapper, times(1)).startSpiderScan(any(), any(), anyBoolean(), any(), anyBoolean());
+ verify(clientApiWrapper).stopSpiderScan(scanId);
+ verify(clientApiWrapper).logFullSpiderResults(scanId);
+ verify(clientApiWrapper).startSpiderScan(any(), any(), anyBoolean(), any(), anyBoolean());
}
@Test
@@ -956,9 +956,9 @@ void run_activeScan_scan_is_ended_results_in_expected_calls() throws ClientApiEx
scannerToTest.runAndWaitActiveScan(scanId);
/* test */
- verify(clientApiWrapper, times(1)).getActiveScannerStatusForScan(scanId);
- verify(clientApiWrapper, times(1)).stopActiveScan(scanId);
- verify(clientApiWrapper, times(1)).startActiveScan(any(), anyBoolean(), anyBoolean(), any(), any(), any(), anyInt());
+ verify(clientApiWrapper).getActiveScannerStatusForScan(scanId);
+ verify(clientApiWrapper).stopActiveScan(scanId);
+ verify(clientApiWrapper).startActiveScan(any(), anyBoolean(), anyBoolean(), any(), any(), any(), anyInt());
}
static Stream headerPartWithoutOnlyForUrlsTestNamedArguments() {
diff --git a/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginSessionConfiguratorTest.java b/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginSessionConfiguratorTest.java
index 39796f414..6b3ba3d8e 100644
--- a/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginSessionConfiguratorTest.java
+++ b/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginSessionConfiguratorTest.java
@@ -66,16 +66,16 @@ void one_cookie_and_one_jwt_results_in_each_mock_called_once() throws ClientApiE
sessionConfiguratorToTest.passSessionDataToZAP(loginResult, TARGET_URL, clientApiWrapper);
/* test */
- verify(clientApiWrapper, times(1)).removeHTTPSession(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).removeHTTPSessionToken(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).removeReplacerRule(any());
- verify(clientApiWrapper, times(1)).addHTTPSessionToken(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).createEmptyHTTPSession(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).setHTTPSessionTokenValue(eq(TARGET_URL), any(), eq(cookie.getName()), eq(cookie.getValue()));
- verify(clientApiWrapper, times(1)).setActiveHTTPSession(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).addReplacerRule(any(), anyBoolean(), any(), anyBoolean(), any(), any(), any(), any());
-
- verify(clientApiWrapper, times(1)).accessUrlViaZap(TARGET_URL, FOLLOW_REDIRECTS);
+ verify(clientApiWrapper).removeHTTPSession(eq(TARGET_URL), any());
+ verify(clientApiWrapper).removeHTTPSessionToken(eq(TARGET_URL), any());
+ verify(clientApiWrapper).removeReplacerRule(any());
+ verify(clientApiWrapper).addHTTPSessionToken(eq(TARGET_URL), any());
+ verify(clientApiWrapper).createEmptyHTTPSession(eq(TARGET_URL), any());
+ verify(clientApiWrapper).setHTTPSessionTokenValue(eq(TARGET_URL), any(), eq(cookie.getName()), eq(cookie.getValue()));
+ verify(clientApiWrapper).setActiveHTTPSession(eq(TARGET_URL), any());
+ verify(clientApiWrapper).addReplacerRule(any(), anyBoolean(), any(), anyBoolean(), any(), any(), any(), any());
+
+ verify(clientApiWrapper).accessUrlViaZap(TARGET_URL, FOLLOW_REDIRECTS);
}
@Test
@@ -97,14 +97,14 @@ void no_cookie_and_no_jwt_results_clienapiwrapper_not_adding_replacer_rule() thr
// no cookie can be added
verify(clientApiWrapper, never()).setHTTPSessionTokenValue(eq(TARGET_URL), any(), any(), any());
- verify(clientApiWrapper, times(1)).removeHTTPSession(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).removeHTTPSessionToken(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).removeReplacerRule(any());
- verify(clientApiWrapper, times(1)).addHTTPSessionToken(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).createEmptyHTTPSession(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).setActiveHTTPSession(eq(TARGET_URL), any());
+ verify(clientApiWrapper).removeHTTPSession(eq(TARGET_URL), any());
+ verify(clientApiWrapper).removeHTTPSessionToken(eq(TARGET_URL), any());
+ verify(clientApiWrapper).removeReplacerRule(any());
+ verify(clientApiWrapper).addHTTPSessionToken(eq(TARGET_URL), any());
+ verify(clientApiWrapper).createEmptyHTTPSession(eq(TARGET_URL), any());
+ verify(clientApiWrapper).setActiveHTTPSession(eq(TARGET_URL), any());
- verify(clientApiWrapper, times(1)).accessUrlViaZap(TARGET_URL, FOLLOW_REDIRECTS);
+ verify(clientApiWrapper).accessUrlViaZap(TARGET_URL, FOLLOW_REDIRECTS);
}
@Test
diff --git a/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginTest.java b/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginTest.java
index 84934feab..0cc45dbc3 100644
--- a/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginTest.java
+++ b/sechub-wrapper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginTest.java
@@ -53,8 +53,8 @@ void script_login_execution_is_perfomed_as_expected() throws Exception {
scriptLoginToTest.login(scanContext, clientApiWrapper);
/* test */
- verify(groovyScriptExecutor, times(1)).executeScript(scanContext.getGroovyScriptLoginFile(), scanContext);
- verify(sessionConfigurator, times(1)).passSessionDataToZAP(loginResult, scanContext.getTargetUrlAsString(), clientApiWrapper);
+ verify(groovyScriptExecutor).executeScript(scanContext.getGroovyScriptLoginFile(), scanContext);
+ verify(sessionConfigurator).passSessionDataToZAP(loginResult, scanContext.getTargetUrlAsString(), clientApiWrapper);
}
@Test
@@ -71,7 +71,7 @@ void script_can_not_be_read_results_in_firefox_closed_and_session_configurator_n
assertThrows(ZapWrapperRuntimeException.class, () -> scriptLoginToTest.login(scanContext, clientApiWrapper));
/* test */
- verify(groovyScriptExecutor, times(1)).executeScript(scanContext.getGroovyScriptLoginFile(), scanContext);
+ verify(groovyScriptExecutor).executeScript(scanContext.getGroovyScriptLoginFile(), scanContext);
verify(sessionConfigurator, never()).passSessionDataToZAP(loginResult, scanContext.getTargetUrlAsString(), clientApiWrapper);
}
@@ -89,7 +89,7 @@ void script_login_execution_fails_results_in_firefox_closed_and_session_configur
assertThrows(ZapWrapperRuntimeException.class, () -> scriptLoginToTest.login(scanContext, clientApiWrapper));
/* test */
- verify(groovyScriptExecutor, times(1)).executeScript(scanContext.getGroovyScriptLoginFile(), scanContext);
+ verify(groovyScriptExecutor).executeScript(scanContext.getGroovyScriptLoginFile(), scanContext);
verify(sessionConfigurator, never()).passSessionDataToZAP(loginResult, scanContext.getTargetUrlAsString(), clientApiWrapper);
}
@@ -106,8 +106,8 @@ void session_configurator_fails_results_in_excpetion_thrown() throws Exception {
assertThrows(ZapWrapperRuntimeException.class, () -> scriptLoginToTest.login(scanContext, clientApiWrapper));
/* test */
- verify(groovyScriptExecutor, times(1)).executeScript(scanContext.getGroovyScriptLoginFile(), scanContext);
- verify(sessionConfigurator, times(1)).passSessionDataToZAP(loginResult, scanContext.getTargetUrlAsString(), clientApiWrapper);
+ verify(groovyScriptExecutor).executeScript(scanContext.getGroovyScriptLoginFile(), scanContext);
+ verify(sessionConfigurator).passSessionDataToZAP(loginResult, scanContext.getTargetUrlAsString(), clientApiWrapper);
}
private ZapScanContext createValidZapScanContext() throws MalformedURLException, URISyntaxException {