Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature 3611 zap wrapper webscan template login #3622

Merged
merged 13 commits into from
Nov 27, 2024
Merged

Feature 3611 zap wrapper webscan template login #3622

merged 13 commits into from
Nov 27, 2024

Conversation

winzj
Copy link
Member

@winzj winzj commented Nov 18, 2024

winzj added 4 commits November 14, 2024 11:35
@winzj
Add encodingType to totp config #3611
b7d49a8 
- add entry to openapi.yaml
- add field with default
- extend unit tests
- extend examples, documentation and RestDocTest
@winzj
Update totp generator and add seed decoding #3611
7d60008 
- add decoder with autodetect method and unit testcases
- add seed to totp generator and change signature
- update unit testcases
@winzj
Refactoring of usage
6d990f9
@winzj
Implement script login via template handling with some dummy data #3611
f19d26b 
- add parts for script execution with session management
- add script authentication to ZapScanner
- add necessary dependencies to gradle files
- add configuration option via commandline parameter and ENV variable
@winzj winzj marked this pull request as draft November 18, 2024 08:21
@winzj winzj changed the title Feature 3611 webscan template login Feature 3611 zap wrapper webscan template login Nov 18, 2024
winzj added 2 commits November 18, 2024 11:50
@winzj
add groovy example to README.adoc and improve TOTP usability #3611
d0755f5 
- add groovy script example to README.adoc
- add short explanations
- add method to TOTPGenerator to generate a currently valid TOTP
- update examples
@winzj
Remove static mock parts in tests and create new mocks for each test #…
a29183b 
…3622
@winzj winzj marked this pull request as ready for review November 19, 2024 06:51
@winzj winzj requested a review from de-jcup November 19, 2024 06:51
de-jcup
de-jcup requested changes Nov 21, 2024
View reviewed changes
Copy link
Member

@de-jcup de-jcup left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good job! I found still some parts which should be changed.

If the changes are too big (e.g. refactoring of client wrapper, to use only dedicated values (e.g. booleans, integers ) etc.
feel free to create a new issue to handle this later.

...ub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/login/EncodingType.java Outdated Show resolved Hide resolved
sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc Outdated Show resolved Hide resolved
sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc Outdated Show resolved Hide resolved
sechub-wrapper-owasp-zap/README.adoc Outdated Show resolved Hide resolved
sechub-wrapper-owasp-zap/README.adoc Outdated Show resolved Hide resolved
...b-wrapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/util/TOTPGenerator.java Outdated Show resolved Hide resolved
...wasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/helper/ZapPDSEventHandlerTest.java Outdated Show resolved Hide resolved
...wasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/helper/ZapPDSEventHandlerTest.java Show resolved Hide resolved
...apper-owasp-zap/src/test/java/com/mercedesbenz/sechub/zapwrapper/util/StringDecoderTest.java Outdated Show resolved Hide resolved
sechub-wrapper-owasp-zap/README.adoc Show resolved Hide resolved
winzj added 6 commits November 21, 2024 15:36
@winzj
PR review changes part one #3622
e0de388 
- update documentation and fix typos
- change implementation of fetching groovy script file,
  now the file must be specified directly via cli or ENV
- other minor changes
@winzj
PR review changes part two #3622
223b868 
- refactored ClientApiWrapper by using real datatypes instead of strings
- updated test cases
- moved logging to ClientApiWrapper
- add additional data to proxy settings
@winzj
Apply headers + update README.adoc #3622
1232db8
@winzj
Change webdriver proxy settings and add todo #3622
e4a4459
@winzj
Refactoring to be able to close the browser earlier #3622
9b34ad4 
- add a ScriptLoginResult which contains all the session data
- update the current script login to use the ScriptLoginResult
- update and extend testcases
@winzj
Remove not necessary call and add documentation #3622
b05e13b
@winzj winzj requested a review from de-jcup November 26, 2024 08:52
de-jcup
de-jcup approved these changes Nov 27, 2024
View reviewed changes
Copy link
Member

@de-jcup de-jcup left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good work. I found some minor parts but will still approve.

Please read my comments and decide if you want to handle this before doing the merge.

...rapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/JWTSupport.java Outdated Show resolved Hide resolved
...rapper-owasp-zap/src/main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/JWTSupport.java Show resolved Hide resolved
.../main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginWebDriverFactory.java Show resolved Hide resolved
.../main/java/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapWrapperGroovyScriptExecutor.java Outdated Show resolved Hide resolved
...ava/com/mercedesbenz/sechub/zapwrapper/scan/login/ZapScriptLoginSessionConfiguratorTest.java Outdated Show resolved Hide resolved
@winzj winzj merged commit 639d9f5 into develop Nov 27, 2024
2 checks passed
@winzj winzj deleted the feature-3611-webscan-template-login branch November 27, 2024 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@de-jcup de-jcup de-jcup approved these changes

Assignees

@de-jcup de-jcup

@winzj winzj

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement template login for ZAP wrapper application
2 participants
@winzj @de-jcup