added some missing parameters from refactor (#76)

soos-io · Nov 8, 2023 · 5a371d7 · 5a371d7
1 parent 509366a
commit 5a371d7
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 25 deletions.
diff --git a/src/index.ts b/src/index.ts
@@ -280,6 +280,17 @@ class SOOSDASTAnalysis {
  },
  });
 
+ parser.add_argument("--oauthParameters", {
+ help: `Parameters to be added to the oauth token request. (eg --oauthParameters="client_id:clientID, client_secret:clientSecret, grant_type:client_credentials").`,
+ required: false,
+ nargs: "*",
+ });
+
+ parser.add_argument("--oauthTokenUrl", {
+ help: "The authentication URL that grants the access_token.",
+ required: false,
+ });
+
  parser.add_argument("--onFailure", {
  help: "Action to perform when the scan fails. Options: fail_the_build, continue_on_failure.",
  default: OnFailure.Continue,
@@ -358,6 +369,11 @@ class SOOSDASTAnalysis {
  required: false,
  });
 
+ parser.add_argument("--updateAddons", {
+ help: "Update ZAP Addons - Update ZAP Addons before running the scan.",
+ action: "store_true",
+ });
+
  parser.add_argument("--verbose", {
  help: "Enable verbose logging.",
  action: "store_true",

diff --git a/src/utils/ZAPCommandGenerator.ts b/src/utils/ZAPCommandGenerator.ts
@@ -58,6 +58,10 @@ export class ZAPCommandGenerator {
  args.push(this.config.otherOptions);
  }
 
+ if (this.config.updateAddons) {
+ args.push(CONSTANTS.ZAP.UPDATE_ADDONS_OPTION);
+ }
+
  return args.join(" ");
  }
 

diff --git a/src/utils/constants.ts b/src/utils/constants.ts
@@ -1,45 +1,46 @@
 export const CONSTANTS = {
- SOOS: {
- API_KEY_ENV_VAR: "SOOS_API_KEY",
- CLIENT_ID_ENV_VAR: "SOOS_CLIENT_ID",
- },
  AUTH: {
  DELAY_TIME: 5,
  },
- STATUS: {
- DELAY_TIME: 5,
- MAX_ATTEMPTS: 10,
+ DAST: {
+ TOOL: "zap",
+ TOOL_VERSION: "2.12",
  },
  FILES: {
- SARIF: "results.sarif",
- REPORT_SCAN_RESULT_FILENAME: "report.json",
  REPORT_SCAN_RESULT_FILE: "/zap/wrk/report.json",
+ REPORT_SCAN_RESULT_FILENAME: "report.json",
+ SARIF: "results.sarif",
  SPIDERED_URLS_FILE_PATH: "./spidered_urls.txt",
  ZAP_CUSTOM_HOOK_SCRIPT: "src/zap_hooks/soos_zap_hook.py",
  },
+ SOOS: {
+ API_KEY_ENV_VAR: "SOOS_API_KEY",
+ CLIENT_ID_ENV_VAR: "SOOS_CLIENT_ID",
+ },
+ STATUS: {
+ DELAY_TIME: 5,
+ MAX_ATTEMPTS: 10,
+ },
  ZAP: {
+ ACTIVE_SCAN_POLICY_NAME: "Default Policy",
+ AJAX_SPIDER_OPTION: "-j",
  COMMAND: "python3",
- SCRIPTS: {
- BASE_LINE: "/zap/zap-baseline.py",
- FULL_SCAN: "/zap/zap-full-scan.py",
- API_SCAN: "/zap/zap-api-scan.py",
- },
  CONFIG_FILE_FOLDER: "/zap/config/",
- TARGET_URL_OPTION: "-t",
- RULES_FILE_OPTION: "-c",
  CONTEXT_FILE_OPTION: "-n",
- SPIDER_MINUTES_OPTION: "-m",
  DEBUG_OPTION: "-d",
- AJAX_SPIDER_OPTION: "-j",
  FORMAT_OPTION: "-f",
- JSON_REPORT_OPTION: "-J",
- OPTIONS: "-z",
  HOOK_OPTION: "--hook",
- ACTIVE_SCAN_POLICY_NAME: "Default Policy",
  HTTP_SENDER_SCRIPTS_FOLDER_PATH: "/home/zap/.ZAP/scripts/scripts/httpsender/",
- },
- DAST: {
- TOOL: "zap",
- TOOL_VERSION: "2.12",
+ JSON_REPORT_OPTION: "-J",
+ OPTIONS: "-z",
+ RULES_FILE_OPTION: "-c",
+ SCRIPTS: {
+ API_SCAN: "/zap/zap-api-scan.py",
+ BASE_LINE: "/zap/zap-baseline.py",
+ FULL_SCAN: "/zap/zap-full-scan.py",
+ },
+ SPIDER_MINUTES_OPTION: "-m",
+ TARGET_URL_OPTION: "-t",
+ UPDATE_ADDONS_OPTION: "--updateAddons",
  },
 };