diff --git a/CheckmarxPythonSDK/CxOne/AccessControlAPI/api.py b/CheckmarxPythonSDK/CxOne/AccessControlAPI/api.py index 01c0b8c..f8d28bf 100644 --- a/CheckmarxPythonSDK/CxOne/AccessControlAPI/api.py +++ b/CheckmarxPythonSDK/CxOne/AccessControlAPI/api.py @@ -12,7 +12,9 @@ construct_ast_user, ) -# PIP +""" +PIP +""" def get_groups(realm, group_name=None, limit=None, ids=None) -> List[AstIdWithName]: @@ -78,5 +80,3 @@ def get_users_by_groups(realm, group_id) -> List[AstUser]: response = get_request(relative_url=relative_url, is_iam=True) item_list = response.json() return [construct_ast_user(item) for item in item_list] - - diff --git a/CheckmarxPythonSDK/CxOne/KeycloakAPI/ClientsAPI.py b/CheckmarxPythonSDK/CxOne/KeycloakAPI/ClientsAPI.py index 4498024..66b0803 100644 --- a/CheckmarxPythonSDK/CxOne/KeycloakAPI/ClientsAPI.py +++ b/CheckmarxPythonSDK/CxOne/KeycloakAPI/ClientsAPI.py @@ -3,11 +3,13 @@ from CheckmarxPythonSDK.CxOne.KeycloakAPI.url import api_url import time + def get_all_oauth_clients(realm): relative_url = api_url + f"/{realm}/clients??first=0&max=999999&search=True" response = get_request(relative_url=relative_url, is_iam=True) return response + def get_oauth_client_by_name(realm, client_name): relative_url = api_url + f"/{realm}/clients??first=0&max=999999&search=True" response = get_request(relative_url=relative_url, is_iam=True) @@ -18,11 +20,12 @@ def get_oauth_client_by_name(realm, client_name): return response + def create_oauth_client(realm, client_name): relative_url = api_url + f"/{realm}/clients" post_data = json.dumps( { - 'enabled' : True, + 'enabled': True, 'attributes': {}, 'redirectUris': [], 'clientId': client_name, @@ -32,6 +35,7 @@ def create_oauth_client(realm, client_name): response = post_request(relative_url=relative_url, data=post_data, is_iam=True) return response + def edit_auth_client(realm, client_id, client_name, name, description): relative_url = api_url + f"/{realm}/clients/{client_id}" current_time = int(time.time()) @@ -69,43 +73,43 @@ def edit_auth_client(realm, client_id, client_name, name, description): "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": False, - "config": { - "user.session.note": "clientAddress", - "id.token.claim": "True", - "access.token.claim": "True", - "claim.name": "clientAddress", - "jsonType.label": "String" - } + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": False, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "True", + "access.token.claim": "True", + "claim.name": "clientAddress", + "jsonType.label": "String" + } }, { - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": False, - "config": { - "user.session.note": "clientId", - "id.token.claim": "True", - "access.token.claim": "True", - "claim.name": "clientId", - "jsonType.label": "String" - } + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": False, + "config": { + "user.session.note": "clientId", + "id.token.claim": "True", + "access.token.claim": "True", + "claim.name": "clientId", + "jsonType.label": "String" + } }, { - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": False, - "config": { - "user.session.note": "clientHost", - "id.token.claim": "True", - "access.token.claim": "True", - "claim.name": "clientHost", - "jsonType.label": "String" - } + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": False, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "True", + "access.token.claim": "True", + "claim.name": "clientHost", + "jsonType.label": "String" + } } ], "defaultClientScopes": [ @@ -134,19 +138,21 @@ def edit_auth_client(realm, client_id, client_name, name, description): response = put_request(relative_url=relative_url, data=put_data, is_iam=True) return response + def get_oauth_service_account_user(realm, client_id): relative_url = api_url + f"/{realm}/clients/{client_id}/service-account-user" response = get_request(relative_url=relative_url, is_iam=True) return response.json() + def add_group_to_oauth_client(realm, service_account_user_id, group_id): relative_url = api_url + f"/{realm}/users/{service_account_user_id}/groups/{group_id}" - + put_data = json.dumps( { - "realm":f"{realm}", - "userId":f"{service_account_user_id}", - "groupId":f"{group_id}" + "realm": f"{realm}", + "userId": f"{service_account_user_id}", + "groupId": f"{group_id}" } ) response = put_request(relative_url=relative_url, data=put_data, is_iam=True) diff --git a/CheckmarxPythonSDK/CxOne/KeycloakAPI/RoleMapperAPI.py b/CheckmarxPythonSDK/CxOne/KeycloakAPI/RoleMapperAPI.py index e69de29..f711d37 100644 --- a/CheckmarxPythonSDK/CxOne/KeycloakAPI/RoleMapperAPI.py +++ b/CheckmarxPythonSDK/CxOne/KeycloakAPI/RoleMapperAPI.py @@ -0,0 +1,16 @@ +import json +from ...utilities.compat import CREATED, NO_CONTENT +from ..httpRequests import get_request, post_request, put_request, delete_request +from typing import List +from ..utilities import get_url_param, type_check +from .url import api_url + + +def get_role_mappings(realm, group_id): + type_check(realm, str) + type_check(group_id, str) + + relative_url = api_url + f"/{realm}/groups/{group_id}/role-mappings" + response = get_request(relative_url=relative_url, is_iam=True) + response = response.json() + return response diff --git a/CheckmarxPythonSDK/CxOne/KeycloakAPI/__init__.py b/CheckmarxPythonSDK/CxOne/KeycloakAPI/__init__.py index faee2fa..d6b331a 100644 --- a/CheckmarxPythonSDK/CxOne/KeycloakAPI/__init__.py +++ b/CheckmarxPythonSDK/CxOne/KeycloakAPI/__init__.py @@ -18,3 +18,7 @@ get_group_members, create_group, ) + +from .RoleMapperAPI import ( + get_role_mappings, +) \ No newline at end of file diff --git a/CheckmarxPythonSDK/CxOne/reportAPI b/CheckmarxPythonSDK/CxOne/reportAPI.py similarity index 77% rename from CheckmarxPythonSDK/CxOne/reportAPI rename to CheckmarxPythonSDK/CxOne/reportAPI.py index f8d377c..258c655 100644 --- a/CheckmarxPythonSDK/CxOne/reportAPI +++ b/CheckmarxPythonSDK/CxOne/reportAPI.py @@ -8,30 +8,31 @@ base_url = config.get("server") + def create_scan_report(file_format, scan_id, project_id): report_url = f"{base_url}/api/reports" post_data = json.dumps({ - "fileFormat": file_format, - "reportType": "ui", - "reportName": "scan-report", - "data": { - "scanId": scan_id, - "projectId": project_id, - "branchName": ".unknown", - "sections": [ + "fileFormat": file_format, + "reportType": "ui", + "reportName": "scan-report", + "data": { + "scanId": scan_id, + "projectId": project_id, + "branchName": ".unknown", + "sections": [ "ScanSummary", "ExecutiveSummary", "ScanResults" - ], - "scanners": [ + ], + "scanners": [ "SAST", "SCA", "KICS" - ], - "host": "" - } - }) + ], + "host": "" + } + }) headers = authHeaders.auth_headers.copy() @@ -54,6 +55,7 @@ def create_scan_report(file_format, scan_id, project_id): time.sleep(2) return report_id + def get_scan_report(report_id): relative_url = f"/api/reports/{report_id}/download"