add package data to java wrapper (#19)

* add package data to java wrapper

* add validation to prevent null pointer exception when a test fails

* add possibility of adding additional parameters globally to the scan config

Author: diogopcx

src/main/java/com/checkmarx/ast/results/structure/CxResultData.java

@@ -6,7 +6,6 @@
 import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import lombok.*;
 
-import java.math.BigInteger;
 import java.util.List;
 
 @Data
@@ -26,20 +25,23 @@ public class CxResultData {
     String languageName;
     String description;
     List<CxResultDataNode> nodes;
+    List<CxResultPackageData> packageData;
 
     public CxResultData(@JsonProperty("queryId") String queryId,
                         @JsonProperty("queryName") String queryName,
                         @JsonProperty("group") String group,
                         @JsonProperty("resultHash") String resultHash,
                         @JsonProperty("languageName") String languageName,
                         @JsonProperty("description") String description,
-                        @JsonProperty("nodes") List<CxResultDataNode> nodes) {
+                        @JsonProperty("nodes") List<CxResultDataNode> nodes,
+                        @JsonProperty("packageData") List<CxResultPackageData> packageData) {
         this.queryId = queryId;
         this.queryName = queryName;
         this.group = group;
         this.resultHash = resultHash;
         this.languageName = languageName;
         this.description = description;
         this.nodes = nodes;
+        this.packageData = packageData;
     }
 }

src/main/java/com/checkmarx/ast/results/structure/CxResultPackageData.java

@@ -0,0 +1,30 @@
+package com.checkmarx.ast.results.structure;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import lombok.*;
+
+@Data
+@Builder
+@Value
+@EqualsAndHashCode
+@ToString
+@JsonDeserialize()
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class CxResultPackageData {
+
+    String comment;
+    String type;
+    String url;
+
+    public CxResultPackageData(@JsonProperty("comment") String comment,
+                               @JsonProperty("type") String type,
+                               @JsonProperty("url") String url) {
+        this.comment = comment;
+        this.type = type;
+        this.url = url;
+    }
+}

src/main/java/com/checkmarx/ast/scans/CxAuth.java

@@ -3,14 +3,12 @@
 import com.checkmarx.ast.exceptions.CxException;
 import com.checkmarx.ast.executionservice.ExecutionService;
 import com.checkmarx.ast.results.CxCommandOutput;
-import com.checkmarx.ast.results.CxResultFormatType;
 import com.checkmarx.ast.results.structure.CxResultOutput;
 import com.fasterxml.jackson.core.JsonParser;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.lang3.reflect.FieldUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -27,6 +25,7 @@
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import java.util.zip.ZipEntry;
@@ -40,18 +39,22 @@ public class CxAuth {
     private final String key;
     private final String secret;
     private final String apikey;
+    private final List<String> additionalParameters = new ArrayList<>();
     private final URI executable;
 
     public CxAuth(CxScanConfig scanConfig, Logger log) throws IOException, URISyntaxException, CxException {
-        if (scanConfig == null)
+        if (scanConfig == null) {
             throw new CxException("CxScanConfig object returned as null!");
+        }
 
         this.baseuri = scanConfig.getBaseUri();
         this.baseAuthUri = scanConfig.getBaseAuthUri();
         this.tenant = scanConfig.getTenant();
         this.key = scanConfig.getClientId();
         this.secret = scanConfig.getClientSecret();
         this.apikey = scanConfig.getApiKey();
+        addIndividualParams(this.additionalParameters,
+                            Optional.ofNullable(scanConfig.getAdditionalParameters()).orElse(""));
 
         validateConfigValues();
 
@@ -67,7 +70,7 @@ public CxAuth(CxScanConfig scanConfig, Logger log) throws IOException, URISyntax
         }
     }
 
-    private void validateConfigValues(){
+    private void validateConfigValues() {
         if (StringUtils.isEmpty(this.baseuri)) {
             throw new CxException("Checkmarx server URL was not set");
         }
@@ -184,10 +187,11 @@ public CxCommandOutput cxScanShow(String id) throws IOException, InterruptedExce
         commands.add("--scan-id");
         commands.add(id);
         CxCommandOutput scanObject = runExecutionCommands(commands);
-        if (scanObject.getScanObjectList() != null && scanObject.getScanObjectList().size() == 1)
+        if (scanObject.getScanObjectList() != null && scanObject.getScanObjectList().size() == 1) {
             log.info("Scan retrieved");
-        else
+        } else {
             log.info("Did not receive the scan");
+        }
 
         return scanObject;
     }
@@ -234,7 +238,6 @@ private List<String> buildResultCommand(String resultType, String scanId, String
     }
 
 
-
     private String runResultExecutionCommands(String scanId, String resultType, String extension) throws IOException {
         Path tempDir = Files.createTempDirectory("cx");
         String fileName = Long.toString(System.nanoTime());
@@ -263,7 +266,7 @@ private String runResultExecutionCommands(List<String> commands) throws IOExcept
             builder.append(line);
             builder.append(System.getProperty("line.separator"));
         }
-        if(!process.isAlive() && process.exitValue()!= 0) {
+        if (!process.isAlive() && process.exitValue() != 0) {
             log.info("Exit code from CLI is: {} ", process.exitValue());
             return "";
         }
@@ -330,6 +333,8 @@ public List<String> initialCommandsCommon() {
             commands.add(this.baseAuthUri);
         }
 
+        commands.addAll(this.additionalParameters);
+
         return commands;
     }
 
@@ -364,19 +369,21 @@ public CxCommandOutput cxAstScanList() throws IOException, InterruptedException
         InputStreamReader isr = new InputStreamReader(is);
         BufferedReader br = new BufferedReader(isr);
         while ((line = br.readLine()) != null) {
-            if (isValidJSON(line) && !line.isEmpty())
+            if (isValidJSON(line) && !line.isEmpty()) {
                 list = transformToCxScanList(line);
+            }
         }
         br.close();
         process.waitFor();
 
         CxCommandOutput cxCommandOutput = new CxCommandOutput();
         cxCommandOutput.setScanObjectList(list);
         cxCommandOutput.setExitCode(process.exitValue());
-        if (list != null && !list.isEmpty())
+        if (list != null && !list.isEmpty()) {
             log.info("Retrieved scan list with size: {}", list.size());
-        else
+        } else {
             log.info("Not able to retrieve scan list");
+        }
 
         return cxCommandOutput;
     }
@@ -396,32 +403,28 @@ public CxCommandOutput cxScanCreate(Map<CxParamType, String> params) throws IOEx
                 addIndividualParams(commands, param.getValue());
             } else if (param.getKey().toString().length() == 1) {
                 commands.add("-" + param.getKey().toString().toLowerCase());
-                if (param.getValue() != null)
+                if (param.getValue() != null) {
                     commands.add(param.getValue());
-                else
+                } else {
                     commands.add(" ");
+                }
 
             } else if (param.getKey() != CxParamType.ADDITIONAL_PARAMETERS) {
                 String paramValue = param.getKey().toString();
                 paramValue = "--" + paramValue.replace("_", "-").toLowerCase();
                 commands.add(paramValue);
-                if (param.getValue() != null)
+                if (param.getValue() != null) {
                     commands.add(param.getValue());
-                else
+                } else {
                     commands.add(" ");
+                }
 
             }
         }
 
         return runExecutionCommands(commands);
     }
 
-    private void addIndividualParams(List<String> commands, String value) {
-        Matcher m = Pattern.compile("([^\"]\\S*|\".+?\")\\s*").matcher(value);
-        while (m.find())
-            commands.add(m.group(1));
-    }
-
     private void addAuthCredentials(List<String> commands) {
         if (key != null && secret != null) {
             commands.add("--client-id");
@@ -436,7 +439,14 @@ private void addAuthCredentials(List<String> commands) {
         }
     }
 
-    private List<CxScan> transformToCxScanList(String line) {
+    private static void addIndividualParams(List<String> commands, String value) {
+        Matcher m = Pattern.compile("([^\"]\\S*|\".+?\")\\s*").matcher(value);
+        while (m.find()) {
+            commands.add(m.group(1));
+        }
+    }
+
+    private static List<CxScan> transformToCxScanList(String line) {
         ObjectMapper objectMapper = new ObjectMapper();
         List<CxScan> scanList;
         try {
@@ -449,7 +459,7 @@ private List<CxScan> transformToCxScanList(String line) {
 
     }
 
-    public boolean isValidJSON(final String json) {
+    public static boolean isValidJSON(final String json) {
         boolean valid = false;
         try {
             final JsonParser parser = new ObjectMapper().createParser(json);
@@ -461,5 +471,4 @@ public boolean isValidJSON(final String json) {
         }
         return valid;
     }
-
 }

src/main/java/com/checkmarx/ast/scans/CxScanConfig.java

@@ -1,12 +1,12 @@
 package com.checkmarx.ast.scans;
 
+import lombok.Data;
 import lombok.Getter;
 import lombok.Setter;
 
 import java.io.Serializable;
 
-@Getter
-@Setter
+@Data
 public class CxScanConfig implements Serializable {
 
     private String baseUri;
@@ -16,4 +16,5 @@ public class CxScanConfig implements Serializable {
     private String clientSecret;
     private String apiKey;
     private String pathToExecutable;
+    private String additionalParameters;
 }

src/test/java/com/checkmarx/ast/CxAuthTest.java

@@ -1,12 +1,10 @@
 package com.checkmarx.ast;
 
 import com.checkmarx.ast.results.CxCommandOutput;
-import com.checkmarx.ast.results.CxResultFormatType;
 import com.checkmarx.ast.results.structure.CxResultOutput;
 import com.checkmarx.ast.scans.CxAuth;
 import com.checkmarx.ast.scans.CxParamType;
 import com.checkmarx.ast.scans.CxScanConfig;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
@@ -39,6 +37,12 @@ public void init() throws IOException, URISyntaxException {
         log.info("Init test");
 
         Map<String, String> environmentVariables = System.getenv();
+        CxScanConfig config = getCxScanConfig(environmentVariables);
+
+        auth = new CxAuth(config, log);
+    }
+
+    private static CxScanConfig getCxScanConfig(Map<String, String> environmentVariables) {
         CxScanConfig config = new CxScanConfig();
         config.setClientId(environmentVariables.getOrDefault("CX_CLIENT_ID", null));
         config.setClientSecret(environmentVariables.getOrDefault("CX_CLIENT_SECRET", null));
@@ -47,11 +51,10 @@ public void init() throws IOException, URISyntaxException {
         config.setBaseAuthUri(environmentVariables.getOrDefault("CX_BASE_AUTH_URI", null));
         config.setTenant(environmentVariables.getOrDefault("CX_TENANT", null));
         config.setPathToExecutable(environmentVariables.getOrDefault("PATH_TO_EXECUTABLE", null));
-
-        auth = new CxAuth(config, log);
+        return config;
     }
 
-    private Map<CxParamType, String> createParams() {
+    private static Map<CxParamType, String> createParams() {
         Map<CxParamType, String> params = new HashMap<>();
         params.put(CxParamType.PROJECT_NAME, "JavaWrapperTestCases");
         params.put(CxParamType.SCAN_TYPES, "sast");
@@ -84,8 +87,12 @@ public void cxScanCreationWithBranchName() throws InterruptedException, IOExcept
         Map<CxParamType, String> params = createParams();
         params.put(CxParamType.BRANCH, "test");
 
-        CxCommandOutput scanResult = auth.cxScanCreate(params);
-        String status = auth.cxScanShow(scanResult.getScanObjectList().get(0).getID()).getScanObjectList().get(0).getStatus();
+        CxCommandOutput scanResult = validateCommandOutput(auth.cxScanCreate(params));
+        String status = validateCommandOutput(auth.cxScanShow(scanResult.getScanObjectList()
+                                                                        .get(0)
+                                                                        .getID())).getScanObjectList()
+                                                                                  .get(0)
+                                                                                  .getStatus();
         assertTrue(status.equalsIgnoreCase(COMPLETED));
     }
 
@@ -94,8 +101,11 @@ public void cxScanCreationWrongPreset() throws InterruptedException, IOException
         Map<CxParamType, String> params = createParams();
         params.put(CxParamType.SAST_PRESET_NAME, "Checkmarx Default Jay");
 
-        CxCommandOutput scanResult = auth.cxScanCreate(params);
-        String status = auth.cxScanShow(scanResult.getScanObjectList().get(0).getID()).getScanObjectList().get(0).getStatus();
+        CxCommandOutput scanResult = validateCommandOutput(auth.cxScanCreate(params));
+        String status = validateCommandOutput(auth.cxScanShow(scanResult.getScanObjectList().get(0).getID()))
+                .getScanObjectList()
+                .get(0)
+                .getStatus();
         assertTrue(status.equalsIgnoreCase(FAILED));
     }
 
@@ -106,8 +116,12 @@ public void cxScanCreationSuccess() throws InterruptedException, IOException {
         params.put(CxParamType.SAST_PRESET_NAME, "Checkmarx Default");
         //params.put(CxParamType.ADDITIONAL_PARAMETERS,"--nowait");
 
-        CxCommandOutput scanResult = auth.cxScanCreate(params);
-        assertTrue(auth.cxScanShow(scanResult.getScanObjectList().get(0).getID()).getScanObjectList().get(0).getStatus().equalsIgnoreCase(COMPLETED));
+        CxCommandOutput scanResult = validateCommandOutput(auth.cxScanCreate(params));
+        assertTrue(validateCommandOutput(auth.cxScanShow(scanResult.getScanObjectList().get(0).getID()))
+                           .getScanObjectList()
+                           .get(0)
+                           .getStatus()
+                           .equalsIgnoreCase(COMPLETED));
     }
 
 
@@ -151,4 +165,30 @@ public void cxResultsStructure() {
             fail("Failed getting results object: " + e.getMessage());
         }
     }
+
+    private static CxCommandOutput validateCommandOutput(CxCommandOutput output) {
+        if (output == null) {
+            fail("invalid output for command: output is null");
+        }
+        if (output.getScanObjectList() == null) {
+            fail("invalid output for command: scan object list is null");
+        }
+        if (output.getScanObjectList().size() == 0) {
+            fail("invalid output for command: scan object list is empty");
+        }
+        return output;
+    }
+
+    @Test
+    public void cxAdditionalParameters() {
+        try {
+            CxScanConfig config = getCxScanConfig(System.getenv());
+            config.setAdditionalParameters("--filter limit=1");
+            CxAuth auth = new CxAuth(config, log);
+            CxCommandOutput output = auth.cxAstScanList();
+            Assert.assertEquals(1, output.getScanObjectList().size());
+        } catch (IOException | InterruptedException | URISyntaxException e) {
+            fail("failed getting scan list");
+        }
+    }
 }