Remove 5 consolidated application tools in favor of search_applications

ChrisEdwards · ChrisEdwards · commit 80b7d3d514c0 · 2025-11-24T12:52:47.000-05:00
Removes deprecated tools now replaced by unified search_applications:
- list_applications_with_name
- get_applications_by_tag
- get_applications_by_metadata
- get_applications_by_metadata_name
- list_all_applications

Updates cross-references in tool descriptions to point to search_applications(name=...).

Extracts filter methods for better maintainability:
- matchesNameFilter() - Partial, case-insensitive name matching
- matchesTagFilter() - Exact, case-sensitive tag matching
- matchesMetadataFilter() - Exact, case-insensitive metadata matching

Changes:
- Removed: ~180 lines (5 old tool methods)
- Added: ~80 lines (3 helper methods with JavaDoc)
- Modified: 6 cross-reference updates (5 in AssessService, 1 in SCAService)
- Tests: All 248 unit tests passing (16 search_applications tests cover all functionality)

Completes mcp-dyd (Applications Domain consolidation)
diff --git a/src/main/java/com/contrast/labs/ai/mcp/contrast/AssessService.java b/src/main/java/com/contrast/labs/ai/mcp/contrast/AssessService.java
@@ -84,7 +84,7 @@ public class AssessService {
       name = "get_vulnerability",
       description =
           "Takes a vulnerability ID (vulnID) and application ID (appID) and returns details about"
-              + " the specific security vulnerability. Use list_applications_with_name first to get"
+              + " the specific security vulnerability. Use search_applications(name=...) to find"
               + " the application ID from a name. If based on the stacktrace, the vulnerability"
               + " looks like it is in code that is not in the codebase, the vulnerability may be in"
               + " a 3rd party library, review the CVE data attached to that stackframe you believe"
@@ -191,7 +191,7 @@ private Optional<LibraryLibraryObservation> findMatchingLibraryData(
       name = "list_vulnerabilities",
       description =
           "Takes an application ID (appID) and returns a list of vulnerabilities. Use"
-              + " list_applications_with_name first to get the application ID from a name. Remember"
+              + " search_applications(name=...) to find the application ID from a name. Remember"
               + " to include the vulnID in the response.")
   public List<VulnLight> listVulnsByAppId(@ToolParam(description = "Application ID") String appID)
       throws IOException {
@@ -229,7 +229,7 @@ public List<VulnLight> listVulnsByAppId(@ToolParam(description = "Application ID
       description =
           "Takes an application ID (appID) and session metadata in the form of name / value. and"
               + " returns a list of vulnerabilities matching that application ID and session"
-              + " metadata. Use list_applications_with_name first to get the application ID from a"
+              + " metadata. Use search_applications(name=...) to find the application ID from a"
               + " name.")
   public List<VulnLight> listVulnsByAppIdAndSessionMetadata(
       @ToolParam(description = "Application ID") String appID,
@@ -270,7 +270,7 @@ public List<VulnLight> listVulnsByAppIdAndSessionMetadata(
           "Takes an application ID (appID) and returns a list of vulnerabilities for the latest"
               + " session matching that application ID. This is useful for getting the most recent"
               + " vulnerabilities without needing to specify session metadata. Use"
-              + " list_applications_with_name first to get the application ID from a name.")
+              + " search_applications(name=...) to find the application ID from a name.")
   public List<VulnLight> listVulnsByAppIdForLatestSession(
       @ToolParam(description = "Application ID") String appID) throws IOException {
     log.info("Listing vulnerabilities for application: {}", appID);
@@ -312,197 +312,15 @@ public List<VulnLight> listVulnsByAppIdForLatestSession(
       name = "get_session_metadata",
       description =
           "Retrieves session metadata for a specific application by its ID. Returns the latest"
-              + " session metadata for the application. Use list_applications_with_name first to"
-              + " get the application ID from a name.")
+              + " session metadata for the application. Use search_applications(name=...) to find"
+              + " the application ID from a name.")
   public MetadataFilterResponse getSessionMetadata(
       @ToolParam(description = "Application ID") String appId) throws IOException {
     var contrastSDK =
         SDKHelper.getSDK(hostName, apiKey, serviceKey, userName, httpProxyHost, httpProxyPort);
     return contrastSDK.getSessionMetadataForApplication(orgID, appId, null);
   }
 
-  @Tool(
-      name = "list_applications_with_name",
-      description =
-          "Takes an application name (app_name) returns a list of active applications that contain"
-              + " that name. Please remember to display the name, status and ID.")
-  public List<ApplicationData> getApplications(
-      @ToolParam(description = "Application name (supports partial matching, case-insensitive)")
-          String app_name)
-      throws IOException {
-    log.info("Listing active applications matching name: {}", app_name);
-    var contrastSDK =
-        SDKHelper.getSDK(hostName, apiKey, serviceKey, userName, httpProxyHost, httpProxyPort);
-    try {
-      var applications = SDKHelper.getApplicationsWithCache(orgID, contrastSDK);
-      log.debug("Retrieved {} total applications from Contrast", applications.size());
-
-      var filteredApps = new ArrayList<ApplicationData>();
-      for (Application app : applications) {
-        if (app.getName().toLowerCase().contains(app_name.toLowerCase())) {
-          filteredApps.add(
-              new ApplicationData(
-                  app.getName(),
-                  app.getStatus(),
-                  app.getAppId(),
-                  FilterHelper.formatTimestamp(app.getLastSeen()),
-                  app.getLanguage(),
-                  getMetadataFromApp(app),
-                  app.getTags(),
-                  app.getTechs()));
-          log.debug(
-              "Found matching application - ID: {}, Name: {}, Status: {}",
-              app.getAppId(),
-              app.getName(),
-              app.getStatus());
-        }
-      }
-      if (filteredApps.isEmpty()) {
-        SDKHelper.clearApplicationsCache();
-        for (Application app : applications) {
-          if (app.getName().toLowerCase().contains(app_name.toLowerCase())) {
-            filteredApps.add(
-                new ApplicationData(
-                    app.getName(),
-                    app.getStatus(),
-                    app.getAppId(),
-                    FilterHelper.formatTimestamp(app.getLastSeen()),
-                    app.getLanguage(),
-                    getMetadataFromApp(app),
-                    app.getTags(),
-                    app.getTechs()));
-            log.debug(
-                "Found matching application - ID: {}, Name: {}, Status: {}",
-                app.getAppId(),
-                app.getName(),
-                app.getStatus());
-          }
-        }
-      }
-
-      log.info("Found {} applications matching '{}'", filteredApps.size(), app_name);
-      return filteredApps;
-    } catch (Exception e) {
-      log.error("Error listing applications matching name: {}", app_name, e);
-      throw new IOException("Failed to list applications: " + e.getMessage(), e);
-    }
-  }
-
-  @Tool(
-      name = "get_applications_by_tag",
-      description = "Takes a tag name and returns a list of applications that have that tag.")
-  public List<ApplicationData> getAllApplicationsByTag(
-      @ToolParam(description = "Tag name to filter by") String tag) throws IOException {
-    log.info("Retrieving applications with tag: {}", tag);
-    var allApps = getAllApplications();
-    log.debug("Retrieved {} total applications, filtering by tag", allApps.size());
-
-    var filteredApps = allApps.stream().filter(app -> app.tags().contains(tag)).toList();
-
-    log.info("Found {} applications with tag '{}'", filteredApps.size(), tag);
-    return filteredApps;
-  }
-
-  @Tool(
-      name = "get_applications_by_metadata",
-      description =
-          "Takes a metadata name and value and returns a list of applications that have that"
-              + " metadata name value pair.")
-  public List<ApplicationData> getApplicationsByMetadata(
-      @ToolParam(description = "Metadata field name (case-insensitive)") String metadata_name,
-      @ToolParam(description = "Metadata field value (case-insensitive)") String metadata_value)
-      throws IOException {
-    log.info(
-        "Retrieving applications with metadata - Name: {}, Value: {}",
-        metadata_name,
-        metadata_value);
-    var allApps = getAllApplications();
-    log.debug("Retrieved {} total applications, filtering by metadata", allApps.size());
-
-    var filteredApps =
-        allApps.stream()
-            .filter(
-                app ->
-                    app.metadata() != null
-                        && app.metadata().stream()
-                            .anyMatch(
-                                m ->
-                                    m != null
-                                        && m.name() != null
-                                        && m.name().equalsIgnoreCase(metadata_name)
-                                        && m.value() != null
-                                        && m.value().equalsIgnoreCase(metadata_value)))
-            .toList();
-
-    log.info(
-        "Found {} applications with metadata - Name: {}, Value: {}",
-        filteredApps.size(),
-        metadata_name,
-        metadata_value);
-    return filteredApps;
-  }
-
-  @Tool(
-      name = "get_applications_by_metadata_name",
-      description = "Takes a metadata name  a list of applications that have that metadata name.")
-  public List<ApplicationData> getApplicationsByMetadataName(
-      @ToolParam(description = "Metadata field name (case-insensitive)") String metadata_name)
-      throws IOException {
-    log.info("Retrieving applications with metadata - Name: {}", metadata_name);
-    var allApps = getAllApplications();
-    log.debug("Retrieved {} total applications, filtering by metadata", allApps.size());
-
-    var filteredApps =
-        allApps.stream()
-            .filter(
-                app ->
-                    app.metadata() != null
-                        && app.metadata().stream()
-                            .anyMatch(
-                                m ->
-                                    m != null
-                                        && m.name() != null
-                                        && m.name().equalsIgnoreCase(metadata_name)))
-            .toList();
-
-    log.info("Found {} applications with metadata - Name: {}", filteredApps.size(), metadata_name);
-    return filteredApps;
-  }
-
-  @Tool(
-      name = "list_all_applications",
-      description = "Takes no argument and list all the applications")
-  public List<ApplicationData> getAllApplications() throws IOException {
-    log.info("Listing all applications");
-    var contrastSDK =
-        SDKHelper.getSDK(hostName, apiKey, serviceKey, userName, httpProxyHost, httpProxyPort);
-    try {
-      var applications = SDKHelper.getApplicationsWithCache(orgID, contrastSDK);
-      log.debug("Retrieved {} total applications from Contrast", applications.size());
-
-      var returnedApps = new ArrayList<ApplicationData>();
-      for (Application app : applications) {
-        returnedApps.add(
-            new ApplicationData(
-                app.getName(),
-                app.getStatus(),
-                app.getAppId(),
-                FilterHelper.formatTimestamp(app.getLastSeen()),
-                app.getLanguage(),
-                getMetadataFromApp(app),
-                app.getTags(),
-                app.getTechs()));
-      }
-
-      log.info("Found {} applications", returnedApps.size());
-      return returnedApps;
-
-    } catch (Exception e) {
-      log.error("Error listing all applications", e);
-      throw new IOException("Failed to list applications: " + e.getMessage(), e);
-    }
-  }
-
   @Tool(
       name = "search_applications",
       description =
@@ -564,50 +382,13 @@ public List<ApplicationData> search_applications(
       var filteredApps = new ArrayList<ApplicationData>();
 
       for (Application app : applications) {
-        // Apply name filter if provided
-        if (StringUtils.hasText(name)
-            && !app.getName().toLowerCase().contains(name.toLowerCase())) {
-          continue;
-        }
-
-        // Apply tag filter if provided (case-sensitive)
-        if (StringUtils.hasText(tag) && !app.getTags().contains(tag)) {
+        // Apply all filters - skip if any filter doesn't match
+        if (!matchesNameFilter(app, name)
+            || !matchesTagFilter(app, tag)
+            || !matchesMetadataFilter(app, metadataName, metadataValue)) {
           continue;
         }
 
-        // Apply metadata filter if provided
-        if (hasMetadataName) {
-          var hasMatchingMetadata = false;
-
-          if (app.getMetadataEntities() != null) {
-            for (var metadata : app.getMetadataEntities()) {
-              if (metadata != null && metadata.getName() != null) {
-                var nameMatches = metadata.getName().equalsIgnoreCase(metadataName);
-
-                if (hasMetadataValue) {
-                  // Both name and value must match
-                  if (nameMatches
-                      && metadata.getValue() != null
-                      && metadata.getValue().equalsIgnoreCase(metadataValue)) {
-                    hasMatchingMetadata = true;
-                    break;
-                  }
-                } else {
-                  // Name only - any value is acceptable
-                  if (nameMatches) {
-                    hasMatchingMetadata = true;
-                    break;
-                  }
-                }
-              }
-            }
-          }
-
-          if (!hasMatchingMetadata) {
-            continue;
-          }
-        }
-
         // Application passed all filters
         filteredApps.add(
             new ApplicationData(
@@ -643,6 +424,79 @@ public List<ApplicationData> search_applications(
     }
   }
 
+  /**
+   * Check if an application matches the name filter (partial, case-insensitive).
+   *
+   * @param app The application to check
+   * @param name The name filter to match against (null/empty means no filter)
+   * @return true if the application matches the filter or no filter is specified
+   */
+  private boolean matchesNameFilter(Application app, String name) {
+    if (!StringUtils.hasText(name)) {
+      return true; // No filter specified
+    }
+    return app.getName().toLowerCase().contains(name.toLowerCase());
+  }
+
+  /**
+   * Check if an application matches the tag filter (exact, case-sensitive).
+   *
+   * @param app The application to check
+   * @param tag The tag filter to match against (null/empty means no filter)
+   * @return true if the application matches the filter or no filter is specified
+   */
+  private boolean matchesTagFilter(Application app, String tag) {
+    if (!StringUtils.hasText(tag)) {
+      return true; // No filter specified
+    }
+    return app.getTags().contains(tag);
+  }
+
+  /**
+   * Check if an application matches the metadata filter (exact, case-insensitive).
+   *
+   * @param app The application to check
+   * @param metadataName The metadata field name to match (null/empty means no filter)
+   * @param metadataValue The metadata field value to match (null/empty means any value)
+   * @return true if the application matches the filter or no filter is specified
+   */
+  private boolean matchesMetadataFilter(
+      Application app, String metadataName, String metadataValue) {
+    if (!StringUtils.hasText(metadataName)) {
+      return true; // No filter specified
+    }
+
+    var hasMetadataValue = StringUtils.hasText(metadataValue);
+
+    if (app.getMetadataEntities() == null) {
+      return false; // No metadata to match against
+    }
+
+    for (var metadata : app.getMetadataEntities()) {
+      if (metadata == null || metadata.getName() == null) {
+        continue;
+      }
+
+      var nameMatches = metadata.getName().equalsIgnoreCase(metadataName);
+
+      if (hasMetadataValue) {
+        // Both name and value must match
+        if (nameMatches
+            && metadata.getValue() != null
+            && metadata.getValue().equalsIgnoreCase(metadataValue)) {
+          return true;
+        }
+      } else {
+        // Name only - any value is acceptable
+        if (nameMatches) {
+          return true;
+        }
+      }
+    }
+
+    return false; // No matching metadata found
+  }
+
   @Tool(
       name = "list_all_vulnerabilities",
       description =
diff --git a/src/main/java/com/contrast/labs/ai/mcp/contrast/SCAService.java b/src/main/java/com/contrast/labs/ai/mcp/contrast/SCAService.java
@@ -58,7 +58,7 @@ public class SCAService {
       name = "list_application_libraries",
       description =
           "Takes an application ID and returns the libraries used in the application. Use"
-              + " list_applications_with_name first to get the application ID from a name. Note: if"
+              + " search_applications(name=...) to find the application ID from a name. Note: if"
               + " class usage count is 0 the library is unlikely to be used")
   public List<LibraryExtended> getApplicationLibrariesByID(String appID) throws IOException {
     if (!StringUtils.hasText(appID)) {
