chore: integrate snyk scan and semgrep, and fix malware scanner

Author: aniket-okta

.circleci/config.yaml

@@ -0,0 +1,150 @@
+version: 2.1
+
+orbs:
+  general-platform-helpers: okta/general-platform-helpers@1.9
+  platform-helpers: okta/platform-helpers@1
+  python: circleci/python@2.0.3
+  aws-cli: circleci/aws-cli@5.1
+
+jobs:
+  reversing-labs:
+    docker:
+      - image: mcr.microsoft.com/dotnet/sdk:6.0
+    steps:
+      - run:
+          name: Manual HTTPS checkout (avoid SSH)
+          command: |
+            git --version
+            rm -rf .git || true
+            git init .
+            git remote add origin https://github.com/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME.git
+            git fetch --depth=1 origin $CIRCLE_SHA1
+            git checkout --force $CIRCLE_SHA1
+
+      - run: dotnet --version
+
+      - run:
+          name: Build Binary to scan
+          command: |
+            dotnet build ./Okta.Xamarin/Okta.Xamarin/Okta.Xamarin.csproj --configuration Release
+            dotnet build ./Okta.Xamarin/Tests/Okta.Xamarin.Test/Okta.Xamarin.Test.csproj --configuration Release
+            dotnet build ./Okta.Xamarin/Tests/Okta.Xamarin.UITest.Shared/Okta.Xamarin.UITest.Shared.shproj --configuration Release
+
+      # Necessary to Install rl wrapper
+      - run:
+          name: Install Python
+          command: |
+            apt-get update
+            apt-get install -y curl python3 python3-pip unzip
+            pip3 install --upgrade pip
+
+      # Download the scanner from Okta Security
+      - run:
+          name: Download Reverse Labs Scanner
+          command: |
+            curl https://dso-resources.oktasecurity.com/scanner \
+              -H "x-api-key: $DSO_RLSECURE_TOKEN" \
+              --output rl_wrapper-0.0.2+35ababa-py3-none-any.whl
+
+      # Install the wrapper that was downloaded
+      - run:
+          name: Install RL Wrapper
+          command: |
+            pip3 install ./rl_wrapper-0.0.2+35ababa-py3-none-any.whl
+
+      # Setup the AWS profile
+      - aws-cli/setup:
+          profile_name: default
+          role_arn: $AWS_ARN
+          region: us-east-1
+
+      # Get the credentials and save to env
+      - run:
+          name: Export AWS credentials to environment
+          command: >-
+            eval "$(aws configure export-credentials --profile default --format env)" 2> /dev/null
+
+      # Run the wrapper, do not change anything here
+      - run:
+          name: Run Reversing Labs Wrapper Scanner
+          command: |
+            rl-wrapper \
+              --artifact ${CIRCLE_WORKING_DIRECTORY/#\~/$HOME} \
+              --name $CIRCLE_PROJECT_REPONAME\
+              --version $CIRCLE_SHA1\
+              --repository $CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME \
+              --commit $CIRCLE_SHA1 \
+              --build-env "circleci" \
+              --suppress_output
+
+  build:
+    docker:
+      - image: mcr.microsoft.com/dotnet/sdk:6.0
+    environment:
+      CIRCLE_CI: true
+    steps:
+      - run:
+          name: Manual HTTPS checkout (avoid SSH)
+          command: |
+            set -e
+            git --version || (apt-get update -y && apt-get install -y --no-install-recommends git ca-certificates curl && rm -rf /var/lib/apt/lists/*)
+            rm -rf .git || true
+            git init .
+            git remote add origin https://github.com/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME.git
+            git fetch --depth=1 origin $CIRCLE_SHA1
+            git checkout --force $CIRCLE_SHA1
+            git config --global --add safe.directory "$(pwd)"
+      - run:
+          name: Restore solutions
+          command: |
+            dotnet restore ./Okta.Xamarin/Okta.Xamarin/Okta.Xamarin.csproj
+            dotnet restore ./Okta.Xamarin/Tests/Okta.Xamarin.Test/Okta.Xamarin.Test.csproj
+            dotnet restore ./Okta.Xamarin/Tests/Okta.Xamarin.UITest.Shared/Okta.Xamarin.UITest.Shared.shproj
+
+      - run:
+          name: Build solutions
+          command: |
+            dotnet build ./Okta.Xamarin/Okta.Xamarin/Okta.Xamarin.csproj --configuration Release --no-restore
+            dotnet build ./Okta.Xamarin/Tests/Okta.Xamarin.Test/Okta.Xamarin.Test.csproj --configuration Release --no-restore
+            dotnet build ./Okta.Xamarin/Tests/Okta.Xamarin.UITest.Shared/Okta.Xamarin.UITest.Shared.shproj --configuration Release --no-restore
+
+      - persist_to_workspace:
+          root: ~/project
+          paths:
+            - .
+
+  snyk-scan:
+    docker:
+      - image: cimg/python:3.10
+    working_directory: ~/project
+    steps:
+      - attach_workspace: 
+          at: ~/project
+      - general-platform-helpers/step-load-dependencies
+      - general-platform-helpers/step-run-snyk-monitor:
+          scan-all-projects: true
+          skip-unresolved: false
+          run-on-non-main: true
+          detection-depth: 4   
+
+workflows:
+  "Malware Scanner":
+    jobs:
+      - reversing-labs:
+          context:
+            - static-analysis
+  "Circle CI Build & Snyk Scan":
+    jobs:
+      - build
+      - snyk-scan:
+          name: execute-snyk
+          context:
+            - static-analysis
+          requires:
+            - build
+  "Semgrep":
+    jobs:
+      - platform-helpers/job-semgrep-scan:
+          context:
+            - static-analysis
+          name: "Scan with Semgrep"

.circleci/config.yml

@@ -31,14 +31,7 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Okta.Xamarin.UITest.iOS", "
 EndProject
 Project("{D954291E-2A0B-460D-934E-DC6B0785DB48}") = "Okta.Xamarin.UITest.Shared", "Tests\Okta.Xamarin.UITest.Shared\Okta.Xamarin.UITest.Shared.shproj", "{B1B20CDE-B8D7-4303-BEC5-867E29D19F70}"
 EndProject
-Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Sample", "Sample", "{88BA0661-6DBD-4742-A7AF-CFB5B951B184}"
-EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Okta.Xamarin.Demo.Android", "Samples\xamarin\Okta.Xamarin.Demo.Android\Okta.Xamarin.Demo.Android.csproj", "{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}"
-EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Okta.Xamarin.Demo.iOS", "Samples\xamarin\Okta.Xamarin.Demo.iOS\Okta.Xamarin.Demo.iOS.csproj", "{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}"
-EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Okta.Xamarin.Demo", "Samples\xamarin\Okta.Xamarin.Demo\Okta.Xamarin.Demo.csproj", "{D82B6C59-231E-4D06-97C0-38CF6CAE0540}"
-EndProject
+
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Android = Debug|Android
@@ -155,59 +148,9 @@ Global
 		{353226EA-CFB4-4CC1-BBF7-046F22C81838}.Release|iPhone.Build.0 = Release|Any CPU
 		{353226EA-CFB4-4CC1-BBF7-046F22C81838}.Release|iPhoneSimulator.ActiveCfg = Release|Any CPU
 		{353226EA-CFB4-4CC1-BBF7-046F22C81838}.Release|iPhoneSimulator.Build.0 = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|Android.ActiveCfg = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|Android.Build.0 = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|Android.Deploy.0 = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|Any CPU.Deploy.0 = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|iPhone.ActiveCfg = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|iPhone.Build.0 = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|iPhone.Deploy.0 = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|iPhoneSimulator.ActiveCfg = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|iPhoneSimulator.Build.0 = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Debug|iPhoneSimulator.Deploy.0 = Debug|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|Android.ActiveCfg = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|Android.Build.0 = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|Android.Deploy.0 = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|Any CPU.Build.0 = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|Any CPU.Deploy.0 = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|iPhone.ActiveCfg = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|iPhone.Build.0 = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|iPhone.Deploy.0 = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|iPhoneSimulator.ActiveCfg = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|iPhoneSimulator.Build.0 = Release|Any CPU
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23}.Release|iPhoneSimulator.Deploy.0 = Release|Any CPU
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Debug|Android.ActiveCfg = Debug|iPhoneSimulator
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Debug|Any CPU.ActiveCfg = Debug|iPhoneSimulator
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Debug|iPhone.ActiveCfg = Debug|iPhone
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Debug|iPhone.Build.0 = Debug|iPhone
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Debug|iPhone.Deploy.0 = Debug|iPhone
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Debug|iPhoneSimulator.ActiveCfg = Debug|iPhoneSimulator
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Debug|iPhoneSimulator.Build.0 = Debug|iPhoneSimulator
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Release|Android.ActiveCfg = Release|iPhoneSimulator
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Release|Any CPU.ActiveCfg = Release|iPhoneSimulator
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Release|iPhone.ActiveCfg = Release|iPhone
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Release|iPhone.Build.0 = Release|iPhone
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Release|iPhoneSimulator.ActiveCfg = Release|iPhoneSimulator
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB}.Release|iPhoneSimulator.Build.0 = Release|iPhoneSimulator
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Debug|Android.ActiveCfg = Debug|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Debug|Android.Build.0 = Debug|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Debug|iPhone.ActiveCfg = Debug|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Debug|iPhone.Build.0 = Debug|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Debug|iPhoneSimulator.ActiveCfg = Debug|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Debug|iPhoneSimulator.Build.0 = Debug|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Release|Android.ActiveCfg = Release|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Release|Android.Build.0 = Release|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Release|Any CPU.Build.0 = Release|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Release|iPhone.ActiveCfg = Release|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Release|iPhone.Build.0 = Release|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Release|iPhoneSimulator.ActiveCfg = Release|Any CPU
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540}.Release|iPhoneSimulator.Build.0 = Release|Any CPU
+
+
+
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -218,9 +161,6 @@ Global
 		{D4F16703-5ABB-48D0-A2ED-9043F32850F6} = {2D5E2EAA-E3BE-495A-B058-47C3082E723F}
 		{353226EA-CFB4-4CC1-BBF7-046F22C81838} = {2D5E2EAA-E3BE-495A-B058-47C3082E723F}
 		{B1B20CDE-B8D7-4303-BEC5-867E29D19F70} = {2D5E2EAA-E3BE-495A-B058-47C3082E723F}
-		{BAFA3987-AD5D-4E29-BF57-56F4145B5A23} = {88BA0661-6DBD-4742-A7AF-CFB5B951B184}
-		{F7AADB5C-B6FE-48D7-AC10-8F033A19B8CB} = {88BA0661-6DBD-4742-A7AF-CFB5B951B184}
-		{D82B6C59-231E-4D06-97C0-38CF6CAE0540} = {88BA0661-6DBD-4742-A7AF-CFB5B951B184}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {8D258CC3-33D9-4055-9627-BB4B404A2682}