From 023ed44bef3f6e55fbd60000f10c37377b24dd7f Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Mon, 27 Oct 2025 12:02:36 +0200 Subject: [PATCH 01/12] codebashing --- internal/commands/result.go | 34 +++---------- internal/params/binds.go | 2 +- internal/wrappers/client.go | 55 ++++++++++++++++++++++ internal/wrappers/codebashing-http.go | 21 ++++----- internal/wrappers/codebashing-json.go | 20 +++++--- internal/wrappers/codebashing.go | 2 +- internal/wrappers/mock/codebashing-mock.go | 4 +- test/integration/data/config.yaml | 2 +- test/integration/result_test.go | 4 +- 9 files changed, 91 insertions(+), 53 deletions(-) diff --git a/internal/commands/result.go b/internal/commands/result.go index 1afab952d..205aa96a6 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -559,18 +559,8 @@ func resultCodeBashing(codeBashingWrapper wrappers.CodeBashingWrapper) *cobra.Co ), RunE: runGetCodeBashingCommand(codeBashingWrapper), } - resultCmd.PersistentFlags().String(commonParams.LanguageFlag, "", "Language of the vulnerability") - err := resultCmd.MarkPersistentFlagRequired(commonParams.LanguageFlag) - if err != nil { - log.Fatal(err) - } - resultCmd.PersistentFlags().String(commonParams.VulnerabilityTypeFlag, "", "Vulnerability type") - err = resultCmd.MarkPersistentFlagRequired(commonParams.VulnerabilityTypeFlag) - if err != nil { - log.Fatal(err) - } - resultCmd.PersistentFlags().String(commonParams.CweIDFlag, "", "CWE ID for the vulnerability") - err = resultCmd.MarkPersistentFlagRequired(commonParams.CweIDFlag) + resultCmd.PersistentFlags().String(commonParams.QueryIDFlag, "", "QueryId of vulnerability") + err := resultCmd.MarkPersistentFlagRequired(commonParams.QueryIDFlag) if err != nil { log.Fatal(err) } @@ -1095,28 +1085,16 @@ func runGetCodeBashingCommand( codeBashingWrapper wrappers.CodeBashingWrapper, ) func(cmd *cobra.Command, args []string) error { return func(cmd *cobra.Command, args []string) error { - language, _ := cmd.Flags().GetString(commonParams.LanguageFlag) - cwe, _ := cmd.Flags().GetString(commonParams.CweIDFlag) - vulType, _ := cmd.Flags().GetString(commonParams.VulnerabilityTypeFlag) - params, err := codeBashingWrapper.BuildCodeBashingParams( - []wrappers.CodeBashingParamsCollection{ - { - CweID: "CWE-" + cwe, - Language: language, - CxQueryName: strings.ReplaceAll(vulType, " ", "_"), - }, - }, - ) - if err != nil { - return err - } + //cmd.Flags().GetString(commonParams.LanguageFlag) + //1089818565155602739 + queryId, _ := cmd.Flags().GetString(commonParams.QueryIDFlag) // Fetch the cached token or a new one to obtain the codebashing URL incoded in the jwt token codeBashingURL, err := codeBashingWrapper.GetCodeBashingURL(codeBashingKey) if err != nil { return err } // Make the request to the api to obtain the codebashing link and send the codebashing url to enrich the path - CodeBashingModel, webError, err := codeBashingWrapper.GetCodeBashingLinks(params, codeBashingURL) + CodeBashingModel, webError, err := codeBashingWrapper.GetCodeBashingLinks(queryId, codeBashingURL) if err != nil { return err } diff --git a/internal/params/binds.go b/internal/params/binds.go index f90d15623..15556375e 100644 --- a/internal/params/binds.go +++ b/internal/params/binds.go @@ -16,7 +16,7 @@ var EnvVarsBinds = []struct { {IgnoreProxyKey, IgnoreProxyEnv, ""}, {AgentNameKey, AgentNameEnv, "ASTCLI"}, {OriginKey, OriginEnv, "CLI"}, - {CodeBashingPathKey, ScansPathEnv, "api/codebashing/lessons"}, + {CodeBashingPathKey, ScansPathEnv, "https://core-service.codebashing.com/lessons/mapping"}, {CustomStatesAPIPathKey, CustomStatesAPIPathEnv, "api/custom-states"}, {ScansPathKey, ScansPathEnv, "api/scans"}, {ProjectsPathKey, ProjectsPathEnv, "api/projects"}, diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index 032eb4e4b..d6ed9db56 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -44,6 +44,7 @@ const ( jwtError = "Error retrieving %s from jwt token" basicFormat = "Basic %s" bearerFormat = "Bearer %s" + onlyTokenFormat = "%s" contentTypeHeader = "Content-Type" formURLContentType = "application/x-www-form-urlencoded" jsonContentType = "application/json" @@ -339,6 +340,22 @@ func SendHTTPRequest(method, path string, body io.Reader, auth bool, timeout uin return SendHTTPRequestByFullURL(method, u, body, auth, timeout, accessToken, true) } +func SendHTTPRequestNoBaseURL(method, path string, body io.Reader, auth bool, timeout uint) (*http.Response, error) { + _, accessToken, err := getURLAndAccessToken(path) + if err != nil { + return nil, err + } + return SendHTTPRequestByFullURL(method, path, body, auth, timeout, accessToken, true) +} + +func SendHTTPRequestNoBaseCBURL(method, path string, body io.Reader, auth bool, timeout uint) (*http.Response, error) { + _, accessToken, err := getURLAndAccessToken(path) + if err != nil { + return nil, err + } + return SendHTTPRequestWithoutBearerTagByFullURL(method, path, body, auth, timeout, accessToken, true) +} + func SendPrivateHTTPRequest(method, path string, body io.Reader, timeout uint, auth bool) (*http.Response, error) { u, accessToken, err := getURLAndAccessToken(path) if err != nil { @@ -358,6 +375,17 @@ func SendHTTPRequestByFullURL( return SendHTTPRequestByFullURLContentLength(method, fullURL, body, -1, auth, timeout, accessToken, bodyPrint) } +func SendHTTPRequestWithoutBearerTagByFullURL( + method, fullURL string, + body io.Reader, + auth bool, + timeout uint, + accessToken string, + bodyPrint bool, +) (*http.Response, error) { + return SendHTTPRequestWithoutBearerTagByFullURLContentLength(method, fullURL, body, -1, auth, timeout, accessToken, bodyPrint) +} + func SendHTTPRequestByFullURLContentLength( method, fullURL string, body io.Reader, @@ -385,6 +413,33 @@ func SendHTTPRequestByFullURLContentLength( return request(client, req, bodyPrint) } +func SendHTTPRequestWithoutBearerTagByFullURLContentLength( + method, fullURL string, + body io.Reader, + contentLength int64, + auth bool, + timeout uint, + accessToken string, + bodyPrint bool, +) (*http.Response, error) { + req, err := http.NewRequest(method, fullURL, body) + if err != nil { + return nil, err + } + if contentLength >= 0 { + req.ContentLength = contentLength + } + client := GetClient(timeout) + setAgentNameAndOrigin(req) + if auth { + enrichWithOath2Credentials(req, accessToken, onlyTokenFormat) + } + + req = addReqMonitor(req) + + return request(client, req, bodyPrint) +} + func addReqMonitor(req *http.Request) *http.Request { startTime := time.Now().UnixNano() / int64(time.Millisecond) if viper.GetBool(commonParams.DebugFlag) || viper.GetString(commonParams.LogFileFlag) != "" || viper.GetString(commonParams.LogFileConsoleFlag) != "" { diff --git a/internal/wrappers/codebashing-http.go b/internal/wrappers/codebashing-http.go index d7f295246..102745944 100644 --- a/internal/wrappers/codebashing-http.go +++ b/internal/wrappers/codebashing-http.go @@ -3,7 +3,7 @@ package wrappers import ( "encoding/json" "fmt" - "io/ioutil" + "io" "net/http" commonParams "github.com/checkmarx/ast-cli/internal/params" @@ -32,14 +32,13 @@ func NewCodeBashingHTTPWrapper(path string) *CodeBashingHTTPWrapper { } } -func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(params map[string]string, codeBashingURL string) ( - *[]CodeBashingCollection, +func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryId string, codeBashingURL string) ( + *CodeBashingCollection, *WebError, error, ) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - params[limit] = limitValue - resp, err := SendHTTPRequestWithQueryParams(http.MethodGet, r.path, params, nil, clientTimeout) + resp, err := SendHTTPRequestNoBaseCBURL(http.MethodGet, r.path+"/"+queryId, http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } @@ -58,8 +57,8 @@ func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(params map[string]string, c } return nil, &errorModel, nil case http.StatusOK: - var decoded []CodeBashingCollection - body, err := ioutil.ReadAll(resp.Body) + var decoded *CodeBashingCollection + body, err := io.ReadAll(resp.Body) if err != nil { return nil, nil, errors.Wrapf(err, failedToParseCodeBashing) } @@ -72,16 +71,16 @@ func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(params map[string]string, c possible to easily change it and be able to get multiple codebashing links */ - if decoded[0].Path == "" { + if decoded.Path == "" { return nil, nil, NewAstError(lessonNotFoundExitCode, errors.Errorf(noCodebashingLinkAvailable)) } - decoded[0].Path = fmt.Sprintf("%s%s", codeBashingURL, decoded[0].Path) - decoded[0].Path, err = utils.CleanURL(decoded[0].Path) + decoded.Path = fmt.Sprintf("%s%s", codeBashingURL, decoded.Path) + decoded.Path, err = utils.CleanURL(decoded.Path) if err != nil { return nil, nil, NewAstError(lessonNotFoundExitCode, errors.Errorf(noCodebashingLinkAvailable)) } - return &decoded, nil, nil + return decoded, nil, nil default: return nil, nil, errors.Errorf("response status code %d", resp.StatusCode) } diff --git a/internal/wrappers/codebashing-json.go b/internal/wrappers/codebashing-json.go index c248627e3..9e5f82dc1 100644 --- a/internal/wrappers/codebashing-json.go +++ b/internal/wrappers/codebashing-json.go @@ -1,14 +1,20 @@ package wrappers type CodeBashingCollection struct { - Path string `json:"path,omitempty"` - CweID string `json:"cwe_id,omitempty"` - Language string `json:"lang,omitempty"` - CxQueryName string `json:"cxQueryName,omitempty"` + LessonDisplayName string `json:"lessonDisplayName,omitempty"` + CourseDisplayName string `json:"courseDisplayName,omitempty"` + Duration string `json:"duration,omitempty"` + ImageUrl string `json:"imageUrl,omitempty"` + TagsResult map[string]string `json:"tagsResult,omitempty"` + Path string `json:"lessonUrl,omitempty"` + PotentialPoints string `json:"potentialPoints,omitempty"` +} + +// Wrapper struct to handle API responses with "data" field +type CodeBashingResponse struct { + Data CodeBashingCollection `json:"data"` } type CodeBashingParamsCollection struct { - CweID string `json:"cwe_id,omitempty"` - Language string `json:"lang,omitempty"` - CxQueryName string `json:"cxQueryName,omitempty"` + QueryId string `json:"queryId,omitempty"` } diff --git a/internal/wrappers/codebashing.go b/internal/wrappers/codebashing.go index 4a5b3bf1b..fe2aed50b 100644 --- a/internal/wrappers/codebashing.go +++ b/internal/wrappers/codebashing.go @@ -1,7 +1,7 @@ package wrappers type CodeBashingWrapper interface { - GetCodeBashingLinks(params map[string]string, codeBashingURL string) (*[]CodeBashingCollection, *WebError, error) + GetCodeBashingLinks(queryId string, codeBashingURL string) (*[]CodeBashingCollection, *WebError, error) GetCodeBashingURL(field string) (string, error) BuildCodeBashingParams([]CodeBashingParamsCollection) (map[string]string, error) } diff --git a/internal/wrappers/mock/codebashing-mock.go b/internal/wrappers/mock/codebashing-mock.go index b4fc3ebcd..6534c1d9f 100644 --- a/internal/wrappers/mock/codebashing-mock.go +++ b/internal/wrappers/mock/codebashing-mock.go @@ -6,14 +6,14 @@ import ( type CodeBashingMockWrapper struct{} -func (r CodeBashingMockWrapper) GetCodeBashingLinks(params map[string]string, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { +func (r CodeBashingMockWrapper) GetCodeBashingLinks(params map[string]string, codeBashingURL string) (*wrappers.CodeBashingCollection, *wrappers.WebError, error) { collection := &wrappers.CodeBashingCollection{ Path: "http://example.com/courses/php/lessons/dom_xss", CweID: "CWE-79", Language: "PHP", CxQueryName: "Reflected_XSS_All_Clients", } - ret := []wrappers.CodeBashingCollection{*collection} + ret := wrappers.CodeBashingCollection{*collection} return &ret, nil, nil } diff --git a/test/integration/data/config.yaml b/test/integration/data/config.yaml index 6d6b4c836..822096c37 100644 --- a/test/integration/data/config.yaml +++ b/test/integration/data/config.yaml @@ -17,7 +17,7 @@ cx_branch: "" cx_byor_path: api/byor cx_client_id: example_client_id cx_client_secret: example_client_secret -cx_codebashing_path: api/codebashing/lessons +cx_codebashing_path: https://core-service.codebashing.com/lessons/mapping cx_config_file_path: data/config.yaml cx_create_oath2_client_path: auth/realms/organization/pip/clients cx_custom_states_path: api/custom-states diff --git a/test/integration/result_test.go b/test/integration/result_test.go index ce09dca46..998349091 100644 --- a/test/integration/result_test.go +++ b/test/integration/result_test.go @@ -205,7 +205,7 @@ func TestCodeBashingList(t *testing.T) { flag(params.VulnerabilityTypeFlag), "Reflected XSS All Clients", flag(params.CweIDFlag), "79") - codebashing := []wrappers.CodeBashingCollection{} + codebashing := wrappers.CodeBashingCollection{} _ = unmarshall(t, outputBuffer, &codebashing, "Reading results should pass") @@ -223,7 +223,7 @@ func TestCodeBashingListJson(t *testing.T) { flag(params.CweIDFlag), "79", flag(params.FormatFlag), "json") - codebashing := []wrappers.CodeBashingCollection{} + codebashing := wrappers.CodeBashingCollection{} _ = unmarshall(t, outputBuffer, &codebashing, "Reading results should pass") From c38a71b11b0eeb34f6446f793e33cadcdd2b6815 Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Mon, 27 Oct 2025 17:28:26 +0200 Subject: [PATCH 02/12] codebashing --- internal/commands/result.go | 12 +++++++++++ internal/wrappers/codebashing-http.go | 22 +++++++++++++-------- internal/wrappers/codebashing-json.go | 23 ++++++++++++++-------- internal/wrappers/codebashing.go | 2 +- internal/wrappers/mock/codebashing-mock.go | 11 ++++------- test/integration/result_test.go | 4 ++-- 6 files changed, 48 insertions(+), 26 deletions(-) diff --git a/internal/commands/result.go b/internal/commands/result.go index 205aa96a6..67ea4ec0b 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1089,6 +1089,12 @@ func runGetCodeBashingCommand( //1089818565155602739 queryId, _ := cmd.Flags().GetString(commonParams.QueryIDFlag) // Fetch the cached token or a new one to obtain the codebashing URL incoded in the jwt token + _, err := codeBashingWrapper.BuildCodeBashingParams( + wrappers.CodeBashingParamsCollection{ + QueryId: queryId, + }, + ) + codeBashingURL, err := codeBashingWrapper.GetCodeBashingURL(codeBashingKey) if err != nil { return err @@ -1102,6 +1108,12 @@ func runGetCodeBashingCommand( return errors.New(webError.Message) } err = printByFormat(cmd, *CodeBashingModel) + if CodeBashingModel != nil { + model := *CodeBashingModel + if len(model) > 0 && model[0].Path != "" { + logger.Printf("CodeBashing lesson available at: %s", model[0].Path) + } + } if err != nil { return errors.Wrapf(err, "%s", failedListingCodeBashing) } diff --git a/internal/wrappers/codebashing-http.go b/internal/wrappers/codebashing-http.go index 102745944..9eea0ee72 100644 --- a/internal/wrappers/codebashing-http.go +++ b/internal/wrappers/codebashing-http.go @@ -33,7 +33,7 @@ func NewCodeBashingHTTPWrapper(path string) *CodeBashingHTTPWrapper { } func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryId string, codeBashingURL string) ( - *CodeBashingCollection, + *[]CodeBashingCollection, *WebError, error, ) { @@ -57,30 +57,36 @@ func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryId string, codeBashing } return nil, &errorModel, nil case http.StatusOK: - var decoded *CodeBashingCollection + var decoded []CodeBashingCollection body, err := io.ReadAll(resp.Body) if err != nil { return nil, nil, errors.Wrapf(err, failedToParseCodeBashing) } err = json.Unmarshal(body, &decoded) if err != nil { - return nil, nil, errors.Wrapf(err, failedToParseCodeBashing) + // Try unmarshaling as wrapped response with "data" field + var wrappedResponse CodeBashingResponse + if err2 := json.Unmarshal(body, &wrappedResponse); err2 == nil { + decoded = []CodeBashingCollection{wrappedResponse.Data} + } else { + return nil, nil, errors.Wrapf(err, failedToParseCodeBashing) + } } /* Only check for position 0 because at the time we are only sending one queryName and getting as output one codebashing link. But it is possible to easily change it and be able to get multiple codebashing links */ - if decoded.Path == "" { + if len(decoded) == 0 || decoded[0].Path == "" { return nil, nil, NewAstError(lessonNotFoundExitCode, errors.Errorf(noCodebashingLinkAvailable)) } - decoded.Path = fmt.Sprintf("%s%s", codeBashingURL, decoded.Path) - decoded.Path, err = utils.CleanURL(decoded.Path) + decoded[0].Path = fmt.Sprintf("%s%s", codeBashingURL, decoded[0].Path) + decoded[0].Path, err = utils.CleanURL(decoded[0].Path) if err != nil { return nil, nil, NewAstError(lessonNotFoundExitCode, errors.Errorf(noCodebashingLinkAvailable)) } - return decoded, nil, nil + return &decoded, nil, nil default: return nil, nil, errors.Errorf("response status code %d", resp.StatusCode) } @@ -111,7 +117,7 @@ func (r *CodeBashingHTTPWrapper) GetCodeBashingURL(field string) (string, error) return url, nil } -func (*CodeBashingHTTPWrapper) BuildCodeBashingParams(apiParams []CodeBashingParamsCollection) (map[string]string, error) { +func (*CodeBashingHTTPWrapper) BuildCodeBashingParams(apiParams CodeBashingParamsCollection) (map[string]string, error) { // Marshall entire object to string params := make(map[string]string) viewJSON, err := json.Marshal(apiParams) diff --git a/internal/wrappers/codebashing-json.go b/internal/wrappers/codebashing-json.go index 9e5f82dc1..2c52744c1 100644 --- a/internal/wrappers/codebashing-json.go +++ b/internal/wrappers/codebashing-json.go @@ -1,18 +1,25 @@ package wrappers +type CodeBashingTag struct { + UUID string `json:"uuid,omitempty"` + CWE string `json:"cwe,omitempty"` + OWASP string `json:"owasp,omitempty"` + SANS string `json:"sans,omitempty"` +} + type CodeBashingCollection struct { - LessonDisplayName string `json:"lessonDisplayName,omitempty"` - CourseDisplayName string `json:"courseDisplayName,omitempty"` - Duration string `json:"duration,omitempty"` - ImageUrl string `json:"imageUrl,omitempty"` - TagsResult map[string]string `json:"tagsResult,omitempty"` - Path string `json:"lessonUrl,omitempty"` - PotentialPoints string `json:"potentialPoints,omitempty"` + LessonDisplayName string `json:"lessonDisplayName,omitempty"` + CourseDisplayName string `json:"courseDisplayName,omitempty"` + Duration string `json:"duration,omitempty"` + ImageUrl string `json:"imageUrl,omitempty"` + TagsResult []CodeBashingTag `json:"tagsResult,omitempty"` + Path string `json:"lessonUrl,omitempty"` + PotentialPoints int `json:"potentialPoints,omitempty"` } // Wrapper struct to handle API responses with "data" field type CodeBashingResponse struct { - Data CodeBashingCollection `json:"data"` + Data CodeBashingCollection `json:"data,omitempty"` } type CodeBashingParamsCollection struct { diff --git a/internal/wrappers/codebashing.go b/internal/wrappers/codebashing.go index fe2aed50b..e29da4d05 100644 --- a/internal/wrappers/codebashing.go +++ b/internal/wrappers/codebashing.go @@ -3,5 +3,5 @@ package wrappers type CodeBashingWrapper interface { GetCodeBashingLinks(queryId string, codeBashingURL string) (*[]CodeBashingCollection, *WebError, error) GetCodeBashingURL(field string) (string, error) - BuildCodeBashingParams([]CodeBashingParamsCollection) (map[string]string, error) + BuildCodeBashingParams(CodeBashingParamsCollection) (map[string]string, error) } diff --git a/internal/wrappers/mock/codebashing-mock.go b/internal/wrappers/mock/codebashing-mock.go index 6534c1d9f..451976099 100644 --- a/internal/wrappers/mock/codebashing-mock.go +++ b/internal/wrappers/mock/codebashing-mock.go @@ -6,14 +6,11 @@ import ( type CodeBashingMockWrapper struct{} -func (r CodeBashingMockWrapper) GetCodeBashingLinks(params map[string]string, codeBashingURL string) (*wrappers.CodeBashingCollection, *wrappers.WebError, error) { +func (r CodeBashingMockWrapper) GetCodeBashingLinks(params map[string]string, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { collection := &wrappers.CodeBashingCollection{ - Path: "http://example.com/courses/php/lessons/dom_xss", - CweID: "CWE-79", - Language: "PHP", - CxQueryName: "Reflected_XSS_All_Clients", + Path: "http://example.com/courses/php/lessons/dom_xss", } - ret := wrappers.CodeBashingCollection{*collection} + ret := []wrappers.CodeBashingCollection{*collection} return &ret, nil, nil } @@ -23,6 +20,6 @@ func (r CodeBashingMockWrapper) GetCodeBashingURL(field string) ( return "MOCK", nil } -func (r CodeBashingMockWrapper) BuildCodeBashingParams([]wrappers.CodeBashingParamsCollection) (map[string]string, error) { +func (r CodeBashingMockWrapper) BuildCodeBashingParams(wrappers.CodeBashingParamsCollection) (map[string]string, error) { return nil, nil } diff --git a/test/integration/result_test.go b/test/integration/result_test.go index 998349091..ce09dca46 100644 --- a/test/integration/result_test.go +++ b/test/integration/result_test.go @@ -205,7 +205,7 @@ func TestCodeBashingList(t *testing.T) { flag(params.VulnerabilityTypeFlag), "Reflected XSS All Clients", flag(params.CweIDFlag), "79") - codebashing := wrappers.CodeBashingCollection{} + codebashing := []wrappers.CodeBashingCollection{} _ = unmarshall(t, outputBuffer, &codebashing, "Reading results should pass") @@ -223,7 +223,7 @@ func TestCodeBashingListJson(t *testing.T) { flag(params.CweIDFlag), "79", flag(params.FormatFlag), "json") - codebashing := wrappers.CodeBashingCollection{} + codebashing := []wrappers.CodeBashingCollection{} _ = unmarshall(t, outputBuffer, &codebashing, "Reading results should pass") From 243a5c5bed71e13efb3aed884665d6e504411d55 Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Mon, 27 Oct 2025 17:48:02 +0200 Subject: [PATCH 03/12] codebashing --- internal/commands/result.go | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/internal/commands/result.go b/internal/commands/result.go index 67ea4ec0b..5ed70b8a2 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1085,16 +1085,8 @@ func runGetCodeBashingCommand( codeBashingWrapper wrappers.CodeBashingWrapper, ) func(cmd *cobra.Command, args []string) error { return func(cmd *cobra.Command, args []string) error { - //cmd.Flags().GetString(commonParams.LanguageFlag) - //1089818565155602739 - queryId, _ := cmd.Flags().GetString(commonParams.QueryIDFlag) - // Fetch the cached token or a new one to obtain the codebashing URL incoded in the jwt token - _, err := codeBashingWrapper.BuildCodeBashingParams( - wrappers.CodeBashingParamsCollection{ - QueryId: queryId, - }, - ) + queryId, _ := cmd.Flags().GetString(commonParams.QueryIDFlag) codeBashingURL, err := codeBashingWrapper.GetCodeBashingURL(codeBashingKey) if err != nil { return err From 07c8e90b09b4c87ea11c200630f002238307d334 Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Thu, 30 Oct 2025 11:25:41 +0200 Subject: [PATCH 04/12] Update CodeBashing link --- internal/commands/result.go | 8 +++----- internal/wrappers/codebashing-http.go | 19 +++++++++++++++++++ 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/internal/commands/result.go b/internal/commands/result.go index 5ed70b8a2..12ebca331 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1100,11 +1100,9 @@ func runGetCodeBashingCommand( return errors.New(webError.Message) } err = printByFormat(cmd, *CodeBashingModel) - if CodeBashingModel != nil { - model := *CodeBashingModel - if len(model) > 0 && model[0].Path != "" { - logger.Printf("CodeBashing lesson available at: %s", model[0].Path) - } + model := *CodeBashingModel + if len(model) > 0 && model[0].Path != "" { + logger.Printf("CodeBashing lesson available at: %s", model[0].Path) } if err != nil { return errors.Wrapf(err, "%s", failedListingCodeBashing) diff --git a/internal/wrappers/codebashing-http.go b/internal/wrappers/codebashing-http.go index 9eea0ee72..32b1ca186 100644 --- a/internal/wrappers/codebashing-http.go +++ b/internal/wrappers/codebashing-http.go @@ -3,8 +3,11 @@ package wrappers import ( "encoding/json" "fmt" + "github.com/checkmarx/ast-cli/internal/logger" + "github.com/checkmarx/ast-cli/internal/wrappers/configuration" "io" "net/http" + "strings" commonParams "github.com/checkmarx/ast-cli/internal/params" "github.com/checkmarx/ast-cli/internal/wrappers/utils" @@ -20,6 +23,7 @@ const ( noCodebashingLinkAvailable = "No codebashing link available" licenseNotFoundExitCode = 3 lessonNotFoundExitCode = 4 + codeBashingDefaultPath = "https://core-service.codebashing.com/lessons/mapping" ) type CodeBashingHTTPWrapper struct { @@ -37,6 +41,7 @@ func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryId string, codeBashing *WebError, error, ) { + r.path = setCodeBashingDefaultPath(r.path) clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) resp, err := SendHTTPRequestNoBaseCBURL(http.MethodGet, r.path+"/"+queryId, http.NoBody, true, clientTimeout) if err != nil { @@ -92,6 +97,20 @@ func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryId string, codeBashing } } +func setCodeBashingDefaultPath(path string) string { + if path != codeBashingDefaultPath { + configFilePath, err := configuration.GetConfigFilePath() + if err != nil { + logger.PrintfIfVerbose("Error getting config file path: %v", err) + } + err = configuration.SafeWriteSingleConfigKeyString(configFilePath, strings.ToLower(commonParams.CodeBashingPathEnv), codeBashingDefaultPath) + if err != nil { + logger.PrintfIfVerbose("Error writing Risk Management path to config file: %v", err) + } + } + return codeBashingDefaultPath +} + func (r *CodeBashingHTTPWrapper) GetCodeBashingURL(field string) (string, error) { accessToken, err := GetAccessToken() if err != nil { From 88726cd9e17c4528872deb0efbbdfec49ed6c240 Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Thu, 30 Oct 2025 13:56:27 +0200 Subject: [PATCH 05/12] Fix Unit tests --- internal/commands/result_test.go | 79 ++++++++-------------- internal/wrappers/mock/codebashing-mock.go | 14 +++- 2 files changed, 40 insertions(+), 53 deletions(-) diff --git a/internal/commands/result_test.go b/internal/commands/result_test.go index e83c78a04..0a02f93ba 100644 --- a/internal/commands/result_test.go +++ b/internal/commands/result_test.go @@ -27,15 +27,14 @@ import ( const fileName = "cx_result" const ( - resultsCommand = "results" - codeBashingCommand = "codebashing" - vulnerabilityValue = "Reflected XSS All Clients" - languageValue = "PHP" - cweValue = "79" - jsonValue = "json" - tableValue = "table" - listValue = "list" - secretDetectionLine = "| Secret Detection 0 1 1 0 0 Completed |" + resultsCommand = "results" + codeBashingCommand = "codebashing" + queryIDValue = "8481125285487743346" + queryIDWrongValueValue = "11666704984804998184" + jsonValue = "json" + tableValue = "table" + listValue = "list" + secretDetectionLine = "| Secret Detection 0 1 1 0 0 Completed |" ) func flag(f string) string { @@ -553,40 +552,28 @@ func TestRunGetResultsByScanIdWithEmptyOutputPath(t *testing.T) { _ = execCmdNotNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--output-path", "") } -func TestRunGetCodeBashingWithoutLanguage(t *testing.T) { +func TestRunGetCodeBashingWithEmptyQueryId(t *testing.T) { err := execCmdNotNilAssertion( t, resultsCommand, codeBashingCommand, - flag(params.CweIDFlag), - cweValue, - flag(params.VulnerabilityTypeFlag), - vulnerabilityValue) - assert.Equal(t, err.Error(), "required flag(s) \"language\" not set", "Wrong expected error message") + flag(params.QueryIDFlag), + "") + assert.Equal(t, err.Error(), "Cannot GET /lessons/mapping/", "Wrong expected error message") } -func TestRunGetCodeBashingWithoutVulnerabilityType(t *testing.T) { - err := execCmdNotNilAssertion( - t, +func TestRunGetCodeBashingWithEmptyQueryIdThatDoesNotHaveAnLesson(t *testing.T) { + cmd := createASTTestCommand() + buffer, err := executeRedirectedOsStdoutTestCommand(cmd, resultsCommand, codeBashingCommand, - flag(params.CweIDFlag), - cweValue, - flag(params.LanguageFlag), - languageValue) - assert.Equal(t, err.Error(), "required flag(s) \"vulnerability-type\" not set", "Wrong expected error message") -} + flag(params.QueryIDFlag), + queryIDWrongValueValue) -func TestRunGetCodeBashingWithoutCweId(t *testing.T) { - err := execCmdNotNilAssertion( - t, - resultsCommand, - codeBashingCommand, - flag(params.VulnerabilityTypeFlag), - vulnerabilityValue, - flag(params.LanguageFlag), - languageValue) - assert.Equal(t, err.Error(), "required flag(s) \"cwe-id\" not set", "Wrong expected error message") + assert.NilError(t, err, "Command should not return an error") + output := buffer.String() + assert.Assert(t, strings.Contains(output, "/app/home"), "Expected response to contain /app/home path") + assert.Assert(t, !strings.Contains(output, "Cannot GET /lessons/mapping/"), "Response should not contain error message") } func TestRunGetCodeBashingWithFormatJson(t *testing.T) { @@ -594,12 +581,8 @@ func TestRunGetCodeBashingWithFormatJson(t *testing.T) { t, resultsCommand, codeBashingCommand, - flag(params.VulnerabilityTypeFlag), - vulnerabilityValue, - flag(params.LanguageFlag), - languageValue, - flag(params.CweIDFlag), - cweValue, + flag(params.QueryIDFlag), + queryIDValue, flag(params.FormatFlag), jsonValue) } @@ -609,12 +592,8 @@ func TestRunGetCodeBashingWithFormatTable(t *testing.T) { t, resultsCommand, codeBashingCommand, - flag(params.VulnerabilityTypeFlag), - vulnerabilityValue, - flag(params.LanguageFlag), - languageValue, - flag(params.CweIDFlag), - cweValue, + flag(params.QueryIDFlag), + queryIDValue, flag(params.FormatFlag), tableValue) } @@ -624,12 +603,8 @@ func TestRunGetCodeBashingWithFormatList(t *testing.T) { t, resultsCommand, codeBashingCommand, - flag(params.VulnerabilityTypeFlag), - vulnerabilityValue, - flag(params.LanguageFlag), - languageValue, - flag(params.CweIDFlag), - cweValue, + flag(params.QueryIDFlag), + queryIDValue, flag(params.FormatFlag), listValue) } diff --git a/internal/wrappers/mock/codebashing-mock.go b/internal/wrappers/mock/codebashing-mock.go index 451976099..2753ceac5 100644 --- a/internal/wrappers/mock/codebashing-mock.go +++ b/internal/wrappers/mock/codebashing-mock.go @@ -6,7 +6,19 @@ import ( type CodeBashingMockWrapper struct{} -func (r CodeBashingMockWrapper) GetCodeBashingLinks(params map[string]string, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { +func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryId string, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { + if queryId == "" { + return nil, &wrappers.WebError{Message: "Cannot GET /lessons/mapping/"}, nil + } + + if queryId == "11666704984804998184" { + collection := &wrappers.CodeBashingCollection{ + Path: "/app/home", + } + ret := []wrappers.CodeBashingCollection{*collection} + return &ret, nil, nil + } + collection := &wrappers.CodeBashingCollection{ Path: "http://example.com/courses/php/lessons/dom_xss", } From a20413ed1ebd54669469a431be661e188d17e37e Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Thu, 30 Oct 2025 16:04:17 +0200 Subject: [PATCH 06/12] Fix Integration tests --- test/integration/result_test.go | 44 +++++++++++++++------------------ 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/test/integration/result_test.go b/test/integration/result_test.go index ce09dca46..0d8ba0943 100644 --- a/test/integration/result_test.go +++ b/test/integration/result_test.go @@ -21,10 +21,11 @@ import ( ) const ( - fileName = "result-test" - resultsDirectory = "output-results-folder/" - fileExtention = "report.json" - + fileName = "result-test" + resultsDirectory = "output-results-folder/" + fileExtention = "report.json" + queryIDWrongValueValue = "11666704984804998184" + queryIDValue = "8481125285487743346" //---------------------------------------------------------------------------------------------------------------------- // This ScanIDWithDevAndTestDep is associated with the CXOne project: ASTCLI/HideDevAndTestsVulnerabilities/Test (DEU, Galactica tenant). // All vulnerable packages in this project have been snoozed or muted, so no vulnerabilities should appear in this scan. @@ -192,7 +193,7 @@ func TestCodeBashingParamFailed(t *testing.T) { } err, _ := executeCommand(t, args...) - assertError(t, err, "required flag(s) \"cwe-id\", \"language\", \"vulnerability-type\" not set") + assertError(t, err, "required flag(s) \"query-id\" not set") } func TestCodeBashingList(t *testing.T) { @@ -201,9 +202,7 @@ func TestCodeBashingList(t *testing.T) { "Getting results should pass", "results", "codebashing", - flag(params.LanguageFlag), "PHP", - flag(params.VulnerabilityTypeFlag), "Reflected XSS All Clients", - flag(params.CweIDFlag), "79") + flag(params.QueryIDFlag), queryIDValue) codebashing := []wrappers.CodeBashingCollection{} @@ -218,9 +217,7 @@ func TestCodeBashingListJson(t *testing.T) { "Getting results should pass", "results", "codebashing", - flag(params.LanguageFlag), "PHP", - flag(params.VulnerabilityTypeFlag), "Reflected XSS All Clients", - flag(params.CweIDFlag), "79", + flag(params.QueryIDFlag), queryIDValue, flag(params.FormatFlag), "json") codebashing := []wrappers.CodeBashingCollection{} @@ -236,34 +233,33 @@ func TestCodeBashingListTable(t *testing.T) { "Getting results should pass", "results", "codebashing", - flag(params.LanguageFlag), "PHP", - flag(params.VulnerabilityTypeFlag), "Reflected XSS All Clients", - flag(params.CweIDFlag), "79", + flag(params.QueryIDFlag), queryIDValue, flag(params.FormatFlag), "table") assert.Assert(t, outputBuffer != nil, "Should exist codebashing link") } func TestCodeBashingListEmpty(t *testing.T) { - args := []string{ + outputBuffer := executeCmdNilAssertion( + t, + "Getting results should pass", "results", "codebashing", - flag(params.LanguageFlag), "PHP", - flag(params.VulnerabilityTypeFlag), "Reflected XSS All Clients", - flag(params.CweIDFlag), "11", - } + flag(params.QueryIDFlag), queryIDWrongValueValue) - err, _ := executeCommand(t, args...) - assertError(t, err, "No codebashing link available") + assert.Assert(t, outputBuffer != nil, "Output buffer should not be nil") + output := outputBuffer.String() + assert.Assert(t, + strings.Contains(output, "lessonUrl") && + strings.Contains(output, "/app/home"), + "Output should contain expected codebashing lesson information") } func TestCodeBashingFailedListingAuth(t *testing.T) { args := []string{ "results", "codebashing", - flag(params.LanguageFlag), "PHP", - flag(params.VulnerabilityTypeFlag), "Reflected XSS All Clients", - flag(params.CweIDFlag), "11", + flag(params.QueryIDFlag), queryIDValue, flag(params.AccessKeySecretFlag), "mock", flag(params.AccessKeyIDFlag), "mock", flag(params.AstAPIKeyFlag), "mock", From cd1a3f5f18c99b4be5466152bcd0af6d88ba9a6d Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Thu, 30 Oct 2025 16:17:12 +0200 Subject: [PATCH 07/12] Update from queryId to queryID --- internal/commands/result.go | 4 ++-- internal/wrappers/codebashing-http.go | 4 ++-- internal/wrappers/codebashing-json.go | 4 ++-- internal/wrappers/codebashing.go | 2 +- internal/wrappers/mock/codebashing-mock.go | 6 +++--- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/internal/commands/result.go b/internal/commands/result.go index 12ebca331..db3a245ca 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -1086,13 +1086,13 @@ func runGetCodeBashingCommand( ) func(cmd *cobra.Command, args []string) error { return func(cmd *cobra.Command, args []string) error { - queryId, _ := cmd.Flags().GetString(commonParams.QueryIDFlag) + queryID, _ := cmd.Flags().GetString(commonParams.QueryIDFlag) codeBashingURL, err := codeBashingWrapper.GetCodeBashingURL(codeBashingKey) if err != nil { return err } // Make the request to the api to obtain the codebashing link and send the codebashing url to enrich the path - CodeBashingModel, webError, err := codeBashingWrapper.GetCodeBashingLinks(queryId, codeBashingURL) + CodeBashingModel, webError, err := codeBashingWrapper.GetCodeBashingLinks(queryID, codeBashingURL) if err != nil { return err } diff --git a/internal/wrappers/codebashing-http.go b/internal/wrappers/codebashing-http.go index 32b1ca186..3db51641d 100644 --- a/internal/wrappers/codebashing-http.go +++ b/internal/wrappers/codebashing-http.go @@ -36,14 +36,14 @@ func NewCodeBashingHTTPWrapper(path string) *CodeBashingHTTPWrapper { } } -func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryId string, codeBashingURL string) ( +func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryID string, codeBashingURL string) ( *[]CodeBashingCollection, *WebError, error, ) { r.path = setCodeBashingDefaultPath(r.path) clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - resp, err := SendHTTPRequestNoBaseCBURL(http.MethodGet, r.path+"/"+queryId, http.NoBody, true, clientTimeout) + resp, err := SendHTTPRequestNoBaseCBURL(http.MethodGet, r.path+"/"+queryID, http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } diff --git a/internal/wrappers/codebashing-json.go b/internal/wrappers/codebashing-json.go index 2c52744c1..8e3cefe3a 100644 --- a/internal/wrappers/codebashing-json.go +++ b/internal/wrappers/codebashing-json.go @@ -11,7 +11,7 @@ type CodeBashingCollection struct { LessonDisplayName string `json:"lessonDisplayName,omitempty"` CourseDisplayName string `json:"courseDisplayName,omitempty"` Duration string `json:"duration,omitempty"` - ImageUrl string `json:"imageUrl,omitempty"` + ImageURL string `json:"imageUrl,omitempty"` TagsResult []CodeBashingTag `json:"tagsResult,omitempty"` Path string `json:"lessonUrl,omitempty"` PotentialPoints int `json:"potentialPoints,omitempty"` @@ -23,5 +23,5 @@ type CodeBashingResponse struct { } type CodeBashingParamsCollection struct { - QueryId string `json:"queryId,omitempty"` + QueryID string `json:"queryId,omitempty"` } diff --git a/internal/wrappers/codebashing.go b/internal/wrappers/codebashing.go index e29da4d05..fd332c5cb 100644 --- a/internal/wrappers/codebashing.go +++ b/internal/wrappers/codebashing.go @@ -1,7 +1,7 @@ package wrappers type CodeBashingWrapper interface { - GetCodeBashingLinks(queryId string, codeBashingURL string) (*[]CodeBashingCollection, *WebError, error) + GetCodeBashingLinks(queryID string, codeBashingURL string) (*[]CodeBashingCollection, *WebError, error) GetCodeBashingURL(field string) (string, error) BuildCodeBashingParams(CodeBashingParamsCollection) (map[string]string, error) } diff --git a/internal/wrappers/mock/codebashing-mock.go b/internal/wrappers/mock/codebashing-mock.go index 2753ceac5..ea2fbab4f 100644 --- a/internal/wrappers/mock/codebashing-mock.go +++ b/internal/wrappers/mock/codebashing-mock.go @@ -6,12 +6,12 @@ import ( type CodeBashingMockWrapper struct{} -func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryId string, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { - if queryId == "" { +func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryID string, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { + if queryID == "" { return nil, &wrappers.WebError{Message: "Cannot GET /lessons/mapping/"}, nil } - if queryId == "11666704984804998184" { + if queryID == "11666704984804998184" { collection := &wrappers.CodeBashingCollection{ Path: "/app/home", } From abaae068d6d2ce38e11022129cc681c320da9c49 Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Thu, 30 Oct 2025 16:35:00 +0200 Subject: [PATCH 08/12] Fix --- internal/wrappers/codebashing-http.go | 11 ++++++----- internal/wrappers/mock/codebashing-mock.go | 4 +++- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/internal/wrappers/codebashing-http.go b/internal/wrappers/codebashing-http.go index 3db51641d..2b832eb00 100644 --- a/internal/wrappers/codebashing-http.go +++ b/internal/wrappers/codebashing-http.go @@ -3,17 +3,18 @@ package wrappers import ( "encoding/json" "fmt" - "github.com/checkmarx/ast-cli/internal/logger" - "github.com/checkmarx/ast-cli/internal/wrappers/configuration" "io" "net/http" "strings" - commonParams "github.com/checkmarx/ast-cli/internal/params" - "github.com/checkmarx/ast-cli/internal/wrappers/utils" "github.com/golang-jwt/jwt/v5" "github.com/pkg/errors" "github.com/spf13/viper" + + "github.com/checkmarx/ast-cli/internal/logger" + commonParams "github.com/checkmarx/ast-cli/internal/params" + "github.com/checkmarx/ast-cli/internal/wrappers/configuration" + "github.com/checkmarx/ast-cli/internal/wrappers/utils" ) const ( @@ -36,7 +37,7 @@ func NewCodeBashingHTTPWrapper(path string) *CodeBashingHTTPWrapper { } } -func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryID string, codeBashingURL string) ( +func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryID, codeBashingURL string) ( *[]CodeBashingCollection, *WebError, error, diff --git a/internal/wrappers/mock/codebashing-mock.go b/internal/wrappers/mock/codebashing-mock.go index ea2fbab4f..23461c824 100644 --- a/internal/wrappers/mock/codebashing-mock.go +++ b/internal/wrappers/mock/codebashing-mock.go @@ -1,15 +1,17 @@ package mock import ( + commonParams "github.com/checkmarx/ast-cli/internal/params" "github.com/checkmarx/ast-cli/internal/wrappers" ) type CodeBashingMockWrapper struct{} -func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryID string, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { +func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryID, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { if queryID == "" { return nil, &wrappers.WebError{Message: "Cannot GET /lessons/mapping/"}, nil } + codeBashingURL = commonParams.CodeBashingPathEnv if queryID == "11666704984804998184" { collection := &wrappers.CodeBashingCollection{ From 92ac4447920c06265d30b116b386dafea2b5738d Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Thu, 30 Oct 2025 16:50:22 +0200 Subject: [PATCH 09/12] Fix --- internal/wrappers/mock/codebashing-mock.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/internal/wrappers/mock/codebashing-mock.go b/internal/wrappers/mock/codebashing-mock.go index 23461c824..1f0345b72 100644 --- a/internal/wrappers/mock/codebashing-mock.go +++ b/internal/wrappers/mock/codebashing-mock.go @@ -1,17 +1,15 @@ package mock import ( - commonParams "github.com/checkmarx/ast-cli/internal/params" "github.com/checkmarx/ast-cli/internal/wrappers" ) type CodeBashingMockWrapper struct{} -func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryID, codeBashingURL string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { +func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryID string, _ string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { if queryID == "" { return nil, &wrappers.WebError{Message: "Cannot GET /lessons/mapping/"}, nil } - codeBashingURL = commonParams.CodeBashingPathEnv if queryID == "11666704984804998184" { collection := &wrappers.CodeBashingCollection{ From 884a197d34ffef278c8480cb0dbb204c07442dc0 Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Thu, 30 Oct 2025 17:03:56 +0200 Subject: [PATCH 10/12] Fix --- internal/wrappers/mock/codebashing-mock.go | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/internal/wrappers/mock/codebashing-mock.go b/internal/wrappers/mock/codebashing-mock.go index 1f0345b72..0bccdd304 100644 --- a/internal/wrappers/mock/codebashing-mock.go +++ b/internal/wrappers/mock/codebashing-mock.go @@ -6,7 +6,7 @@ import ( type CodeBashingMockWrapper struct{} -func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryID string, _ string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { +func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryID, _ string) (*[]wrappers.CodeBashingCollection, *wrappers.WebError, error) { if queryID == "" { return nil, &wrappers.WebError{Message: "Cannot GET /lessons/mapping/"}, nil } @@ -26,12 +26,10 @@ func (r CodeBashingMockWrapper) GetCodeBashingLinks(queryID string, _ string) (* return &ret, nil, nil } -func (r CodeBashingMockWrapper) GetCodeBashingURL(field string) ( - string, error, -) { +func (r CodeBashingMockWrapper) GetCodeBashingURL(_ string) (string, error) { return "MOCK", nil } -func (r CodeBashingMockWrapper) BuildCodeBashingParams(wrappers.CodeBashingParamsCollection) (map[string]string, error) { +func (r CodeBashingMockWrapper) BuildCodeBashingParams(_ wrappers.CodeBashingParamsCollection) (map[string]string, error) { return nil, nil } From 061e733ae26bb1e64d59a6aca3f283222ddf66fc Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Mon, 3 Nov 2025 11:51:07 +0200 Subject: [PATCH 11/12] Add debug flag --- test/integration/result_test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/integration/result_test.go b/test/integration/result_test.go index 0d8ba0943..1a5ec44dd 100644 --- a/test/integration/result_test.go +++ b/test/integration/result_test.go @@ -202,6 +202,7 @@ func TestCodeBashingList(t *testing.T) { "Getting results should pass", "results", "codebashing", + "--debug", flag(params.QueryIDFlag), queryIDValue) codebashing := []wrappers.CodeBashingCollection{} @@ -217,6 +218,7 @@ func TestCodeBashingListJson(t *testing.T) { "Getting results should pass", "results", "codebashing", + "--debug", flag(params.QueryIDFlag), queryIDValue, flag(params.FormatFlag), "json") @@ -233,6 +235,7 @@ func TestCodeBashingListTable(t *testing.T) { "Getting results should pass", "results", "codebashing", + "--debug", flag(params.QueryIDFlag), queryIDValue, flag(params.FormatFlag), "table") @@ -245,6 +248,7 @@ func TestCodeBashingListEmpty(t *testing.T) { "Getting results should pass", "results", "codebashing", + "--debug", flag(params.QueryIDFlag), queryIDWrongValueValue) assert.Assert(t, outputBuffer != nil, "Output buffer should not be nil") From fcd7ee035fcd6c74ab47df0a84017c487852380c Mon Sep 17 00:00:00 2001 From: cx-Margarita-LevitM Date: Mon, 3 Nov 2025 16:14:34 +0200 Subject: [PATCH 12/12] refactory --- internal/wrappers/client.go | 34 +++++++++++++++++---------- internal/wrappers/codebashing-http.go | 2 +- 2 files changed, 22 insertions(+), 14 deletions(-) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index d6ed9db56..e5b9d212d 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -44,11 +44,15 @@ const ( jwtError = "Error retrieving %s from jwt token" basicFormat = "Basic %s" bearerFormat = "Bearer %s" - onlyTokenFormat = "%s" - contentTypeHeader = "Content-Type" - formURLContentType = "application/x-www-form-urlencoded" - jsonContentType = "application/json" - defaultDialerDuration = 30 * time.Second + // Can be removed once CodeBashing team will add support for + //http://core-service.codebashing.com/lessons/mapping/{queryId} + //with --header 'Authorization: Bearer ' currently + //supports only --header 'Authorization: ' + onlyTokenFormat = "%s" + contentTypeHeader = "Content-Type" + formURLContentType = "application/x-www-form-urlencoded" + jsonContentType = "application/json" + defaultDialerDuration = 30 * time.Second ) var ( @@ -340,14 +344,10 @@ func SendHTTPRequest(method, path string, body io.Reader, auth bool, timeout uin return SendHTTPRequestByFullURL(method, u, body, auth, timeout, accessToken, true) } -func SendHTTPRequestNoBaseURL(method, path string, body io.Reader, auth bool, timeout uint) (*http.Response, error) { - _, accessToken, err := getURLAndAccessToken(path) - if err != nil { - return nil, err - } - return SendHTTPRequestByFullURL(method, path, body, auth, timeout, accessToken, true) -} - +// Can be removed once CodeBashing team will add support for +// http://core-service.codebashing.com/lessons/mapping/{queryId} +// with --header 'Authorization: Bearer ' currently +// supports only --header 'Authorization: ' func SendHTTPRequestNoBaseCBURL(method, path string, body io.Reader, auth bool, timeout uint) (*http.Response, error) { _, accessToken, err := getURLAndAccessToken(path) if err != nil { @@ -375,6 +375,10 @@ func SendHTTPRequestByFullURL( return SendHTTPRequestByFullURLContentLength(method, fullURL, body, -1, auth, timeout, accessToken, bodyPrint) } +// Can be removed once CodeBashing team will add support for +// http://core-service.codebashing.com/lessons/mapping/{queryId} +// with --header 'Authorization: Bearer ' currently +// supports only --header 'Authorization: ' func SendHTTPRequestWithoutBearerTagByFullURL( method, fullURL string, body io.Reader, @@ -413,6 +417,10 @@ func SendHTTPRequestByFullURLContentLength( return request(client, req, bodyPrint) } +// Can be removed once CodeBashing team will add support for +// http://core-service.codebashing.com/lessons/mapping/{queryId} +// with --header 'Authorization: Bearer ' currently +// allow only --header 'Authorization: ' func SendHTTPRequestWithoutBearerTagByFullURLContentLength( method, fullURL string, body io.Reader, diff --git a/internal/wrappers/codebashing-http.go b/internal/wrappers/codebashing-http.go index 2b832eb00..229a57b33 100644 --- a/internal/wrappers/codebashing-http.go +++ b/internal/wrappers/codebashing-http.go @@ -70,7 +70,6 @@ func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryID, codeBashingURL str } err = json.Unmarshal(body, &decoded) if err != nil { - // Try unmarshaling as wrapped response with "data" field var wrappedResponse CodeBashingResponse if err2 := json.Unmarshal(body, &wrappedResponse); err2 == nil { decoded = []CodeBashingCollection{wrappedResponse.Data} @@ -98,6 +97,7 @@ func (r *CodeBashingHTTPWrapper) GetCodeBashingLinks(queryID, codeBashingURL str } } +// Added this function to update the cx_code_bashing field in the existing config file. func setCodeBashingDefaultPath(path string) string { if path != codeBashingDefaultPath { configFilePath, err := configuration.GetConfigFilePath()