From 998da3454d85cdb3ea0b125138fc9b94ca2c2345 Mon Sep 17 00:00:00 2001 From: Ken McDonald Date: Wed, 2 Sep 2020 09:02:11 -0400 Subject: [PATCH] Fixing Shard SOAP Authentication Token (#105) * Fix for soap session handler * Update to version 0.4.40 --- pom.xml | 2 +- .../sdk/ShardManager/ShardSession.java | 18 ++++++++++++++++++ .../checkmarx/sdk/service/CxAuthService.java | 14 ++++++++++++-- .../checkmarx/sdk/service/CxLegacyService.java | 13 ++++++++++++- 4 files changed, 43 insertions(+), 4 deletions(-) diff --git a/pom.xml b/pom.xml index d94c5856..00460843 100644 --- a/pom.xml +++ b/pom.xml @@ -10,7 +10,7 @@ com.github.checkmarx-ts cx-spring-boot-sdk - 0.4.39 + 0.4.40 cx-spring-boot-sdk Checkmarx Java Spring Boot SDK diff --git a/src/main/java/com/checkmarx/sdk/ShardManager/ShardSession.java b/src/main/java/com/checkmarx/sdk/ShardManager/ShardSession.java index 77211b2c..0db503c5 100644 --- a/src/main/java/com/checkmarx/sdk/ShardManager/ShardSession.java +++ b/src/main/java/com/checkmarx/sdk/ShardManager/ShardSession.java @@ -7,6 +7,8 @@ public class ShardSession { private WebServiceTemplate ws = null; private WebServiceTemplate shardWs = null; + private String soapToken = ""; + private LocalDateTime soapTokenExpires = null; private String name = ""; private String team = ""; private String project = ""; @@ -33,6 +35,22 @@ public WebServiceTemplate getShardWs() { return shardWs; } + public String getSoapToken() { + return soapToken; + } + + public void setSoapToken(String soapToken) { + this.soapToken = soapToken; + } + + public LocalDateTime getSoapTokenExpires() { + return soapTokenExpires; + } + + public void setSoapTokenExpires(LocalDateTime soapTokenExpires) { + this.soapTokenExpires = soapTokenExpires; + } + public boolean getShardFound() { return shardFound; } diff --git a/src/main/java/com/checkmarx/sdk/service/CxAuthService.java b/src/main/java/com/checkmarx/sdk/service/CxAuthService.java index a877fb7d..bf5f13b1 100644 --- a/src/main/java/com/checkmarx/sdk/service/CxAuthService.java +++ b/src/main/java/com/checkmarx/sdk/service/CxAuthService.java @@ -148,6 +148,11 @@ public String getSoapAuthToken(String username, String password) { } soapToken = response.getAccessToken(); soapTokenExpires = LocalDateTime.now().plusSeconds(response.getExpiresIn()-500); //expire 500 seconds early + if(cxProperties.getEnableShardManager()) { + ShardSession shard = sessionTracker.getShardSession(); + shard.setSoapToken(soapToken); + shard.setSoapTokenExpires(soapTokenExpires); + } } catch (NullPointerException | HttpStatusCodeException e) { log.error("Error occurred white obtaining Access Token. Possibly incorrect credentials"); @@ -198,10 +203,15 @@ private boolean isTokenExpired() { } private boolean isSoapTokenExpired() { - if (soapTokenExpires == null) { + LocalDateTime curTokenExpires = soapTokenExpires; + if(cxProperties.getEnableShardManager()) { + ShardSession shard = sessionTracker.getShardSession(); + curTokenExpires = shard.getSoapTokenExpires(); + } + if (curTokenExpires == null) { return true; } - return LocalDateTime.now().isAfter(soapTokenExpires); + return LocalDateTime.now().isAfter(curTokenExpires); } private boolean isSessionTokenExpired() { diff --git a/src/main/java/com/checkmarx/sdk/service/CxLegacyService.java b/src/main/java/com/checkmarx/sdk/service/CxLegacyService.java index a471b79c..07d588e0 100644 --- a/src/main/java/com/checkmarx/sdk/service/CxLegacyService.java +++ b/src/main/java/com/checkmarx/sdk/service/CxLegacyService.java @@ -90,6 +90,10 @@ public String login(String username, String password) throws CheckmarxLegacyExce try { if(!response.getLoginV2Result().isIsSuccesfull()) throw new CheckmarxLegacyException("Authentication Error"); + if(properties.getEnableShardManager()) { + ShardSession shard = sessionTracker.getShardSession(); + shard.setSoapToken(response.getLoginV2Result().getSessionId()); + } return response.getLoginV2Result().getSessionId(); } catch(NullPointerException e){ @@ -545,13 +549,20 @@ Integer getLdapServerId(String session, String serverName) throws CheckmarxExce } private WebServiceMessageCallback getWSCallback(String callbackUri, String token){ + String curToken; + if(properties.getEnableShardManager()) { + ShardSession shard = sessionTracker.getShardSession(); + curToken = shard.getSoapToken(); + } else { + curToken = token; + } return message -> { SoapMessage soapMessage = (SoapMessage) message; soapMessage.setSoapAction(callbackUri); TransportContext context = TransportContextHolder.getTransportContext(); HttpUrlConnection connection = (HttpUrlConnection) context.getConnection(); try { - if(!ScanUtils.empty(token) && properties.getVersion() >= 9.0) { + if(!ScanUtils.empty(curToken) && properties.getVersion() >= 9.0) { connection.addRequestHeader(HttpHeaders.AUTHORIZATION, "Bearer ".concat(token)); } }catch (IOException e){