add support for simulator api (#68)

* add support for simulator api * simulator * update * update comments
signalsciences · Jan 23, 2025 · b105468 · b105468
1 parent 7a639e9
commit b105468
Show file tree

Hide file tree

Showing 2 changed files with 71 additions and 0 deletions.
diff --git a/api.go b/api.go
@@ -3039,3 +3039,49 @@ func (sc *Client) UpdateEdgeDeploymentBackends(corpName, siteName, fastlySID str
 
 	return err
 }
+
+// Simulation request the sample request and response for the simulation test
+type SimulationBody struct {
+	SampleRequest  string `json:"sample_request"`
+	SampleResponse string `json:"sample_response"`
+}
+
+// SimulationResponse the response of the simulation test
+type ResponseSimulationBody struct {
+	Data struct {
+		WafResponse  int `json:"waf_response"`
+		ResponseCode int `json:"response_code"`
+		ResponseSize int `json:"response_size"`
+		Signals      []struct {
+			Type      string `json:"type"`
+			Location  string `json:"location"`
+			Name      string `json:"name"`
+			Value     string `json:"value"`
+			Detector  string `json:"detector"`
+			Redaction int    `json:"redaction"`
+		} `json:"signals"`
+	} `json:"data"`
+}
+
+// getResponseSimulationBody gets the simulation response
+func getResponseSimulationBody(response []byte) (ResponseSimulationBody, error) {
+	var responseSimulation ResponseSimulationBody
+	err := json.Unmarshal(response, &responseSimulation)
+	if err != nil {
+		return ResponseSimulationBody{}, err
+	}
+	return responseSimulation, nil
+}
+
+// SendSimulation sends a simulation test and returns the response
+func (sc *Client) SendSimulation(corpName, siteName string, body SimulationBody) (ResponseSimulationBody, error) {
+	b, err := json.Marshal(body)
+	if err != nil {
+		return ResponseSimulationBody{}, err
+	}
+	resp, err := sc.doRequest("POST", fmt.Sprintf("/v0/corps/%s/sites/%s/simulator", corpName, siteName), string(b))
+	if err != nil {
+		return ResponseSimulationBody{}, err
+	}
+	return getResponseSimulationBody(resp)
+}
diff --git a/api_test.go b/api_test.go
@@ -1886,3 +1886,28 @@ func TestCRUDSiteRequestRule(t *testing.T) {
 		t.Fatal(err)
 	}
 }
+
+func TestSendSimulation(t *testing.T) {
+	sc := NewTokenClient(testcreds.email, testcreds.token)
+	corp := testcreds.corp
+	site := testcreds.site
+	body := SimulationBody{
+		// sample request with xss paylaod
+		SampleRequest:  `POST /?q=<script>alert(1)</script> HTTP/1.1\nHost: sample.foo\n\n`,
+		SampleResponse: `HTTP/1.1 200 OK`,
+	}
+	responseSimulation, err := sc.SendSimulation(corp, site, body)
+	if err != nil {
+		t.Fatal(err)
+	}
+	// check for XSS signal
+	found := false
+	for _, signal := range responseSimulation.Data.Signals {
+		if signal.Type == "XSS" {
+			found = true
+		}
+	}
+	if !found {
+		t.Errorf("XSS signal expected, but not found")
+	}
+}