module OwaspZap class Auth attr_accessor :ctx,:base def initialize(params = {}) @ctx = params[:context] || 1 #default context is the1 @base = params[:base] || "" end # # define dynamically the methods from: # # [:login_url, :logout_url, :login_data, :logout_data, :logged_in_indicator, :logged_out_indicator].each do |method| define_method method do RestClient::get "#{@base}/auth/view/#{to_url(method)}/?zapapiformat=JSON&contextId=#{@ctx}" end end # # define methods login, logout # # [:login,:logout].each do |method| define_method method do RestClient::get "#{@base}/auth/action/#{to_url(method)}/?zapapiformat=JSON&contextId=#{@ctx}" end end # params: # args a hash with the following keys -> values # url: url including http:// # post_data: an already encoded string like "" # TODO: offer a way to encode it, giving a hash? def set_login_url(args) set_query "#{@base}/auth/action/setLoginUrl/",:postData=>args[:post_data] end def set_logout_url(args) set_query "#{@base}/auth/action/setLogoutUrl/",:postData=>args[:post_data] end def set_logged_in_indicator(args) set_query "#{@base}/auth/action/setLoggedInIndicator/",:postData=>args[:indicator] end def set_logged_out_indicator(args) set_query "#{@base}/auth/action/setLoggedOutIndicator/", :indicator=>args[:indicator] end private # addr a string like #{@base}/auth/foo/bar # params a hash with custom params that should be added to the query_values def set_query(addr, params) default_params = {:zapapiformat=>"JSON",:url=>args[:url],:contextId=>@ctx} url Addressable::URI.parse addr url.query_values = default_params.merge(params) RestClient::get url.normalize.to_str end def to_url(str) method_str = str.to_s method_str.extend OwaspZap::StringExtension # monkey patch just this instance method_str.camel_case end def to_method(str) method_str = str.to_s method_str.extend OwaspZap::StringExtension # monkey patch just this instance method_str.snake_case end end end