# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details. # frozen_string_literal: true require 'contrast/utils/string_utils' require 'contrast/components/logger' module Contrast module Agent module Reporting # This is the new Route Discovery Observation class which will include all the needed information for the new # reporting system to relay this information in the Application Update messages. These route observations are # used by TeamServer to construct the route coverage information for the assess feature. They represent the # literal URL and HTTP verb used to invoke a method in the application, as routed by the application framework. class RouteDiscoveryObservation include Contrast::Components::Logger::InstanceMethods # @return [String] the URL requested to hit this endpoint. Required for reporting; required attributes attr_accessor :url # @return [String] the HTTP Method requested to his this endpoint. Empty means all, so is allowed for # reporting; optional attributes attr_accessor :verb def initialize url, verb @url = url @verb = verb if Contrast::Utils::StringUtils.present?(verb) end # Convert the instance variables on the class, and other information, into the identifiers required for # TeamServer to process the JSON form of this message. # # @return [Hash] # @raise [ArgumentError] def to_controlled_hash begin validate rescue ArgumentError => e logger.error('RouteDiscoveryObservation validation failed with: ', e) return end { url: url, verb: verb }.compact end # Ensure the required fields are present. # # @raise [ArgumentError] def validate raise(ArgumentError, "#{ self } did not have a proper url. Unable to continue.") unless url end end end end end