This repository has been archived by the owner on Mar 5, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathapi.go
92 lines (71 loc) · 2.62 KB
/
api.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package main
import (
"fmt"
"io"
"net/http"
"net/url"
"os"
"strings"
"github.com/antfie/veracode-go-hmac-authentication/hmac"
"github.com/fatih/color"
)
type API struct {
id string
key string
region string
}
func (api API) makeApiRequest(apiUrl, httpMethod string) []byte {
if api.region == "us" {
apiUrl = strings.Replace(apiUrl, ".com", ".us", 1)
} else if api.region == "eu" {
apiUrl = strings.Replace(apiUrl, ".com", ".eu", 1)
}
parsedUrl, err := url.Parse(apiUrl)
if err != nil {
color.HiRed("Error: Invalid API URL")
os.Exit(1)
}
client := &http.Client{}
req, err := http.NewRequest(httpMethod, parsedUrl.String(), nil)
if err != nil {
color.HiRed("Error: Could not create API request")
os.Exit(1)
}
authorizationHeader, err := hmac.CalculateAuthorizationHeader(parsedUrl, httpMethod, api.id, api.key)
if err != nil {
color.HiRed("Error: Could not calculate the authorization header")
os.Exit(1)
}
req.Header.Add("Authorization", authorizationHeader)
req.Header.Add("User-Agent", fmt.Sprintf("ScanCompare/%s", AppVersion))
resp, err := client.Do(req)
if err != nil {
color.HiRed("Error: There was a problem communicating with the API. Please check your connectivity and the service status page at https://status.veracode.com")
os.Exit(1)
}
if resp.StatusCode == 401 {
if strings.HasSuffix(parsedUrl.Path, "getmaintenancescheduleinfo.do") {
color.HiRed("Error: There was a problem with your credentials. Please check your credentials are valid for this Veracode region. For help contact your Veracode administrator.")
} else {
color.HiRed("Error: You are not authorized to perform this action. Please check you have the \"Results API\" user role set. For help contact your Veracode administrator and refer to https://docs.veracode.com/r/c_API_roles_details")
}
os.Exit(1)
}
if resp.StatusCode == 403 {
color.HiRed("Error: This request was forbidden. Ensure you can view these scans within the Veracode Platform. For help contact your Veracode administrator and refer to https://docs.veracode.com/r/c_API_roles_details")
os.Exit(1)
}
if resp.StatusCode != http.StatusOK {
color.HiRed(fmt.Sprintf("Error: API request returned status of %s", resp.Status))
os.Exit(1)
}
body, err := io.ReadAll(resp.Body)
if err != nil {
color.HiRed("Error: There was a problem processing the API response. Please check your connectivity and the service status page at https://status.veracode.com")
os.Exit(1)
}
return body
}
func (api API) assertCredentialsWork() {
api.makeApiRequest("https://analysiscenter.veracode.com/api/3.0/getmaintenancescheduleinfo.do", http.MethodGet)
}