Merge branch 'main' into fix-for-subflow-loop

blobs.go

@@ -30,6 +30,66 @@ WORKDIR /app
 CMD ["python", "app.py", "--log-level", "DEBUG"]`)
 }
 
+// For now, just keeping it as a blob.
+func GetAppCategories() []AppCategory{ 
+	return []AppCategory{
+		AppCategory{
+			Name: "Communication",
+			Color: "#FFC107",
+			Icon: "communication",
+			ActionLabels: []string{"List Messages", "Send Message", "Get Message", "Search messages", "List Attachments", "Get Attachment", "Get Contact"},
+		},
+		AppCategory{
+			Name: "SIEM",
+			Color: "#FFC107",
+			Icon: "siem",
+			ActionLabels: []string{"Search", "List Alerts", "Close Alert",  "Get Alert",  "Create detection", "Add to lookup list", "Isolate endpoint"},
+		},
+		AppCategory{
+			Name: "Eradication",
+			Color: "#FFC107",
+			Icon: "eradication",
+			ActionLabels: []string{"List Alerts", "Close Alert", "Get Alert", "Create detection", "Block hash", "Search Hosts", "Isolate host", "Unisolate host", "Trigger host scan"},
+		},
+		AppCategory{
+			Name: "Cases",
+			Color: "#FFC107",
+			Icon: "cases",
+			ActionLabels:  []string{"List tickets", "Get ticket", "Create ticket", "Close ticket", "Add comment", "Update ticket", "Search tickets"},
+		},
+		AppCategory{
+			Name: "Assets",
+			Color: "#FFC107",
+			Icon: "assets",
+			ActionLabels:  []string{"List Assets", "Get Asset", "Search Assets", "Search Users", "Search endpoints", "Search vulnerabilities"},
+		},
+		AppCategory{
+			Name: "Intel",
+			Color: "#FFC107",
+			Icon: "intel",
+			ActionLabels:  []string{"Get IOC", "Search IOC", "Create IOC", "Update IOC", "Delete IOC"},
+		},
+		AppCategory{
+			Name: "IAM",
+			Color: "#FFC107",
+			Icon: "iam",
+			ActionLabels:  []string{"Reset Password", "Enable user", "Disable user", "Get Identity", "Get Asset", "Search Identity", "Get KMS Key"},
+		},
+		AppCategory{
+			Name: "Network",
+			Color: "#FFC107",
+			Icon: "network",
+			ActionLabels:  []string{"Get Rules", "Allow IP", "Block IP"},
+		},
+		AppCategory{
+			Name: "Other",
+			Color: "#FFC107",
+			Icon: "other",
+			ActionLabels:  []string{"Update Info", "Get Info", "Get Status", "Get Version", "Get Health", "Get Config", "Get Configs", "Get Configs by type", "Get Configs by name", "Run script"},
+		},
+	}
+}
+
 func GetWorkflowTest() []byte { 
 	return []byte(`{"actions":[{"app_name":"Shuffle Tools","app_version":"1.2.0","description":"Set a value to be saved to your organization in Shuffle.","app_id":"b53109ec-2873-4076-9826-4e7f586dc714","errors":[],"id":"c93c2ce0-e42a-4d30-8a2e-e9adb7ee7cc4","is_valid":true,"isStartNode":true,"sharing":true,"label":"Change Me","public":true,"generated":false,"large_image":"","environment":"Shuffle","name":"set_cache_value","parameters":[{"description":"The key to set the value for","id":"","name":"key","example":"timestamp","value":"$onprem_dashboard_testing","multiline":false,"options":null,"action_field":"","variant":"STATIC_VALUE","required":true,"configuration":false,"tags":null,"schema":{"type":"string"},"skip_multicheck":false,"value_replace":null,"unique_toggled":false},{"description":"The value to set","id":"","name":"value","example":"1621959545","value":"192.168.2.3 https://google.com","multiline":true,"options":null,"action_field":"","variant":"STATIC_VALUE","required":true,"configuration":false,"tags":null,"schema":{"type":"string"},"skip_multicheck":false,"value_replace":null,"unique_toggled":false}],"execution_variable":{"description":"","id":"","name":"","value":""},"position":{"x":-142.20343154942202,"y":130.5567750670353},"authentication_id":"","category":"","reference_url":"","sub_action":false,"source_workflow":"","run_magic_output":false,"run_magic_input":false,"execution_delay":0,"category_label":null,"suggestion":false},{"app_name":"Shuffle Tools","app_version":"1.2.0","description":"Get a value saved to your organization in Shuffle","app_id":"b53109ec-2873-4076-9826-4e7f586dc714","errors":[],"id":"f8a44502-e350-4180-933c-f7c3d7e8460b","is_valid":true,"sharing":true,"label":"Shuffle_Tools_3","public":true,"generated":false,"large_image":"","environment":"Shuffle","name":"get_cache_value","parameters":[{"description":"The key to get","id":"","name":"key","example":"timestamp","value":"$onprem_dashboard_testing","multiline":false,"options":null,"action_field":"","variant":"STATIC_VALUE","required":true,"configuration":false,"tags":null,"schema":{"type":"string"},"skip_multicheck":false,"value_replace":null,"unique_toggled":false}],"execution_variable":{"description":"","id":"","name":"","value":""},"position":{"x":-133.57704208335156,"y":308.69403928684073},"authentication_id":"","category":"Other","reference_url":"","sub_action":false,"source_workflow":"","run_magic_output":false,"run_magic_input":false,"execution_delay":0,"category_label":null,"suggestion":false},{"app_name":"Shuffle Tools","app_version":"1.2.0","description":"Delete a value saved to your organization in Shuffle","app_id":"b53109ec-2873-4076-9826-4e7f586dc714","errors":[],"id":"240b5c73-72eb-4ff0-b177-1dbf5a3cb854","is_valid":true,"sharing":true,"label":"Shuffle_Tools_3_copy","public":true,"generated":false,"large_image":"","environment":"Shuffle","name":"delete_cache_value","parameters":[{"description":"The key to delete","id":"","name":"key","example":"timestamp","value":"$onprem_dashboard_testing","multiline":false,"options":null,"action_field":"","variant":"STATIC_VALUE","required":true,"configuration":false,"tags":null,"schema":{"type":"string"},"skip_multicheck":false,"value_replace":null,"unique_toggled":false}],"execution_variable":{"description":"","id":"","name":"","value":""},"position":{"x":-130.2282403427722,"y":480.74311435295436},"authentication_id":"","category":"Other","reference_url":"","sub_action":false,"source_workflow":"","run_magic_output":false,"run_magic_input":false,"execution_delay":0,"category_label":null,"suggestion":false}],"branches":[{"destination_id":"f8a44502-e350-4180-933c-f7c3d7e8460b","id":"73ed3768-a385-4e8d-a8f5-d7fba4f6ea7e","source_id":"c93c2ce0-e42a-4d30-8a2e-e9adb7ee7cc4","label":"","has_errors":false,"conditions":null,"decorator":false},{"destination_id":"240b5c73-72eb-4ff0-b177-1dbf5a3cb854","id":"34a30674-1325-41fd-90ab-f517cbeb6aa0","source_id":"f8a44502-e350-4180-933c-f7c3d7e8460b","label":"","has_errors":false,"conditions":null,"decorator":false}],"visual_branches":[],"triggers":[],"schedules":[],"comments":[],"configuration":{"exit_on_error":false,"start_from_top":false,"skip_notifications":false},"created":1692126563,"edited":1697725624,"last_runtime":0,"due_date":1697587200,"tags":["test"],"id":"1cd69f13-5f82-462c-b8e1-91a5fbac4746","is_valid":true,"name":"Workflow Testing","description":"Used for workflow testing in Shuffle Onprem","start":"c93c2ce0-e42a-4d30-8a2e-e9adb7ee7cc4","owner":"7cff070a-e888-4e27-a575-39769b6102c2","sharing":"private","image":"","execution_org":{"name":"default","id":"ba4d38b7-db3f-4908-9ccb-47ec03f2963e","users":[],"role":"","creator_org":"","image":"","child_orgs":null,"region_url":""},"org_id":"ba4d38b7-db3f-4908-9ccb-47ec03f2963e","workflow_variables":[{"description":"","id":"7e50be7e-e774-4f4b-ac44-34c5f786eb32","name":"onprem_dashboard_testing","value":"onprem_dashboard_testing"}],"execution_environment":"","previously_saved":true,"categories":{"siem":{"name":"","count":0,"id":"","description":"","large_image":""},"communication":{"name":"","count":0,"id":"","description":"","large_image":""},"assets":{"name":"","count":0,"id":"","description":"","large_image":""},"cases":{"name":"","count":0,"id":"","description":"","large_image":""},"network":{"name":"","count":0,"id":"","description":"","large_image":""},"intel":{"name":"","count":0,"id":"","description":"","large_image":""},"edr":{"name":"","count":0,"id":"","description":"","large_image":""},"iam":{"name":"","count":0,"id":"","description":"","large_image":""},"email":{"name":"","count":0,"id":"","description":"","large_image":""},"other":{"name":"","count":2,"id":"","description":"","large_image":""}},"example_argument":"","public":false,"default_return_value":"","contact_info":{"name":"","url":""},"published_id":"","revision_id":"","usecase_ids":["Email management"],"blogpost":"","video":"","status":"test","workflow_type":"standalone","generated":false,"hidden":false,"updated_by":"admin"}`)
 }

codegen.go

@@ -489,13 +489,11 @@ func MakePythoncode(swagger *openapi3.Swagger, name, url, method string, paramet
 
 			} else if swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.In == "query" {
 				// This might suck lol
-				//key := "?"
-				//if strings.Contains(url, "?") {
-				//	key = "&"
-				//}
+				//authenticationSetup = fmt.Sprintf("if apikey != \" \": params[\"%s\"] = requests.utils.quote(apikey)", swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name)
+
+				trimmedDescription := strings.Trim(swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description, " ")
 
-				//authenticationSetup = fmt.Sprintf("if apikey != \" \": url+=f\"%s%s={apikey}\"", key, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name)
-				authenticationSetup = fmt.Sprintf("if apikey != \" \": params[\"%s\"] = requests.utils.quote(apikey)", swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name)
+				authenticationSetup = fmt.Sprintf("if apikey != \" \":\n            if apikey.startswith(\"%s\"):\n                params[\"%s\"] = requests.utils.quote(apikey)\n            else:\n                apikey = apikey.replace(\"%s\", \"\", -1).strip()\n                params[\"%s\"] = requests.utils.quote(f\"%s{apikey}\")", trimmedDescription, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description)
 			}
 
 		} else if swagger.Components.SecuritySchemes["Oauth2"] != nil {
@@ -812,8 +810,8 @@ func MakePythoncode(swagger *openapi3.Swagger, name, url, method string, paramet
 		verifyWrapper,
 		extraHeaders,
 		extraQueries,
-		headerParserCode,
 		authenticationSetup,
+		headerParserCode,
 		queryData,
 		queryParserCode,
 		bodyFormatter,
@@ -866,12 +864,15 @@ func GetCustomActionCode(swagger *openapi3.Swagger, api WorkflowApp) string{
 				if len(swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description) > 0 {
 					trimmedDescription := strings.Trim(swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description, " ")
 
-					authenticationSetup = fmt.Sprintf("if apikey != \" \":\n    if apikey.startswith(\"%s\"):\n        parsed_headers[\"%s\"] = apikey\n    else:\n        apikey = apikey.replace(\"%s\", \"\", -1).strip()\n        parsed_headers[\"%s\"] = f\"%s{apikey}\"", trimmedDescription, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description)
+					authenticationSetup = fmt.Sprintf("if apikey != \" \":\n            if apikey.startswith(\"%s\"):\n                parsed_headers[\"%s\"] = apikey\n            else:\n                apikey = apikey.replace(\"%s\", \"\", -1).strip()\n                parsed_headers[\"%s\"] = f\"%s{apikey}\"", trimmedDescription, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description)
 				}
 
 			} else if swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.In == "query" {
 
-				authenticationSetup = fmt.Sprintf("if apikey != \" \": parsed_queries[\"%s\"] = requests.utils.quote(apikey)", swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name)
+				//authenticationSetup = fmt.Sprintf("if apikey != \" \": parsed_queries[\"%s\"] = requests.utils.quote(apikey)", swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name)
+				trimmedDescription := strings.Trim(swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description, " ")
+
+				authenticationSetup = fmt.Sprintf("if apikey != \" \":\n            if apikey.startswith(\"%s\"):\n                parsed_queries[\"%s\"] = requests.utils.quote(apikey)\n            else:\n                apikey = apikey.replace(\"%s\", \"\", -1).strip()\n                parsed_queries[\"%s\"] = requests.utils.quote(f\"%s{apikey}\")", trimmedDescription, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Name, swagger.Components.SecuritySchemes["ApiKeyAuth"].Value.Description)
 			}
 
 		} else if swagger.Components.SecuritySchemes["Oauth2"] != nil {
@@ -887,10 +888,15 @@ func GetCustomActionCode(swagger *openapi3.Swagger, api WorkflowApp) string{
 	}
 
 	pythonCode := fmt.Sprintf(`		
-    def fix_url(self, url):
+    def fix_url(self, url, path=False):
         if "hhttp" in url:
             url = url.replace("hhttp", "http")
 
+        if url.startswith("http//"): 
+            url = url.replace("http//", "http://")
+        if url.startswith("https//"): 
+            url = url.replace("https//", "https://")
+
         if "http:/" in url and not "http://" in url:
             url = url.replace("http:/", "http://", -1)
         if "https:/" in url and not "https://" in url:
@@ -899,7 +905,7 @@ func GetCustomActionCode(swagger *openapi3.Swagger, api WorkflowApp) string{
             url = url.replace("http:///", "http://", -1)
         if "https:///" in url:
             url = url.replace("https:///", "https://", -1)
-        if not "http://" in url and not "http" in url:
+        if not path and not "http://" in url and not "http" in url:
             url = f"http://{url}"
 
         return url
@@ -1000,19 +1006,20 @@ func GetCustomActionCode(swagger *openapi3.Swagger, api WorkflowApp) string{
                 pass
 
             parseddata = {
-				"status": request.status_code,
-				"body": jsondata,
-				"url": request.url,
-				"headers": parsedheaders,
-				"cookies":cookies,
-				"success": True,
-			}
+                "status": request.status_code,
+                "body": jsondata,
+                "url": request.url,
+                "headers": parsedheaders,
+                "cookies":cookies,
+                "success": True,
+            }
 
             return json.dumps(parseddata)
         except Exception as e:
             print(f"[WARNING] Failed in request: {e}")
             return request.text
 
+
     def custom_action(self%s, method="", url="", headers="", queries="", path="", ssl_verify=False, body=""):
         url = self.fix_url(url)
 
@@ -1022,15 +1029,35 @@ func GetCustomActionCode(swagger *openapi3.Swagger, api WorkflowApp) string{
             self.logger.error(e)
             return {"error": str(e)}
 
+        if not path:
+            path = "/"
+
+        path = self.fix_url(path, path=True)
+        if path and path.startswith(url):
+            path = path.replace(url, "", 1)
+
         if path and not path.startswith('/'):
             path = '/' + path
 
         url += path
 
-        parsed_headers = self.parse_headers(headers)
-        parsed_queries = self.parse_queries(queries)
+        parsed_headers = {}
+        parsed_queries = {}
 
         %s
+
+        # Allows overwriting of existing headers with custom input ones
+        additional_headers = self.parse_headers(headers)
+        try:
+            parsed_headers.update(additional_headers)
+        except Exception as e:
+            print(f"Header parse error: {e}")
+
+        additional_queries = self.parse_queries(queries)
+        try:
+            parsed_queries.update(additional_queries)
+        except Exception as e:
+            print(f"Query parse error: {e}")
         
         ssl_verify = self.checkverify(ssl_verify)