Digital shadows 2.1.1 (#9)

* Updated the label, label which are present in config

* Added the release_notes for version 2.1.1

* Updated the minimum prodcut version from 5.3.5 to 6.1.1

* Updated minimum phantom version.

* Updating minimum product version to 5.5.0

* Updating minimum product version to 6.1.1

* standard dev checks

* updated certifi library

* standard dev changes

* minor changes

* use platform certifi library and minor standard checks

* added certifi

* removed certifi

* reverted min phantom version and added release notes

* updated release notes

---------

Co-authored-by: mishalp-crest <[email protected]>

.pre-commit-config.yaml

@@ -1,6 +1,6 @@
 repos:
 -   repo: https://github.com/phantomcyber/dev-cicd-tools
-    rev: v1.16
+    rev: v1.17
     hooks:
     -   id: org-hook
     -   id: package-app-dependencies

LICENSE

@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright (c) 2020-2023 Digital Shadows Ltd.
+   Copyright (c) 2020-2024 Digital Shadows Ltd.
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
@@ -198,4 +198,4 @@
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.

NOTICE

@@ -1,5 +1,5 @@
 Splunk SOAR Digital Shadows
-Copyright (c) 2020-2023 Digital Shadows Ltd.
+Copyright (c) 2020-2024 Digital Shadows Ltd.
 
 Third-party Software Attributions:
 
@@ -8,11 +8,6 @@ Version: 0.3.0
 License: ISC License
 Copyright (c) 2020-2023, Hunter WB <hunterwb.com>
 
-Library: certifi
-Version: 2021.5.30
-License: Mozilla 2.0
-Unspecified Copyright
-
 Library: httplib2
 Version: 0.20.4
 License: MIT

digital_shadows.json

@@ -4,8 +4,8 @@
     "description": "The Digital Shadows SearchLight App allows users to create flexible and dynamic playbooks that fully harness the capabilities provided by the Digital Shadows SearchLight API",
     "type": "information",
     "main_module": "digital_shadows_connector.py",
-    "app_version": "2.1.0",
-    "min_phantom_version": "5.3.5",
+    "app_version": "2.2.0",
+    "min_phantom_version": "6.1.1",
     "python_version": "3",
     "utctime_updated": "2022-01-07T21:19:10.000000Z",
     "product_vendor": "Digital Shadows",
@@ -15,7 +15,7 @@
     "package_name": "phantom_digital_shadows",
     "logo": "logo_digital_shadows.svg",
     "logo_dark": "logo_digital_shadows_dark.svg",
-    "license": "Copyright (c) 2020-2023 Digital Shadows Ltd.",
+    "license": "Copyright (c) 2020-2024 Digital Shadows Ltd.",
     "fips_compliant": false,
     "pip_dependencies": {
         "pypi": [
@@ -39,17 +39,13 @@
                 "module": "anyascii",
                 "input_file": "wheels/py3/anyascii-0.3.0-py3-none-any.whl"
             },
-            {
-                "module": "certifi",
-                "input_file": "wheels/py3/certifi-2022.12.7-py3-none-any.whl"
-            },
             {
                 "module": "httplib2",
                 "input_file": "wheels/py3/httplib2-0.20.4-py3-none-any.whl"
             },
             {
                 "module": "pyparsing",
-                "input_file": "wheels/py3/pyparsing-3.0.9-py3-none-any.whl"
+                "input_file": "wheels/py3/pyparsing-3.1.2-py3-none-any.whl"
             }
         ]
     },
@@ -1680,17 +1676,13 @@
                 "module": "anyascii",
                 "input_file": "wheels/py3/anyascii-0.3.0-py3-none-any.whl"
             },
-            {
-                "module": "certifi",
-                "input_file": "wheels/py3/certifi-2022.12.7-py3-none-any.whl"
-            },
             {
                 "module": "httplib2",
                 "input_file": "wheels/py3/httplib2-0.20.4-py3-none-any.whl"
             },
             {
                 "module": "pyparsing",
-                "input_file": "wheels/py3/pyparsing-3.0.9-py3-none-any.whl"
+                "input_file": "wheels/py3/pyparsing-3.1.2-py3-none-any.whl"
             }
         ]
     }

digital_shadows_connector.py

@@ -172,20 +172,71 @@ def handle_action(self, param):
 
 if __name__ == '__main__':
 
-    import sys
+    import argparse
+    from sys import exit
 
-    if len(sys.argv) < 2:
-        print("No test json specified as input")
-        sys.exit(0)
+    import pudb
+    import requests
 
-    with open(sys.argv[1]) as f:
+    pudb.set_trace()
+
+    argparser = argparse.ArgumentParser()
+
+    argparser.add_argument('input_test_json', help='Input Test JSON file')
+    argparser.add_argument('-u', '--username', help='username', required=False)
+    argparser.add_argument('-p', '--password', help='password', required=False)
+    argparser.add_argument('-v', '--verify', action='store_true', help='verify', required=False, default=False)
+
+    args = argparser.parse_args()
+    session_id = None
+
+    username = args.username
+    password = args.password
+    verify = args.verify
+
+    if username is not None and password is None:
+
+        # User specified a username but not a password, so ask
+        import getpass
+        password = getpass.getpass("Password: ")
+
+    if username and password:
+        try:
+            login_url = '{}/login'.format(DigitalShadowsConnector._get_phantom_base_url())
+
+            print("Accessing the Login page")
+            r = requests.get(login_url, verify=verify, timeout=30)
+            csrftoken = r.cookies['csrftoken']
+
+            data = dict()
+            data['username'] = username
+            data['password'] = password
+            data['csrfmiddlewaretoken'] = csrftoken
+
+            headers = dict()
+            headers['Cookie'] = 'csrftoken={}'.format(csrftoken)
+            headers['Referer'] = login_url
+
+            print("Logging into Platform to get the session id")
+            r2 = requests.post(login_url, verify=verify, data=data, headers=headers, timeout=30)
+            session_id = r2.cookies['sessionid']
+        except Exception as e:
+            print("Unable to get session id from the platform. Error: {}".format(str(e)))
+            exit(1)
+
+    with open(args.input_test_json) as f:
         in_json = f.read()
         in_json = json.loads(in_json)
         print(json.dumps(in_json, indent=4))
 
         connector = DigitalShadowsConnector()
         connector.print_progress_message = True
+
+        if session_id is not None:
+            in_json['user_session_token'] = session_id
+            connector._set_csrf_info(csrftoken, headers['Referer'])
+
         ret_val = connector._handle_action(json.dumps(in_json), None)
         print(json.dumps(json.loads(ret_val), indent=4))
 
-    sys.exit(0)
+    exit(0)

ds_on_poll_connector.py

@@ -296,7 +296,7 @@ def _prepare_intel_incident_artifact(self, container_id, container_severity, int
         now = datetime.now()
         artifact = dict()
         artifact['container_id'] = container_id
-        artifact['label'] = ' '
+        artifact['label'] = self._container_label
         artifact['name'] = 'Intelligence Incident details'
         artifact['description'] = 'Details provided by Digital Shadows'
         artifact['severity'] = container_severity
@@ -396,7 +396,7 @@ def _prepare_incident_artifact(self, container_id, container_severity, incident)
         now = datetime.now()
         artifact = dict()
         artifact['container_id'] = container_id
-        artifact['label'] = ' '
+        artifact['label'] = self._container_label
         artifact['name'] = 'Incident details'
         artifact['description'] = 'Details provided by Digital Shadows'
         artifact['severity'] = container_severity

release_notes/unreleased.md

@@ -1 +1,3 @@
 **Unreleased**
+* Updated 'on poll' action to add container's label
+* Updated certifi dependencies in order to use platform packages

requirements.txt

@@ -1,3 +1,2 @@
 anyascii==0.3.0
-certifi==2022.12.7
 httplib2==0.20.4