risk_issues.py

risk_issues.py

# Python 3.6+
# pip(3) install requests
import requests

# Standard headers
HEADERS_AUTH = {"Content-Type": "application/x-www-form-urlencoded"}
HEADERS = {"Content-Type": "application/json"}

client_id = "SERVICE_ACCOUNT_CLIENT_ID"
client_secret = "SERVICE_ACCOUNT_CLIENT_SECRET"

# Uncomment the following section to define the proxies in your environment,
#   if necessary:
# http_proxy  = "http://"+user+":"+passw+"@x.x.x.x:abcd"
# https_proxy = "https://"+user+":"+passw+"@y.y.y.y:abcd"
# proxyDict = {
#     "http"  : http_proxy,
#     "https" : https_proxy
# }

# The GraphQL query that defines which data you wish to fetch.
query = ("""
    query IssuesTrendCard($filterBy: IssueFilters, $type: IssueTrendType, $startDate: DateTime!, $endDate: DateTime!, $interval: TimeInterval) {
      issuesTrend(
        filterBy: $filterBy
        type: $type
        startDate: $startDate
        endDate: $endDate
        interval: $interval
      ) {
        type
        total
        dataPoints {
          count
          time
        }
      }
    }
""")

# The variables sent along with the above query
variables = {
  "filterBy": {
    "relatedEntity": {},
    "riskEqualsAll": [
      "wct-id-6"
    ]
  },
  "type": "OPEN",
  "interval": "DAY",
  "startDate": "2023-03-26T04:00:00.000Z",
  "endDate": "2023-04-26T03:59:59.999Z"
}


def query_wiz_api(query, variables):
    """Query WIZ API for the given query data schema"""
    data = {"variables": variables, "query": query}

    try:
        # Uncomment the next first line and comment the line after that
        # to run behind proxies
        # result = requests.post(url="https://api.us8.app.wiz.io/graphql",
        #                        json=data, headers=HEADERS, proxies=proxyDict)
        result = requests.post(url="https://api.us8.app.wiz.io/graphql",
                               json=data, headers=HEADERS)

    except Exception as e:
        if ('502: Bad Gateway' not in str(e) and
                '503: Service Unavailable' not in str(e) and
                '504: Gateway Timeout' not in str(e)):
            print("<p>Wiz-API-Error: %s</p>" % str(e))
            return(e)
        else:
            print("Retry")

    return result.json()


def request_wiz_api_token(client_id, client_secret):
    """Retrieve an OAuth access token to be used against Wiz API"""
    auth_payload = {
      'grant_type': 'client_credentials',
      'audience': 'beyond-api',
      'client_id': client_id,
      'client_secret': client_secret
    }
    # Uncomment the next first line and comment the line after that
    # to run behind proxies
    # response = requests.post(url="https://auth.wiz.io/oauth/token",
    #                         headers=HEADERS_AUTH, data=auth_payload,
    #                         proxies=proxyDict)
    response = requests.post(url="https://auth.wiz.io/oauth/token",
                             headers=HEADERS_AUTH, data=auth_payload)

    if response.status_code != requests.codes.ok:
        raise Exception('Error authenticating to Wiz [%d] - %s' %
                        (response.status_code, response.text))

    try:
        response_json = response.json()
        TOKEN = response_json.get('access_token')
        if not TOKEN:
            message = 'Could not retrieve token from Wiz: {}'.format(
                    response_json.get("message"))
            raise Exception(message)
    except ValueError as exception:
        print(exception)
        raise Exception('Could not parse API response')
    HEADERS["Authorization"] = "Bearer " + TOKEN

    return TOKEN


def main():

    print("Getting token.")
    request_wiz_api_token(client_id, client_secret)

    result = query_wiz_api(query, variables)
    print(result)  # your data is here!




if __name__ == '__main__':
    main()