Created
February 7, 2019 12:57
-
-
Save monoxacc/130818c3dbe1fe360bef12eba5c74ace to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public byte[] buildRequest( | |
| Swagger swagger, Map.Entry<String, Path> path, Map.Entry<HttpMethod, Operation> operation | |
| ) { | |
| List<String> headers = buildHeaders(swagger, path, operation); | |
| byte[] httpMessage = this.burpExtensionHelpers.buildHttpMessage(headers, null); | |
| for (Parameter parameter : operation.getValue().getParameters()) { | |
| if (parameter.getIn().equals("query")) { // QUERY param | |
| QueryParameter qParam = (QueryParameter)parameter; | |
| String value = getDefaultValue(qParam.getType()); | |
| httpMessage = this.burpExtensionHelpers.addParameter(httpMessage, this.burpExtensionHelpers | |
| .buildParameter(qParam.getName(), value, IParameter.PARAM_URL)); | |
| } else if (parameter.getIn().equals("body")) { // BODY param | |
| Model schema = ((BodyParameter)parameter).getSchema(); | |
| if (schema != null) { | |
| if(schema instanceof RefModel) { | |
| RefModel refmodel = (RefModel)schema; | |
| ExampleGenerator gen = new ExampleGenerator(swagger.getDefinitions()); | |
| final List<String> expectedTypes = Arrays.asList(this.mimeTypeJSON?MIME_TYPE_JSON:MIME_TYPE_XML); | |
| List<Map<String,String>> generatedList = gen.generate(null, expectedTypes, refmodel.getSimpleRef()); | |
| if(generatedList.size()>0) { | |
| Map<String,String> map = generatedList.get(0); | |
| if (map.containsKey(EXAMPLE)) { | |
| String bodyParam = map.getOrDefault(EXAMPLE, "{}"); | |
| httpMessage = this.burpExtensionHelpers.addParameter(httpMessage, this.burpExtensionHelpers | |
| .buildParameter(bodyParam, "", IParameter.PARAM_BODY)); | |
| httpMessage = Arrays.copyOf(httpMessage, httpMessage.length-1); // remove '='(61) at the end | |
| } | |
| } | |
| } else if (schema instanceof ArrayModel) { | |
| ArrayModel arrModel = (ArrayModel)schema; | |
| ExampleGenerator gen = new ExampleGenerator(swagger.getDefinitions()); | |
| final List<String> expectedTypes = Arrays.asList(this.mimeTypeJSON?MIME_TYPE_JSON:MIME_TYPE_XML); | |
| Property prop = arrModel.getItems(); | |
| if (prop.getType() == "ref") { | |
| RefProperty refprop = (RefProperty)prop; | |
| List<Map<String,String>> generatedList = gen.generate(null, expectedTypes, refprop.getSimpleRef()); | |
| if(generatedList.size()>0) { | |
| Map<String,String> map = generatedList.get(0); | |
| if (map.containsKey(EXAMPLE)) { | |
| String bodyParam = map.getOrDefault(EXAMPLE, "{}"); | |
| httpMessage = this.burpExtensionHelpers.addParameter(httpMessage, this.burpExtensionHelpers | |
| .buildParameter(bodyParam, "", IParameter.PARAM_BODY)); | |
| httpMessage = Arrays.copyOf(httpMessage, httpMessage.length-1); // remove '='(61) at the end | |
| } | |
| } | |
| } else { | |
| this.stdErr.println(String.format("Not implemented array-prop type: %s", prop.getType())); | |
| } | |
| } else { | |
| this.stdErr.println(String.format("Not implemented schema type: %s", schema.getClass())); | |
| } | |
| } | |
| } | |
| } | |
| return httpMessage; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment