Package org.zaproxy.clientapi.core
Class ClientApi
java.lang.Object
org.zaproxy.clientapi.core.ClientApi
-
Field Summary
FieldsModifier and TypeFieldDescription -
Constructor Summary
ConstructorsConstructorDescriptionConstructs aClientApiwith the given ZAP address/port and with the given API key, to be sent with all API requests.Constructs aClientApiwith the given ZAP address/port and with the given API key, to be sent with all API requests. -
Method Summary
Modifier and TypeMethodDescriptionvoidvoidActive scans the given site, that's in scope.voidactiveScanSiteInScope(String apiKey, String url) Deprecated.voidaddExcludeFromContext(String apiKey, String contextName, String regex) Deprecated.(1.1.0) UseContext.excludeFromContext(String, String)instead.voidaddIncludeInContext(String apiKey, String contextName, String regex) Deprecated.(1.1.0) UseContext.includeInContext(String, String)instead.callApi(String requestMethod, String component, String type, String method, Map<String, String> params) byte[]callApiOther(String requestMethod, String component, String type, String method, Map<String, String> params) byte[]voidcheckAlerts(List<Alert> ignoreAlerts, List<Alert> requireAlerts) voidvoidincludeOneMatchingNodeInContext(String contextName, String regex) Includes just one of the nodes that match the given regular expression in the context with the given name.voidincludeOneMatchingNodeInContext(String apiKey, String contextName, String regex) Deprecated.(1.1.0) UseincludeOneMatchingNodeInContext(String, String)instead.voidsetDebugStream(PrintStream debugStream) voidwaitForSuccessfulConnectionToZap(int timeoutInSeconds) Convenience method to wait for ZAP to be ready to receive API calls, when started programmatically.voidwaitForSuccessfulConnectionToZap(int timeoutInSeconds, int pollingIntervalInMs) Convenience method to wait for ZAP to be ready to receive API calls, when started programmatically.
-
Field Details
-
accessControl
-
acsrf
-
ajaxSpider
-
alertFilter
-
alert
-
ascan
-
authentication
-
authorization
-
automation
-
autoupdate
-
brk
-
context
-
core
-
exim
-
exportreport
-
forcedUser
-
graphql
-
httpSessions
-
logImportFiles
-
importurls
-
localProxies
-
network
-
oast
-
openapi
-
params
-
pnh
-
pscan
-
replacer
-
reports
-
retest
-
reveal
-
revisit
-
ruleConfig
-
search
-
script
-
selenium
-
sessionManagement
-
soap
-
spider
-
stats
-
users
-
wappalyzer
-
websocket
-
-
Constructor Details
-
ClientApi
-
ClientApi
Constructs aClientApiwith the given ZAP address/port and with the given API key, to be sent with all API requests.- Parameters:
zapAddress- ZAP's addresszapPort- ZAP's listening portapiKey- the ZAP API key, might benullor empty in which case is not used/sent.- Since:
- 1.1.0
-
ClientApi
-
ClientApi
Constructs aClientApiwith the given ZAP address/port and with the given API key, to be sent with all API requests. Also, sets whether or not client API debug information should be written to thedebug stream(by default the standard output stream).- Parameters:
zapAddress- ZAP's addresszapPort- ZAP's listening portapiKey- the ZAP API key, might benullor empty in which case is not used/sent.debug-trueif debug information should be written to debug stream,falseotherwise.- Since:
- 1.1.0
-
-
Method Details
-
setDebugStream
-
accessUrl
- Throws:
ClientApiException
-
checkAlerts
public void checkAlerts(List<Alert> ignoreAlerts, List<Alert> requireAlerts) throws ClientApiException - Throws:
ClientApiException
-
checkAlerts
public void checkAlerts(List<Alert> ignoreAlerts, List<Alert> requireAlerts, File outputFile) throws ClientApiException - Throws:
ClientApiException
-
getAlerts
- Throws:
ClientApiException
-
callApi
public ApiResponse callApi(String component, String type, String method, Map<String, String> params) throws ClientApiException- Throws:
ClientApiException
-
callApi
public ApiResponse callApi(String requestMethod, String component, String type, String method, Map<String, String> params) throws ClientApiException- Throws:
ClientApiException
-
callApiOther
public byte[] callApiOther(String component, String type, String method, Map<String, String> params) throws ClientApiException- Throws:
ClientApiException
-
callApiOther
public byte[] callApiOther(String requestMethod, String component, String type, String method, Map<String, String> params) throws ClientApiException- Throws:
ClientApiException
-
callApiJson
public String callApiJson(String component, String type, String method, Map<String, String> params) throws ClientApiException- Throws:
ClientApiException
-
addExcludeFromContext
@Deprecated public void addExcludeFromContext(String apiKey, String contextName, String regex) throws Exception Deprecated.(1.1.0) UseContext.excludeFromContext(String, String)instead.Adds the given regular expression to the exclusion list of the given context. -
addIncludeInContext
@Deprecated public void addIncludeInContext(String apiKey, String contextName, String regex) throws Exception Deprecated.(1.1.0) UseContext.includeInContext(String, String)instead.Adds the given regular expression to the inclusion list of the given context. -
includeOneMatchingNodeInContext
@Deprecated public void includeOneMatchingNodeInContext(String apiKey, String contextName, String regex) throws Exception Deprecated.(1.1.0) UseincludeOneMatchingNodeInContext(String, String)instead.Includes just one of the nodes that match the given regular expression in the context with the given name.Nodes that do not match the regular expression are excluded.
- Parameters:
apiKey- the API key, might benull.contextName- the name of the context.regex- the regular expression to match the node/URL.- Throws:
Exception- if an error occurred while calling the API.
-
includeOneMatchingNodeInContext
Includes just one of the nodes that match the given regular expression in the context with the given name.Nodes that do not match the regular expression are excluded.
- Parameters:
contextName- the name of the context.regex- the regular expression to match the node/URL.- Throws:
Exception- if an error occurred while calling the API.
-
activeScanSiteInScope
Deprecated.(1.1.0) UseactiveScanSiteInScope(String)instead, the API key should be set using one of theClientApiconstructors.Active scans the given site, that's in scope.The method returns only after the scan has finished.
- Parameters:
apiKey- the API key, might benull.url- the site to scan- Throws:
Exception- if an error occurred while calling the API.
-
activeScanSiteInScope
Active scans the given site, that's in scope.The method returns only after the scan has finished.
- Parameters:
url- the site to scan- Throws:
Exception- if an error occurred while calling the API.- Since:
- 1.1.0
-
waitForSuccessfulConnectionToZap
Convenience method to wait for ZAP to be ready to receive API calls, when started programmatically.It attempts to establish a connection to ZAP's proxy, in the given time, throwing an exception if the connection is not successful. The connection attempts might be polled in one second interval.
- Parameters:
timeoutInSeconds- the (maximum) number of seconds to wait for ZAP to start- Throws:
ClientApiException- if the timeout was reached or if the thread was interrupted while waiting- See Also:
-
waitForSuccessfulConnectionToZap
public void waitForSuccessfulConnectionToZap(int timeoutInSeconds, int pollingIntervalInMs) throws ClientApiException Convenience method to wait for ZAP to be ready to receive API calls, when started programmatically.It attempts to establish a connection to ZAP's proxy, in the given time, throwing an exception if the connection is not successful. The connection attempts are done with the given polling interval.
- Parameters:
timeoutInSeconds- the (maximum) number of seconds to wait for ZAP to startpollingIntervalInMs- the interval, in milliseconds, for connection polling- Throws:
ClientApiException- if the timeout was reached or if the thread was interrupted while waiting.IllegalArgumentException- if the interval for connection polling is negative.- See Also:
-
activeScanSiteInScope(String)instead, the API key should be set using one of theClientApiconstructors.