Class: Contrast::Agent::RequestContext

Inherits:

Object

• Object
• Contrast::Agent::RequestContext

Includes:

RequestContextExtend, Components::Logger::InstanceMethods, Components::Scope::InstanceMethods, Utils::RequestUtils

Defined in:

lib/contrast/agent/request/request_context.rb

Overview

This class acts to encapsulate information about the currently executed request, making it available to the Agent for the duration of the request in a standardized and normalized format which the Agent understands.

Constant Summary

INPUT_ANALYSIS =

Contrast::Agent::Reporting::InputAnalysis.new

Constants included from Utils::CEFLogUtils

Utils::CEFLogUtils::AGENT_VERSION, Utils::CEFLogUtils::DATE_TIME_FORMAT, Utils::CEFLogUtils::DEFAULT_CEF_NAME, Utils::CEFLogUtils::DEFAULT_LEVEL, Utils::CEFLogUtils::DEFAULT_METADATA, Utils::CEFLogUtils::EVENT_TYPE, Utils::CEFLogUtils::PROGNAME, Utils::CEFLogUtils::VALID_LEVELS

Constants included from Utils::LogUtils

Utils::LogUtils::DATE_TIME_FORMAT, Utils::LogUtils::DEFAULT_LEVEL, Utils::LogUtils::DEFAULT_NAME, Utils::LogUtils::PROGNAME, Utils::LogUtils::STDERR_STR, Utils::LogUtils::STDOUT_STR, Utils::LogUtils::VALID_LEVELS

Constants included from Utils::RequestUtils

Utils::RequestUtils::END_PATTERN, Utils::RequestUtils::HASH_PATTERN, Utils::RequestUtils::ID_, Utils::RequestUtils::MEDIA_TYPE_MARKERS, Utils::RequestUtils::NUM_, Utils::RequestUtils::NUM_PATTERN, Utils::RequestUtils::STATIC_SUFFIXES, Utils::RequestUtils::UUID_PATTERN, Utils::RequestUtils::WIN_PATTERN

Instance Attribute Summary

• #activity ⇒ Contrast::Agent::Reporting:ApplicationActivity readonly

  The application activity found in this request.

• #agent_input_analysis ⇒ Contrast::Agent::Reporting::InputAnalysis readonly
• #discovered_route ⇒ Contrast::Agent::Reporting::RouteDiscovery readonly

  The route, used for findings, of this request.

• #logging_hash ⇒ Hash readonly

  Context used to log the request.

• #observed_route ⇒ Contrast::Agent::Reporting::ObservedRoute readonly

  The route, used for coverage, of this request.

• #propagation_event_count ⇒ Object

  Returns the value of attribute propagation_event_count.

• #reported_findings ⇒ Array<String> readonly

  The hash of findings already reported fro this request.

• #request ⇒ Contrast::Agent::Request readonly

  Our wrapper around the Rack::Request for this context.

• #response ⇒ Contrast::Agent::Response readonly

  Our wrapper around the Rack::Response or Array for this context, only available after the application has finished its processing.

• #source_event_count ⇒ Object

  Returns the value of attribute source_event_count.

• #timer ⇒ Contrast::Utils::Timer readonly

  When the context was created.

Instance Method Summary

• #add_property(key, value) ⇒ Object
• #analyze_req_res_assess? ⇒ Boolean
• #analyze_req_res_protect? ⇒ Boolean
• #analyze_request? ⇒ Boolean
• #analyze_request_assess? ⇒ Boolean
• #analyze_response? ⇒ Boolean
• #analyze_response_assess? ⇒ Boolean
• #app_loaded? ⇒ Boolean
• #get_property(key) ⇒ Object
• #initialize(rack_request, app_loaded: true) ⇒ RequestContext constructor

  A new instance of RequestContext.

• #reset_activity ⇒ Object

Methods included from RequestContextExtend

#append_to_observed_route, #extract_after, #protect_input_analysis, #protect_postfilter_ia

Methods included from Components::Logger::InstanceMethods

#cef_logger, #logger

Methods included from Utils::LogUtils

#write_permission?

Methods included from Utils::RequestUtils

#normalize_params, #read_body, #traverse_parsed_multipart

Methods included from Components::Scope::InstanceMethods

#contrast_enter_method_scopes!, #contrast_exit_method_scopes!, #with_app_scope, #with_contrast_scope, #with_deserialization_scope, #with_split_scope

Constructor Details

#initialize(rack_request, app_loaded: true) ⇒ RequestContext

Returns a new instance of RequestContext.

# File 'lib/contrast/agent/request/request_context.rb', line 50

def initialize rack_request, app_loaded: true
  with_contrast_scope do
    # all requests get a timer and hash
    @timer = Contrast::Utils::Timer.new
    @logging_hash = { request_id: __id__ }

    # instantiate helper for request and response
    @request = Contrast::Agent::Request.new(rack_request) if rack_request
    @activity = Contrast::Agent::Reporting::ApplicationActivity.new

    # build analyzer
    @do_not_track = false
    @agent_input_analysis = INPUT_ANALYSIS
    agent_input_analysis.request = request

    # flag to indicate whether the app is fully loaded
    @app_loaded = !!app_loaded

    # generic holder for properties that can be set throughout this request
    @_properties = {}

    # count of propagation events
    @propagation_event_count = 0

    # count of source events
    @source_event_count = 0

    if ::Contrast::ASSESS.enabled?
      @sample_req, @sample_res = Contrast::Utils::Assess::SamplingUtil.instance.sample?(@request)
    end

    @reported_findings = []

    handle_routes
  end
end

Instance Attribute Details

#activity ⇒ Contrast::Agent::Reporting:ApplicationActivity (readonly)

Returns the application activity found in this request.

Returns:

• (Contrast::Agent::Reporting:ApplicationActivity) —

  the application activity found in this request

# File 'lib/contrast/agent/request/request_context.rb', line 29

def activity
  @activity
end

#agent_input_analysis ⇒ Contrast::Agent::Reporting::InputAnalysis (readonly)

Returns:

• (Contrast::Agent::Reporting::InputAnalysis)

# File 'lib/contrast/agent/request/request_context.rb', line 42

def agent_input_analysis
  @agent_input_analysis
end

#discovered_route ⇒ Contrast::Agent::Reporting::RouteDiscovery (readonly)

Returns the route, used for findings, of this request.

Returns:

• (Contrast::Agent::Reporting::RouteDiscovery) —

  the route, used for findings, of this request

# File 'lib/contrast/agent/request/request_context.rb', line 40

def discovered_route
  @discovered_route
end

#logging_hash ⇒ Hash (readonly)

Returns context used to log the request.

Returns:

• (Hash) —

  context used to log the request

# File 'lib/contrast/agent/request/request_context.rb', line 31

def logging_hash
  @logging_hash
end

#observed_route ⇒ Contrast::Agent::Reporting::ObservedRoute (readonly)

Returns the route, used for coverage, of this request.

Returns:

• (Contrast::Agent::Reporting::ObservedRoute) —

  the route, used for coverage, of this request

# File 'lib/contrast/agent/request/request_context.rb', line 33

def observed_route
  @observed_route
end

#propagation_event_count ⇒ Object

Returns the value of attribute propagation_event_count.

# File 'lib/contrast/agent/request/request_context.rb', line 48

def propagation_event_count
  @propagation_event_count
end

#reported_findings ⇒ Array<String> (readonly)

Returns the hash of findings already reported fro this request.

Returns:

• (Array<String>) —

  the hash of findings already reported fro this request

# File 'lib/contrast/agent/request/request_context.rb', line 44

def reported_findings
  @reported_findings
end

#request ⇒ Contrast::Agent::Request (readonly)

Returns our wrapper around the Rack::Request for this context.

Returns:

• (Contrast::Agent::Request) —

  our wrapper around the Rack::Request for this context

# File 'lib/contrast/agent/request/request_context.rb', line 35

def request
  @request
end

#response ⇒ Contrast::Agent::Response (readonly)

Returns our wrapper around the Rack::Response or Array for this context, only available after the application has finished its processing.

Returns:

• (Contrast::Agent::Response) —

  our wrapper around the Rack::Response or Array for this context, only available after the application has finished its processing

# File 'lib/contrast/agent/request/request_context.rb', line 38

def response
  @response
end

#source_event_count ⇒ Object

Returns the value of attribute source_event_count.

# File 'lib/contrast/agent/request/request_context.rb', line 48

def source_event_count
  @source_event_count
end

#timer ⇒ Contrast::Utils::Timer (readonly)

Returns when the context was created.

Returns:

• (Contrast::Utils::Timer) —

  when the context was created

# File 'lib/contrast/agent/request/request_context.rb', line 46

def timer
  @timer
end

Instance Method Details

#add_property(key, value) ⇒ Object

# File 'lib/contrast/agent/request/request_context.rb', line 119

def add_property key, value
  @_properties[key] = value
end

#analyze_req_res_assess? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/agent/request/request_context.rb', line 115

def analyze_req_res_assess?
  ::Contrast::ASSESS.enabled?
end

#analyze_req_res_protect? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/agent/request/request_context.rb', line 99

def analyze_req_res_protect?
  ::Contrast::PROTECT.enabled?
end

#analyze_request? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/agent/request/request_context.rb', line 91

def analyze_request?
  analyze_request_assess? || analyze_req_res_protect?
end

#analyze_request_assess? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/agent/request/request_context.rb', line 103

def analyze_request_assess?
  return false unless analyze_req_res_assess?

  @sample_req
end

#analyze_response? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/agent/request/request_context.rb', line 95

def analyze_response?
  analyze_response_assess? || analyze_req_res_protect?
end

#analyze_response_assess? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/agent/request/request_context.rb', line 109

def analyze_response_assess?
  return false unless analyze_req_res_assess?

  @sample_res &&= ::Contrast::ASSESS.scan_response?
end

#app_loaded? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/agent/request/request_context.rb', line 87

def app_loaded?
  @app_loaded
end

#get_property(key) ⇒ Object

# File 'lib/contrast/agent/request/request_context.rb', line 123

def get_property key
  @_properties[key]
end

#reset_activity ⇒ Object

# File 'lib/contrast/agent/request/request_context.rb', line 127

def reset_activity
  @activity = Contrast::Agent::Reporting::ApplicationActivity.new
  @observed_route = Contrast::Agent::Reporting::ObservedRoute.new
end