Class: Falcon::ApiClient

Inherits:

Object

• Object
• Falcon::ApiClient

Defined in:

lib/crimson-falcon/api_client.rb

Overview

The ‘Falcon::ApiClient` class provides a Ruby client for the CrowdStrike Falcon API. It uses the `Typhoeus` HTTP library to send HTTP requests to the API and returns the response as a Ruby object. The `Falcon::ApiClient` class provides methods for making requests to various endpoints of the API, such as retrieving detections, hosts, and incidents. It also handles authentication by obtaining an access token from the CrowdStrike OAuth2 API and including it in the HTTP requests. This file is a key component of the CrowdStrike API client and is used to interact with the CrowdStrike Falcon platform programmatically.

Instance Attribute Summary

• #config ⇒ Object

  The Configuration object holding settings to be used in the API client.

• #default_headers ⇒ Hash

  Defines the headers to be used in HTTP requests of all API calls by default.

Class Method Summary

• .default ⇒ Object

Instance Method Summary

• #build_collection_param(param, collection_format) ⇒ Object

  Build parameter value according to the given collection format.

• #build_request(http_method, path, opts = {}) ⇒ Typhoeus::Request

  Builds the HTTP request.

• #build_request_body(header_params, form_params, body) ⇒ String

  Builds the HTTP request body.

• #build_request_url(path, opts = {}) ⇒ Object
• #call_api(http_method, path, opts = {}) ⇒ Array<(Object, Integer, Hash)>

  Call an API with given options.

• #convert_to_type(data, return_type) ⇒ Mixed

  Convert data to the given return type.

• #deserialize(response, return_type) ⇒ Object

  Deserialize the response to the given return type.

• #download_file(request) ⇒ Object

  Save response body into a file in (the defined) temporary folder, using the filename from the “Content-Disposition” header if provided, otherwise a random filename.

• #initialize(config = Configuration.default) ⇒ ApiClient constructor

  Initializes the ApiClient.

• #json_mime?(mime) ⇒ Boolean

  Check if the given MIME is a JSON MIME.

• #object_to_hash(obj) ⇒ String

  Convert object(non-array) to hash.

• #object_to_http_body(model) ⇒ String

  Convert object (array, hash, object, etc) to JSON string.

• #sanitize_filename(filename) ⇒ String

  Sanitize filename by removing path.

• #select_header_accept(accepts) ⇒ String

  Return Accept header based on an array of accepts provided.

• #select_header_content_type(content_types) ⇒ String

  Return Content-Type header based on an array of content types provided.

• #update_params_for_auth!(header_params, query_params, auth_names) ⇒ Object

  Update header and query params based on authentication settings.

• #user_agent=(user_agent) ⇒ Object

  Sets user agent in HTTP header.

Constructor Details

#initialize(config = Configuration.default) ⇒ ApiClient

Initializes the ApiClient

Parameters:

• config (Hash) (defaults to: Configuration.default) —

  a customizable set of options

Options Hash (config):

• Configuration (Configuration) —

  for initializing the object, default to Configuration.default

# File 'lib/crimson-falcon/api_client.rb', line 56

def initialize(config = Configuration.default)
  # Default user agent string
  @USER_AGENT = "crowdstrike-crimson/#{VERSION}"
  @config = config
  @user_agent = @config.user_agent_override ? "#{@config.user_agent_override} #{@USER_AGENT}" : @USER_AGENT
  @default_headers = {
    "Content-Type" => "application/json",
    "User-Agent" => @user_agent,
  }
  @access_token_expiration = nil
  @config.access_token = get_access_token if @config.access_token.nil?
end

Instance Attribute Details

#config ⇒ Object

The Configuration object holding settings to be used in the API client.

# File 'lib/crimson-falcon/api_client.rb', line 47

def config
  @config
end

#default_headers ⇒ Hash

Defines the headers to be used in HTTP requests of all API calls by default.

Returns:

• (Hash)

# File 'lib/crimson-falcon/api_client.rb', line 52

def default_headers
  @default_headers
end

Class Method Details

.default ⇒ Object

# File 'lib/crimson-falcon/api_client.rb', line 69

def self.default
  @@default ||= ApiClient.new
end

Instance Method Details

#build_collection_param(param, collection_format) ⇒ Object

Build parameter value according to the given collection format.

Parameters:

• collection_format (String) —

  one of :csv, :ssv, :tsv, :pipes and :multi

# File 'lib/crimson-falcon/api_client.rb', line 535

def build_collection_param(param, collection_format)
  case collection_format
  when :csv
    param.join(",")
  when :ssv
    param.join(" ")
  when :tsv
    param.join("\t")
  when :pipes
    param.join("|")
  when :multi
    # return the array directly as typhoeus will handle it as expected
    param
  else
    fail "unknown collection format: #{collection_format.inspect}"
  end
end

#build_request(http_method, path, opts = {}) ⇒ Typhoeus::Request

Builds the HTTP request

Parameters:

• http_method (String) —

  HTTP method/verb (e.g. POST)

• path (String) —

  URL path (e.g. /account/new)

• opts (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (opts):

• :header_params (Hash) —

  Header parameters

• :query_params (Hash) —

  Query parameters

• :form_params (Hash) —

  Query parameters

• :body (Object) —

  HTTP body (JSON/XML)

Returns:

• (Typhoeus::Request) —

  A Typhoeus Request

# File 'lib/crimson-falcon/api_client.rb', line 238

def build_request(http_method, path, opts = {})
  url = build_request_url(path, opts)
  http_method = http_method.to_sym.downcase

  header_params = @default_headers.merge(opts[:header_params] || {})
  query_params = opts[:query_params] || {}
  form_params = opts[:form_params] || {}
  follow_location = opts[:followlocation] || false

  update_params_for_auth! header_params, query_params, opts[:auth_names]

  # set ssl_verifyhosts option based on @config.verify_ssl_host (true/false)
  _verify_ssl_host = @config.verify_ssl_host ? 2 : 0

  req_opts = {
    :method => http_method,
    :headers => header_params,
    :params => query_params,
    :params_encoding => @config.params_encoding,
    :timeout => @config.timeout,
    :ssl_verifypeer => @config.verify_ssl,
    :ssl_verifyhost => _verify_ssl_host,
    :sslcert => @config.cert_file,
    :sslkey => @config.key_file,
    :verbose => @config.debugging,
    :followlocation => follow_location,
  }

  # set custom cert, if provided
  req_opts[:cainfo] = @config.ssl_ca_cert if @config.ssl_ca_cert

  if [:post, :patch, :put, :delete].include?(http_method)
    req_body = build_request_body(header_params, form_params, opts[:body])
    req_opts.update :body => req_body
    if @config.debugging
      @config.logger.debug "HTTP request body param ~BEGIN~\n#{req_body}\n~END~\n"
    end
  end

  p req_opts if @config.debugging
  puts url if @config.debugging
  request = Typhoeus::Request.new(url, req_opts)
  download_file(request) if opts[:return_type] == "File"
  request
end

#build_request_body(header_params, form_params, body) ⇒ String

Builds the HTTP request body

Parameters:

• header_params (Hash) —

  Header parameters

• form_params (Hash) —

  Query parameters

• body (Object) —

  HTTP body (JSON/XML)

Returns:

• (String) —

  HTTP body data in the form of string

# File 'lib/crimson-falcon/api_client.rb', line 290

def build_request_body(header_params, form_params, body)
  # http form
  if header_params["Content-Type"] == "application/x-www-form-urlencoded" ||
     header_params["Content-Type"] == "multipart/form-data"
    data = {}
    form_params.each do |key, value|
      case value
      when ::File, ::Array, nil
        # let typhoeus handle File, Array and nil parameters
        data[key] = value
      else
        data[key] = value.to_s
      end
    end
  elsif body
    data = body.is_a?(String) ? body : body.to_json
  else
    data = nil
  end
  data
end

#build_request_url(path, opts = {}) ⇒ Object

# File 'lib/crimson-falcon/api_client.rb', line 456

def build_request_url(path, opts = {})
  # Add leading and trailing slashes to path
  path = "/#{path}".gsub(/\/+/, "/")
  @config.base_url + path
end

#call_api(http_method, path, opts = {}) ⇒ Array<(Object, Integer, Hash)>

Call an API with given options.

Returns:

• (Array<(Object, Integer, Hash)>) —

  an array of 3 elements: the data deserialized from response body (could be nil), response status code and response headers.

# File 'lib/crimson-falcon/api_client.rb', line 77

def call_api(http_method, path, opts = {})
  # Debug access_token expiration
  @config.logger.debug "Access token expired. Initiating refresh..." if access_token_expired?
  @config.access_token = get_access_token if @config.access_token.nil? || access_token_expired?
  request = build_request(http_method, path, opts)
  response = request.run

  # Print the response body (for debugging purposes)
  print_response_body(response) if @config.debugging

  # Raise an error if the response is not successful
  raise_error(response)

  # Deserialize the response if a return type is specified
  data = deserialize(response, opts[:return_type]) if opts[:return_type]

  return data, response.code, response.headers
end

#convert_to_type(data, return_type) ⇒ Mixed

Convert data to the given return type.

Parameters:

• data (Object) —

  Data to be converted

• return_type (String) —

  Return type

Returns:

• (Mixed) —

  Data in a particular type

# File 'lib/crimson-falcon/api_client.rb', line 410

def convert_to_type(data, return_type)
  return nil if data.nil?
  case return_type
  when "String"
    data.to_s
  when "Integer"
    data.to_i
  when "Float"
    data.to_f
  when "Boolean"
    data == true
  when "Time"
    # parse date time (expecting ISO 8601 format)
    Time.parse data
  when "Date"
    # parse date time (expecting ISO 8601 format)
    Date.parse data
  when "Object"
    # generic object (usually a Hash), return directly
    data
  when /\AArray<(.+)>\z/
    # e.g. Array<Pet>
    sub_type = $1
    data.map { |item| convert_to_type(item, sub_type) }
  when /\AHash\<String, (.+)\>\z/
    # e.g. Hash<String, Integer>
    sub_type = $1
    {}.tap do |hash|
      data.each { |k, v| hash[k] = convert_to_type(v, sub_type) }
    end
  else
    # models (e.g. Pet) or oneOf
    klass = Falcon.const_get(return_type)
    klass.respond_to?(:openapi_one_of) ? klass.build(data) : klass.build_from_hash(data)
  end
end

#deserialize(response, return_type) ⇒ Object

Deserialize the response to the given return type.

Parameters:

• response (Response) —

  HTTP response

• return_type (String) —

  some examples: “User”, “Array<User>”, “Hash<String, Integer>”

# File 'lib/crimson-falcon/api_client.rb', line 374

def deserialize(response, return_type)
  body = response.body

  # handle file downloading - return the File instance processed in request callbacks
  # note that response body is empty when the file is written in chunks in request on_body callback
  return @tempfile if return_type == "File"

  return nil if body.nil? || body.empty?

  # return response body directly for String return type
  return body if return_type == "String"

  # ensuring a default content type
  content_type = response.headers["Content-Type"] || "application/json"

  return body if content_type.start_with?("text/")

  fail "Content-Type is not supported: #{content_type}" unless json_mime?(content_type)

  begin
    data = JSON.parse("[#{body}]", :symbolize_names => true)[0]
  rescue JSON::ParserError => e
    if %w(String Date Time).include?(return_type)
      data = body
    else
      raise e
    end
  end

  convert_to_type data, return_type
end

#download_file(request) ⇒ Object

Save response body into a file in (the defined) temporary folder, using the filename from the “Content-Disposition” header if provided, otherwise a random filename. The response body is written to the file in chunks in order to handle files which size is larger than maximum Ruby String or even larger than the maximum memory a Ruby process can use.

See Also:

• Configuration#temp_folder_path

# File 'lib/crimson-falcon/api_client.rb', line 319

def download_file(request)
  tempfile = nil
  encoding = nil
  request.on_headers do |response|
    content_disposition = response.headers["Content-Disposition"]
    if content_disposition && content_disposition =~ /filename=/i
      filename = content_disposition[/filename=['"]?([^'"\s]+)['"]?/, 1]
      prefix = sanitize_filename(filename)
    else
      prefix = "download-"
    end
    prefix = prefix + "-" unless prefix.end_with?("-")
    encoding = response.body.encoding
    tempfile = Tempfile.open(prefix, @config.temp_folder_path, encoding: encoding)
    @tempfile = tempfile
  end
  request.on_body do |chunk|
    chunk.force_encoding(encoding)
    tempfile.write(chunk)
  end
  request.on_complete do |response|
    if tempfile
      tempfile.close
      @config.logger.info "Temp file written to #{tempfile.path}, please copy the file to a proper folder " \
                          "with e.g. `FileUtils.cp(tempfile.path, '/new/file/path')` otherwise the temp file " \
                          "will be deleted automatically with GC. It's also recommended to delete the temp file " \
                          "explicitly with `tempfile.delete`"
    end
  end
end

#json_mime?(mime) ⇒ Boolean

Check if the given MIME is a JSON MIME. JSON MIME examples:

application/json
application/json; charset=UTF8
APPLICATION/JSON
*/*

Parameters:

• mime (String) —

  MIME

Returns:

• (Boolean) —

  True if the MIME is application/json

# File 'lib/crimson-falcon/api_client.rb', line 358

def json_mime?(mime)
  mime = mime.downcase
  return true if mime == '*/*'

  mime_type, subtype = mime.split('/')
  return false unless mime_type == 'application'

  subtype_main = subtype.split(';').first
  subtype_main == 'json' || subtype_main == 'jsonp'
end

#object_to_hash(obj) ⇒ String

Convert object(non-array) to hash.

Parameters:

• obj (Object) —

  object to be converted into JSON string

Returns:

• (String) —

  JSON string representation of the object

# File 'lib/crimson-falcon/api_client.rb', line 525

def object_to_hash(obj)
  if obj.respond_to?(:to_hash)
    obj.to_hash
  else
    obj
  end
end

#object_to_http_body(model) ⇒ String

Convert object (array, hash, object, etc) to JSON string.

Parameters:

• model (Object) —

  object to be converted into JSON string

Returns:

• (String) —

  JSON string representation of the object

# File 'lib/crimson-falcon/api_client.rb', line 511

def object_to_http_body(model)
  return model if model.nil? || model.is_a?(String)
  local_body = nil
  if model.is_a?(Array)
    local_body = model.map { |m| object_to_hash(m) }
  else
    local_body = object_to_hash(model)
  end
  local_body.to_json
end

#sanitize_filename(filename) ⇒ String

Sanitize filename by removing path. e.g. ../../sun.gif becomes sun.gif

Parameters:

• filename (String) —

  the filename to be sanitized

Returns:

• (String) —

  the sanitized filename

# File 'lib/crimson-falcon/api_client.rb', line 452

def sanitize_filename(filename)
  File.basename(filename.gsub("\\", "/")) unless filename.nil?
end

#select_header_accept(accepts) ⇒ String

Return Accept header based on an array of accepts provided.

Parameters:

• accepts (Array) —

  array for Accept

Returns:

• (String) —

  the Accept header (e.g. application/json)

# File 'lib/crimson-falcon/api_client.rb', line 490

def select_header_accept(accepts)
  return nil if accepts.nil? || accepts.empty?
  # use JSON when present, otherwise use all of the provided
  json_accept = accepts.find { |s| json_mime?(s) }
  json_accept || accepts.join(",")
end

#select_header_content_type(content_types) ⇒ String

Return Content-Type header based on an array of content types provided.

Parameters:

• content_types (Array) —

  array for Content-Type

Returns:

• (String) —

  the Content-Type header (e.g. application/json)

# File 'lib/crimson-falcon/api_client.rb', line 500

def select_header_content_type(content_types)
  # return nil by default
  return if content_types.nil? || content_types.empty?
  # use JSON when present, otherwise use the first one
  json_content_type = content_types.find { |s| json_mime?(s) }
  json_content_type || content_types.first
end

#update_params_for_auth!(header_params, query_params, auth_names) ⇒ Object

Update header and query params based on authentication settings.

Parameters:

• header_params (Hash) —

  Header parameters

• query_params (Hash) —

  Query parameters

• auth_names (String) —

  Authentication scheme name

# File 'lib/crimson-falcon/api_client.rb', line 467

def update_params_for_auth!(header_params, query_params, auth_names)
  Array(auth_names).each do |auth_name|
    auth_setting = @config.auth_settings[auth_name]
    next unless auth_setting
    case auth_setting[:in]
    when "header" then header_params[auth_setting[:key]] = auth_setting[:value]
    when "query" then query_params[auth_setting[:key]] = auth_setting[:value]
    else fail ArgumentError, "Authentication token must be in `query` or `header`"
    end
  end
end

#user_agent=(user_agent) ⇒ Object

Sets user agent in HTTP header

Parameters:

• user_agent (String) —

  User agent (e.g. openapi-generator/ruby/1.0.0)

# File 'lib/crimson-falcon/api_client.rb', line 482

def user_agent=(user_agent)
  @user_agent = user_agent
  @default_headers["User-Agent"] = @user_agent
end