UNPKG

@hclsoftware/secagent

Version:

IAST agent

61 lines (52 loc) 2.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
//IASTIGNORE /* * **************************************************** * Licensed Materials - Property of HCL. * (c) Copyright HCL Technologies Ltd. 2017, 2025. * Note to U.S. Government Users *Restricted Rights. * **************************************************** */ const BeforeRule = require("./BeforeRule"); const {keys, addAdditionalInfoToFlows} = require('../../AdditionalInfo') const TagsUtils = require("../../TagsUtils"); const {v4: uuidv4} = require("uuid"); /** * A BeforeRule that adds IAST_TAG header to the additional info of the flow with its value (if one exists in the message's headers) after receiving a message from RabbitMQServer. * and removes IAST_TAG header from the message before it is consumed by user defined callback. * @class RabbitMQReceiverRule * @extends BeforeRule * @see BeforeRule */ module.exports = class RabbitMQReceiverRule extends BeforeRule { doRule(hookValues) { try { // receiver method signature: handleMessage (message)and message = {content: {}, fields: {}, properties: {}} const param = hookValues.args[0] this.removeHeaderAndAddAdditionalInfoReceiver(param.content, hookValues) } catch (err) { throw new Error ("Unable to add IAST_TAG header to the Additional Info in the RabbitMQ Receiver rule; Exception:" + err); } } // receiver method signature: handleMessage (message)and message = {content: {}, fields: {}, properties: {}} removeHeaderAndAddAdditionalInfoReceiver(param, hookValues) { let newArgs = hookValues.args; let properties = newArgs[0].properties let updatedIastTags // check if properties have headers key and if it does check for IAST_TAG key if (properties.headers) { let headers = properties.headers if (headers[keys.IAST_TAG.valueOf()]) { let headerValue = headers[keys.IAST_TAG.valueOf()] updatedIastTags = TagsUtils.getIncrementedHeaderTags(headerValue) delete headers[keys.IAST_TAG.valueOf()] } else { updatedIastTags = uuidv4() + "-0" } // add IAST_TAG and value to the additional info. addAdditionalInfoToFlows(param, {[keys.IAST_TAG]: updatedIastTags}) // update options argument with new header hookValues.updatedArgs = newArgs } } }