zaproxy
diff --git a/‎CHANGELOG.md
Lines changed: 12 additions & 0 deletions b/‎CHANGELOG.md
Lines changed: 12 additions & 0 deletions
diff --git a/‎subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/core/ClientApi.java
Lines changed: 8 additions & 0 deletions b/‎subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/core/ClientApi.java
Lines changed: 8 additions & 0 deletions
diff --git a/‎subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/gen/AccessControl.java
Lines changed: 103 additions & 0 deletions b/‎subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/gen/AccessControl.java
Lines changed: 103 additions & 0 deletions
diff --git a/‎subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/gen/Alert.java
Lines changed: 101 additions & 0 deletions b/‎subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/gen/Alert.java
Lines changed: 101 additions & 0 deletions
@@ -7,6 +7,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 ### Added
 - Core APIs from ZAP version 2.8.0.
+- APIs from add-ons:
+ - Access Control Testing;
+ - Export Report;
+ - Revisit;
+ - Wappalyzer - Technology Detection.
+
+### Changed
+- Core APIs updated for ZAP version 2.9.0.
+- Update APIs from add-ons:
+ - Alert Filters;
+ - OpenAPI Support;
+ - Replacer.
 
 ## [1.7.0] - 2019-06-13
 ### Added
 
@@ -47,6 +47,7 @@
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 import org.w3c.dom.Document;
+import org.zaproxy.clientapi.gen.AccessControl;
 import org.zaproxy.clientapi.gen.Acsrf;
 import org.zaproxy.clientapi.gen.AjaxSpider;
 import org.zaproxy.clientapi.gen.AlertFilter;
@@ -57,6 +58,7 @@
 import org.zaproxy.clientapi.gen.Break;
 import org.zaproxy.clientapi.gen.Context;
 import org.zaproxy.clientapi.gen.Core;
+import org.zaproxy.clientapi.gen.Exportreport;
 import org.zaproxy.clientapi.gen.ForcedUser;
 import org.zaproxy.clientapi.gen.HttpSessions;
 import org.zaproxy.clientapi.gen.ImportLogFiles;
@@ -68,6 +70,7 @@
 import org.zaproxy.clientapi.gen.Pscan;
 import org.zaproxy.clientapi.gen.Replacer;
 import org.zaproxy.clientapi.gen.Reveal;
+import org.zaproxy.clientapi.gen.Revisit;
 import org.zaproxy.clientapi.gen.RuleConfig;
 import org.zaproxy.clientapi.gen.Script;
 import org.zaproxy.clientapi.gen.Search;
@@ -77,6 +80,7 @@
 import org.zaproxy.clientapi.gen.Spider;
 import org.zaproxy.clientapi.gen.Stats;
 import org.zaproxy.clientapi.gen.Users;
+import org.zaproxy.clientapi.gen.Wappalyzer;
 import org.zaproxy.clientapi.gen.Websocket;
 
 public class ClientApi {
@@ -98,6 +102,7 @@ public class ClientApi {
     private DocumentBuilderFactory docBuilderFactory;
 
     // Note that any new API implementations added have to be added here manually
+    public AccessControl accessControl = new AccessControl(this);
     public Acsrf acsrf = new Acsrf(this);
     public AjaxSpider ajaxSpider = new AjaxSpider(this);
     public AlertFilter alertFilter = new AlertFilter(this);
@@ -109,6 +114,7 @@ public class ClientApi {
     public Break brk = new Break(this);
     public Context context = new Context(this);
     public Core core = new Core(this);
+    public Exportreport exportreport = new Exportreport(this);
     public ForcedUser forcedUser = new ForcedUser(this);
     public HttpSessions httpSessions = new HttpSessions(this);
     public ImportLogFiles logImportFiles = new ImportLogFiles(this);
@@ -120,6 +126,7 @@ public class ClientApi {
     public Pscan pscan = new Pscan(this);
     public Replacer replacer = new Replacer(this);
     public Reveal reveal = new Reveal(this);
+    public Revisit revisit = new Revisit(this);
     public RuleConfig ruleConfig = new RuleConfig(this);
     public Search search = new Search(this);
     public Script script = new Script(this);
@@ -129,6 +136,7 @@ public class ClientApi {
     public Spider spider = new Spider(this);
     public Stats stats = new Stats(this);
     public Users users = new Users(this);
+    public Wappalyzer wappalyzer = new Wappalyzer(this);
     public Websocket websocket = new Websocket(this);
 
     public ClientApi(String zapAddress, int zapPort) {
 
@@ -0,0 +1,103 @@
+/*
+ * Zed Attack Proxy (ZAP) and its related class files.
+ *
+ * ZAP is an HTTP/HTTPS proxy for assessing web application security.
+ *
+ * Copyright 2020 The ZAP Development Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.zaproxy.clientapi.gen;
+
+import java.util.HashMap;
+import java.util.Map;
+import org.zaproxy.clientapi.core.ApiResponse;
+import org.zaproxy.clientapi.core.ClientApi;
+import org.zaproxy.clientapi.core.ClientApiException;
+
+/** This file was automatically generated. */
+@SuppressWarnings("javadoc")
+public class AccessControl {
+
+    private final ClientApi api;
+
+    public AccessControl(ClientApi api) {
+        this.api = api;
+    }
+
+    /**
+     * Gets the Access Control scan progress (percentage integer) for the given context ID.
+     *
+     * <p>This component is optional and therefore the API will only work if it is installed
+     */
+    public ApiResponse getScanProgress(String contextid) throws ClientApiException {
+        Map<String, String> map = new HashMap<>();
+        map.put("contextId", contextid);
+        return api.callApi("accessControl", "view", "getScanProgress", map);
+    }
+
+    /**
+     * Gets the Access Control scan status (description string) for the given context ID.
+     *
+     * <p>This component is optional and therefore the API will only work if it is installed
+     */
+    public ApiResponse getScanStatus(String contextid) throws ClientApiException {
+        Map<String, String> map = new HashMap<>();
+        map.put("contextId", contextid);
+        return api.callApi("accessControl", "view", "getScanStatus", map);
+    }
+
+    /**
+     * Starts an Access Control scan with the given context ID and user ID. (Optional parameters:
+     * user ID for Unauthenticated user, boolean identifying whether or not Alerts are raised, and
+     * the Risk level for the Alerts.) [This assumes the Access Control rules were previously
+     * established via ZAP gui and the necessary Context exported/imported.]
+     *
+     * <p>This component is optional and therefore the API will only work if it is installed
+     */
+    public ApiResponse scan(
+            String contextid,
+            String userid,
+            String scanasunauthuser,
+            String raisealert,
+            String alertrisklevel)
+            throws ClientApiException {
+        Map<String, String> map = new HashMap<>();
+        map.put("contextId", contextid);
+        map.put("userId", userid);
+        if (scanasunauthuser != null) {
+            map.put("scanAsUnAuthUser", scanasunauthuser);
+        }
+        if (raisealert != null) {
+            map.put("raiseAlert", raisealert);
+        }
+        if (alertrisklevel != null) {
+            map.put("alertRiskLevel", alertrisklevel);
+        }
+        return api.callApi("accessControl", "action", "scan", map);
+    }
+
+    /**
+     * Generates an Access Control report for the given context ID and saves it based on the
+     * provided filename (path).
+     *
+     * <p>This component is optional and therefore the API will only work if it is installed
+     */
+    public ApiResponse writeHTMLreport(String contextid, String filename)
+            throws ClientApiException {
+        Map<String, String> map = new HashMap<>();
+        map.put("contextId", contextid);
+        map.put("fileName", filename);
+        return api.callApi("accessControl", "action", "writeHTMLreport", map);
+    }
+}
@@ -127,4 +127,105 @@ public ApiResponse deleteAlert(String id) throws ClientApiException {
         map.put("id", id);
         return api.callApi("alert", "action", "deleteAlert", map);
     }
+
+    /** Update the alert with the given ID, with the provided details. */
+    public ApiResponse updateAlert(
+            String id,
+            String name,
+            String riskid,
+            String confidenceid,
+            String description,
+            String param,
+            String attack,
+            String otherinfo,
+            String solution,
+            String references,
+            String evidence,
+            String cweid,
+            String wascid)
+            throws ClientApiException {
+        Map<String, String> map = new HashMap<>();
+        map.put("id", id);
+        map.put("name", name);
+        map.put("riskId", riskid);
+        map.put("confidenceId", confidenceid);
+        map.put("description", description);
+        if (param != null) {
+            map.put("param", param);
+        }
+        if (attack != null) {
+            map.put("attack", attack);
+        }
+        if (otherinfo != null) {
+            map.put("otherInfo", otherinfo);
+        }
+        if (solution != null) {
+            map.put("solution", solution);
+        }
+        if (references != null) {
+            map.put("references", references);
+        }
+        if (evidence != null) {
+            map.put("evidence", evidence);
+        }
+        if (cweid != null) {
+            map.put("cweId", cweid);
+        }
+        if (wascid != null) {
+            map.put("wascId", wascid);
+        }
+        return api.callApi("alert", "action", "updateAlert", map);
+    }
+
+    /**
+     * Add an alert associated with the given message ID, with the provided details. (The ID of the
+     * created alert is returned.)
+     */
+    public ApiResponse addAlert(
+            String messageid,
+            String name,
+            String riskid,
+            String confidenceid,
+            String description,
+            String param,
+            String attack,
+            String otherinfo,
+            String solution,
+            String references,
+            String evidence,
+            String cweid,
+            String wascid)
+            throws ClientApiException {
+        Map<String, String> map = new HashMap<>();
+        map.put("messageId", messageid);
+        map.put("name", name);
+        map.put("riskId", riskid);
+        map.put("confidenceId", confidenceid);
+        map.put("description", description);
+        if (param != null) {
+            map.put("param", param);
+        }
+        if (attack != null) {
+            map.put("attack", attack);
+        }
+        if (otherinfo != null) {
+            map.put("otherInfo", otherinfo);
+        }
+        if (solution != null) {
+            map.put("solution", solution);
+        }
+        if (references != null) {
+            map.put("references", references);
+        }
+        if (evidence != null) {
+            map.put("evidence", evidence);
+        }
+        if (cweid != null) {
+            map.put("cweId", cweid);
+        }
+        if (wascid != null) {
+            map.put("wascId", wascid);
+        }
+        return api.callApi("alert", "action", "addAlert", map);
+    }
 }