diff --git a/messages/en.json b/messages/en.json index 63906e65..f2ca7f21 100644 --- a/messages/en.json +++ b/messages/en.json @@ -7,10 +7,15 @@ "Attachment Usages": "Attachment Usages", "Add Additional Data": "Add Additional Data", "Analyst": "Analyst", + "as of": "as of", + "authentication": "authentication", "Accountant": "Accountant", + "availability": "availability", "Application Software": "Application Software", "Active": "Active", "Advanced Filter": "Advanced Filter", + "Assigned external component ids": "Assigned external component ids", + "Access": "Access", "Action": "Action", "All": "All", "Add Vulnerability": "Add Vulnerability", @@ -64,10 +69,14 @@ "Clearing": "Clearing", "Created By": "Created By", "Cancel": "Cancel", + "complexity": "complexity", "Click to add row to Additional Data": "Click to add row to Additional Data", "Click to add row to External Id": "Click to add row to External Id", "Click to add row to External Url": "Click to add row to External Url", "Click to add row to External URL": "Click to add row to External Url", + "CVE references": "CVE references", + "Common weakness enumeration": "Common weakness enumeration", + "confidentiality": "confidentiality", "Click to add row to External Ids": "Click to add row to External Ids", "Cloud Service": "Cloud Service", "Categories": "Categories", @@ -274,7 +283,9 @@ "Id": "Id", "I could not delete the release, since it is used by another component (release) or project": "I could not delete the release, since it is used by another component (release) or project", "If the wrong SPDX is entered, the information will not be registered correctly": "If the wrong SPDX is entered, the information will not be registered correctly", + "Impact": "Impact", "Import SBOM": "Import SBOM", + "integrity": "integrity", "Import": "Import", "Importing": "Importing", "In order to go ahead, please sign in or create a new account!": "In order to go ahead, please sign in or create a new account!", @@ -299,6 +310,8 @@ "Link to Projects": "Link to Projects", "Last Name": "Last Name", "Lead Architect": "Lead Architect", + "Last update": "Last update", + "Legal Notice": "Legal Notice", "Learn more about project visibilities": "Learn more about project visibilities", "Learn more about project types": "Learn more about project types", "Learn more about the CPE ID format": "Learn more about the CPE ID format", @@ -332,6 +345,7 @@ "Mailing List URL": "Mailing List URL", "Main Licenses": "Main Licenses", "MAINLINE": "Mainline", + "Metadata": "Metadata", "Matched by": "Matched by", "Material Index Number": "Material Index Number", "Main / Concluded License Ids": "Main / Concluded License Ids", @@ -386,6 +400,7 @@ "Password": "Password", "Project cannot be created/updated": "Project cannot be created/updated", "Pause": "Pause", + "Priority Text": "Priority Text", "Perforce": "Perforce", "PHASEOUT": "Phaseout", "Phaseout": "Phaseout", @@ -421,6 +436,7 @@ "REFERRED": "Related", "Release Aggregate Data": "Release Aggregate Data", "Release date": "Release date", + "References": "References", "Release Date of this Release": "Release Date of this Release", "Release Mainline State": "Release Mainline State", "RELEASE_MAIN_STATE": "Open: Not decided so far Mainline: Organisation or person thinks that use of this software is recommended, which included multiple versions Specific: The software is not recommended in general, but for special use case or for this particular version it is acceptable In Phaseout: The software has issues, please consider removing it soon, if in use Denied: Software which is not allowed for use. For example, software that does not have licensing", @@ -565,7 +581,12 @@ "User": "User", "Usage Right Available": "Usage Right Available", "Used License": "Used License", + "vector": "vector", "Vulnerability Tracking Status": "Vulnerability Tracking Status", + "Vulnerability Summary": "Vulnerability Summary", + "Vendor advisories": "Vendor advisories", + "Vulnerability scoring": "Vulnerability scoring", + "Vulnerable configurations": "Vulnerable configurations", "VISIBILITY_INFO": "Private: Only visible by creator (and admin which applies to all visibility levels) \n Me and Moderators: Visible by creator and moderators \n Group and Moderators: All users of the same group and the moderators \n Everyone: Every user who is logged into the system", "Visibility": "Visibility", "Vulnerability has been deleted": "Vulnerability has been deleted", diff --git a/messages/ja.json b/messages/ja.json index c99e00fc..b1c138a3 100644 --- a/messages/ja.json +++ b/messages/ja.json @@ -7,11 +7,16 @@ "Attachment Usages": "Attachment Usages", "Application Software": "NOT TRANSLATED", "Analyst": "NOT TRANSLATED", + "as of": "as of", + "authentication": "authentication", "Accountant": "NOT TRANSLATED", "Add Additional Data": "NOT TRANSLATED", "Advanced Filter": "Advanced Filter", "Add Vulnerability": "Add Vulnerability", + "availability": "availability", "All": "All", + "Assigned external component ids": "Assigned external component ids", + "Access": "Access", "APPROVED": "承認済", "ACCEPTED": "受け入れられました", "Add Attachment": "添付ファイルを追加する", @@ -65,6 +70,7 @@ "Clearing": "Clearing", "Created By": "Created By", "Cancel": "キャンセル", + "complexity": "complexity", "Click to add row to Additional Data": "NOT TRANSLATED", "Click to add row to External Id": "NOT TRANSLATED", "Click to add row to External Url": "NOT TRANSLATED", @@ -82,6 +88,9 @@ "Changes": "変更", "Checked By": "確認", "Click": "Click", + "CVE references": "CVE references", + "Common weakness enumeration": "Common weakness enumeration", + "confidentiality": "confidentiality", "Checked Comment": "Checked Comment", "Checked On": "Checked On", "Clearing Report": "クリアリングレポート", @@ -282,8 +291,10 @@ "Initial Use Scan": "初期使用スキャン", "In order to go ahead, please sign in or create a new account!": "先に進むためには、サインインするか、新しいアカウントを作成してください", "Info": "Info", + "integrity": "integrity", "Inner Source": "内部ソース", "Internal": "内部", + "Impact": "Impact", "Internal Project": "NOT TRANSLATED", "INTERNAL_USE": "内部利用", "Is Checked": "NOT TRANSLATED", @@ -302,6 +313,8 @@ "Legal evaluation report": "法的評価報告書", "License Agreement": "ライセンス契約書", "License Clearing": "NOT TRANSLATED", + "Last update": "Last update", + "Legal Notice": "Legal Notice", "Licence names": "ライセンス名", "Lifecycle": "Lifecycle", "License Info Header": "License Info Header", @@ -333,6 +346,7 @@ "Merge": "マージ", "Mercurial": "マーキュリアル", "Moderators": "モデレータ", + "Metadata": "Metadata", "Modified By": "変更方法", "Modified On": "変更された", "Monotone": "単調", @@ -399,6 +413,7 @@ "Project Type": "NOT TRANSLATED", "Project Version": "NOT TRANSLATED", "Projects": "NOT TRANSLATED", + "Priority Text": "Priority Text", "Projects only": "NOT TRANSLATED", "Projects with linked releases": "NOT TRANSLATED", "Project state": "NOT TRANSLATED", @@ -437,6 +452,7 @@ "Responsible": "責任", "Reload Report": "リロードレポート", "Requirement document": "要件文書", + "References": "References", "Release name": "リリース名", "Release version": "リリースバージョン", "REPOSITORY_TYPE": "Repository Type", @@ -563,7 +579,12 @@ "Vendor Name": "業者名", "Vendors": "ベンダー", "Verification": "验证", + "Vulnerability Summary": "Vulnerability Summary", + "Vendor advisories": "Vendor advisories", + "Vulnerability scoring": "Vulnerability scoring", + "Vulnerable configurations": "Vulnerable configurations", "Version": "バージョン", + "vector": "vector", "Vulnerable Configuration": "Vulnerable Configuration", "Visual SourceSafe": "ビジュアルソースセーフ", "Vulnerabilities": "脆弱性", diff --git a/messages/vi.json b/messages/vi.json index 1a83475d..9088eaf1 100644 --- a/messages/vi.json +++ b/messages/vi.json @@ -9,8 +9,13 @@ "Analyst": "NOT TRANSLATED", "Accountant": "NOT TRANSLATED", "Advanced Filter": "Advanced Filter", + "as of": "as of", + "authentication": "authentication", "Add Vulnerability": "Add Vulnerability", "All": "All", + "availability": "availability", + "Assigned external component ids": "Assigned external component ids", + "Access": "Access", "Add Additional Data": "NOT TRANSLATED", "APPROVED": "Đã chấp thuận", "ACCEPTED": "chấp thuận", @@ -67,6 +72,7 @@ "Created By": "Created By", "CHECKED": "ĐÃ KIỂM TRA", "CVE ID": "CVE ID", + "complexity": "complexity", "Cloud Service": "NOT TRANSLATED", "Click to add row to Additional Data": "NOT TRANSLATED", "Click to add row to External Id": "NOT TRANSLATED", @@ -138,6 +144,9 @@ "CriticalFilesFound": "Critical Files Found", "Created On": "Được Tạo Vào", "Created by": "Được tạo bởi", + "CVE references": "CVE references", + "Common weakness enumeration": "Common weakness enumeration", + "confidentiality": "confidentiality", "Customer Project": "NOT TRANSLATED", "Create Release": "Tạo bản phát hành", "CPE ID": "CPE ID", @@ -285,8 +294,10 @@ "Inner Source": "Nguồn bên trong", "Internal": "Nội bộ", "Internal Project": "NOT TRANSLATED", + "Impact": "Impact", "INTERNAL_USE": "Sử dụng nội bộ", "Is Checked": "NOT TRANSLATED", + "integrity": "integrity", "IBM Rational Synergy": "Sức mạnh tổng hợp hợp lý của IBM", "IS USED BY THE FOLLOWING COMPONENTS": "ĐƯỢC SỬ DỤNG BỞI CÁC THÀNH PHẦN SAU", "IN_PROGRESS": "In Progress", @@ -315,6 +326,8 @@ "License Type": "NOT TRANSLATED", "Linked Releases": "Các bản phát hành được liên kết", "Link Releases": "Liên kết phát hành", + "Last update": "Last update", + "Legal Notice": "Legal Notice", "Link Release to Project": "Liên kết bản phát hành đến dự án", "Link To Project": "Liên kết đến dự án", "License Scan Report Result": "Kết quả báo cáo quét giấy phép", @@ -332,6 +345,7 @@ "Matched by": "Phù hợp với", "Material Index Number": "Số chỉ mục vật liệu", "Merge": "Hợp nhất", + "Metadata": "Metadata", "Mercurial": "Không kiên định", "Moderators": "Người điều hành", "Modified By": "Được chỉnh sửa bởi", @@ -400,6 +414,7 @@ "Projects only": "NOT TRANSLATED", "Projects with linked releases": "NOT TRANSLATED", "PTC Integrity": "Tính toàn vẹn của PTC", + "Priority Text": "Priority Text", "Perforce": "lực lượng", "Project state": "Project state", "Project cannot be created/updated": "Project cannot be created/updated", @@ -426,6 +441,7 @@ "Request Information": "Yêu cầu thông tin", "Release relation": "Quan hệ bản phát hành", "Roles": "Vai trò", + "References": "References", "Reset FOSSology Process": "Reset FOSSology Process", "Responsible": "Trách nhiệm", "Reload Report": "Tải lại báo cáo", @@ -560,6 +576,7 @@ "VISIBILITY_INFO": "NOT TRANSLATED", "Vendor": "Nhà cung cấp", "Vendor Name": "Tên nhà cung cấp", + "vector": "vector", "Vendors": "Nhà cung cấp", "Verification": "Xác minh", "Vulnerability has been deleted": "Vulnerability has been deleted", @@ -567,6 +584,10 @@ "VULNERABILITIES": "VULNERABILITIES", "Vulnerable Configuration": "Vulnerable Configuration", "Vulnerabilities": "Lỗ hổng", + "Vulnerability Summary": "Vulnerability Summary", + "Vendor advisories": "Vendor advisories", + "Vulnerability scoring": "Vulnerability scoring", + "Vulnerable configurations": "Vulnerable configurations", "Vulnerability matching statistics": "Thống kê phù hợp với lỗ hổng", "Visual SourceSafe": "Nguồn trực quanAn toàn", "Welcome to SW360!": "Chào mừng bạn đến với SW360!", diff --git a/messages/zh.json b/messages/zh.json index 45d0b8af..a241cba2 100644 --- a/messages/zh.json +++ b/messages/zh.json @@ -10,7 +10,10 @@ "Add Vulnerability": "Add Vulnerability", "All": "All", "Accountant": "NOT TRANSLATED", + "as of": "as of", + "authentication": "authentication", "Advanced Filter": "Advanced Filter", + "availability": "availability", "End User": "NOT TRANSLATED", "Add Additional Data": "NOT TRANSLATED", "APPROVED": "报告已批准", @@ -26,6 +29,8 @@ "Additional Data": "附加数据", "additional data": "NOT TRANSLATED", "Add License To Release": "添加数据到这个发行版本", + "Assigned external component ids": "Assigned external component ids", + "Access": "Access", "Additional Roles": "附加角色", "Additional Role": "NOT TRANSLATED", "Additional Request Information": "附加请求信息", @@ -66,6 +71,7 @@ "Copy to Clipboard": "Copy to Clipboard", "Created By": "Created By", "CHECKED": "已检查", + "complexity": "complexity", "Cloud Service": "NOT TRANSLATED", "Click to add row to Additional Data": "NOT TRANSLATED", "Categories": "类别", @@ -126,6 +132,9 @@ "COTS Responsible": "COTS 负责人", "COTS Clearing Deadline": "COTS 明确截止日期", "COTS Clearing Report URL": "COTS 明确报告URL", + "CVE references": "CVE references", + "Common weakness enumeration": "Common weakness enumeration", + "confidentiality": "confidentiality", "COTS OSS Information": "COTS OSS信息", "Clearing Details": "明确细节", "Clearing Standard": "明确标准", @@ -267,6 +276,7 @@ "How it works": "它是如何工作的", "hand_when_got_stuck_fossology": "如果FOSSology进程卡住或源附件不正确,可以通过将当前FOSSology进程状态设置为状态OUTDATED 来重新开始。一个新的FOSSology进程将自动启动,因此请确保在更改状态之前先修复所有附件或其他的问题。", "Id": "Id", + "Impact": "Impact", "I could not delete the release, since it is used by another component (release) or project": "无法删除该版本,因为它正在被另一个组件或发行版本或项目使用", "If the wrong SPDX is entered, the information will not be registered correctly": "If the wrong SPDX is entered, the information will not be registered correctly", "INCORRECT": "不正确", @@ -277,6 +287,7 @@ "In Progress": "NOT TRANSLATED", "Initial Scan Report": "初始扫描报告", "Initial Use Scan": "初次使用扫描", + "integrity": "integrity", "In order to go ahead, please sign in or create a new account!": "要继续,请登录或创建一个新帐户!", "Info": "信息", "Inner Source": "内源", @@ -301,6 +312,8 @@ "Learn more about repository types": "Learn more about repository types", "Languages": "语言", "Link Projects": "Link Projects", + "Last update": "Last update", + "Legal Notice": "Legal Notice", "Legal evaluation report": "法律评估报告", "License Agreement": "许可协议", "License Clearing": "NOT TRANSLATED", @@ -332,6 +345,7 @@ "Mercurial": "水银", "Moderators": "审核人", "Modified By": "修改者", + "Metadata": "Metadata", "Modified On": "修改于", "Multiple CLI are found in release!": "在发行版本中找到了多个CLI!", "My Components": "NOT TRANSLATED", @@ -371,6 +385,7 @@ "Project Clearing State": "Project Clearing State", "Project Manager": "NOT TRANSLATED", "Project Owner": "NOT TRANSLATED", + "Priority Text": "Priority Text", "Private": "NOT TRANSLATED", "PROJECT_TYPE_INFO": "NOT TRANSLATED", "PHASEOUT": "停止", @@ -425,6 +440,7 @@ "Release relation": "发行版本关系", "Reset FOSSology Process": "Reset FOSSology Process", "Responsible": "负责", + "References": "References", "Reload Report": "重新加载报告", "Requirement document": "需求文件", "Release Repository": "发布存储库", @@ -555,12 +571,17 @@ "VISIBILITY_INFO": "NOT TRANSLATED", "Visibility": "NOT TRANSLATED", "Vendor": "供应商", + "vector": "vector", "VULNERABILITIES": "VULNERABILITIES", "Vulnerability has been deleted": "Vulnerability has been deleted", "Vendor Name": "供应商名称", "Vulnerable Configuration": "Vulnerable Configuration", "Vendors": "供应商", "Verification": "検証", + "Vulnerability Summary": "Vulnerability Summary", + "Vendor advisories": "Vendor advisories", + "Vulnerability scoring": "Vulnerability scoring", + "Vulnerable configurations": "Vulnerable configurations", "Version": "版本", "Vulnerabilities": "漏洞", "Vulnerability matching statistics": "匹配漏洞统计", diff --git a/src/app/[locale]/vulnerabilities/components/Vulnerabilities.tsx b/src/app/[locale]/vulnerabilities/components/Vulnerabilities.tsx index b0f22b00..8eef823d 100644 --- a/src/app/[locale]/vulnerabilities/components/Vulnerabilities.tsx +++ b/src/app/[locale]/vulnerabilities/components/Vulnerabilities.tsx @@ -65,7 +65,7 @@ export default function Vulnerabilities({ session }: { session: Session }) { formatter: (externalId: string) => _( <> - + {externalId} diff --git a/src/app/[locale]/vulnerabilities/detail/[id]/components/Summary.tsx b/src/app/[locale]/vulnerabilities/detail/[id]/components/Summary.tsx new file mode 100644 index 00000000..7021cf05 --- /dev/null +++ b/src/app/[locale]/vulnerabilities/detail/[id]/components/Summary.tsx @@ -0,0 +1,184 @@ +// Copyright (C) Siemens AG, 2023. Part of the SW360 Frontend Project. + +// This program and the accompanying materials are made +// available under the terms of the Eclipse Public License 2.0 +// which is available at https://www.eclipse.org/legal/epl-2.0/ + +// SPDX-License-Identifier: EPL-2.0 +// License-Filename: LICENSE + +'use client' + +import { VulnerabilitySummaryDataType } from '@/object-types/VulnerabilitySummaryDataType' +import { useTranslations } from 'next-intl' +import { COMMON_NAMESPACE } from '@/object-types/Constants' +import { useState } from 'react' +import Link from 'next/link' +import styles from '../detail.module.css' + +export default function Summary({ summaryData }: { summaryData: VulnerabilitySummaryDataType }) { + const t = useTranslations(COMMON_NAMESPACE) + const [toggle, setToggle] = useState(false) + + return ( + <> + + { + setToggle(!toggle) + }} + > + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
{t('Vulnerability Summary')}
+ + ) +} diff --git a/src/app/[locale]/vulnerabilities/detail/[id]/components/VulnerabilityDetailsTab.tsx b/src/app/[locale]/vulnerabilities/detail/[id]/components/VulnerabilityDetailsTab.tsx new file mode 100644 index 00000000..d2a781d8 --- /dev/null +++ b/src/app/[locale]/vulnerabilities/detail/[id]/components/VulnerabilityDetailsTab.tsx @@ -0,0 +1,107 @@ +// Copyright (C) Siemens AG, 2023. Part of the SW360 Frontend Project. + +// This program and the accompanying materials are made +// available under the terms of the Eclipse Public License 2.0 +// which is available at https://www.eclipse.org/legal/epl-2.0/ + +// SPDX-License-Identifier: EPL-2.0 +// License-Filename: LICENSE + +'use client' + +import { Col, Row, ListGroup, Tab } from 'react-bootstrap' +import React, { useState, useEffect } from 'react' +import PageSpinner from '@/components/Spinner/Spinner' + +import { useTranslations } from 'next-intl' +import { COMMON_NAMESPACE } from '@/object-types/Constants' + +import ApiUtils from '@/utils/api/api.util' +import { Session } from '@/object-types/Session' +import HttpStatus from '@/object-types/enums/HttpStatus' +import { signOut } from 'next-auth/react' + +import { VulnerabilitySummaryDataType } from '@/object-types/VulnerabilitySummaryDataType' +import Summary from './Summary' + +import { notFound } from 'next/navigation' + +export default function VulnerabilityDetailsTab({ + session, + vulnerabilityId, +}: { + session: Session + vulnerabilityId: string +}) { + const t = useTranslations(COMMON_NAMESPACE) + const [summaryData, setSummaryData] = useState(undefined) + + useEffect(() => { + const controller = new AbortController() + const signal = controller.signal + + ;(async () => { + try { + const response = await ApiUtils.GET( + `vulnerabilities/${vulnerabilityId}`, + session.user.access_token, + signal + ) + if (response.status === HttpStatus.UNAUTHORIZED) { + return signOut() + } else if (response.status !== HttpStatus.OK) { + return notFound() + } + + const data = await response.json() + + setSummaryData(data) + } catch (e) { + console.error(e) + } + })() + + return () => controller.abort() + }, [vulnerabilityId, session]) + + return ( + <> +
+ + + + + +
{t('Summary')}
+
+ +
{t('Metadata')}
+
+ +
{t('References')}
+
+
+ + + + + + {!summaryData ? ( +
+ +
+ ) : ( + + )} + + + + + + + + +
+ + ) +} diff --git a/src/app/[locale]/vulnerabilities/detail/[id]/detail.module.css b/src/app/[locale]/vulnerabilities/detail/[id]/detail.module.css new file mode 100644 index 00000000..b9262c58 --- /dev/null +++ b/src/app/[locale]/vulnerabilities/detail/[id]/detail.module.css @@ -0,0 +1,46 @@ +/* + Copyright (C) Siemens AG, 2023. Part of the SW360 Frontend Project. + + This program and the accompanying materials are made + available under the terms of the Eclipse Public License 2.0 + which is available at https://www.eclipse.org/legal/epl-2.0/ + + SPDX-License-Identifier: EPL-2.0 + License-Filename: LICENSE +*/ + +.summary-table { + border: 1px solid lightgray; + margin-bottom: 2rem !important; +} + +.mapDisplayRootItem { + max-width: 70%; +} + +.summary-table tbody td:first-child { + width: 30%; +} + +.summary-table tbody a { + color: #f7941e !important; + text-decoration-line: none; +} + +.summary-table tbody td { + word-wrap: break-word; +} + +.btn-group:not(:last-child) { + margin-right: 0.5rem; +} + +.icon-btn { + color: gray; + font-size: 14px; + margin-right: 5px; +} + +.icon-btn:hover { + cursor: pointer; +} diff --git a/src/app/[locale]/vulnerabilities/detail/[id]/page.tsx b/src/app/[locale]/vulnerabilities/detail/[id]/page.tsx new file mode 100644 index 00000000..d2b53027 --- /dev/null +++ b/src/app/[locale]/vulnerabilities/detail/[id]/page.tsx @@ -0,0 +1,30 @@ +// Copyright (C) Siemens AG, 2023. Part of the SW360 Frontend Project. + +// This program and the accompanying materials are made +// available under the terms of the Eclipse Public License 2.0 +// which is available at https://www.eclipse.org/legal/epl-2.0/ + +// SPDX-License-Identifier: EPL-2.0 +// License-Filename: LICENSE + +import { authOptions } from '@/app/api/auth/[...nextauth]/route' +import { getServerSession } from 'next-auth/next' +import { Session } from '@/object-types/Session' +import { Metadata } from 'next' +import VulnerabilityDetailsTab from './components/VulnerabilityDetailsTab' + +export const metadata: Metadata = { + title: 'Vulnerabilites', +} + +interface Context { + params: { id: string } +} + +const Detail = async ({ params }: Context) => { + const session: Session = await getServerSession(authOptions) + + return +} + +export default Detail diff --git a/src/object-types/VulnerabilitySummaryDataType.ts b/src/object-types/VulnerabilitySummaryDataType.ts new file mode 100644 index 00000000..e8bd5578 --- /dev/null +++ b/src/object-types/VulnerabilitySummaryDataType.ts @@ -0,0 +1,41 @@ +// Copyright (C) Siemens AG, 2023. Part of the SW360 Frontend Project. + +// This program and the accompanying materials are made +// available under the terms of the Eclipse Public License 2.0 +// which is available at https://www.eclipse.org/legal/epl-2.0/ + +// SPDX-License-Identifier: EPL-2.0 +// License-Filename: LICENSE + +export interface VulnerabilitySummaryDataType { + title: string + description: string + externalId: string + publishDate: string + lastExternalUpdate: string + priority: string + priorityText: string + action: string + impact: { + integrity: string + availability: string + confidentiality: string + } + legalNotice: string + assignedExtComponentIds: string[] + cveReferences: string[] + vendorAdvisories: { + vendor: string + name: string + url: string + }[] + cvss: string + cvssTime: string + access: { + complexity: string + vector: string + authentication: string + } + cwe: string + vulnerableConfiguration: object +} diff --git a/src/services/auth.service.ts b/src/services/auth.service.ts index 4ae54e19..0e726493 100644 --- a/src/services/auth.service.ts +++ b/src/services/auth.service.ts @@ -8,80 +8,82 @@ // SPDX-License-Identifier: EPL-2.0 // License-Filename: LICENSE -import { SW360_API_URL } from '@/utils/env'; -import RequestContent from '@/object-types/RequestContent'; -import UserCredentialInfo from '@/object-types/UserCredentialInfo'; -import OAuthClient from '@/object-types/OAuthClient'; +import { SW360_API_URL } from '@/utils/env' +import RequestContent from '@/object-types/RequestContent' +import UserCredentialInfo from '@/object-types/UserCredentialInfo' +import OAuthClient from '@/object-types/OAuthClient' import HttpStatus from '@/object-types/enums/HttpStatus' -import { AuthToken } from '@/object-types/AuthToken'; +import { AuthToken } from '@/object-types/AuthToken' const generateToken = async (userData: UserCredentialInfo) => { + const clientManagementURL: string = SW360_API_URL + '/authorization/client-management' + let credentials: string = Buffer.from(`${userData.username}:${userData.password}`).toString('base64') - const clientManagementURL: string = SW360_API_URL + '/authorization/client-management'; - let credentials: string = Buffer.from(`${userData.username}:${userData.password}`).toString('base64'); + const opts: RequestContent = { method: 'GET', headers: {}, body: null } - const opts: RequestContent = { method: 'GET', headers: {}, body: null }; + opts.headers['Content-Type'] = 'application/json' + opts.headers['Authorization'] = `Basic ${credentials}` - opts.headers['Content-Type'] = 'application/json'; - opts.headers['Authorization'] = `Basic ${credentials}`; - - let oAuthClient: OAuthClient | null = null; + let oAuthClient: OAuthClient | null = null await fetch(clientManagementURL, opts) .then((response) => { if (response.status == HttpStatus.OK) { - return response.text(); + return response.text() } else { - return null; + return null } }) .then((json) => { try { - oAuthClient = JSON.parse(json)[0]; + oAuthClient = JSON.parse(json)[0] } catch (err) { - oAuthClient = null; + oAuthClient = null } }) .catch(() => { - oAuthClient = null; - }); + oAuthClient = null + }) if (oAuthClient == null) { - return null; + return null } - credentials = Buffer.from(`${oAuthClient.client_id}:${oAuthClient.client_secret}`, `binary`).toString( - 'base64' - ); + credentials = Buffer.from(`${oAuthClient.client_id}:${oAuthClient.client_secret}`, `binary`).toString('base64') - opts.headers['Authorization'] = `Basic ${credentials}`; - const authorizationURL: string = SW360_API_URL + '/authorization/oauth/token?grant_type=password&username=' + userData.username + '&password=' + userData.password; + opts.headers['Authorization'] = `Basic ${credentials}` + const authorizationURL: string = + SW360_API_URL + + '/authorization/oauth/token?grant_type=password&username=' + + userData.username + + '&password=' + + userData.password let sw360token: AuthToken | null = null await fetch(authorizationURL, opts) .then((response) => { if (response.status == HttpStatus.OK) { - return response.text(); + return response.text() } else { - return undefined; + return undefined } }) .then((json) => { try { - sw360token = JSON.parse(json); + sw360token = JSON.parse(json) } catch (err) { - sw360token = null; + sw360token = null } }) .catch(() => { - oAuthClient = null; - });; + oAuthClient = null + }) - return sw360token; + return sw360token } const AuthService = { - generateToken + generateToken, } export default AuthService