From 425775f6729825202d93c307502c68eb00624800 Mon Sep 17 00:00:00 2001 From: Adi Daud <46249224+adi88d@users.noreply.github.com> Date: Mon, 19 Feb 2024 22:50:36 +0200 Subject: [PATCH] PhishTank v2 - Added the username parameter (#32951) * added the username parameter * update docker * set username as optional * doc review * add test_user_agent_header * flake8 --- .../Integrations/PhishTankV2/PhishTankV2.py | 12 ++++++++-- .../Integrations/PhishTankV2/PhishTankV2.yml | 5 +++- .../PhishTankV2/PhishTankV2_test.py | 24 +++++++++++++++++-- Packs/PhishTank/ReleaseNotes/2_0_30.md | 4 ++++ Packs/PhishTank/pack_metadata.json | 2 +- 5 files changed, 41 insertions(+), 6 deletions(-) create mode 100644 Packs/PhishTank/ReleaseNotes/2_0_30.md diff --git a/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.py b/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.py index ce548a66c622..6ab9ff78b225 100644 --- a/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.py +++ b/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.py @@ -35,19 +35,26 @@ class Client(BaseClient): use_https (bool): Whether to use HTTPS URL or HTTP URL. """ - def __init__(self, proxy: bool, verify: bool, fetch_interval_hours: str, use_https: str, reliability: str): + def __init__(self, proxy: bool, verify: bool, fetch_interval_hours: str, use_https: str, reliability: str, + username: str = ''): super().__init__(proxy=proxy, verify=verify, base_url=HTTPS_BASE_URL if use_https else BASE_URL) self.fetch_interval_hours = fetch_interval_hours + self.username = username + if DBotScoreReliability.is_valid_type(reliability): self.reliability = DBotScoreReliability.get_dbot_score_reliability_from_str(reliability) else: return_error("PhishTankV2 error: Please provide a valid value for the Source Reliability parameter.") def get_http_request(self, url_suffix: str): + headers = {} + if self.username: + headers = {'User-Agent': f'phishtank/{self.username}'} result = self._http_request( method='GET', url_suffix=url_suffix, resp_type="text", + headers=headers, error_handler=handle_error ) return result @@ -316,13 +323,14 @@ def main() -> None: verify = not params.get('insecure') fetch_interval_hours = params.get('fetchIntervalHours') reliability = params.get('integrationReliability') + username = params.get('username') if not is_number(fetch_interval_hours): return_error("PhishTankV2 error: Please provide a numeric value (and bigger than 0) for Database refresh " "interval (hours)") # initialize a client - client = Client(proxy, verify, fetch_interval_hours, use_https, reliability) + client = Client(proxy, verify, fetch_interval_hours, use_https, reliability, username) command = demisto.command() demisto.debug(f'PhishTankV2: command is {command}') diff --git a/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.yml b/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.yml index 0dee64c88ad5..f07f3ec3d33c 100644 --- a/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.yml +++ b/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2.yml @@ -3,6 +3,9 @@ commonfields: id: PhishTank V2 version: -1 configuration: +- display: Username + name: username + type: 0 - defaultvalue: 'false' display: Use HTTPS connection name: use_https @@ -78,7 +81,7 @@ script: name: phishtank-reload - description: Shows the status (timestamp) of the last time that PhishTank database was loaded. name: phishtank-status - dockerimage: demisto/python3:3.10.13.73190 + dockerimage: demisto/python3:3.10.13.87159 runonce: false script: '-' subtype: python3 diff --git a/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2_test.py b/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2_test.py index 441f99ca6bb5..d60969578281 100644 --- a/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2_test.py +++ b/Packs/PhishTank/Integrations/PhishTankV2/PhishTankV2_test.py @@ -10,9 +10,9 @@ def create_client(proxy: bool = False, verify: bool = False, fetch_interval_hours: str = "1", - reliability: str = DBotScoreReliability.A_PLUS): + reliability: str = DBotScoreReliability.A_PLUS, username: str = ''): return Client(proxy=proxy, verify=verify, fetch_interval_hours=fetch_interval_hours, use_https=False, - reliability=reliability) + reliability=reliability, username=username) @pytest.mark.parametrize('number, output', [("True", False), ('432', True), ("str", False), @@ -243,3 +243,23 @@ def test_url_command(mocker, data, url, expected_score, expected_table): # validate human readable hr_ = command_results[0].to_context().get('HumanReadable', {}) assert hr_ == expected_table + + +@pytest.mark.parametrize('username, expected_headers', [ + ('test', {'User-Agent': 'phishtank/test'}), + ('', {})]) +def test_user_agent_header(mocker, username, expected_headers): + """ + Given: + - phishtank username + + When: + - After reload or url command + + Then: + - validating that the User-Agent header is populated as expected + """ + http_request = mocker.patch.object(Client, "_http_request", return_value='') + client = create_client(False, False, "1", DBotScoreReliability.B, username) + reload(client) + assert http_request.call_args.kwargs['headers'] == expected_headers diff --git a/Packs/PhishTank/ReleaseNotes/2_0_30.md b/Packs/PhishTank/ReleaseNotes/2_0_30.md new file mode 100644 index 000000000000..509d1527f406 --- /dev/null +++ b/Packs/PhishTank/ReleaseNotes/2_0_30.md @@ -0,0 +1,4 @@ +#### Integrations +##### PhishTank v2 +- Added a new parameter *username*. Allows adding the PhishTank user to the requests header in order to increase the rate limit. +- Updated the Docker image to: *demisto/python3:3.10.13.87159*. \ No newline at end of file diff --git a/Packs/PhishTank/pack_metadata.json b/Packs/PhishTank/pack_metadata.json index 3a22155cbba4..eab9df634856 100644 --- a/Packs/PhishTank/pack_metadata.json +++ b/Packs/PhishTank/pack_metadata.json @@ -2,7 +2,7 @@ "name": "PhishTank", "description": "PhishTank is a free community site where anyone can submit, verify, track and share phishing data", "support": "xsoar", - "currentVersion": "2.0.29", + "currentVersion": "2.0.30", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "",