def __init__(self, input_url: str, api_key: str, verify_certificate: bool, proxy: bool, endpoint="/rest/vulnerability"):
base_url = urljoin(input_url, endpoint)
PACK_VERSION = get_pack_version()
DEMISTO_VERSION = demisto.demistoVersion()
DEMISTO_VERSION = f'{DEMISTO_VERSION["version"]}.{DEMISTO_VERSION["buildNumber"]}'
headers = {
"Content-Type": "application/json",
'auth-token': api_key,
"User-Agent": f"AccentureCTI Pack/{PACK_VERSION} Palo Alto XSOAR/{DEMISTO_VERSION}"
}
super(Client, self).__init__(base_url=base_url,
verify=verify_certificate,
headers=headers,
proxy=proxy)
def _add_info_headers() -> Dict[str, str]:
# pylint: disable=no-member
headers = {}
try:
calling_context = demisto.callingContext.get('context', {}) # type: ignore[attr-defined]
brand_name = calling_context.get('IntegrationBrand', '')
instance_name = calling_context.get('IntegrationInstance', '')
headers['X-Content-Version'] = CONTENT_RELEASE_VERSION
headers['X-Content-Name'] = brand_name or instance_name or 'Name not found'
if hasattr(demisto, 'demistoVersion'):
demisto_version = demisto.demistoVersion()
headers['X-Content-Server-Version'] = '{}-{}'.format(demisto_version.get('version'),
demisto_version.get("buildNumber"))
except Exception as e:
demisto.error('Failed getting integration info: {}'.format(str(e)))
return headers
'context_description': 'description',
'mitre_tactics': 'mitretactics',
'relation_entity_b': 'threat_data_family'
},
"ipv4": {'threat_type': 'threattypes.threatcategory',
'threat_data_family': 'malwarefamily',
'indicator_data_address': 'ipaddress',
'context_description': 'description',
'mitre_tactics': 'mitretactics',
'relation_entity_b': 'threat_data_family'
}
}
INDICATOR_VALUE_FIELD = {FeedIndicatorType.File: 'indicator_data_file_sha256',
FeedIndicatorType.URL: 'indicator_data_url',
"ipv4": 'indicator_data_address'}
DEMISTO_VERSION = demisto.demistoVersion()
CONTENT_PACK = 'Intel471 Feed/2.0.1'
INTEGRATION = 'Intel471 Malware Indicator Feed'
USER_AGENT = f'XSOAR/{DEMISTO_VERSION["version"]}.{DEMISTO_VERSION["buildNumber"]} - {CONTENT_PACK} - {INTEGRATION}'
def _create_url(**kwargs):
url_suffix = ""
for param in kwargs:
url_suffix += f"&{param}={kwargs.get(param)}"
return FEED_URL + url_suffix.strip('&')
def _build_url_parameter_dict(**kwargs):
"""
Given a set of parameters, creates a dictionary with only searchable items that can be used in api.
def http_request(self,
method: str,
url_suffix: str,
json_data=None,
params=None,
headers=None,
data=None):
"""
Override http_request method from BaseClient class. This method will print an error based on status code
and exceptions.
:type method: ``str``
:param method: The HTTP method, for example: GET, POST, and so on.
:type url_suffix: ``str``
:param url_suffix: The API endpoint.
:type json_data: ``dict``
:param json_data: The dictionary to send in a 'POST' request.
:type params: ``dict``
:param params: URL parameters to specify the query.
:type headers: ``dict``
:param headers: Headers to send in the request. If None, will use self._headers.
:return: Depends on the resp_type parameter
:rtype: ``dict`` or ``str`` or ``requests.Response``
"""
resp = Response()
try:
if url_suffix != URL_SUFFIX['GET_TOKEN']:
with self.lock:
if int(time.time() +
TOKEN_TIME_DIFF) >= self.api_token_valid_until:
self.api_token, self.api_token_valid_until = self.get_api_token(
)
# pylint: disable=E1101
headers['User-Agent'] = "AgariDemisto APDIntegration/" + INTEGRATION_VERSION + " DemistoServer/" + \
demisto.demistoVersion()['version'] # type: ignore[attr-defined]
# pylint: enable=E1101
resp = super()._http_request(
method=method,
url_suffix=url_suffix,
json_data=json_data,
params=params,
headers=headers,
resp_type='response',
timeout=self.request_timeout,
ok_codes=(200, 201),
error_handler=self.handle_error_response,
data=data)
except MissingSchema:
raise ValueError(MESSAGES['MISSING_SCHEMA_ERROR'])
except InvalidSchema:
raise ValueError(MESSAGES['INVALID_SCHEMA_ERROR'])
except InvalidURL:
raise ValueError(MESSAGES['INVALID_API_URL'])
except DemistoException as e:
self.handle_demisto_exception(e)
if resp.ok:
content_type = resp.headers.get('Content-Type', '')
if content_type.__contains__(CONTENT_TYPE_JSON):
# Handle empty response
if resp.text == '':
return resp
else:
return resp.json()
else:
return resp