def test_lookup_rdata_ip(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') records = [ '{"count":51,"time_first":1403544512,"time_last":1417464427,"rrname":"farsighsecurity.com.","rrtype":"A","' 'rdata":"66.160.140.81"}', '{"count":4,"time_first":1404485629,"time_last":1406648461,"rrname":"www.farsighsecurity.com.","rrtype":"A' '","rdata":"66.160.140.81"}', '{"count":6350,"time_first":1380123423,"time_last":1427869045,"rrname":"farsightsecurity.com.","rrtype":"A' '","rdata":"66.160.140.81"}', '{"count":5059,"time_first":1380139330,"time_last":1427881899,"rrname":"www.farsightsecurity.com.","rrtype' '":"A","rdata":"66.160.140.81"}', '{"count":1523,"time_first":1381265271,"time_last":1427807985,"rrname":"archive.farsightsecurity.com.","rr' 'type":"A","rdata":"66.160.140.81"}', ] ip = '66.160.140.81' requests_mock.get( '{server}/lookup/{mode}/{type}/{ip}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rdata', type='ip', ip=ip, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text='\n'.join(records)) for rrset in c.lookup_rdata_ip(ip): assert rrset == json.loads(records[0]) records = records[1:] assert len(records) == 0
def test_lookup_rrset(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') records = [ '{"count":1820,"zone_time_first":1374250920,"zone_time_last":1589472138,"rrname":"farsightsecurity.com.",' '"rrtype":"NS","bailiwick":"com.","rdata":["ns5.dnsmadeeasy.com.","ns6.dnsmadeeasy.com.","ns7.dnsmadeeasy' '.com."]}', '{"count":6350,"time_first":1380123423,"time_last":1427869045,"rrname":"farsightsecurity.com.","rrtype":"' 'A","bailiwick":"farsightsecurity.com.","rdata":["66.160.140.81"]}', ] name = 'farsightsecurity.com' requests_mock.get( '{server}/lookup/{mode}/{type}/{name}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rrset', type='name', name=name, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text='\n'.join(records)) for rrset in c.lookup_rrset(name): assert rrset == json.loads(records[0]) records = records[1:] assert len(records) == 0
def test_rrset_rrtype(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') records = [ '{"count":6350,"time_first":1380123423,"time_last":1427869045,"rrname":"farsightsecurity.com.","rrtype":"A"' ',"bailiwick":"farsightsecurity.com.","rdata":["66.160.140.81"]}', '{"count":36770,"time_first":1427897872,"time_last":1538008183,"rrname":"farsightsecurity.com.","rrtype":"A' '","bailiwick":"farsightsecurity.com.","rdata":["104.244.13.104"]}', '{"count":6428,"time_first":1538047094,"time_last":1589544286,"rrname":"farsightsecurity.com.","rrtype":"A"' ',"bailiwick":"farsightsecurity.com.","rdata":["104.244.14.108"]}', '{"count":628,"time_first":1374098930,"time_last":1380124067,"rrname":"farsightsecurity.com.","rrtype":"A",' '"bailiwick":"farsightsecurity.com.","rdata":["149.20.4.207"]}', ] name = 'farsightsecurity.com' rrtype = 'A' requests_mock.get( '{server}/lookup/{mode}/{type}/{name}/{rrtype}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rrset', type='name', name=name, rrtype=rrtype, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text='\n'.join(records)) for rrset in c.lookup_rrset(name, rrtype=rrtype): assert rrset == json.loads(records[0]) records = records[1:] assert len(records) == 0
def test_rdata_name_rrtype(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') records = [ '{"count": 7, "time_first": 1380044973, "time_last": 1380141734, "rrname": "207.4.20.149.in-addr.fsi.io.",' ' "rrtype": "PTR", "rdata": "farsightsecurity.com."}', '{"count": 3, "time_first": 1372650830, "time_last": 1375220475, "rrname": "7.0.2.0.0.0.0.0.0.0.0.0.0.0.0.' '0.6.6.0.0.1.0.0.0.8.f.4.0.1.0.0.2.ip6.arpa.", "rrtype": "PTR", "rdata": "farsightsecurity.com."}', '{"count": 11, "time_first": 1380141403, "time_last": 1381263825, "rrname": "81.64-26.140.160.66.in-addr.a' 'rpa.", "rrtype": "PTR", "rdata": "farsightsecurity.com."}', '{"count": 4, "time_first": 1373922472, "time_last": 1374071997, "rrname": "207.192-26.4.20.149.in-addr.ar' 'pa.", "rrtype": "PTR", "rdata": "farsightsecurity.com."}', ] name = 'farsightsecurity.com' rrtype = 'PTR' requests_mock.get( '{server}/lookup/{mode}/{type}/{name}/{rrtype}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rdata', type='name', name=name, rrtype=rrtype, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text='\n'.join(records)) for rrset in c.lookup_rdata_name(name, rrtype=rrtype): assert rrset == json.loads(records[0]) records = records[1:] assert len(records) == 0
def test_rate_limit(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') requests_mock.get( '{server}/lookup/rate_limit?swclient={swclient}&version={version}'. format( server=DNSDB.DEFAULT_DNSDB_SERVER, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), json={}) c.rate_limit()
def _run_test(requests_mock, input: dict, expected_readable: str): client = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') requests_mock.get( '{server}/lookup/rate_limit?swclient={swclient}&version={version}'. format( server=DNSDB.DEFAULT_DNSDB_SERVER, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), json=input) # The context is tested in TestBuildLimitsContext res = DNSDB.dnsdb_rate_limit(client, None) assert res.readable_output == expected_readable assert res.outputs_prefix == 'DNSDB.Rate' assert isinstance(res.outputs, dict)
def test_summarize_rdata_name_empty(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') name = 'farsightsecurity.com' requests_mock.get( '{server}/summarize/{mode}/{type}/{name}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rdata', type='name', name=name, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text='') with pytest.raises(DNSDB.QueryError): c.summarize_rdata_name(name)
def test_headers(self, requests_mock): apikey = 'abcdef' c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, apikey) requests_mock.get( '{server}/lookup/rate_limit?swclient={swclient}&version={version}'. format( server=DNSDB.DEFAULT_DNSDB_SERVER, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), json={}, request_headers={ 'Accept': 'application/json', 'X-API-Key': apikey, }) c.rate_limit()
def _run_test(requests_mock, args: dict, input: dict, expected_readable: str, expected_output_prefix: str, expected_outputs: list): client = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') requests_mock.get( f'{DNSDB.DEFAULT_DNSDB_SERVER}/lookup/rdata/{args["type"]}/{args["value"]}' f'?limit={args["limit"]}' f'&swclient=demisto-integration&version=v2.0', text=input) for v in args.values(): assert isinstance(v, str) res = DNSDB.dnsdb_rdata(client, args) assert res.readable_output == expected_readable assert res.outputs_prefix == expected_output_prefix assert res.outputs == expected_outputs
def test_summarize_rdata_ip_empty(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') ip = '66.160.140.81' requests_mock.get( '{server}/summarize/{mode}/{type}/{ip}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rdata', type='ip', ip=ip, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text='') with pytest.raises(DNSDB.QueryError): c.summarize_rdata_ip(ip)
def test_404(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') name = 'farsightsecurity.com' requests_mock.get( '{server}/lookup/{mode}/{type}/{name}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rrset', type='name', name=name, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), status_code=404, text='error') for rrset in c.lookup_rrset(name): pytest.fail('received {0}'.format(rrset)) # pragma: no cover
def test_summarize_rdata_ip(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') record = '{"count":51,"num_results":5,"time_first":1403544512,"time_last":1417464427}' ip = '66.160.140.81' requests_mock.get( '{server}/summarize/{mode}/{type}/{ip}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rdata', type='ip', ip=ip, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text=record) rrset = c.summarize_rdata_ip(ip) assert rrset == json.loads(record)
def test_max_count(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') name = 'farsightsecurity.com' max_count = 100 requests_mock.get( '{server}/summarize/{mode}/{type}/{name}?max_count={max_count}' '&swclient={swclient}&version={version}'.format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rrset', type='name', name=name, max_count=max_count, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION), text='{}') for rrset in c.summarize_rrset(name, max_count=max_count): pytest.fail('received {0}'.format(rrset)) # pragma: no cover
def test_summarize_rrset(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') record = '{"count":6350,"num_results":3,"time_first":1380123423,"time_last":1427869045}' name = 'farsightsecurity.com' requests_mock.get( '{server}/summarize/{mode}/{type}/{name}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rrset', type='name', name=name, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text=record) rrset = c.summarize_rrset(name) assert rrset == json.loads(record)
def _run_test(requests_mock, args: dict, input: dict, expected_readable: str, expected_output_prefix: str, expected_outputs: dict): client = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') requests_mock.get( f'{DNSDB.DEFAULT_DNSDB_SERVER}/summarize/rrset/name/{args["owner_name"]}' f'?limit={args["limit"]}' f'&max_count={args["max_count"]}' f'&swclient=demisto-integration&version=v2.0', json=input) for v in args.values(): assert isinstance(v, str) res = DNSDB.dnsdb_summarize_rrset(client, args) assert res.readable_output == expected_readable assert res.outputs_prefix == expected_output_prefix assert res.outputs == expected_outputs
def test_500(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') name = 'farsightsecurity.com' requests_mock.get( '{server}/lookup/{mode}/{type}/{name}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rrset', type='name', name=name, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), status_code=500, text='{}\nerror') with pytest.raises(CommonServerPython.DemistoException): for rrset in c.lookup_rrset(name): pytest.fail('received {0}'.format(rrset)) # pragma: no cover
def test_rrset_rrtype_bailiwick(self, requests_mock): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') records = [ '{"count":19,"zone_time_first":1372609301,"zone_time_last":1374164567,"rrname":"farsightsecurity.com.","rrt' 'ype":"NS","bailiwick":"com.","rdata":["ns.lah1.vix.com.","ns1.isc-sns.net.","ns2.isc-sns.com.","ns3.isc-sn' 's.info."]}', '{"count":157,"zone_time_first":1359047885,"zone_time_last":1372522741,"rrname":"farsightsecurity.com.","rr' 'type":"NS","bailiwick":"com.","rdata":["ns.sjc1.vix.com.","ns.sql1.vix.com."]}', '{"count":1820,"zone_time_first":1374250920,"zone_time_last":1589472138,"rrname":"farsightsecurity.com.","r' 'rtype":"NS","bailiwick":"com.","rdata":["ns5.dnsmadeeasy.com.","ns6.dnsmadeeasy.com.","ns7.dnsmadeeasy.com' '."]}', '{"count":58,"time_first":1372688083,"time_last":1374165919,"rrname":"farsightsecurity.com.","rrtype":"NS",' '"bailiwick":"com.","rdata":["ns.lah1.vix.com.","ns1.isc-sns.net.","ns2.isc-sns.com.","ns3.isc-sns.info."]' '}', '{"count":17,"time_first":1360364071,"time_last":1372437672,"rrname":"farsightsecurity.com.","rrtype":"NS",' '"bailiwick":"com.","rdata":["ns.sjc1.vix.com.","ns.sql1.vix.com."]}', '{"count":853787,"time_first":1374172950,"time_last":1589549475,"rrname":"farsightsecurity.com.","rrtype":"' 'NS","bailiwick":"com.","rdata":["ns5.dnsmadeeasy.com.","ns6.dnsmadeeasy.com.","ns7.dnsmadeeasy.com."]}', ] name = 'farsightsecurity.com' rrtype = 'NS' bailiwick = 'com' requests_mock.get( '{server}/lookup/{mode}/{type}/{name}/{rrtype}/{bailiwick}?swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rrset', type='name', name=name, rrtype=rrtype, bailiwick=bailiwick, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), text='\n'.join(records)) for rrset in c.lookup_rrset(name, rrtype=rrtype, bailiwick=bailiwick): assert rrset == json.loads(records[0]) records = records[1:] assert len(records) == 0
def _test_time_param(requests_mock, param: str): c = DNSDB.Client(DNSDB.DEFAULT_DNSDB_SERVER, '') name = 'farsightsecurity.com' when = time.time() requests_mock.get( '{server}/lookup/{mode}/{type}/{name}?{param}={when}&swclient={swclient}&version={version}' .format( server=DNSDB.DEFAULT_DNSDB_SERVER, mode='rrset', type='name', name=name, param=param, when=when, swclient=DNSDB.SWCLIENT, version=DNSDB.VERSION, ), status_code=404) for rrset in c.lookup_rrset(name, **{param: when}): pytest.fail('received {0}'.format(rrset)) # pragma: no cover