cherrybomb_engine/
config.rs

1use clap::{Args, ValueEnum};
2use serde::Deserialize;
3use crate::Authorization;
4use crate::scan::active::http_client::auth::Custom;
5use crate::scan::active::http_client::QuePay;
6
7#[derive(Default, ValueEnum, Deserialize, Clone, Debug)]
8pub enum Profile {
9    Info,
10    #[default]
11    Normal,
12    Active,
13    Passive,
14    Full,
15    OWASP,
16}
17
18#[derive(Deserialize, Debug, Default, Clone)]
19#[serde(default)]
20pub struct Config {
21    pub file: std::path::PathBuf,
22    pub verbosity: Verbosity,
23    pub profile: Profile,
24    pub passive_include: Vec<String>,
25    pub passive_exclude: Vec<String>,
26    pub active_include: Vec<String>,
27    pub active_exclude: Vec<String>,
28    pub servers_override: Vec<String>,
29    pub security: Vec<Auth>,
30    pub ignore_tls_errors: bool,
31    pub no_color: bool,
32    pub active_checks: Vec<String>,
33    pub passive_checks: Vec<String>,
34}
35impl Config {
36    pub fn update_checks_passive(&mut self, mut vec_checks: Vec<String>) {
37        //get a list of passive checks and remove exclude
38        vec_checks.retain(|check| !self.passive_exclude.contains(check));
39        self.passive_checks = vec_checks;
40    }
41    pub fn update_checks_active(&mut self, mut vec_checks: Vec<String>) {
42        //get a list of active checks and remove exclude
43        vec_checks.retain(|check| !self.active_exclude.contains(check));
44        self.active_checks = vec_checks;
45    }
46}
47
48impl Config{
49    pub fn get_auth(&self) -> Authorization{
50        if !self.security.is_empty(){
51            self.security[0].to_auth_legacy()
52        } else {
53            Authorization::None
54        }
55    }
56}
57
58#[derive(ValueEnum, Deserialize, Clone, Debug, Default, PartialOrd, PartialEq)]
59pub enum Verbosity {
60    Quiet,
61    #[default]
62    Normal,
63    Verbose,
64    Debug,
65}
66
67#[derive(ValueEnum, Deserialize, Clone, Debug)]
68pub enum AuthType {
69    Basic,
70    Bearer,
71    Header,
72    Cookie,
73}
74
75#[derive(Args, Deserialize, Debug, Clone)]
76pub struct Auth {
77    /// Authentication type
78    #[arg(long = "type", value_enum)]
79    auth_type: AuthType,
80    /// Entire String to use as the value
81    /// (header-name: header-value / cookie-name: cookie-value / bearer-token)
82    #[arg(long = "value")]
83    auth_value: String,
84    /// Name of the scope matching the security scheme
85    #[arg(long = "scope")]
86    auth_scope: Option<String>,
87}
88impl Auth{
89    pub fn to_auth_legacy(&self) -> Authorization{
90        match self.auth_type{
91            AuthType::Basic => {
92                Authorization::Custom(Custom{
93                    dm:QuePay::Headers,
94                    name:String::from("Authorization"),
95                    value:format!("Basic {}",self.auth_value),
96                })
97            },
98            AuthType::Bearer =>{
99                Authorization::Custom(Custom{
100                    dm:QuePay::Headers,
101                    name:String::from("Authorization"),
102                    value:format!("Bearer {}",self.auth_value),
103                })
104            }
105            AuthType::Header | AuthType::Cookie=> {
106                let vv = self.auth_value.split(':').collect::<Vec<&str>>();
107                if vv.len()!=2{
108                    panic!("Auth is not configured properly:\n{}",self.auth_value);
109                }
110                Authorization::Custom(Custom{
111                    dm:QuePay::Headers,
112                    name:vv[0].to_owned(),
113                    value:vv[1].to_owned(),
114                })
115            }
116        }
117    }
118}
cherrybomb_engine/config.rs

cherrybomb_engine/
config.rs
