/*
* CrowdStrike API Specification
*
* Use this API specification as a reference for the API endpoints you can use to interact with your Falcon environment. These endpoints support authentication via OAuth2 and interact with detections and network containment. For detailed usage guides and examples, see our [documentation inside the Falcon console](https://falcon.crowdstrike.com/support/documentation). To use the APIs described below, combine the base URL with the path shown for each API endpoint. For commercial cloud customers, your base URL is `https://api.crowdstrike.com`. Each API endpoint requires authorization via an OAuth2 token. Your first API request should retrieve an OAuth2 token using the `oauth2/token` endpoint, such as `https://api.crowdstrike.com/oauth2/token`. For subsequent requests, include the OAuth2 token in an HTTP authorization header. Tokens expire after 30 minutes, after which you should make a new token request to continue making API requests.
*
* The version of the OpenAPI document: rolling
*
* Generated by: https://openapi-generator.tech
*/
use super::{ContentType, Error, configuration};
use crate::{apis::ResponseContent, models};
use reqwest;
use serde::de::Error as _;
/// struct for typed errors of method [`entities_alert_evidence_post_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum EntitiesAlertEvidencePostV1Error {
Status400(models::OperationsUpdateCaseResponseVm),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::OperationsUpdateCaseResponseVm),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`entities_case_tags_delete_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum EntitiesCaseTagsDeleteV1Error {
Status400(models::OperationsUpdateCaseResponseVm),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::OperationsUpdateCaseResponseVm),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`entities_case_tags_post_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum EntitiesCaseTagsPostV1Error {
Status400(models::OperationsUpdateCaseResponseVm),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::OperationsUpdateCaseResponseVm),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`entities_cases_patch_v2`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum EntitiesCasesPatchV2Error {
Status400(models::OperationsUpdateCaseResponseVm),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::OperationsUpdateCaseResponseVm),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`entities_cases_post_v2`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum EntitiesCasesPostV2Error {
Status400(models::OperationsGetCasesByIdsResponseVm),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::OperationsGetCasesByIdsResponseVm),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`entities_cases_put_v2`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum EntitiesCasesPutV2Error {
Status400(models::OperationsCreateCaseResponseVm),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::OperationsCreateCaseResponseVm),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`entities_event_evidence_post_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum EntitiesEventEvidencePostV1Error {
Status400(models::OperationsUpdateCaseResponseVm),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::OperationsUpdateCaseResponseVm),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`queries_cases_get_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum QueriesCasesGetV1Error {
Status400(models::CasesapiGetQueriesCasesV1Response),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::CasesapiGetQueriesCasesV1Response),
UnknownValue(serde_json::Value),
}
pub async fn entities_alert_evidence_post_v1(
configuration: &configuration::Configuration,
body: models::OperationsAddAlertsToCaseRequest,
) -> Result<models::OperationsUpdateCaseResponseVm, Error<EntitiesAlertEvidencePostV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let uri_str = format!(
"{}/cases/entities/alert-evidence/v1",
configuration.base_path
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<EntitiesAlertEvidencePostV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn entities_case_tags_delete_v1(
configuration: &configuration::Configuration,
id: &str,
tag: Vec<String>,
) -> Result<models::OperationsUpdateCaseResponseVm, Error<EntitiesCaseTagsDeleteV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_id = id;
let p_query_tag = tag;
let uri_str = format!("{}/cases/entities/case-tags/v1", configuration.base_path);
let mut req_builder = configuration
.client
.request(reqwest::Method::DELETE, &uri_str);
req_builder = req_builder.query(&[("id", &p_query_id.to_string())]);
req_builder = match "multi" {
"multi" => req_builder.query(
&p_query_tag
.into_iter()
.map(|p| ("tag".to_owned(), p.to_string()))
.collect::<Vec<(std::string::String, std::string::String)>>(),
),
_ => req_builder.query(&[(
"tag",
&p_query_tag
.into_iter()
.map(|p| p.to_string())
.collect::<Vec<String>>()
.join(",")
.to_string(),
)]),
};
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<EntitiesCaseTagsDeleteV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn entities_case_tags_post_v1(
configuration: &configuration::Configuration,
body: models::OperationsAddTagsToCaseRequest,
) -> Result<models::OperationsUpdateCaseResponseVm, Error<EntitiesCaseTagsPostV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let uri_str = format!("{}/cases/entities/case-tags/v1", configuration.base_path);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<EntitiesCaseTagsPostV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn entities_cases_patch_v2(
configuration: &configuration::Configuration,
body: models::OperationsUpdateCaseRequest,
) -> Result<models::OperationsUpdateCaseResponseVm, Error<EntitiesCasesPatchV2Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let uri_str = format!("{}/cases/entities/cases/v2", configuration.base_path);
let mut req_builder = configuration
.client
.request(reqwest::Method::PATCH, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<EntitiesCasesPatchV2Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn entities_cases_post_v2(
configuration: &configuration::Configuration,
body: models::OperationsGetCasesByIdsRequest,
) -> Result<models::OperationsGetCasesByIdsResponseVm, Error<EntitiesCasesPostV2Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let uri_str = format!("{}/cases/entities/cases/v2", configuration.base_path);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::OperationsGetCasesByIdsResponseVm`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::OperationsGetCasesByIdsResponseVm`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<EntitiesCasesPostV2Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn entities_cases_put_v2(
configuration: &configuration::Configuration,
body: models::OperationsCreateCaseRequest,
) -> Result<models::OperationsCreateCaseResponseVm, Error<EntitiesCasesPutV2Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let uri_str = format!("{}/cases/entities/cases/v2", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::PUT, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::OperationsCreateCaseResponseVm`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::OperationsCreateCaseResponseVm`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<EntitiesCasesPutV2Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn entities_event_evidence_post_v1(
configuration: &configuration::Configuration,
body: models::OperationsAddEventsToCaseRequest,
) -> Result<models::OperationsUpdateCaseResponseVm, Error<EntitiesEventEvidencePostV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let uri_str = format!(
"{}/cases/entities/event-evidence/v1",
configuration.base_path
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::OperationsUpdateCaseResponseVm`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<EntitiesEventEvidencePostV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn queries_cases_get_v1(
configuration: &configuration::Configuration,
limit: Option<i32>,
offset: Option<i32>,
sort: Option<&str>,
filter: Option<&str>,
q: Option<&str>,
) -> Result<models::CasesapiGetQueriesCasesV1Response, Error<QueriesCasesGetV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_limit = limit;
let p_query_offset = offset;
let p_query_sort = sort;
let p_query_filter = filter;
let p_query_q = q;
let uri_str = format!("{}/cases/queries/cases/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sort {
req_builder = req_builder.query(&[("sort", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_filter {
req_builder = req_builder.query(&[("filter", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_q {
req_builder = req_builder.query(&[("q", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::CasesapiGetQueriesCasesV1Response`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::CasesapiGetQueriesCasesV1Response`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<QueriesCasesGetV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}