GithubHelp home page GithubHelp logo

hazcod / go-intigriti Goto Github PK

View Code? Open in Web Editor NEW
9.0 3.0 4.0 297 KB

Go library to interact with the intigriti API.

Home Page: https://github.com/hazcod/go-intigriti

License: Apache License 2.0

Go 99.50% Makefile 0.50%
go intigriti library

go-intigriti's Introduction

go-intigriti

Go library and commandline client for interacting with the Intigriti external API.

Checkout the autogenerated SDK docs on pkg.go.dev.

Commandline client

Usage:

# list out all company programs
# also try: inti c list
% inti company list-programs

# list out all company submissions across all programs
# also try: inti c sub
% inti company list-submissions

# verify if a specific IP address is linked to an Intigriti user
# also try: inti c ip 1.1.1.1
% inti company check-ip 1.1.1.1

Setup

Ensure the external API enabled on your company account and an integration is created with a redirect URI value of http://localhost:1337/. Afterwards create the following local configuration file:

log.level: info
auth:
    client_id: YOUR-CLIENT-ID
    client_secret: YOUR-CLIENT-SECRET

For the first call it will ask you to perform browser interaction to authenticate.
Future calls will not need to since your token will be cached in your configuration file.

Library

API Swagger documentation is available on the ReadMe.

Usage

package main

import (
	intigriti "github.com/hazcod/go-intigriti/pkg/api"
	"github.com/hazcod/go-intigriti/pkg/config"
	"log"
)

func main() {
	// this will require manual logon every time your code runs
	// look into persisting the TokenCache so refresh tokens can be saved
	// this will also launch an interactive Browser window to authenticate,
	// look at config.OpenBrowser and config.TokenCache to prevent this
	// or how the cli does it at https://github.com/hazcod/go-intigriti/blob/2eeb6a9fcee42fc4ac1ada7f5dc6d2db5446c15d/cmd/config/config.go#L86
	inti, err := intigriti.New(config.Config{
		Credentials: struct {
			ClientID     string
			ClientSecret string
		}{
		    ClientID: "my-integration-client-id",
		    ClientSecret: "my-integration-client-secret",
		},
	})
	if err != nil { log.Fatal(err) }
	
	programs, err := inti.GetPrograms()
	if err != nil { log.Fatal(err) }

	for _, program := range programs {
		log.Println(program.Name)
	}
}

Testing

# test on production using inti.yml
go test -tags integration -v ./...

# test on staging using inti.yml
INTI_TOKEN_URL=="testing.api.com" INTI_AUTH_URL=="subs.testing.api.com" INTI_API_URL="api.testing.com" go test -tags integration -v ./...

go-intigriti's People

Contributors

dependabot[bot] avatar hazcod avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

slooppe bbhunter 5l1v3r1 finn-no

go-intigriti's Issues

Unable to authenticate (invalid_request)

Using the example from README.md gives me a panic error.
To solve that I had to change the code to

cfg := config.Config{}

cfg.TokenCache = &config.CachedToken{}
cfg.Credentials.ClientID = "clientId"
cfg.Credentials.ClientSecret = "clientSecret"
inti, err := intigriti.New(cfg)
if err != nil {
log.Fatal(err)
}

Still, when I get the authentication link, it gives me invalid_request. The credentials for v2 are still valid (tested in Swagger)

I tried playing around with the config and the library and couldn't find a workaround.

wait for them to implement FE view url

Line: 176

go-intigriti//submissions.go

Lines 173 to 183 in cc1f777

Type: entry.Type.Name,
Program: entry.Program.Name,
ID: entry.Code,
// TODO wait for them to implement FE view url
URL: "https://intigriti.com/",
Title: entry.Title,
Researcher: entry.Researcher.UserName,
Severity: entry.Severity.Value,
Timestamp: time.Unix(int64(entry.CreatedAt), 0),
Endpoint: entry.EndpointVulnerableComponent,
})

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.