From 01574fe2b1741fca10064a03a3a2d9c4307f008f Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Mon, 19 May 2025 17:28:10 +0200 Subject: [PATCH 1/8] Add ato v2 test when Appsec is disabled --- .github/workflows/run-end-to-end.yml | 3 + manifests/dotnet.yml | 18 ++- manifests/golang.yml | 18 ++- manifests/java.yml | 30 ++++- manifests/nodejs.yml | 30 ++++- manifests/php.yml | 18 ++- manifests/python.yml | 24 +++- manifests/ruby.yml | 18 ++- tests/appsec/test_event_tracking_v2.py | 147 +++++++++++++++++++++---- utils/_context/_scenarios/__init__.py | 8 ++ 10 files changed, 250 insertions(+), 64 deletions(-) diff --git a/.github/workflows/run-end-to-end.yml b/.github/workflows/run-end-to-end.yml index 496ca95a804..28859b2c593 100644 --- a/.github/workflows/run-end-to-end.yml +++ b/.github/workflows/run-end-to-end.yml @@ -290,6 +290,9 @@ jobs: - name: Run APPSEC_API_SECURITY_NO_RESPONSE_BODY scenario if: always() && steps.build.outcome == 'success' && contains(inputs.scenarios, '"APPSEC_API_SECURITY_NO_RESPONSE_BODY"') run: ./run.sh APPSEC_API_SECURITY_NO_RESPONSE_BODY + - name: Run ATO_SDK scenario + if: always() && steps.build.outcome == 'success' && contains(inputs.scenarios, '"ATO_SDK"') + run: ./run.sh ATO_SDK - name: Run APPSEC_ATO_SDK scenario if: always() && steps.build.outcome == 'success' && contains(inputs.scenarios, '"APPSEC_ATO_SDK"') run: ./run.sh APPSEC_ATO_SDK diff --git a/manifests/dotnet.yml b/manifests/dotnet.yml index d5661fd04ab..58023b6c8ce 100644 --- a/manifests/dotnet.yml +++ b/manifests/dotnet.yml @@ -365,14 +365,20 @@ tests/: Test_UserLoginSuccessEvent: v2.27.0 Test_UserLoginSuccessEvent_Metrics: missing_feature test_event_tracking_v2.py: - Test_UserLoginFailureEventV2_HeaderCollection: v3.15.0 + Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled: v3.15.0 + Test_UserLoginFailureEventV2_HeaderCollection_AppsecEnabled: v3.15.0 Test_UserLoginFailureEventV2_Libddwaf: v3.15.0 - Test_UserLoginFailureEventV2_Metrics: v3.15.0 - Test_UserLoginFailureEventV2_Tags: v3.15.0 - Test_UserLoginSuccessEventV2_HeaderCollection: v3.15.0 + Test_UserLoginFailureEventV2_Metrics_AppsecDisabled: v3.15.0 + Test_UserLoginFailureEventV2_Metrics_AppsecEnabled: v3.15.0 + Test_UserLoginFailureEventV2_Tags_AppsecDisabled: v3.15.0 + Test_UserLoginFailureEventV2_Tags_AppsecEnabled: v3.15.0 + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled: v3.15.0 + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecEnabled: v3.15.0 Test_UserLoginSuccessEventV2_Libddwaf: v3.15.0 - Test_UserLoginSuccessEventV2_Metrics: v3.15.0 - Test_UserLoginSuccessEventV2_Tags: v3.15.0 + Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled: v3.15.0 + Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled: v3.15.0 + Test_UserLoginSuccessEventV2_Tags_AppsecDisabled: v3.15.0 + Test_UserLoginSuccessEventV2_Tags_AppsecEnabled: v3.15.0 test_extended_header_collection.py: Test_ExtendedHeaderCollection: missing_feature test_extended_request_body_collection.py: diff --git a/manifests/golang.yml b/manifests/golang.yml index 21a654bd06b..aa0fba78fca 100644 --- a/manifests/golang.yml +++ b/manifests/golang.yml @@ -425,14 +425,20 @@ tests/: Test_UserLoginSuccessEvent: v1.47.0 Test_UserLoginSuccessEvent_Metrics: v2.1.0-dev test_event_tracking_v2.py: - Test_UserLoginFailureEventV2_HeaderCollection: v2.1.0-dev + Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled: v2.1.0-dev + Test_UserLoginFailureEventV2_HeaderCollection_AppsecEnabled: v2.1.0-dev Test_UserLoginFailureEventV2_Libddwaf: v2.1.0-dev - Test_UserLoginFailureEventV2_Metrics: v2.1.0-dev - Test_UserLoginFailureEventV2_Tags: v2.1.0-dev - Test_UserLoginSuccessEventV2_HeaderCollection: v2.1.0-dev + Test_UserLoginFailureEventV2_Metrics_AppsecDisabled: v2.1.0-dev + Test_UserLoginFailureEventV2_Metrics_AppsecEnabled: v2.1.0-dev + Test_UserLoginFailureEventV2_Tags_AppsecDisabled: v2.1.0-dev + Test_UserLoginFailureEventV2_Tags_AppsecEnabled: v2.1.0-dev + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled: v2.1.0-dev + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecEnabled: v2.1.0-dev Test_UserLoginSuccessEventV2_Libddwaf: v2.1.0-dev - Test_UserLoginSuccessEventV2_Metrics: v2.1.0-dev - Test_UserLoginSuccessEventV2_Tags: v2.1.0-dev + Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled: v2.1.0-dev + Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled: v2.1.0-dev + Test_UserLoginSuccessEventV2_Tags_AppsecDisabled: v2.1.0-dev + Test_UserLoginSuccessEventV2_Tags_AppsecEnabled: v2.1.0-dev test_extended_header_collection.py: Test_ExtendedHeaderCollection: missing_feature test_extended_request_body_collection.py: diff --git a/manifests/java.yml b/manifests/java.yml index 42b8f03adac..ff49b44439c 100644 --- a/manifests/java.yml +++ b/manifests/java.yml @@ -1490,28 +1490,46 @@ tests/: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) test_event_tracking_v2.py: - Test_UserLoginFailureEventV2_HeaderCollection: + Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled: + '*': v1.48.0 + spring-boot-3-native: irrelevant (GraalVM. Tracing support only) + Test_UserLoginFailureEventV2_HeaderCollection_AppsecEnabled: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) Test_UserLoginFailureEventV2_Libddwaf: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) - Test_UserLoginFailureEventV2_Metrics: + Test_UserLoginFailureEventV2_Metrics_AppsecDisabled: + '*': v1.48.0 + spring-boot-3-native: irrelevant (GraalVM. Tracing support only) + Test_UserLoginFailureEventV2_Metrics_AppsecEnabled: + '*': v1.48.0 + spring-boot-3-native: irrelevant (GraalVM. Tracing support only) + Test_UserLoginFailureEventV2_Tags_AppsecDisabled: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) - Test_UserLoginFailureEventV2_Tags: + Test_UserLoginFailureEventV2_Tags_AppsecEnabled: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) - Test_UserLoginSuccessEventV2_HeaderCollection: + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled: + '*': v1.48.0 + spring-boot-3-native: irrelevant (GraalVM. Tracing support only) + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecEnabled: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) Test_UserLoginSuccessEventV2_Libddwaf: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) - Test_UserLoginSuccessEventV2_Metrics: + Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled: + '*': v1.48.0 + spring-boot-3-native: irrelevant (GraalVM. Tracing support only) + Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled: + '*': v1.48.0 + spring-boot-3-native: irrelevant (GraalVM. Tracing support only) + Test_UserLoginSuccessEventV2_Tags_AppsecDisabled: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) - Test_UserLoginSuccessEventV2_Tags: + Test_UserLoginSuccessEventV2_Tags_AppsecEnabled: '*': v1.48.0 spring-boot-3-native: irrelevant (GraalVM. Tracing support only) test_extended_header_collection.py: diff --git a/manifests/nodejs.yml b/manifests/nodejs.yml index 15d18812877..8b4f96cdeda 100644 --- a/manifests/nodejs.yml +++ b/manifests/nodejs.yml @@ -919,28 +919,46 @@ tests/: '*': *ref_5_45_0 nextjs: missing_feature test_event_tracking_v2.py: - Test_UserLoginFailureEventV2_HeaderCollection: + Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled: + '*': *ref_5_48_0 + nextjs: missing_feature + Test_UserLoginFailureEventV2_HeaderCollection_AppsecEnabled: '*': *ref_5_48_0 nextjs: missing_feature Test_UserLoginFailureEventV2_Libddwaf: '*': *ref_5_48_0 nextjs: missing_feature - Test_UserLoginFailureEventV2_Metrics: + Test_UserLoginFailureEventV2_Metrics_AppsecDisabled: + '*': *ref_5_48_0 + nextjs: missing_feature + Test_UserLoginFailureEventV2_Metrics_AppsecEnabled: + '*': *ref_5_48_0 + nextjs: missing_feature + Test_UserLoginFailureEventV2_Tags_AppsecDisabled: '*': *ref_5_48_0 nextjs: missing_feature - Test_UserLoginFailureEventV2_Tags: + Test_UserLoginFailureEventV2_Tags_AppsecEnabled: '*': *ref_5_48_0 nextjs: missing_feature - Test_UserLoginSuccessEventV2_HeaderCollection: + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled: + '*': *ref_5_48_0 + nextjs: missing_feature + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecEnabled: '*': *ref_5_48_0 nextjs: missing_feature Test_UserLoginSuccessEventV2_Libddwaf: '*': *ref_5_48_0 nextjs: missing_feature - Test_UserLoginSuccessEventV2_Metrics: + Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled: + '*': *ref_5_48_0 + nextjs: missing_feature + Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled: + '*': *ref_5_48_0 + nextjs: missing_feature + Test_UserLoginSuccessEventV2_Tags_AppsecDisabled: '*': *ref_5_48_0 nextjs: missing_feature - Test_UserLoginSuccessEventV2_Tags: + Test_UserLoginSuccessEventV2_Tags_AppsecEnabled: '*': *ref_5_48_0 nextjs: missing_feature test_extended_header_collection.py: diff --git a/manifests/php.yml b/manifests/php.yml index 1ff911b1a33..294b0f13f9d 100644 --- a/manifests/php.yml +++ b/manifests/php.yml @@ -357,14 +357,20 @@ tests/: Test_UserLoginFailureEvent_Metrics: missing_feature Test_UserLoginSuccessEvent_Metrics: missing_feature test_event_tracking_v2.py: - Test_UserLoginFailureEventV2_HeaderCollection: missing_feature + Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled: missing_feature + Test_UserLoginFailureEventV2_HeaderCollection_AppsecEnabled: missing_feature Test_UserLoginFailureEventV2_Libddwaf: missing_feature - Test_UserLoginFailureEventV2_Metrics: missing_feature - Test_UserLoginFailureEventV2_Tags: missing_feature - Test_UserLoginSuccessEventV2_HeaderCollection: missing_feature + Test_UserLoginFailureEventV2_Metrics_AppsecDisabled: missing_feature + Test_UserLoginFailureEventV2_Metrics_AppsecEnabled: missing_feature + Test_UserLoginFailureEventV2_Tags_AppsecDisabled: missing_feature + Test_UserLoginFailureEventV2_Tags_AppsecEnabled: missing_feature + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled: missing_feature + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecEnabled: missing_feature Test_UserLoginSuccessEventV2_Libddwaf: missing_feature - Test_UserLoginSuccessEventV2_Metrics: missing_feature - Test_UserLoginSuccessEventV2_Tags: missing_feature + Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled: missing_feature + Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled: missing_feature + Test_UserLoginSuccessEventV2_Tags_AppsecDisabled: missing_feature + Test_UserLoginSuccessEventV2_Tags_AppsecEnabled: missing_feature test_extended_header_collection.py: Test_ExtendedHeaderCollection: missing_feature test_extended_request_body_collection.py: diff --git a/manifests/python.yml b/manifests/python.yml index 2a271813012..14581269b1a 100644 --- a/manifests/python.yml +++ b/manifests/python.yml @@ -675,21 +675,33 @@ tests/: 'python3.12': v3.7.0.dev (is v2.10.0 but weblog use new SDK now) Test_UserLoginSuccessEvent_Metrics: v3.10.0.dev test_event_tracking_v2.py: - Test_UserLoginFailureEventV2_HeaderCollection: + Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled: + '*': v3.7.0.dev + Test_UserLoginFailureEventV2_HeaderCollection_AppsecEnabled: '*': v3.7.0.dev Test_UserLoginFailureEventV2_Libddwaf: '*': v3.7.0.dev - Test_UserLoginFailureEventV2_Metrics: + Test_UserLoginFailureEventV2_Metrics_AppsecDisabled: + '*': v3.7.0.dev + Test_UserLoginFailureEventV2_Metrics_AppsecEnabled: + '*': v3.7.0.dev + Test_UserLoginFailureEventV2_Tags_AppsecDisabled: '*': v3.7.0.dev - Test_UserLoginFailureEventV2_Tags: + Test_UserLoginFailureEventV2_Tags_AppsecEnabled: '*': v3.7.0.dev - Test_UserLoginSuccessEventV2_HeaderCollection: + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled: + '*': v3.7.0.dev + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecEnabled: '*': v3.7.0.dev Test_UserLoginSuccessEventV2_Libddwaf: '*': v3.7.0.dev - Test_UserLoginSuccessEventV2_Metrics: + Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled: + '*': v3.7.0.dev + Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled: + '*': v3.7.0.dev + Test_UserLoginSuccessEventV2_Tags_AppsecDisabled: '*': v3.7.0.dev - Test_UserLoginSuccessEventV2_Tags: + Test_UserLoginSuccessEventV2_Tags_AppsecEnabled: '*': v3.7.0.dev test_extended_header_collection.py: Test_ExtendedHeaderCollection: missing_feature diff --git a/manifests/ruby.yml b/manifests/ruby.yml index 00680aa1496..eb4c5dd4150 100644 --- a/manifests/ruby.yml +++ b/manifests/ruby.yml @@ -501,14 +501,20 @@ tests/: Test_UserLoginSuccessEvent: v1.9.0 Test_UserLoginSuccessEvent_Metrics: missing_feature test_event_tracking_v2.py: - Test_UserLoginFailureEventV2_HeaderCollection: missing_feature + Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled: missing_feature + Test_UserLoginFailureEventV2_HeaderCollection_AppsecEnabled: missing_feature Test_UserLoginFailureEventV2_Libddwaf: missing_feature - Test_UserLoginFailureEventV2_Metrics: missing_feature - Test_UserLoginFailureEventV2_Tags: missing_feature - Test_UserLoginSuccessEventV2_HeaderCollection: missing_feature + Test_UserLoginFailureEventV2_Metrics_AppsecDisabled: missing_feature + Test_UserLoginFailureEventV2_Metrics_AppsecEnabled: missing_feature + Test_UserLoginFailureEventV2_Tags_AppsecDisabled: missing_feature + Test_UserLoginFailureEventV2_Tags_AppsecEnabled: missing_feature + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled: missing_feature + Test_UserLoginSuccessEventV2_HeaderCollection_AppsecEnabled: missing_feature Test_UserLoginSuccessEventV2_Libddwaf: missing_feature - Test_UserLoginSuccessEventV2_Metrics: missing_feature - Test_UserLoginSuccessEventV2_Tags: missing_feature + Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled: missing_feature + Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled: missing_feature + Test_UserLoginSuccessEventV2_Tags_AppsecDisabled: missing_feature + Test_UserLoginSuccessEventV2_Tags_AppsecEnabled: missing_feature test_extended_header_collection.py: Test_ExtendedHeaderCollection: missing_feature test_extended_request_body_collection.py: diff --git a/tests/appsec/test_event_tracking_v2.py b/tests/appsec/test_event_tracking_v2.py index 7ade8521ca3..d89cc798c7c 100644 --- a/tests/appsec/test_event_tracking_v2.py +++ b/tests/appsec/test_event_tracking_v2.py @@ -4,15 +4,9 @@ from utils import weblog, interfaces, features, scenarios, irrelevant, bug from tests.appsec.utils import find_series +from abc import ABC, abstractmethod -HEADERS = { - "Accept": "text/html", - "Accept-Encoding": "br;q=1.0, gzip;q=0.8, *;q=0.1", - "Accept-Language": "en-GB, *;q=0.5", - "Content-Language": "en-GB", - "Content-Type": "application/json; charset=utf-8", - "Host": "127.0.0.1:1234", - "User-Agent": "Benign User Agent 1.0", +IP_HEADERS = { "X-Forwarded-For": "42.42.42.42, 43.43.43.43", "X-Client-IP": "42.42.42.42, 43.43.43.43", "X-Real-IP": "42.42.42.42, 43.43.43.43", @@ -24,6 +18,17 @@ "True-Client-IP": "42.42.42.42, 43.43.43.43", } +HEADERS = { + "Accept": "text/html", + "Accept-Encoding": "br;q=1.0, gzip;q=0.8, *;q=0.1", + "Accept-Language": "en-GB, *;q=0.5", + "Content-Language": "en-GB", + "Content-Type": "application/json; charset=utf-8", + "Host": "127.0.0.1:1234", + "User-Agent": "Benign User Agent 1.0", + **IP_HEADERS, +} + USER_ID_SAFE = "user_id_safe" USER_ID_IN_RULE = "user_id_unsafe" LOGIN_SAFE = "login_safe" @@ -57,10 +62,8 @@ def validate_tags_and_metadata(span, prefix, expected_tags, metadata, unexpected return True -@features.event_tracking_sdk_v2 -@scenarios.appsec_ato_sdk -class Test_UserLoginSuccessEventV2_Tags: - """Test tags created in AppSec User Login Success Event SDK v2""" +class BaseUserLoginSuccessEventV2Tags: + """Test tags created in User Login Success Event SDK v2""" def get_user_login_success_tags_validator(self, login, user_id, metadata=None, unexpected_metadata=None): def validate(span): @@ -180,7 +183,17 @@ def test_user_login_success_event_deep_metadata(self): @features.event_tracking_sdk_v2 @scenarios.appsec_ato_sdk -class Test_UserLoginSuccessEventV2_HeaderCollection: +class Test_UserLoginSuccessEventV2_Tags_AppsecEnabled(BaseUserLoginSuccessEventV2Tags): + """Test tags created in AppSec User Login Success Event SDK v2 when appsec is enabled""" + + +@features.event_tracking_sdk_v2 +@scenarios.ato_sdk +class Test_UserLoginSuccessEventV2_Tags_AppsecDisabled(BaseUserLoginSuccessEventV2Tags): + """Test tags created in AppSec User Login Success Event SDK v2 when appsec is disabled""" + + +class BaseUserLoginSuccessEventV2HeaderCollection(ABC): """Test headers are collected in AppSec User Login Success Event SDK v2""" def setup_user_login_success_header_collection(self): @@ -189,6 +202,16 @@ def setup_user_login_success_header_collection(self): self.r = weblog.post("/user_login_success_event_v2", json=data, headers=HEADERS) @bug(library="golang", reason="LANGPLAT-583") + @abstractmethod + def test_user_login_success_header_collection(self): + raise AssertionError("Not implemented") + + +@features.event_tracking_sdk_v2 +@scenarios.appsec_ato_sdk +class Test_UserLoginSuccessEventV2_HeaderCollection_AppsecEnabled(BaseUserLoginSuccessEventV2HeaderCollection): + """Test headers are collected in AppSec User Login Success Event SDK v2 when appsec is enabled""" + def test_user_login_success_header_collection(self): # Validate that all relevant headers are included on login success SDK @@ -207,8 +230,28 @@ def validate_user_login_success_header_collection(span): @features.event_tracking_sdk_v2 -@scenarios.appsec_ato_sdk -class Test_UserLoginSuccessEventV2_Metrics: +@scenarios.ato_sdk +class Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled(BaseUserLoginSuccessEventV2HeaderCollection): + """Test headers are not collected in User Login Success Event SDK v2 when appsec is disabled""" + + def test_user_login_success_header_collection(self): + assert self.r.status_code == 200 + + def validate_user_login_success_header_collection(span): + if span.get("parent_id") not in (0, None): + return None + + for header in IP_HEADERS: + assert ( + f"http.request.headers.{header.lower()}" not in span["meta"] + ), f"Header {header} is found in span's meta. It should not be collected when appsec is disabled." + + return True + + interfaces.library.validate_spans(self.r, validator=validate_user_login_success_header_collection) + + +class BaseUserLoginSuccessEventV2Metrics: """Test metrics in AppSec User Login Success Event SDK v2""" def setup_user_login_success_event(self): @@ -229,6 +272,18 @@ def test_user_login_success_event(self): ] +@features.event_tracking_sdk_v2 +@scenarios.appsec_ato_sdk +class Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled(BaseUserLoginSuccessEventV2Metrics): + """Test metrics in AppSec User Login Success Event SDK v2 when appsec is enabled""" + + +@features.event_tracking_sdk_v2 +@scenarios.ato_sdk +class Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled(BaseUserLoginSuccessEventV2Metrics): + """Test metrics in AppSec User Login Success Event SDK v2 when appsec is disabled""" + + @features.event_tracking_sdk_v2 @scenarios.appsec_ato_sdk class Test_UserLoginSuccessEventV2_Libddwaf: @@ -273,9 +328,7 @@ def test_user_login_success_unsafe_user_id_event(self): interfaces.library.assert_waf_attack(self.r, rule="003_trigger_on_login_success") -@features.event_tracking_sdk_v2 -@scenarios.appsec_ato_sdk -class Test_UserLoginFailureEventV2_Tags: +class BaseUserLoginFailureEventV2Tags: """Test created tags in AppSec User Login Failure Event SDK v2""" def get_user_login_failure_tags_validator(self, login, exists, metadata=None, unexpected_metadata=None): @@ -391,7 +444,17 @@ def test_user_login_failure_event_deep_metadata(self): @features.event_tracking_sdk_v2 @scenarios.appsec_ato_sdk -class Test_UserLoginFailureEventV2_HeaderCollection: +class Test_UserLoginFailureEventV2_Tags_AppsecEnabled(BaseUserLoginFailureEventV2Tags): + """Test tags created in AppSec User Login Failure Event SDK v2 when appsec is enabled""" + + +@features.event_tracking_sdk_v2 +@scenarios.ato_sdk +class Test_UserLoginFailureEventV2_Tags_AppsecDisabled(BaseUserLoginFailureEventV2Tags): + """Test tags created in AppSec User Login Failure Event SDK v2 when appsec is disabled""" + + +class BaseUserLoginFailureEventV2HeaderCollection(ABC): """Test collected headers in AppSec User Login Failure Event SDK v2""" def setup_user_login_failure_header_collection(self): @@ -400,9 +463,17 @@ def setup_user_login_failure_header_collection(self): self.r = weblog.post("/user_login_failure_event_v2", json=data, headers=HEADERS) @bug(library="golang", reason="LANGPLAT-583") + @abstractmethod def test_user_login_failure_header_collection(self): - # Validate that all relevant headers are included on user login failure + raise AssertionError("Not implemented") + +@features.event_tracking_sdk_v2 +@scenarios.appsec_ato_sdk +class Test_UserLoginFailureEventV2_HeaderCollection_AppsecEnabled(BaseUserLoginFailureEventV2HeaderCollection): + """Test headers are collected in AppSec User Login Failure Event SDK v2 when appsec is enabled""" + + def test_user_login_failure_header_collection(self): assert self.r.status_code == 200 def validate_user_login_failure_header_collection(span): @@ -418,8 +489,28 @@ def validate_user_login_failure_header_collection(span): @features.event_tracking_sdk_v2 -@scenarios.appsec_ato_sdk -class Test_UserLoginFailureEventV2_Metrics: +@scenarios.ato_sdk +class Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled(BaseUserLoginFailureEventV2HeaderCollection): + """Test headers are not collected in User Login Failure Event SDK v2 when appsec is disabled""" + + def test_user_login_failure_header_collection(self): + assert self.r.status_code == 200 + + def validate_user_login_failure_header_collection(span): + if span.get("parent_id") not in (0, None): + return None + + for header in IP_HEADERS: + assert ( + f"http.request.headers.{header.lower()}" not in span["meta"] + ), f"Header {header} is found in span's meta. It should not be collected when appsec is disabled." + + return True + + interfaces.library.validate_spans(self.r, validator=validate_user_login_failure_header_collection) + + +class BaseUserLoginFailureEventV2Metrics: """Test metrics in AppSec User Login Failure Event SDK v2""" def setup_user_login_failure_event(self): @@ -440,6 +531,18 @@ def test_user_login_failure_event(self): ] +@features.event_tracking_sdk_v2 +@scenarios.appsec_ato_sdk +class Test_UserLoginFailureEventV2_Metrics_AppsecEnabled(BaseUserLoginFailureEventV2Metrics): + """Test metrics in AppSec User Login Failure Event SDK v2 when appsec is enabled""" + + +@features.event_tracking_sdk_v2 +@scenarios.ato_sdk +class Test_UserLoginFailureEventV2_Metrics_AppsecDisabled(BaseUserLoginFailureEventV2Metrics): + """Test metrics in AppSec User Login Failure Event SDK v2 when appsec is disabled""" + + @features.event_tracking_sdk_v2 @scenarios.appsec_ato_sdk class Test_UserLoginFailureEventV2_Libddwaf: diff --git a/utils/_context/_scenarios/__init__.py b/utils/_context/_scenarios/__init__.py index cb4d370683a..f8b68ef6e08 100644 --- a/utils/_context/_scenarios/__init__.py +++ b/utils/_context/_scenarios/__init__.py @@ -970,6 +970,14 @@ class _Scenarios: scenario_groups=[scenario_groups.appsec], ) + ato_sdk = EndToEndScenario( + "ATO_SDK", + weblog_env={"DD_APPSEC_ENABLED": "false"}, + doc="Test ato when appsec is diabled", + github_workflow="endtoend", + scenario_groups=[scenario_groups.end_to_end], + ) + appsec_ato_sdk = EndToEndScenario( "APPSEC_ATO_SDK", weblog_env={"DD_APPSEC_ENABLED": "true", "DD_APPSEC_RULES": "/appsec_ato_sdk.json"}, From ec667f619ef4ea7887f5c1f99f91889e6abf5ec9 Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Tue, 20 May 2025 11:39:35 +0200 Subject: [PATCH 2/8] Mark nodejs appsec disable metric tests as missing --- manifests/nodejs.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/nodejs.yml b/manifests/nodejs.yml index 8b4f96cdeda..f0dd0779dbe 100644 --- a/manifests/nodejs.yml +++ b/manifests/nodejs.yml @@ -929,7 +929,7 @@ tests/: '*': *ref_5_48_0 nextjs: missing_feature Test_UserLoginFailureEventV2_Metrics_AppsecDisabled: - '*': *ref_5_48_0 + '*': missing_feature nextjs: missing_feature Test_UserLoginFailureEventV2_Metrics_AppsecEnabled: '*': *ref_5_48_0 @@ -950,7 +950,7 @@ tests/: '*': *ref_5_48_0 nextjs: missing_feature Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled: - '*': *ref_5_48_0 + '*': missing_feature nextjs: missing_feature Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled: '*': *ref_5_48_0 From 75061c9e467f6c299d781b4009a3ca2ecff96b0c Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Tue, 20 May 2025 11:47:16 +0200 Subject: [PATCH 3/8] Mark ato_sdk scenario as appsec as well --- utils/_context/_scenarios/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/_context/_scenarios/__init__.py b/utils/_context/_scenarios/__init__.py index f8b68ef6e08..444c8bdba78 100644 --- a/utils/_context/_scenarios/__init__.py +++ b/utils/_context/_scenarios/__init__.py @@ -975,7 +975,7 @@ class _Scenarios: weblog_env={"DD_APPSEC_ENABLED": "false"}, doc="Test ato when appsec is diabled", github_workflow="endtoend", - scenario_groups=[scenario_groups.end_to_end], + scenario_groups=[scenario_groups.appsec, scenario_groups.end_to_end], ) appsec_ato_sdk = EndToEndScenario( From 96f2e53da218adf627a28fc9dc930885533a90fd Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Fri, 13 Jun 2025 13:19:32 +0200 Subject: [PATCH 4/8] Update utils/_context/_scenarios/__init__.py Co-authored-by: Sergey Fedorov --- utils/_context/_scenarios/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/_context/_scenarios/__init__.py b/utils/_context/_scenarios/__init__.py index 444c8bdba78..4c9f8581c5d 100644 --- a/utils/_context/_scenarios/__init__.py +++ b/utils/_context/_scenarios/__init__.py @@ -973,7 +973,7 @@ class _Scenarios: ato_sdk = EndToEndScenario( "ATO_SDK", weblog_env={"DD_APPSEC_ENABLED": "false"}, - doc="Test ato when appsec is diabled", + doc="Test when AppSec ATO is disabled", github_workflow="endtoend", scenario_groups=[scenario_groups.appsec, scenario_groups.end_to_end], ) From 5b824f8901331a170f4b0815ab29168022065a34 Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Fri, 13 Jun 2025 13:19:44 +0200 Subject: [PATCH 5/8] Update tests/appsec/test_event_tracking_v2.py Co-authored-by: Sergey Fedorov --- tests/appsec/test_event_tracking_v2.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/appsec/test_event_tracking_v2.py b/tests/appsec/test_event_tracking_v2.py index d89cc798c7c..72e25222546 100644 --- a/tests/appsec/test_event_tracking_v2.py +++ b/tests/appsec/test_event_tracking_v2.py @@ -491,7 +491,7 @@ def validate_user_login_failure_header_collection(span): @features.event_tracking_sdk_v2 @scenarios.ato_sdk class Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled(BaseUserLoginFailureEventV2HeaderCollection): - """Test headers are not collected in User Login Failure Event SDK v2 when appsec is disabled""" + """Test headers are not collected in User Login Failure Event SDK v2 when AppSec is disabled""" def test_user_login_failure_header_collection(self): assert self.r.status_code == 200 From 1d1fa078625db0a4fe95c03f0587f82b6687fd83 Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Fri, 13 Jun 2025 13:19:54 +0200 Subject: [PATCH 6/8] Update tests/appsec/test_event_tracking_v2.py Co-authored-by: Sergey Fedorov --- tests/appsec/test_event_tracking_v2.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/appsec/test_event_tracking_v2.py b/tests/appsec/test_event_tracking_v2.py index 72e25222546..6aa1be9257f 100644 --- a/tests/appsec/test_event_tracking_v2.py +++ b/tests/appsec/test_event_tracking_v2.py @@ -534,7 +534,7 @@ def test_user_login_failure_event(self): @features.event_tracking_sdk_v2 @scenarios.appsec_ato_sdk class Test_UserLoginFailureEventV2_Metrics_AppsecEnabled(BaseUserLoginFailureEventV2Metrics): - """Test metrics in AppSec User Login Failure Event SDK v2 when appsec is enabled""" + """Test metrics in AppSec User Login Failure Event SDK v2 when AppSec is enabled""" @features.event_tracking_sdk_v2 From b38f9a9e5b3c57d20c246d05ee0a5fea827cab66 Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Fri, 13 Jun 2025 13:20:01 +0200 Subject: [PATCH 7/8] Update tests/appsec/test_event_tracking_v2.py Co-authored-by: Sergey Fedorov --- tests/appsec/test_event_tracking_v2.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/appsec/test_event_tracking_v2.py b/tests/appsec/test_event_tracking_v2.py index 6aa1be9257f..b6deea60f7f 100644 --- a/tests/appsec/test_event_tracking_v2.py +++ b/tests/appsec/test_event_tracking_v2.py @@ -540,7 +540,7 @@ class Test_UserLoginFailureEventV2_Metrics_AppsecEnabled(BaseUserLoginFailureEve @features.event_tracking_sdk_v2 @scenarios.ato_sdk class Test_UserLoginFailureEventV2_Metrics_AppsecDisabled(BaseUserLoginFailureEventV2Metrics): - """Test metrics in AppSec User Login Failure Event SDK v2 when appsec is disabled""" + """Test metrics in AppSec User Login Failure Event SDK v2 when AppSec is disabled""" @features.event_tracking_sdk_v2 From f2e4f7adb6d97424553159e96df5d333d9fb1d40 Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Thu, 26 Jun 2025 10:35:49 +0200 Subject: [PATCH 8/8] Reuse an old scenario --- .github/workflows/run-end-to-end.yml | 3 --- tests/appsec/test_event_tracking_v2.py | 12 ++++++------ utils/_context/_scenarios/__init__.py | 10 +--------- 3 files changed, 7 insertions(+), 18 deletions(-) diff --git a/.github/workflows/run-end-to-end.yml b/.github/workflows/run-end-to-end.yml index 28859b2c593..496ca95a804 100644 --- a/.github/workflows/run-end-to-end.yml +++ b/.github/workflows/run-end-to-end.yml @@ -290,9 +290,6 @@ jobs: - name: Run APPSEC_API_SECURITY_NO_RESPONSE_BODY scenario if: always() && steps.build.outcome == 'success' && contains(inputs.scenarios, '"APPSEC_API_SECURITY_NO_RESPONSE_BODY"') run: ./run.sh APPSEC_API_SECURITY_NO_RESPONSE_BODY - - name: Run ATO_SDK scenario - if: always() && steps.build.outcome == 'success' && contains(inputs.scenarios, '"ATO_SDK"') - run: ./run.sh ATO_SDK - name: Run APPSEC_ATO_SDK scenario if: always() && steps.build.outcome == 'success' && contains(inputs.scenarios, '"APPSEC_ATO_SDK"') run: ./run.sh APPSEC_ATO_SDK diff --git a/tests/appsec/test_event_tracking_v2.py b/tests/appsec/test_event_tracking_v2.py index b6deea60f7f..3db7ab517eb 100644 --- a/tests/appsec/test_event_tracking_v2.py +++ b/tests/appsec/test_event_tracking_v2.py @@ -188,7 +188,7 @@ class Test_UserLoginSuccessEventV2_Tags_AppsecEnabled(BaseUserLoginSuccessEventV @features.event_tracking_sdk_v2 -@scenarios.ato_sdk +@scenarios.everything_disabled class Test_UserLoginSuccessEventV2_Tags_AppsecDisabled(BaseUserLoginSuccessEventV2Tags): """Test tags created in AppSec User Login Success Event SDK v2 when appsec is disabled""" @@ -230,7 +230,7 @@ def validate_user_login_success_header_collection(span): @features.event_tracking_sdk_v2 -@scenarios.ato_sdk +@scenarios.everything_disabled class Test_UserLoginSuccessEventV2_HeaderCollection_AppsecDisabled(BaseUserLoginSuccessEventV2HeaderCollection): """Test headers are not collected in User Login Success Event SDK v2 when appsec is disabled""" @@ -279,7 +279,7 @@ class Test_UserLoginSuccessEventV2_Metrics_AppsecEnabled(BaseUserLoginSuccessEve @features.event_tracking_sdk_v2 -@scenarios.ato_sdk +@scenarios.everything_disabled class Test_UserLoginSuccessEventV2_Metrics_AppsecDisabled(BaseUserLoginSuccessEventV2Metrics): """Test metrics in AppSec User Login Success Event SDK v2 when appsec is disabled""" @@ -449,7 +449,7 @@ class Test_UserLoginFailureEventV2_Tags_AppsecEnabled(BaseUserLoginFailureEventV @features.event_tracking_sdk_v2 -@scenarios.ato_sdk +@scenarios.everything_disabled class Test_UserLoginFailureEventV2_Tags_AppsecDisabled(BaseUserLoginFailureEventV2Tags): """Test tags created in AppSec User Login Failure Event SDK v2 when appsec is disabled""" @@ -489,7 +489,7 @@ def validate_user_login_failure_header_collection(span): @features.event_tracking_sdk_v2 -@scenarios.ato_sdk +@scenarios.everything_disabled class Test_UserLoginFailureEventV2_HeaderCollection_AppsecDisabled(BaseUserLoginFailureEventV2HeaderCollection): """Test headers are not collected in User Login Failure Event SDK v2 when AppSec is disabled""" @@ -538,7 +538,7 @@ class Test_UserLoginFailureEventV2_Metrics_AppsecEnabled(BaseUserLoginFailureEve @features.event_tracking_sdk_v2 -@scenarios.ato_sdk +@scenarios.everything_disabled class Test_UserLoginFailureEventV2_Metrics_AppsecDisabled(BaseUserLoginFailureEventV2Metrics): """Test metrics in AppSec User Login Failure Event SDK v2 when AppSec is disabled""" diff --git a/utils/_context/_scenarios/__init__.py b/utils/_context/_scenarios/__init__.py index 4c9f8581c5d..3a5cc5afc21 100644 --- a/utils/_context/_scenarios/__init__.py +++ b/utils/_context/_scenarios/__init__.py @@ -214,7 +214,7 @@ class _Scenarios: appsec_enabled=False, include_postgres_db=True, doc="Disable appsec and test DBM setting integration outcome when disabled", - scenario_groups=[scenario_groups.appsec], + scenario_groups=[scenario_groups.appsec, scenario_groups.end_to_end, scenario_groups.tracer_release], ) appsec_low_waf_timeout = AppsecLowWafTimeout("APPSEC_LOW_WAF_TIMEOUT") @@ -970,14 +970,6 @@ class _Scenarios: scenario_groups=[scenario_groups.appsec], ) - ato_sdk = EndToEndScenario( - "ATO_SDK", - weblog_env={"DD_APPSEC_ENABLED": "false"}, - doc="Test when AppSec ATO is disabled", - github_workflow="endtoend", - scenario_groups=[scenario_groups.appsec, scenario_groups.end_to_end], - ) - appsec_ato_sdk = EndToEndScenario( "APPSEC_ATO_SDK", weblog_env={"DD_APPSEC_ENABLED": "true", "DD_APPSEC_RULES": "/appsec_ato_sdk.json"},