From b655699aa0497b272897e70ddec5b2dfd64fad55 Mon Sep 17 00:00:00 2001
From: Itay Iluz <itay.iluz@imperva.com>
Date: Wed, 17 Mar 2021 10:29:12 +0200
Subject: [PATCH] Add argument to generate more data per parameter

- The parameter has a default value of 1 to maintain the tool's behaviour before this change.
- String parameters are excluded in the fuzzing process so the parameter is irrelevant for those parameters.
---
 .../imperva/apiattacktool/cli/ApiAttackTool.java   |  7 +++++++
 .../NegativeSinglePropertyScenarioTestDriver.java  | 14 +++++++++++++-
 .../apiattacktool/tests/ScenariosDataProvider.java |  2 +-
 .../tests/SingleValueScenarioTestDriver.java       | 14 +++++++++++++-
 .../apiattacktool/tests/TestConfiguration.java     | 12 ++++++++++--
 .../imperva/apiattacktool/tests/TestDriver.java    |  2 +-
 6 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/imperva/apiattacktool/cli/ApiAttackTool.java b/src/main/java/com/imperva/apiattacktool/cli/ApiAttackTool.java
index 815989c..213bfbc 100644
--- a/src/main/java/com/imperva/apiattacktool/cli/ApiAttackTool.java
+++ b/src/main/java/com/imperva/apiattacktool/cli/ApiAttackTool.java
@@ -30,6 +30,9 @@ public class ApiAttackTool implements Callable<Integer> {
     @Option(names = {"-ph", "--proxyHost"}, description = "Specify the proxy host to send the requests via a proxy")
     private String proxyHost;
 
+    @Option(names = {"-rpp", "--requestsPerParameter"}, description = "Specify the number of requests to send per the swagger's parameters (Strings excluded)")
+    private Integer numOfRequestsPerParameter;
+
     @Option(names = {"-pp", "--proxyPort"}, description = "The proxy port")
     private Integer proxyPort;
 
@@ -63,6 +66,10 @@ public Integer getProxyPort() {
         return proxyPort;
     }
 
+    public Integer getNumOfRequestsPerParameter() {
+        return numOfRequestsPerParameter;
+    }
+
     public List<Integer> getUserProvidedPositiveResponseCodes() {
         return userProvidedPositiveResponseCodes;
     }
diff --git a/src/main/java/com/imperva/apiattacktool/tests/NegativeSinglePropertyScenarioTestDriver.java b/src/main/java/com/imperva/apiattacktool/tests/NegativeSinglePropertyScenarioTestDriver.java
index 6fb8fac..bafcfd1 100644
--- a/src/main/java/com/imperva/apiattacktool/tests/NegativeSinglePropertyScenarioTestDriver.java
+++ b/src/main/java/com/imperva/apiattacktool/tests/NegativeSinglePropertyScenarioTestDriver.java
@@ -17,6 +17,8 @@
 
 import java.util.Collections;
 import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 public class NegativeSinglePropertyScenarioTestDriver extends AbstractTestDriver implements TestDriver {
     private Fuzzer firstStepFuzzer;
@@ -36,7 +38,7 @@ public NegativeSinglePropertyScenarioTestDriver(Fuzzer firstStepFuzzer,
     }
 
     @Override
-    public List<HttpRequestWrapper> getHttpRequestList(String resourceFileName) {
+    public List<HttpRequestWrapper> getHttpRequestList(String resourceFileName, int numOfRequestsPerParameter) {
         List<EndpointModel> endpointModelList = parseSwagger(resourceFileName);
         if (endpointModelList.isEmpty()) {
             return Collections.emptyList();
@@ -44,7 +46,17 @@ public List<HttpRequestWrapper> getHttpRequestList(String resourceFileName) {
 
         List<EndpointValuedModel> endpointValuedModelList = getModelToValueConverter().endpointModelToEndpointValuedModel(endpointModelList);
         List<EndpointValuedModel> modelsWithPolicyEnforced = getPolicyEnforcer().enforcePolicyOn(endpointValuedModelList);
+
         List<EndpointValuedModel> fuzzedModelsWithPositiveValues = getBeforeMainEndpointModelProcessor().process(modelsWithPolicyEnforced, firstStepFuzzer);
+        // Generate more data based on the value numOfRequestsPerParameter
+        for (int i = 0; i < numOfRequestsPerParameter - 1; i++) {
+            fuzzedModelsWithPositiveValues = Stream.concat(
+                fuzzedModelsWithPositiveValues.stream(),
+                getMainEndpointModelProcessor().process(modelsWithPolicyEnforced, getFuzzer()).stream())
+                .collect(Collectors.toList()
+                );
+        }
+
         List<EndpointValuedModel> fuzzedEndpointValuedModelList = getMainEndpointModelProcessor().process(fuzzedModelsWithPositiveValues, getFuzzer());
         List<EndpointTestRequestData> endpointTestRequestDataList = getTestRequestDataConverter().processList(fuzzedEndpointValuedModelList);
         List<HttpRequestWrapper> httpRequestWrapperList = getHttpRequestGenerator().generateFrom(endpointTestRequestDataList);
diff --git a/src/main/java/com/imperva/apiattacktool/tests/ScenariosDataProvider.java b/src/main/java/com/imperva/apiattacktool/tests/ScenariosDataProvider.java
index 3f06899..29c8725 100644
--- a/src/main/java/com/imperva/apiattacktool/tests/ScenariosDataProvider.java
+++ b/src/main/java/com/imperva/apiattacktool/tests/ScenariosDataProvider.java
@@ -54,7 +54,7 @@ public static Object[][] negativeBadPropertyScenarioDataProvider(ITestContext co
     private static Object[][] getEndpointTestRequestData(TestDriver testDriver) {
         List<HttpRequestWrapper> httpRequestWrapperList;
         try {
-            httpRequestWrapperList = testDriver.getHttpRequestList(TestConfiguration.getSpecFilePath());
+            httpRequestWrapperList = testDriver.getHttpRequestList(TestConfiguration.getSpecFilePath(), TestConfiguration.getNumOfRequestsPerParameter());
         } catch (Exception anyException) {
             logger.error("Failed to get httpRequestList, for file: {}", TestConfiguration.getSpecFilePath(), anyException);
             return null;
diff --git a/src/main/java/com/imperva/apiattacktool/tests/SingleValueScenarioTestDriver.java b/src/main/java/com/imperva/apiattacktool/tests/SingleValueScenarioTestDriver.java
index 702c298..419aabc 100644
--- a/src/main/java/com/imperva/apiattacktool/tests/SingleValueScenarioTestDriver.java
+++ b/src/main/java/com/imperva/apiattacktool/tests/SingleValueScenarioTestDriver.java
@@ -16,6 +16,8 @@
 
 import java.util.Collections;
 import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 public class SingleValueScenarioTestDriver extends AbstractTestDriver implements TestDriver {
 
@@ -32,7 +34,7 @@ public SingleValueScenarioTestDriver(Fuzzer fuzzer,
     }
 
     @Override
-    public List<HttpRequestWrapper> getHttpRequestList(String resourceFileName) {
+    public List<HttpRequestWrapper> getHttpRequestList(String resourceFileName, int numOfRequestsPerParameter) {
         List<EndpointModel> endpointModelList = parseSwagger(resourceFileName);
         if (endpointModelList.isEmpty()) {
             return Collections.emptyList();
@@ -40,7 +42,17 @@ public List<HttpRequestWrapper> getHttpRequestList(String resourceFileName) {
 
         List<EndpointValuedModel> endpointValuedModelList = getModelToValueConverter().endpointModelToEndpointValuedModel(endpointModelList);
         List<EndpointValuedModel> modelsWithPolicyEnforced = getPolicyEnforcer().enforcePolicyOn(endpointValuedModelList);
+
         List<EndpointValuedModel> fuzzedEndpointValuedModelList = getMainEndpointModelProcessor().process(modelsWithPolicyEnforced, getFuzzer());
+        // Generate more data based on the value numOfRequestsPerParameter
+        for (int i = 0; i < numOfRequestsPerParameter - 1; i++) {
+            fuzzedEndpointValuedModelList = Stream.concat(
+                fuzzedEndpointValuedModelList.stream(),
+                getMainEndpointModelProcessor().process(modelsWithPolicyEnforced, getFuzzer()).stream())
+                .collect(Collectors.toList()
+                );
+        }
+
         List<EndpointTestRequestData> endpointTestRequestDataList = getTestRequestDataConverter().processList(fuzzedEndpointValuedModelList);
         List<HttpRequestWrapper> httpRequestWrapperList = getHttpRequestGenerator().generateFrom(endpointTestRequestDataList);
         return httpRequestWrapperList;
diff --git a/src/main/java/com/imperva/apiattacktool/tests/TestConfiguration.java b/src/main/java/com/imperva/apiattacktool/tests/TestConfiguration.java
index 229f845..a9090cc 100644
--- a/src/main/java/com/imperva/apiattacktool/tests/TestConfiguration.java
+++ b/src/main/java/com/imperva/apiattacktool/tests/TestConfiguration.java
@@ -14,6 +14,7 @@ public class TestConfiguration {
 
     private static final int DEFAULT_PROXY_PORT = 80;
     private static final int DEFAULT_HOST_PORT = 443;
+    private static final int DEFAULT_NUM_OF_REQUESTS_PER_PARAMETER = 1;
 
     private static String specFilePath = System.getProperty("specFile", null);
 
@@ -27,6 +28,8 @@ public class TestConfiguration {
 
     private static Integer proxyPort = getIntegerFieldFromProperty("proxyPort", DEFAULT_PROXY_PORT);
 
+    private static Integer numOfRequestsPerParameter = getIntegerFieldFromProperty("numOfRequestsPerParameter", DEFAULT_NUM_OF_REQUESTS_PER_PARAMETER);
+
     private static Collection<Integer> userProvidedPositiveResponseCodes = getIntegerListFromProperty("addPositiveRC", Collections.emptyList());
 
     private static Collection<Integer> userProvidedNegativeResponseCodes = getIntegerListFromProperty("addNegativeRC", Collections.emptyList());
@@ -38,6 +41,7 @@ public static void initFrom(ApiAttackTool apiAttackToolOptions) {
         hostPort = apiAttackToolOptions.getHostPort();
         proxyHost = apiAttackToolOptions.getProxyHost();
         proxyPort = apiAttackToolOptions.getProxyPort();
+        numOfRequestsPerParameter = apiAttackToolOptions.getNumOfRequestsPerParameter();
         userProvidedPositiveResponseCodes =
             apiAttackToolOptions.getUserProvidedPositiveResponseCodes() == null
                 ? Collections.emptyList()
@@ -52,6 +56,10 @@ public static String getSpecFilePath() {
         return specFilePath;
     }
 
+    public static int getNumOfRequestsPerParameter() {
+        return numOfRequestsPerParameter == null ? DEFAULT_NUM_OF_REQUESTS_PER_PARAMETER : numOfRequestsPerParameter;
+    }
+
     public static String getHostScheme() {
         return hostScheme;
     }
@@ -86,8 +94,8 @@ public static Collection<Integer> getUserProvidedNegativeResponseCodes() {
 
     public static String getWorkingConfigurationString() {
         return "API Spec file path: " + specFilePath + "\n"
-        + "Host: (" + hostScheme + ") " + hostName + " : " + getHostPort() + "\n"
-        + (isProxyDefined()
+            + "Host: (" + hostScheme + ") " + hostName + " : " + getHostPort() + "\n"
+            + (isProxyDefined()
             ? "Proxy Host: " + proxyHost + " : " + getProxyPort() + "\n"
             : "");
 
diff --git a/src/main/java/com/imperva/apiattacktool/tests/TestDriver.java b/src/main/java/com/imperva/apiattacktool/tests/TestDriver.java
index 9cd8a35..5372635 100644
--- a/src/main/java/com/imperva/apiattacktool/tests/TestDriver.java
+++ b/src/main/java/com/imperva/apiattacktool/tests/TestDriver.java
@@ -5,5 +5,5 @@
 import java.util.List;
 
 public interface TestDriver {
-    List<HttpRequestWrapper> getHttpRequestList(String resourceFileName);
+    List<HttpRequestWrapper> getHttpRequestList(String resourceFileName, int numOfRequestsPerParameter);
 }