mirror of
https://github.com/google/nomulus.git
synced 2025-07-09 12:43:24 +02:00
Remove platformType and threatEntryMetaData fields from ThreatMatch (#607)
* Remove platformType and threatEntryMetaData fields from ThreatMatch * Run google-java-format on both files * Add test for removal of unnecessary fields * Removed unnecessary fields from Spec11PipelineTest.testEndToEndPipeline_generatesExpectedFiles * Added style check * Fix typo
This commit is contained in:
parent
b1241b98b2
commit
5a1f3d0376
4 changed files with 24 additions and 36 deletions
|
@ -24,22 +24,10 @@ import org.json.JSONObject;
|
||||||
public abstract class ThreatMatch implements Serializable {
|
public abstract class ThreatMatch implements Serializable {
|
||||||
|
|
||||||
private static final String THREAT_TYPE_FIELD = "threatType";
|
private static final String THREAT_TYPE_FIELD = "threatType";
|
||||||
private static final String PLATFORM_TYPE_FIELD = "platformType";
|
|
||||||
private static final String METADATA_FIELD = "threatEntryMetadata";
|
|
||||||
private static final String DOMAIN_NAME_FIELD = "fullyQualifiedDomainName";
|
private static final String DOMAIN_NAME_FIELD = "fullyQualifiedDomainName";
|
||||||
|
|
||||||
/** Returns what kind of threat it is (malware, phishing etc.) */
|
/** Returns what kind of threat it is (malware, phishing etc.) */
|
||||||
public abstract String threatType();
|
public abstract String threatType();
|
||||||
/** Returns what platforms it affects (Windows, Linux etc.) */
|
|
||||||
abstract String platformType();
|
|
||||||
/**
|
|
||||||
* Returns a String representing a JSON Object containing arbitrary metadata associated with this
|
|
||||||
* threat, or "NONE" if there is no metadata to retrieve.
|
|
||||||
*
|
|
||||||
* <p>This ideally would be a {@link JSONObject} type, but can't be due to serialization
|
|
||||||
* requirements.
|
|
||||||
*/
|
|
||||||
abstract String metadata();
|
|
||||||
/** Returns the fully qualified domain name [SLD].[TLD] of the matched threat. */
|
/** Returns the fully qualified domain name [SLD].[TLD] of the matched threat. */
|
||||||
public abstract String fullyQualifiedDomainName();
|
public abstract String fullyQualifiedDomainName();
|
||||||
|
|
||||||
|
@ -52,29 +40,19 @@ public abstract class ThreatMatch implements Serializable {
|
||||||
static ThreatMatch create(JSONObject threatMatchJSON, String fullyQualifiedDomainName)
|
static ThreatMatch create(JSONObject threatMatchJSON, String fullyQualifiedDomainName)
|
||||||
throws JSONException {
|
throws JSONException {
|
||||||
return new AutoValue_ThreatMatch(
|
return new AutoValue_ThreatMatch(
|
||||||
threatMatchJSON.getString(THREAT_TYPE_FIELD),
|
threatMatchJSON.getString(THREAT_TYPE_FIELD), fullyQualifiedDomainName);
|
||||||
threatMatchJSON.getString(PLATFORM_TYPE_FIELD),
|
|
||||||
threatMatchJSON.has(METADATA_FIELD)
|
|
||||||
? threatMatchJSON.getJSONObject(METADATA_FIELD).toString()
|
|
||||||
: "NONE",
|
|
||||||
fullyQualifiedDomainName);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Returns a {@link JSONObject} representing a subset of this object's data. */
|
/** Returns a {@link JSONObject} representing a subset of this object's data. */
|
||||||
JSONObject toJSON() throws JSONException {
|
JSONObject toJSON() throws JSONException {
|
||||||
return new JSONObject()
|
return new JSONObject()
|
||||||
.put(THREAT_TYPE_FIELD, threatType())
|
.put(THREAT_TYPE_FIELD, threatType())
|
||||||
.put(PLATFORM_TYPE_FIELD, platformType())
|
|
||||||
.put(METADATA_FIELD, metadata())
|
|
||||||
.put(DOMAIN_NAME_FIELD, fullyQualifiedDomainName());
|
.put(DOMAIN_NAME_FIELD, fullyQualifiedDomainName());
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Parses a {@link JSONObject} and returns an equivalent {@link ThreatMatch}. */
|
/** Parses a {@link JSONObject} and returns an equivalent {@link ThreatMatch}. */
|
||||||
public static ThreatMatch fromJSON(JSONObject threatMatch) throws JSONException {
|
public static ThreatMatch fromJSON(JSONObject threatMatch) throws JSONException {
|
||||||
return new AutoValue_ThreatMatch(
|
return new AutoValue_ThreatMatch(
|
||||||
threatMatch.getString(THREAT_TYPE_FIELD),
|
threatMatch.getString(THREAT_TYPE_FIELD), threatMatch.getString(DOMAIN_NAME_FIELD));
|
||||||
threatMatch.getString(PLATFORM_TYPE_FIELD),
|
|
||||||
threatMatch.getString(METADATA_FIELD),
|
|
||||||
threatMatch.getString(DOMAIN_NAME_FIELD));
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -195,14 +195,10 @@ public class Spec11PipelineTest {
|
||||||
new JSONObject()
|
new JSONObject()
|
||||||
.put("fullyQualifiedDomainName", "111.com")
|
.put("fullyQualifiedDomainName", "111.com")
|
||||||
.put("threatType", "MALWARE")
|
.put("threatType", "MALWARE")
|
||||||
.put("threatEntryMetadata", "NONE")
|
|
||||||
.put("platformType", "WINDOWS")
|
|
||||||
.toString(),
|
.toString(),
|
||||||
new JSONObject()
|
new JSONObject()
|
||||||
.put("fullyQualifiedDomainName", "222.com")
|
.put("fullyQualifiedDomainName", "222.com")
|
||||||
.put("threatType", "MALWARE")
|
.put("threatType", "MALWARE")
|
||||||
.put("threatEntryMetadata", "NONE")
|
|
||||||
.put("platformType", "WINDOWS")
|
|
||||||
.toString());
|
.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -77,6 +77,26 @@ public class Spec11RegistrarThreatMatchesParserTest {
|
||||||
.hasValue(LocalDate.parse("2018-07-14"));
|
.hasValue(LocalDate.parse("2018-07-14"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testSuccess_ignoreExtraFields() throws Exception {
|
||||||
|
ThreatMatch objectWithExtraFields =
|
||||||
|
ThreatMatch.fromJSON(
|
||||||
|
new JSONObject(
|
||||||
|
ImmutableMap.of(
|
||||||
|
"threatType", "MALWARE",
|
||||||
|
"platformType", "ANY_PLATFORM",
|
||||||
|
"threatEntryMetaData", "NONE",
|
||||||
|
"fullyQualifiedDomainName", "c.com")));
|
||||||
|
ThreatMatch objectWithoutExtraFields =
|
||||||
|
ThreatMatch.fromJSON(
|
||||||
|
new JSONObject(
|
||||||
|
ImmutableMap.of(
|
||||||
|
"threatType", "MALWARE",
|
||||||
|
"fullyQualifiedDomainName", "c.com")));
|
||||||
|
|
||||||
|
assertThat(objectWithExtraFields).isEqualTo(objectWithoutExtraFields);
|
||||||
|
}
|
||||||
|
|
||||||
/** The expected contents of the sample spec11 report file */
|
/** The expected contents of the sample spec11 report file */
|
||||||
static ImmutableSet<RegistrarThreatMatches> sampleThreatMatches() throws Exception {
|
static ImmutableSet<RegistrarThreatMatches> sampleThreatMatches() throws Exception {
|
||||||
return ImmutableSet.of(getMatchA(), getMatchB());
|
return ImmutableSet.of(getMatchA(), getMatchB());
|
||||||
|
@ -90,8 +110,6 @@ public class Spec11RegistrarThreatMatchesParserTest {
|
||||||
new JSONObject(
|
new JSONObject(
|
||||||
ImmutableMap.of(
|
ImmutableMap.of(
|
||||||
"threatType", "MALWARE",
|
"threatType", "MALWARE",
|
||||||
"platformType", "ANY_PLATFORM",
|
|
||||||
"threatEntryMetadata", "NONE",
|
|
||||||
"fullyQualifiedDomainName", "a.com")))));
|
"fullyQualifiedDomainName", "a.com")))));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -103,15 +121,11 @@ public class Spec11RegistrarThreatMatchesParserTest {
|
||||||
new JSONObject(
|
new JSONObject(
|
||||||
ImmutableMap.of(
|
ImmutableMap.of(
|
||||||
"threatType", "MALWARE",
|
"threatType", "MALWARE",
|
||||||
"platformType", "ANY_PLATFORM",
|
|
||||||
"threatEntryMetadata", "NONE",
|
|
||||||
"fullyQualifiedDomainName", "b.com"))),
|
"fullyQualifiedDomainName", "b.com"))),
|
||||||
ThreatMatch.fromJSON(
|
ThreatMatch.fromJSON(
|
||||||
new JSONObject(
|
new JSONObject(
|
||||||
ImmutableMap.of(
|
ImmutableMap.of(
|
||||||
"threatType", "MALWARE",
|
"threatType", "MALWARE",
|
||||||
"platformType", "ANY_PLATFORM",
|
|
||||||
"threatEntryMetadata", "NONE",
|
|
||||||
"fullyQualifiedDomainName", "c.com")))));
|
"fullyQualifiedDomainName", "c.com")))));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
Map from registrar email / name to detected subdomain threats:
|
Map from registrar email / name to detected subdomain threats:
|
||||||
{"threatMatches":[{"threatEntryMetadata":"NONE","threatType":"MALWARE","fullyQualifiedDomainName":"a.com","platformType":"ANY_PLATFORM"}],"registrarClientId":"TheRegistrar","registrarEmailAddress":"the.registrar@example.com"}
|
{"threatMatches":[{"threatType":"MALWARE","fullyQualifiedDomainName":"a.com"}],"registrarClientId":"TheRegistrar","registrarEmailAddress":"the.registrar@example.com"}
|
||||||
{"threatMatches":[{"threatEntryMetadata":"NONE","threatType":"MALWARE","fullyQualifiedDomainName":"b.com","platformType":"ANY_PLATFORM"},{"threatEntryMetadata":"NONE","threatType":"MALWARE","fullyQualifiedDomainName":"c.com","platformType":"ANY_PLATFORM"}],"registrarClientId":"NewRegistrar","registrarEmailAddress":"new.registrar@example.com"}
|
{"threatMatches":[{"threatType":"MALWARE","fullyQualifiedDomainName":"b.com"},{"threatType":"MALWARE","fullyQualifiedDomainName":"c.com"}],"registrarClientId":"NewRegistrar","registrarEmailAddress":"new.registrar@example.com"}
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue