Merge pull request #18 from stfbk/api

Add support for API

.gitignore

@@ -0,0 +1,5 @@
+.DS_Store
+
+# dev env
+**/*.http
+tool/.devcontainer/*

README.md

@@ -132,3 +132,79 @@ Some parts of the tool that manages SAML certificates has been built by using po
 
 Parts of the tool that manage JWTs has been built using nimbus-jose-jwt
 <https://connect2id.com/products/nimbus-jose-jwt>
+
+# MIG-T API Documentation
+
+Explore the API endpoints and documentation here: <https://app.swaggerhub.com/apis-docs/PGSENO02/MIG-TAPIs/1.0.0#/>
+
+### API Endpoints
+
+MIG-T supports both GUI and API interaction. Two endpoints are available for API interaction:
+
+#### /execute [POST]
+
+Check the validity of the test and run the test. 
+
+Input: 
+```json
+{
+  "test": "test content",
+  "sessions": {
+    "session_name_1": "session content",
+    "session_name_2": "session content"
+  }
+}
+```
+
+Output:
+- HTTP status code 200 (ok)
+
+#### /result [GET]
+
+Checks whether the test is finished and returns the result.
+
+Output:
+- If the test is not finished:
+```json
+{
+  "finished": false
+}
+```
+- If the test is finished:
+```json
+{
+  "finished": true,
+  "tests": [
+    {
+      "references": "",
+      "test name": "",
+      "description": "",
+      "type": "",
+      "mitigations": "",
+      "result": ""
+    }
+  ]
+}
+```
+A verbose parameter is available (`/result?verbose=true`) to retrieve data from requests. For example:
+```json
+{
+  "finished": true,
+  "tests": [
+    {
+      "references": "",
+      "test name": "Does the OP release Access Tokens with the use of refresh tokens",
+      "description": "In this test the offline access flow is accomplished and a refresh token is obtained. After this, a new token request is done with \"grant_type\u003drefresh_token\" and the refresh token inserted in the \"refresh_token\" parameter. The response must include the Access Token",
+      "type": "active",
+      "mitigations": "",
+      "result": "success",
+      "details": [
+        {
+          "message type": "Authentication request",
+          "request": "base64_of_the_request"
+        }
+      ]
+    }
+  ]
+}
+```

tool/pom.xml

@@ -12,12 +12,12 @@
         <dependency>
             <groupId>org.json</groupId>
             <artifactId>json</artifactId>
-            <version>20231013</version>
+            <version>20240303</version>
         </dependency>
         <dependency>
             <groupId>com.nimbusds</groupId>
             <artifactId>nimbus-jose-jwt</artifactId>
-            <version>9.38-rc3</version>
+            <version>9.41.2</version>
         </dependency>
         <dependency>
             <groupId>org.bouncycastle</groupId>
@@ -27,17 +27,17 @@
         <dependency>
             <groupId>com.google.code.gson</groupId>
             <artifactId>gson</artifactId>
-            <version>2.10.1</version>
+            <version>2.11.0</version>
         </dependency>
         <dependency>
             <groupId>org.seleniumhq.selenium</groupId>
             <artifactId>selenium-java</artifactId>
-            <version>4.16.1</version>
+            <version>4.25.0</version>
         </dependency>
         <dependency>
             <groupId>org.apache.santuario</groupId>
             <artifactId>xmlsec</artifactId>
-            <version>4.0.1</version>
+            <version>4.0.2</version>
         </dependency>
         <dependency>
             <groupId>com.sun.xml.security</groupId>
@@ -47,7 +47,7 @@
         <dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-engine</artifactId>
-            <version>5.10.1</version>
+            <version>5.11.2</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -58,7 +58,7 @@
         <dependency>
             <groupId>net.minidev</groupId>
             <artifactId>json-smart</artifactId>
-            <version>2.5.0</version>
+            <version>2.5.1</version>
         </dependency>
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
@@ -73,12 +73,44 @@
         <dependency>
             <groupId>com.networknt</groupId>
             <artifactId>json-schema-validator</artifactId>
-            <version>1.2.0</version>
+            <version>1.5.2</version>
         </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-text</artifactId>
-            <version>1.11.0</version>
+            <version>1.12.0</version>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-server</artifactId>
+            <version>11.0.24</version>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-servlet</artifactId>
+            <version>11.0.24</version>
+        </dependency>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-api</artifactId>
+            <version>0.12.6</version>
+        </dependency>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-impl</artifactId>
+            <version>0.12.6</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-jackson</artifactId>
+            <version>0.12.6</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-crypto</artifactId>
+            <version>6.3.3</version>
         </dependency>
     </dependencies>
 
@@ -88,6 +120,14 @@
     </properties>
 
     <build>
+        <resources>
+            <resource>
+                <directory>src/main/resources</directory>
+                <includes>
+                    <include>**/*</include>
+                </includes>
+            </resource>
+        </resources>
         <plugins>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>