'Fortify API Start Scan with Default - How to send package

I am trying to use the API from https://api.emea.fortify.com/swagger/ui/index#/ called Start Scan with Default.

I cannot find any documentation to suggest how to set the post up.

This is what I have so far, but I get an error and of course I am not sending the files to scan either, so I know it is not right.

I have tried a Get request, which works so I know it is authenticated etc.

I just need to know are the parameters correctly formatted and how do I upload the actual files to scan.

POST /api/v3/releases/43579/static-scans/start-scan-with-defaults?releaseId=43579& fragNo=22& offset=22& isRemediationScan=false& notes=hello HTTP/1.1
Host: api.emea.fortify.com
Content-Type: application/json
Authorization: Bearer [TOKEN HERE]
User-Agent: PostmanRuntime/7.13.0
Accept: */*
Cache-Control: no-cache
Postman-Token: 57e40c1d-c99c-40a4-a79b-06ef9a678a07,8ef4ad1e-327f-4eee-b6bb-bddb21b18d50
Host: api.emea.fortify.com
accept-encoding: gzip, deflate
content-length: 
Connection: keep-alive
cache-control: no-cache

Response:

{
    "errors": [
        {
            "errorCode": null,
            "message": "Unexpected error processing request"
        }
    ]
}

UPDATE

I have found this repo on Git written in Java, which I have tried to recreate in PowerShell with no success.

https://github.com/fod-dev/fod-uploader-java

My PowerShell:

[System.Net.WebRequest]::DefaultWebProxy = [System.Net.WebRequest]::GetSystemWebProxy()
[System.Net.WebRequest]::DefaultWebProxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials

$zipDetails = Get-Content C:\Users\patemanc\Desktop\types.zip -Encoding Byte

Write-Host $zipDetails.Length

$releaseId = "43576"

$url = "https://api.emea.fortify.com/api/v3/releases/$releaseId/static-scans/start-scan-with-defaults?"
$url += "releaseId=$releaseId"
$url += "&fragNo=-1"
$url += "&offset=0"
$url += "&isRemediationScan=false"
$url += "&notes=PowrShell Test"


$long_lived_access_token = "ENTER TOKEN HERE"
$headers = @{Authorization = "bearer:$long_lived_access_token"}

$response = Invoke-WebRequest -ContentType "application/octet-stream"  -Uri $url -Method POST -Body $zipDetails -Headers $headers -UseBasicParsing


Write-Host "Here is the end"

Write-Host $response

Error Response:

79212
Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send.
At line:22 char:13
+ $response = Invoke-WebRequest -ContentType "application/json"  -Uri $ ...
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
apifortify


Solution 1:[1]

Why postman? If you use some plugin to run it, from Jenkins for example, it works fine. I don't know how the plugins call it from the API.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Raphael Hagi

Related Questions