websecurityscanner

package
v0.213.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 17, 2024 License: BSD-3-Clause Imports: 18 Imported by: 0

Documentation

Overview

Package websecurityscanner provides access to the Web Security Scanner API.

For product documentation, see: https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview/

Library status

These client libraries are officially supported by Google. However, this library is considered complete and is in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.

When possible, we recommend using our newer [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) that are still actively being worked and iterated on.

Creating a client

Usage example:

import "google.golang.org/api/websecurityscanner/v1alpha"
...
ctx := context.Background()
websecurityscannerService, err := websecurityscanner.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication. For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use google.golang.org/api/option.WithAPIKey:

websecurityscannerService, err := websecurityscanner.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow, use google.golang.org/api/option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
websecurityscannerService, err := websecurityscanner.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See google.golang.org/api/option.ClientOption for details on options.

Index

Constants

View Source
const (
	// See, edit, configure, and delete your Google Cloud data and see the email
	// address for your Google Account.
	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authentication

type Authentication struct {
	// CustomAccount: Authentication using a custom account.
	CustomAccount *CustomAccount `json:"customAccount,omitempty"`
	// GoogleAccount: Authentication using a Google account.
	GoogleAccount *GoogleAccount `json:"googleAccount,omitempty"`
	// ForceSendFields is a list of field names (e.g. "CustomAccount") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CustomAccount") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Authentication: Scan authentication configuration.

func (Authentication) MarshalJSON

func (s Authentication) MarshalJSON() ([]byte, error)

type CrawledUrl

type CrawledUrl struct {
	// Body: Output only. The body of the request that was used to visit the URL.
	Body string `json:"body,omitempty"`
	// HttpMethod: Output only. The http method of the request that was used to
	// visit the URL, in uppercase.
	HttpMethod string `json:"httpMethod,omitempty"`
	// Url: Output only. The URL that was crawled.
	Url string `json:"url,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Body") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Body") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

CrawledUrl: A CrawledUrl resource represents a URL that was crawled during a ScanRun. Web Security Scanner Service crawls the web applications, following all links within the scope of sites, to find the URLs to test against.

func (CrawledUrl) MarshalJSON

func (s CrawledUrl) MarshalJSON() ([]byte, error)

type CustomAccount

type CustomAccount struct {
	// LoginUrl: Required. The login form URL of the website.
	LoginUrl string `json:"loginUrl,omitempty"`
	// Password: Required. Input only. The password of the custom account. The
	// credential is stored encrypted and not returned in any response nor included
	// in audit logs.
	Password string `json:"password,omitempty"`
	// Username: Required. The user name of the custom account.
	Username string `json:"username,omitempty"`
	// ForceSendFields is a list of field names (e.g. "LoginUrl") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "LoginUrl") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

CustomAccount: Describes authentication configuration that uses a custom account.

func (CustomAccount) MarshalJSON

func (s CustomAccount) MarshalJSON() ([]byte, error)

type Empty

type Empty struct {
	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
}

Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

type Finding

type Finding struct {
	// Body: The body of the request that triggered the vulnerability.
	Body string `json:"body,omitempty"`
	// Description: The description of the vulnerability.
	Description string `json:"description,omitempty"`
	// FinalUrl: The URL where the browser lands when the vulnerability is
	// detected.
	FinalUrl string `json:"finalUrl,omitempty"`
	// FindingType: The type of the Finding.
	//
	// Possible values:
	//   "FINDING_TYPE_UNSPECIFIED" - The invalid finding type.
	//   "MIXED_CONTENT" - A page that was served over HTTPS also resources over
	// HTTP. A man-in-the-middle attacker could tamper with the HTTP resource and
	// gain full access to the website that loads the resource or to monitor the
	// actions taken by the user.
	//   "OUTDATED_LIBRARY" - The version of an included library is known to
	// contain a security issue. The scanner checks the version of library in use
	// against a known list of vulnerable libraries. False positives are possible
	// if the version detection fails or if the library has been manually patched.
	//   "ROSETTA_FLASH" - This type of vulnerability occurs when the value of a
	// request parameter is reflected at the beginning of the response, for
	// example, in requests using JSONP. Under certain circumstances, an attacker
	// may be able to supply an alphanumeric-only Flash file in the vulnerable
	// parameter causing the browser to execute the Flash file as if it originated
	// on the vulnerable server.
	//   "XSS_CALLBACK" - A cross-site scripting (XSS) bug is found via JavaScript
	// callback. For detailed explanations on XSS, see
	// https://www.google.com/about/appsecurity/learning/xss/.
	//   "XSS_ERROR" - A potential cross-site scripting (XSS) bug due to JavaScript
	// breakage. In some circumstances, the application under test might modify the
	// test string before it is parsed by the browser. When the browser attempts to
	// runs this modified test string, it will likely break and throw a JavaScript
	// execution error, thus an injection issue is occurring. However, it may not
	// be exploitable. Manual verification is needed to see if the test string
	// modifications can be evaded and confirm that the issue is in fact an XSS
	// vulnerability. For detailed explanations on XSS, see
	// https://www.google.com/about/appsecurity/learning/xss/.
	//   "CLEAR_TEXT_PASSWORD" - An application appears to be transmitting a
	// password field in clear text. An attacker can eavesdrop network traffic and
	// sniff the password field.
	//   "INVALID_CONTENT_TYPE" - An application returns sensitive content with an
	// invalid content type, or without an 'X-Content-Type-Options: nosniff'
	// header.
	//   "XSS_ANGULAR_CALLBACK" - A cross-site scripting (XSS) vulnerability in
	// AngularJS module that occurs when a user-provided string is interpolated by
	// Angular.
	//   "INVALID_HEADER" - A malformed or invalid valued header.
	//   "MISSPELLED_SECURITY_HEADER_NAME" - Misspelled security header name.
	//   "MISMATCHING_SECURITY_HEADER_VALUES" - Mismatching values in a duplicate
	// security header.
	//   "ACCESSIBLE_GIT_REPOSITORY" - A world-readable git repository that
	// potentially leaks source code, commit history or sensitive information such
	// as credentials.
	//   "ACCESSIBLE_SVN_REPOSITORY" - A world-readable subversion repository that
	// potentially leaks source code, commit history or sensitive information such
	// as credentials.
	//   "ACCESSIBLE_ENV_FILE" - A world-readable env file that potentially leaks
	// source code, commit history or sensitive information such as credentials.
	FindingType string `json:"findingType,omitempty"`
	// FrameUrl: If the vulnerability was originated from nested IFrame, the
	// immediate parent IFrame is reported.
	FrameUrl string `json:"frameUrl,omitempty"`
	// FuzzedUrl: The URL produced by the server-side fuzzer and used in the
	// request that triggered the vulnerability.
	FuzzedUrl string `json:"fuzzedUrl,omitempty"`
	// HttpMethod: The http method of the request that triggered the vulnerability,
	// in uppercase.
	HttpMethod string `json:"httpMethod,omitempty"`
	// Name: The resource name of the Finding. The name follows the format of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/finding
	// s/{findingId}'. The finding IDs are generated by the system.
	Name string `json:"name,omitempty"`
	// OutdatedLibrary: An addon containing information about outdated libraries.
	OutdatedLibrary *OutdatedLibrary `json:"outdatedLibrary,omitempty"`
	// ReproductionUrl: The URL containing human-readable payload that user can
	// leverage to reproduce the vulnerability.
	ReproductionUrl string `json:"reproductionUrl,omitempty"`
	// TrackingId: The tracking ID uniquely identifies a vulnerability instance
	// across multiple ScanRuns.
	TrackingId string `json:"trackingId,omitempty"`
	// ViolatingResource: An addon containing detailed information regarding any
	// resource causing the vulnerability such as JavaScript sources, image, audio
	// files, etc.
	ViolatingResource *ViolatingResource `json:"violatingResource,omitempty"`
	// VulnerableHeaders: An addon containing information about vulnerable or
	// missing HTTP headers.
	VulnerableHeaders *VulnerableHeaders `json:"vulnerableHeaders,omitempty"`
	// VulnerableParameters: An addon containing information about request
	// parameters which were found to be vulnerable.
	VulnerableParameters *VulnerableParameters `json:"vulnerableParameters,omitempty"`
	// Xss: An addon containing information reported for an XSS, if any.
	Xss *Xss `json:"xss,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Body") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Body") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Finding: A Finding resource represents a vulnerability instance identified during a ScanRun.

func (Finding) MarshalJSON

func (s Finding) MarshalJSON() ([]byte, error)

type FindingTypeStats

type FindingTypeStats struct {
	// FindingCount: The count of findings belonging to this finding type.
	FindingCount int64 `json:"findingCount,omitempty"`
	// FindingType: The finding type associated with the stats.
	//
	// Possible values:
	//   "FINDING_TYPE_UNSPECIFIED" - The invalid finding type.
	//   "MIXED_CONTENT" - A page that was served over HTTPS also resources over
	// HTTP. A man-in-the-middle attacker could tamper with the HTTP resource and
	// gain full access to the website that loads the resource or to monitor the
	// actions taken by the user.
	//   "OUTDATED_LIBRARY" - The version of an included library is known to
	// contain a security issue. The scanner checks the version of library in use
	// against a known list of vulnerable libraries. False positives are possible
	// if the version detection fails or if the library has been manually patched.
	//   "ROSETTA_FLASH" - This type of vulnerability occurs when the value of a
	// request parameter is reflected at the beginning of the response, for
	// example, in requests using JSONP. Under certain circumstances, an attacker
	// may be able to supply an alphanumeric-only Flash file in the vulnerable
	// parameter causing the browser to execute the Flash file as if it originated
	// on the vulnerable server.
	//   "XSS_CALLBACK" - A cross-site scripting (XSS) bug is found via JavaScript
	// callback. For detailed explanations on XSS, see
	// https://www.google.com/about/appsecurity/learning/xss/.
	//   "XSS_ERROR" - A potential cross-site scripting (XSS) bug due to JavaScript
	// breakage. In some circumstances, the application under test might modify the
	// test string before it is parsed by the browser. When the browser attempts to
	// runs this modified test string, it will likely break and throw a JavaScript
	// execution error, thus an injection issue is occurring. However, it may not
	// be exploitable. Manual verification is needed to see if the test string
	// modifications can be evaded and confirm that the issue is in fact an XSS
	// vulnerability. For detailed explanations on XSS, see
	// https://www.google.com/about/appsecurity/learning/xss/.
	//   "CLEAR_TEXT_PASSWORD" - An application appears to be transmitting a
	// password field in clear text. An attacker can eavesdrop network traffic and
	// sniff the password field.
	//   "INVALID_CONTENT_TYPE" - An application returns sensitive content with an
	// invalid content type, or without an 'X-Content-Type-Options: nosniff'
	// header.
	//   "XSS_ANGULAR_CALLBACK" - A cross-site scripting (XSS) vulnerability in
	// AngularJS module that occurs when a user-provided string is interpolated by
	// Angular.
	//   "INVALID_HEADER" - A malformed or invalid valued header.
	//   "MISSPELLED_SECURITY_HEADER_NAME" - Misspelled security header name.
	//   "MISMATCHING_SECURITY_HEADER_VALUES" - Mismatching values in a duplicate
	// security header.
	//   "ACCESSIBLE_GIT_REPOSITORY" - A world-readable git repository that
	// potentially leaks source code, commit history or sensitive information such
	// as credentials.
	//   "ACCESSIBLE_SVN_REPOSITORY" - A world-readable subversion repository that
	// potentially leaks source code, commit history or sensitive information such
	// as credentials.
	//   "ACCESSIBLE_ENV_FILE" - A world-readable env file that potentially leaks
	// source code, commit history or sensitive information such as credentials.
	FindingType string `json:"findingType,omitempty"`
	// ForceSendFields is a list of field names (e.g. "FindingCount") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "FindingCount") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

FindingTypeStats: A FindingTypeStats resource represents stats regarding a specific FindingType of Findings under a given ScanRun.

func (FindingTypeStats) MarshalJSON

func (s FindingTypeStats) MarshalJSON() ([]byte, error)

type GoogleAccount

type GoogleAccount struct {
	// Password: Required. Input only. The password of the Google account. The
	// credential is stored encrypted and not returned in any response nor included
	// in audit logs.
	Password string `json:"password,omitempty"`
	// Username: Required. The user name of the Google account.
	Username string `json:"username,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Password") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Password") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleAccount: Describes authentication configuration that uses a Google account.

func (GoogleAccount) MarshalJSON

func (s GoogleAccount) MarshalJSON() ([]byte, error)
type Header struct {
	// Name: Header name.
	Name string `json:"name,omitempty"`
	// Value: Header value.
	Value string `json:"value,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Name") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Name") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Header: Describes a HTTP Header.

func (Header) MarshalJSON

func (s Header) MarshalJSON() ([]byte, error)

type ListCrawledUrlsResponse

type ListCrawledUrlsResponse struct {
	// CrawledUrls: The list of CrawledUrls returned.
	CrawledUrls []*CrawledUrl `json:"crawledUrls,omitempty"`
	// NextPageToken: Token to retrieve the next page of results, or empty if there
	// are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "CrawledUrls") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CrawledUrls") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListCrawledUrlsResponse: Response for the `ListCrawledUrls` method.

func (ListCrawledUrlsResponse) MarshalJSON

func (s ListCrawledUrlsResponse) MarshalJSON() ([]byte, error)

type ListFindingTypeStatsResponse

type ListFindingTypeStatsResponse struct {
	// FindingTypeStats: The list of FindingTypeStats returned.
	FindingTypeStats []*FindingTypeStats `json:"findingTypeStats,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "FindingTypeStats") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "FindingTypeStats") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListFindingTypeStatsResponse: Response for the `ListFindingTypeStats` method.

func (ListFindingTypeStatsResponse) MarshalJSON

func (s ListFindingTypeStatsResponse) MarshalJSON() ([]byte, error)

type ListFindingsResponse

type ListFindingsResponse struct {
	// Findings: The list of Findings returned.
	Findings []*Finding `json:"findings,omitempty"`
	// NextPageToken: Token to retrieve the next page of results, or empty if there
	// are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Findings") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Findings") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListFindingsResponse: Response for the `ListFindings` method.

func (ListFindingsResponse) MarshalJSON

func (s ListFindingsResponse) MarshalJSON() ([]byte, error)

type ListScanConfigsResponse

type ListScanConfigsResponse struct {
	// NextPageToken: Token to retrieve the next page of results, or empty if there
	// are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`
	// ScanConfigs: The list of ScanConfigs returned.
	ScanConfigs []*ScanConfig `json:"scanConfigs,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListScanConfigsResponse: Response for the `ListScanConfigs` method.

func (ListScanConfigsResponse) MarshalJSON

func (s ListScanConfigsResponse) MarshalJSON() ([]byte, error)

type ListScanRunsResponse

type ListScanRunsResponse struct {
	// NextPageToken: Token to retrieve the next page of results, or empty if there
	// are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`
	// ScanRuns: The list of ScanRuns returned.
	ScanRuns []*ScanRun `json:"scanRuns,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListScanRunsResponse: Response for the `ListScanRuns` method.

func (ListScanRunsResponse) MarshalJSON

func (s ListScanRunsResponse) MarshalJSON() ([]byte, error)

type OutdatedLibrary

type OutdatedLibrary struct {
	// LearnMoreUrls: URLs to learn more information about the vulnerabilities in
	// the library.
	LearnMoreUrls []string `json:"learnMoreUrls,omitempty"`
	// LibraryName: The name of the outdated library.
	LibraryName string `json:"libraryName,omitempty"`
	// Version: The version number.
	Version string `json:"version,omitempty"`
	// ForceSendFields is a list of field names (e.g. "LearnMoreUrls") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "LearnMoreUrls") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

OutdatedLibrary: Information reported for an outdated library.

func (OutdatedLibrary) MarshalJSON

func (s OutdatedLibrary) MarshalJSON() ([]byte, error)

type ProjectsScanConfigsCreateCall

type ProjectsScanConfigsCreateCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsCreateCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsCreateCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.create" call. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsCreateCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ProjectsScanConfigsDeleteCall

type ProjectsScanConfigsDeleteCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsDeleteCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsDeleteCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.delete" call. Any non-2xx status code is an error. Response headers are in either *Empty.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsDeleteCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ProjectsScanConfigsGetCall

type ProjectsScanConfigsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.get" call. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type ProjectsScanConfigsListCall

type ProjectsScanConfigsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.list" call. Any non-2xx status code is an error. Response headers are in either *ListScanConfigsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*ProjectsScanConfigsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of ScanConfigs to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsPatchCall

type ProjectsScanConfigsPatchCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsPatchCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsPatchCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.patch" call. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsPatchCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask

type ProjectsScanConfigsScanRunsCrawledUrlsListCall

type ProjectsScanConfigsScanRunsCrawledUrlsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.crawledUrls.list" call. Any non-2xx status code is an error. Response headers are in either *ListCrawledUrlsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of CrawledUrls to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsCrawledUrlsService

type ProjectsScanConfigsScanRunsCrawledUrlsService struct {
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsCrawledUrlsService

func NewProjectsScanConfigsScanRunsCrawledUrlsService(s *Service) *ProjectsScanConfigsScanRunsCrawledUrlsService

func (*ProjectsScanConfigsScanRunsCrawledUrlsService) List

List: List CrawledUrls under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

type ProjectsScanConfigsScanRunsFindingTypeStatsListCall

type ProjectsScanConfigsScanRunsFindingTypeStatsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findingTypeStats.list" call. Any non-2xx status code is an error. Response headers are in either *ListFindingTypeStatsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type ProjectsScanConfigsScanRunsFindingTypeStatsService

type ProjectsScanConfigsScanRunsFindingTypeStatsService struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingTypeStatsService) List

List: List all FindingTypeStats under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

type ProjectsScanConfigsScanRunsFindingsGetCall

type ProjectsScanConfigsScanRunsFindingsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findings.get" call. Any non-2xx status code is an error. Response headers are in either *Finding.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type ProjectsScanConfigsScanRunsFindingsListCall

type ProjectsScanConfigsScanRunsFindingsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findings.list" call. Any non-2xx status code is an error. Response headers are in either *ListFindingsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Filter

Filter sets the optional parameter "filter": Required. The filter expression. The expression must be in the format: . Supported field: 'finding_type'. Supported operator: '='.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsFindingsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*ProjectsScanConfigsScanRunsFindingsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsFindingsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsFindingsService

type ProjectsScanConfigsScanRunsFindingsService struct {
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsFindingsService

func NewProjectsScanConfigsScanRunsFindingsService(s *Service) *ProjectsScanConfigsScanRunsFindingsService

func (*ProjectsScanConfigsScanRunsFindingsService) Get

Get: Gets a Finding.

  • name: The resource name of the Finding to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findi ngs/{findingId}'.

func (*ProjectsScanConfigsScanRunsFindingsService) List

List: List Findings under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

type ProjectsScanConfigsScanRunsGetCall

type ProjectsScanConfigsScanRunsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.get" call. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type ProjectsScanConfigsScanRunsListCall

type ProjectsScanConfigsScanRunsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.list" call. Any non-2xx status code is an error. Response headers are in either *ListScanRunsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*ProjectsScanConfigsScanRunsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of ScanRuns to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsService

type ProjectsScanConfigsScanRunsService struct {
	CrawledUrls *ProjectsScanConfigsScanRunsCrawledUrlsService

	FindingTypeStats *ProjectsScanConfigsScanRunsFindingTypeStatsService

	Findings *ProjectsScanConfigsScanRunsFindingsService
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsService

func NewProjectsScanConfigsScanRunsService(s *Service) *ProjectsScanConfigsScanRunsService

func (*ProjectsScanConfigsScanRunsService) Get

Get: Gets a ScanRun.

  • name: The resource name of the ScanRun to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

func (*ProjectsScanConfigsScanRunsService) List

List: Lists ScanRuns under a given ScanConfig, in descending order of ScanRun stop time.

  • parent: The parent resource name, which should be a scan resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsScanRunsService) Stop

Stop: Stops a ScanRun. The stopped ScanRun is returned.

  • name: The resource name of the ScanRun to be stopped. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

type ProjectsScanConfigsScanRunsStopCall

type ProjectsScanConfigsScanRunsStopCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsStopCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsStopCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.stop" call. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsStopCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsStopCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ProjectsScanConfigsService

type ProjectsScanConfigsService struct {
	ScanRuns *ProjectsScanConfigsScanRunsService
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsService

func NewProjectsScanConfigsService(s *Service) *ProjectsScanConfigsService

func (*ProjectsScanConfigsService) Create

Create: Creates a new ScanConfig.

  • parent: The parent resource name where the scan is created, which should be a project resource name in the format 'projects/{projectId}'.

func (*ProjectsScanConfigsService) Delete

Delete: Deletes an existing ScanConfig and its child resources.

  • name: The resource name of the ScanConfig to be deleted. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsService) Get

Get: Gets a ScanConfig.

  • name: The resource name of the ScanConfig to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsService) List

List: Lists ScanConfigs under a given project.

  • parent: The parent resource name, which should be a project resource name in the format 'projects/{projectId}'.

func (*ProjectsScanConfigsService) Patch

Patch: Updates a ScanConfig. This method support partial update of a ScanConfig.

  • name: The resource name of the ScanConfig. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are generated by the system.

func (*ProjectsScanConfigsService) Start

Start: Start a ScanRun according to the given ScanConfig.

  • name: The resource name of the ScanConfig to be used. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

type ProjectsScanConfigsStartCall

type ProjectsScanConfigsStartCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsStartCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsStartCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.start" call. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsStartCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsStartCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ProjectsService

type ProjectsService struct {
	ScanConfigs *ProjectsScanConfigsService
	// contains filtered or unexported fields
}

func NewProjectsService

func NewProjectsService(s *Service) *ProjectsService

type ScanConfig

type ScanConfig struct {
	// Authentication: The authentication configuration. If specified, service will
	// use the authentication configuration during scanning.
	Authentication *Authentication `json:"authentication,omitempty"`
	// BlacklistPatterns: The excluded URL patterns as described in
	// https://cloud.google.com/security-command-center/docs/how-to-use-web-security-scanner#excluding_urls
	BlacklistPatterns []string `json:"blacklistPatterns,omitempty"`
	// DisplayName: Required. The user provided display name of the ScanConfig.
	DisplayName string `json:"displayName,omitempty"`
	// LatestRun: Latest ScanRun if available.
	LatestRun *ScanRun `json:"latestRun,omitempty"`
	// MaxQps: The maximum QPS during scanning. A valid value ranges from 5 to 20
	// inclusively. If the field is unspecified or its value is set 0, server will
	// default to 15. Other values outside of [5, 20] range will be rejected with
	// INVALID_ARGUMENT error.
	MaxQps int64 `json:"maxQps,omitempty"`
	// Name: The resource name of the ScanConfig. The name follows the format of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are
	// generated by the system.
	Name string `json:"name,omitempty"`
	// Schedule: The schedule of the ScanConfig.
	Schedule *Schedule `json:"schedule,omitempty"`
	// StartingUrls: Required. The starting URLs from which the scanner finds site
	// pages.
	StartingUrls []string `json:"startingUrls,omitempty"`
	// TargetPlatforms: Set of Google Cloud platforms targeted by the scan. If
	// empty, APP_ENGINE will be used as a default.
	//
	// Possible values:
	//   "TARGET_PLATFORM_UNSPECIFIED" - The target platform is unknown. Requests
	// with this enum value will be rejected with INVALID_ARGUMENT error.
	//   "APP_ENGINE" - Google App Engine service.
	//   "COMPUTE" - Google Compute Engine service.
	//   "CLOUD_RUN" - Google Cloud Run service.
	//   "CLOUD_FUNCTIONS" - Google Cloud Function service.
	TargetPlatforms []string `json:"targetPlatforms,omitempty"`
	// UserAgent: The user agent used during scanning.
	//
	// Possible values:
	//   "USER_AGENT_UNSPECIFIED" - The user agent is unknown. Service will default
	// to CHROME_LINUX.
	//   "CHROME_LINUX" - Chrome on Linux. This is the service default if
	// unspecified.
	//   "CHROME_ANDROID" - Chrome on Android.
	//   "SAFARI_IPHONE" - Safari on IPhone.
	UserAgent string `json:"userAgent,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Authentication") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Authentication") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ScanConfig: A ScanConfig resource contains the configurations to launch a scan. next id: 12

func (ScanConfig) MarshalJSON

func (s ScanConfig) MarshalJSON() ([]byte, error)

type ScanRun

type ScanRun struct {
	// EndTime: The time at which the ScanRun reached termination state - that the
	// ScanRun is either finished or stopped by user.
	EndTime string `json:"endTime,omitempty"`
	// ExecutionState: The execution state of the ScanRun.
	//
	// Possible values:
	//   "EXECUTION_STATE_UNSPECIFIED" - Represents an invalid state caused by
	// internal server error. This value should never be returned.
	//   "QUEUED" - The scan is waiting in the queue.
	//   "SCANNING" - The scan is in progress.
	//   "FINISHED" - The scan is either finished or stopped by user.
	ExecutionState string `json:"executionState,omitempty"`
	// HasVulnerabilities: Whether the scan run has found any vulnerabilities.
	HasVulnerabilities bool `json:"hasVulnerabilities,omitempty"`
	// Name: The resource name of the ScanRun. The name follows the format of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. The
	// ScanRun IDs are generated by the system.
	Name string `json:"name,omitempty"`
	// ProgressPercent: The percentage of total completion ranging from 0 to 100.
	// If the scan is in queue, the value is 0. If the scan is running, the value
	// ranges from 0 to 100. If the scan is finished, the value is 100.
	ProgressPercent int64 `json:"progressPercent,omitempty"`
	// ResultState: The result state of the ScanRun. This field is only available
	// after the execution state reaches "FINISHED".
	//
	// Possible values:
	//   "RESULT_STATE_UNSPECIFIED" - Default value. This value is returned when
	// the ScanRun is not yet finished.
	//   "SUCCESS" - The scan finished without errors.
	//   "ERROR" - The scan finished with errors.
	//   "KILLED" - The scan was terminated by user.
	ResultState string `json:"resultState,omitempty"`
	// StartTime: The time at which the ScanRun started.
	StartTime string `json:"startTime,omitempty"`
	// UrlsCrawledCount: The number of URLs crawled during this ScanRun. If the
	// scan is in progress, the value represents the number of URLs crawled up to
	// now.
	UrlsCrawledCount int64 `json:"urlsCrawledCount,omitempty,string"`
	// UrlsTestedCount: The number of URLs tested during this ScanRun. If the scan
	// is in progress, the value represents the number of URLs tested up to now.
	// The number of URLs tested is usually larger than the number URLS crawled
	// because typically a crawled URL is tested with multiple test payloads.
	UrlsTestedCount int64 `json:"urlsTestedCount,omitempty,string"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "EndTime") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "EndTime") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ScanRun: A ScanRun is a output-only resource representing an actual run of the scan.

func (ScanRun) MarshalJSON

func (s ScanRun) MarshalJSON() ([]byte, error)

type Schedule

type Schedule struct {
	// IntervalDurationDays: Required. The duration of time between executions in
	// days.
	IntervalDurationDays int64 `json:"intervalDurationDays,omitempty"`
	// ScheduleTime: A timestamp indicates when the next run will be scheduled. The
	// value is refreshed by the server after each run. If unspecified, it will
	// default to current server time, which means the scan will be scheduled to
	// start immediately.
	ScheduleTime string `json:"scheduleTime,omitempty"`
	// ForceSendFields is a list of field names (e.g. "IntervalDurationDays") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "IntervalDurationDays") to include
	// in API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Schedule: Scan schedule configuration.

func (Schedule) MarshalJSON

func (s Schedule) MarshalJSON() ([]byte, error)

type Service

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	Projects *ProjectsService
	// contains filtered or unexported fields
}

func New deprecated

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService added in v0.3.0

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

type StartScanRunRequest

type StartScanRunRequest struct {
}

StartScanRunRequest: Request for the `StartScanRun` method.

type StopScanRunRequest

type StopScanRunRequest struct {
}

StopScanRunRequest: Request for the `StopScanRun` method.

type ViolatingResource

type ViolatingResource struct {
	// ContentType: The MIME type of this resource.
	ContentType string `json:"contentType,omitempty"`
	// ResourceUrl: URL of this violating resource.
	ResourceUrl string `json:"resourceUrl,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ContentType") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ContentType") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ViolatingResource: Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

func (ViolatingResource) MarshalJSON

func (s ViolatingResource) MarshalJSON() ([]byte, error)

type VulnerableHeaders

type VulnerableHeaders struct {
	// Headers: List of vulnerable headers.
	Headers []*Header `json:"headers,omitempty"`
	// MissingHeaders: List of missing headers.
	MissingHeaders []*Header `json:"missingHeaders,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Headers") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Headers") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

VulnerableHeaders: Information about vulnerable or missing HTTP Headers.

func (VulnerableHeaders) MarshalJSON

func (s VulnerableHeaders) MarshalJSON() ([]byte, error)

type VulnerableParameters

type VulnerableParameters struct {
	// ParameterNames: The vulnerable parameter names.
	ParameterNames []string `json:"parameterNames,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ParameterNames") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ParameterNames") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

VulnerableParameters: Information about vulnerable request parameters.

func (VulnerableParameters) MarshalJSON

func (s VulnerableParameters) MarshalJSON() ([]byte, error)

type Xss

type Xss struct {
	// ErrorMessage: An error message generated by a javascript breakage.
	ErrorMessage string `json:"errorMessage,omitempty"`
	// StackTraces: Stack traces leading to the point where the XSS occurred.
	StackTraces []string `json:"stackTraces,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ErrorMessage") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ErrorMessage") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Xss: Information reported for an XSS.

func (Xss) MarshalJSON

func (s Xss) MarshalJSON() ([]byte, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL