feat: Add explain sub-commant to get details about response codes, error reasons, etc.

en-milie · en-milie · commit 7b9c564c5e60 · 2025-02-09T22:14:53.000+02:00
diff --git a/src/main/java/com/endava/cats/command/CatsCommand.java b/src/main/java/com/endava/cats/command/CatsCommand.java
@@ -105,7 +105,8 @@
                 StatsCommand.class,
                 ValidateCommand.class,
                 RandomCommand.class,
-                GenerateCommand.class
+                GenerateCommand.class,
+                ExplainCommand.class
         })
 public class CatsCommand implements Runnable, CommandLine.IExitCodeGenerator {
 
@@ -447,5 +448,4 @@ private List<FuzzingData> filterFuzzingData(List<FuzzingData> fuzzingDataListWit
     public int getExitCode() {
         return exitCodeDueToErrors + executionStatisticsListener.getErrors();
     }
-
 }
diff --git a/src/main/java/com/endava/cats/command/ExplainCommand.java b/src/main/java/com/endava/cats/command/ExplainCommand.java
@@ -0,0 +1,100 @@
+package com.endava.cats.command;
+
+import com.endava.cats.fuzzer.api.Fuzzer;
+import com.endava.cats.fuzzer.special.mutators.api.Mutator;
+import com.endava.cats.model.CatsResponse;
+import com.endava.cats.model.CatsResultFactory;
+import com.endava.cats.util.VersionProvider;
+import io.github.ludovicianul.prettylogger.PrettyLogger;
+import io.github.ludovicianul.prettylogger.PrettyLoggerFactory;
+import io.quarkus.arc.Unremovable;
+import jakarta.enterprise.inject.Instance;
+import jakarta.inject.Inject;
+import picocli.CommandLine;
+
+import java.util.Arrays;
+import java.util.Locale;
+
+@CommandLine.Command(
+        name = "explain",
+        mixinStandardHelpOptions = true,
+        usageHelpAutoWidth = true,
+        exitCodeOnInvalidInput = 191,
+        exitCodeOnExecutionException = 192,
+        exitCodeListHeading = "%n@|bold,underline Exit Codes:|@%n",
+        exitCodeList = {"@|bold  0|@:Successful program execution",
+                "@|bold 191|@:Usage error: user input for the command was incorrect",
+                "@|bold 192|@:Internal execution error: an exception occurred when executing command"},
+        footerHeading = "%n@|bold,underline Examples:|@%n",
+        footer = {"  Explain a 9XX response code:",
+                "    cats explain --type response_code 953",
+                "", "  Get more information about an error reason:",
+                "    cats explain --type error_reason \"Error details leak\"",},
+        description = "Provides detailed information about a fuzzer, mutator, response code or error reason.",
+        versionProvider = VersionProvider.class)
+@Unremovable
+public class ExplainCommand implements Runnable {
+    private final PrettyLogger logger = PrettyLoggerFactory.getConsoleLogger();
+
+    @CommandLine.Option(names = {"-t", "--type"},
+            description = "Output to console in JSON format.", required = true)
+    private Type type;
+
+    @CommandLine.Parameters(index = "0",
+            paramLabel = "<info>",
+            description = "The information you want to get details about.")
+    String info;
+
+    @Inject
+    Instance<Fuzzer> fuzzers;
+
+    @Inject
+    Instance<Mutator> mutators;
+
+
+    @Override
+    public void run() {
+        switch (type) {
+            case FUZZER -> displayFuzzerInfo();
+            case MUTATOR -> displayMutatorInfo();
+            case RESPONSE_CODE -> displayResponseCodeInfo();
+            case ERROR_REASON -> displayErrorReason();
+        }
+    }
+
+    private void displayErrorReason() {
+        Arrays.stream(CatsResultFactory.Reason.values()).filter(reason -> reason.name()
+                        .toLowerCase(Locale.ROOT).contains(info.toLowerCase(Locale.ROOT)))
+                .sorted()
+                .forEach(reason -> logger.noFormat("* Reason {} - {}", reason.reason(), reason.description()));
+    }
+
+    private void displayFuzzerInfo() {
+        fuzzers.stream().filter(fuzzer -> fuzzer.getClass().getSimpleName()
+                        .toLowerCase(Locale.ROOT).contains(info.toLowerCase(Locale.ROOT)))
+                .sorted()
+                .forEach(fuzzer -> logger.noFormat("* Fuzzer {} - {}", fuzzer.getClass().getSimpleName(), fuzzer.description()));
+    }
+
+    private void displayMutatorInfo() {
+        mutators.stream().filter(mutator -> mutator.getClass().getSimpleName()
+                        .toLowerCase(Locale.ROOT).contains(info.toLowerCase(Locale.ROOT)))
+                .sorted()
+                .forEach(mutator -> logger.noFormat("* Mutator {} - {}", mutator.getClass().getSimpleName(), mutator.description()));
+    }
+
+    private void displayResponseCodeInfo() {
+        Arrays.stream(CatsResponse.ExceptionalResponse.values())
+                .map(CatsResponse.ExceptionalResponse::asString)
+                .filter(response -> response.toLowerCase(Locale.ROOT).contains(info.toLowerCase(Locale.ROOT)))
+                .toList().stream().sorted()
+                .forEach(logger::noFormat);
+    }
+
+    public enum Type {
+        FUZZER,
+        MUTATOR,
+        RESPONSE_CODE,
+        ERROR_REASON
+    }
+}
diff --git a/src/main/java/com/endava/cats/fuzzer/special/mutators/api/Mutator.java b/src/main/java/com/endava/cats/fuzzer/special/mutators/api/Mutator.java
@@ -9,7 +9,7 @@
  * Implementations of this interface provide methods to apply various types of mutations
  * to input strings, producing modified output strings.
  */
-public interface Mutator {
+public interface Mutator extends Comparable<Mutator> {
 
     /**
      * Applies a mutation to the input string.
@@ -35,4 +35,8 @@ public interface Mutator {
      * @return the description of the mutator
      */
     String description();
+
+    default int compareTo(Mutator o) {
+        return this.getClass().getSimpleName().compareTo(o.getClass().getSimpleName());
+    }
 }
diff --git a/src/main/java/com/endava/cats/model/CatsResponse.java b/src/main/java/com/endava/cats/model/CatsResponse.java
@@ -216,6 +216,10 @@ public int responseCode() {
         public String responseBody() {
             return responseBody;
         }
+
+        public String asString() {
+            return responseCode + " - " + this.name().toLowerCase(Locale.ROOT) + " - " + responseBody;
+        }
     }
 
     public static class CatsResponseBuilder {
diff --git a/src/main/java/com/endava/cats/model/CatsResultFactory.java b/src/main/java/com/endava/cats/model/CatsResultFactory.java
@@ -15,7 +15,7 @@ public interface CatsResultFactory {
      */
     static CatsResult createExpectedResponse(String receivedResponseCode) {
         String message = "Response matches expected result. Response code [%s] is documented and response body matches the corresponding schema.".formatted(receivedResponseCode);
-        String reason = "All Good!";
+        String reason = Reason.ALL_GOOD.description();
 
         return new CatsResult(message, reason);
     }
@@ -28,7 +28,7 @@ static CatsResult createExpectedResponse(String receivedResponseCode) {
      */
     static CatsResult createNotMatchingResponseSchema(String receivedResponseCode) {
         String message = "Response does NOT match expected result. Response code [%s] is documented, but response body does NOT match the corresponding schema.".formatted(receivedResponseCode);
-        String reason = "Not matching response schema";
+        String reason = Reason.NOT_MATCHING_RESPONSE_SCHEMA.description();
 
         return new CatsResult(message, reason);
     }
@@ -42,7 +42,7 @@ static CatsResult createNotMatchingResponseSchema(String receivedResponseCode) {
      */
     static CatsResult createNotMatchingContentType(List<String> expected, String actual) {
         String message = "Response content type not matching the contract: expected %s, actual [%s]".formatted(expected, actual);
-        String reason = "Response content type not matching the contract";
+        String reason = Reason.RESPONSE_CONTENT_TYPE_NOT_MATCHING.description();
         return new CatsResult(message, reason);
     }
 
@@ -52,7 +52,7 @@ static CatsResult createNotMatchingContentType(List<String> expected, String act
      * @return a CatsResult to use in reports
      */
     static CatsResult createNotImplemented() {
-        return new CatsResult("Response HTTP code 501: you forgot to implement this functionality!", "Not implemented");
+        return new CatsResult("Response HTTP code 501: you forgot to implement this functionality!", Reason.NOT_IMPLEMENTED.description());
     }
 
     /**
@@ -61,7 +61,7 @@ static CatsResult createNotImplemented() {
      * @return a CatsResult to use in reports
      */
     static CatsResult createNotFound() {
-        return new CatsResult("Response HTTP code 404: you might need to provide business context using --refData or --urlParams", "Not found");
+        return new CatsResult("Response HTTP code 404: you might need to provide business context using --refData or --urlParams", Reason.NOT_FOUND.description());
     }
 
     /**
@@ -73,7 +73,7 @@ static CatsResult createNotFound() {
      */
     static CatsResult createResponseTimeExceedsMax(long receivedResponseTime, long maxResponseTime) {
         String message = "Test case executed successfully, but response time exceeds --maxResponseTimeInMs: actual %d, max %d".formatted(receivedResponseTime, maxResponseTime);
-        String reason = "Response time exceeds max";
+        String reason = Reason.RESPONSE_TIME_EXCEEDS_MAX.description();
 
         return new CatsResult(message, reason);
     }
@@ -87,7 +87,7 @@ static CatsResult createResponseTimeExceedsMax(long receivedResponseTime, long m
      */
     static CatsResult createUnexpectedException(String fuzzer, String errorMessage) {
         String message = "Fuzzer [%s] failed due to [%s]".formatted(fuzzer, errorMessage);
-        String reason = "Unexpected exception";
+        String reason = Reason.UNEXPECTED_EXCEPTION.description();
 
         return new CatsResult(message, reason);
     }
@@ -100,7 +100,7 @@ static CatsResult createUnexpectedException(String fuzzer, String errorMessage)
      */
     static CatsResult createErrorLeaksDetectedInResponse(List<String> keywords) {
         String message = "The following keywords were detected in the response which might suggest an error details leak: %s".formatted(keywords);
-        String reason = "Error details leak";
+        String reason = Reason.ERROR_LEAKS_DETECTED.description();
 
         return new CatsResult(message, reason);
     }
@@ -115,7 +115,7 @@ static CatsResult createErrorLeaksDetectedInResponse(List<String> keywords) {
      */
     static CatsResult createUnexpectedBehaviour(String receivedResponseCode, String expectedResponseCode) {
         String message = "Unexpected behaviour: expected %s, actual [%s]".formatted(expectedResponseCode, receivedResponseCode);
-        String reason = "Unexpected behaviour: %s".formatted(receivedResponseCode);
+        String reason = Reason.UNEXPECTED_BEHAVIOUR.description() + " %s".formatted(receivedResponseCode);
 
         return new CatsResult(message, reason);
     }
@@ -129,7 +129,7 @@ static CatsResult createUnexpectedBehaviour(String receivedResponseCode, String
      */
     static CatsResult createUnexpectedResponseCode(String receivedResponseCode, String expectedResponseCode) {
         String message = "Response does NOT match expected result. Response code is NOT from a list of expected codes for this FUZZER: expected %s, actual [%s]".formatted(expectedResponseCode, receivedResponseCode);
-        String reason = "Unexpected response code: %s".formatted(receivedResponseCode);
+        String reason = Reason.UNEXPECTED_RESPONSE_CODE.description() + ": %s".formatted(receivedResponseCode);
 
         return new CatsResult(message, reason);
     }
@@ -144,7 +144,7 @@ static CatsResult createUnexpectedResponseCode(String receivedResponseCode, Stri
      */
     static CatsResult createUndocumentedResponseCode(String receivedResponseCode, String expectedResponseCode, String documentedResponseCodes) {
         String message = "Response does NOT match expected result. Response code is from a list of expected codes for this FUZZER, but it is undocumented: expected %s, actual [%s], documented response codes: %s".formatted(expectedResponseCode, receivedResponseCode, documentedResponseCodes);
-        String reason = "Undocumented response code: %s".formatted(receivedResponseCode);
+        String reason = Reason.UNDOCUMENTED_RESPONSE_CODE.description() + ": %s".formatted(receivedResponseCode);
 
         return new CatsResult(message, reason);
     }
@@ -158,4 +158,34 @@ static CatsResult createUndocumentedResponseCode(String receivedResponseCode, St
      */
     record CatsResult(String message, String reason) {
     }
+
+    enum Reason {
+        ALL_GOOD("All Good!", "The response matches the expected result"),
+        NOT_MATCHING_RESPONSE_SCHEMA("Not matching response schema", "The response body does NOT match the corresponding schema defined in the OpenAPI contract"),
+        NOT_IMPLEMENTED("Not implemented", "You forgot to implement this functionality!"),
+        NOT_FOUND("Not found", "You might need to provide business context using --refData or --urlParams"),
+        RESPONSE_TIME_EXCEEDS_MAX("Response time exceeds max", "The response time exceeds the maximum configured response time supplied using --maxResponseTimeInMs, default is 0 i.e no limit"),
+        UNEXPECTED_EXCEPTION("Unexpected exception", "An unexpected exception occurred. This might suggest an issue with CATS itself"),
+        ERROR_LEAKS_DETECTED("Error details leak", "The response contains error messages that might expose sensitive information"),
+        UNEXPECTED_RESPONSE_CODE("Unexpected response code", "The response code is documented inside the contract, but not expected for the current fuzzer"),
+        UNDOCUMENTED_RESPONSE_CODE("Undocumented response code", "The response code is expected for the current fuzzer, but not documented inside the contract"),
+        RESPONSE_CONTENT_TYPE_NOT_MATCHING("Response content type not matching the contract", "The response content type does not match the one defined in the OpenAPI contract"),
+        UNEXPECTED_BEHAVIOUR("Unexpected behaviour", "CATS run the test case successfully, but the response code was not expected, nor documented, nor known to typically be documented");
+
+        private final String reason;
+        private final String description;
+
+        Reason(String reason, String description) {
+            this.reason = reason;
+            this.description = description;
+        }
+
+        public String description() {
+            return description;
+        }
+
+        public String reason() {
+            return reason;
+        }
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -105,7 +105,8 @@`
`105`	`105`	`StatsCommand.class,`
`106`	`106`	`ValidateCommand.class,`
`107`	`107`	`RandomCommand.class,`
`108`		`- GenerateCommand.class`
	`108`	`+ GenerateCommand.class,`
	`109`	`+ ExplainCommand.class`
`109`	`110`	`})`
`110`	`111`	`public class CatsCommand implements Runnable, CommandLine.IExitCodeGenerator {`
`111`	`112`
`@@ -447,5 +448,4 @@ private List<FuzzingData> filterFuzzingData(List<FuzzingData> fuzzingDataListWit`
`447`	`448`	`public int getExitCode() {`
`448`	`449`	`return exitCodeDueToErrors + executionStatisticsListener.getErrors();`
`449`	`450`	`}`
`450`		`-`
`451`	`451`	`}`
Original file line number	Diff line number	Diff line change
`@@ -216,6 +216,10 @@ public int responseCode() {`
`216`	`216`	`public String responseBody() {`
`217`	`217`	`return responseBody;`
`218`	`218`	`}`
	`219`	`+`
	`220`	`+ public String asString() {`
	`221`	`+ return responseCode + " - " + this.name().toLowerCase(Locale.ROOT) + " - " + responseBody;`
	`222`	`+ }`
`219`	`223`	`}`
`220`	`224`
`221`	`225`	`public static class CatsResponseBuilder {`