Simple PHP Qualys API class

Document created by PeterPeter on Dec 26, 2011Last modified by PeterPeter on Mar 12, 2012
Version 5Show Document
  • View in full screen mode

Hello,

 

I just began to write a PHP class today to make calls through the Qualys API and I wanted to share it as I didn't see any proper PHP example here. This is just a simple example to perform some basics action as login / logout.

 

You will need >= PHP 5 to make this script work.

 

I were not able to test the script without a proxy, so I hope it works!

 

 

<?php


class SimpleQAPI
{
          // Params
          private $_connectTimeout;
          private $_timeout;
          private $_ckfile;
          private $_qlogin;
          private $_qpassword;
          private $_plogin;
          private $_ppassword;
          private $_purl;
          private $_pport;
          private $_headers;
          private $_post;
          private $_ch;
          private $_is_logged = false;
          private $_proxy = false;
          private $_proxy_auth = false;

          // Answer of a request will be stored in $resp 
          public $resp;

          // Constructor
          public function __construct($params){
                    if (isset($params['purl']) && isset($params['pport']))
                              $this->_proxy = true;
                              if (isset($params['plogin']) && isset($params['ppassword']))
                                        $this->_proxy_auth = true;
                    foreach ($params as $key => $value){
                              $key = '_'.$key;
                              $this->$key = $value;
                    }
          }


          // Function to build the post DATA
          private function _build_post(){
                    $post = '';
                              foreach ($this->_post as $key => $value)
                                        $post .= $key.'='.$value.'&';
                    return substr($post, 0, -1);
          }


          // Function handling common curl operations
          private function _common_curl(){
                    $this->_ch = curl_init();
                    curl_setopt($this->_ch, CURLOPT_URL, 'https://'.$this->_qdomain.'/'.$this->_qurl);
                    ($this->_is_logged) ? curl_setopt($this->_ch, CURLOPT_COOKIEFILE, $this->_ckfile) : curl_setopt($this->_ch, CURLOPT_COOKIEJAR, $this->_ckfile);
                    curl_setopt($this->_ch, CURLOPT_POSTFIELDS, $this->_build_post());
                    if ($this->_proxy)
                              curl_setopt($this->_ch, CURLOPT_PROXY, $this->_purl.':'.$this->_pport);
                    curl_setopt($this->_ch, CURLOPT_POST, TRUE);
                    if ($this->_proxy_auth)
                              curl_setopt($this->_ch, CURLOPT_PROXYUSERPWD, $this->_plogin.':'.$this->_ppassword);
                    curl_setopt($this->_ch, CURLOPT_CONNECTTIMEOUT, $this->_connectTimeout);
                    curl_setopt($this->_ch, CURLOPT_TIMEOUT, $this->_timeout);
                    curl_setopt($this->_ch, CURLOPT_SSL_VERIFYPEER, FALSE);
                    curl_setopt($this->_ch, CURLOPT_SSL_VERIFYHOST , FALSE);
                    curl_setopt($this->_ch, CURLOPT_RETURNTRANSFER, TRUE);
                    curl_setopt($this->_ch, CURLOPT_HTTPHEADER, $this->_headers);
                    $this->resp = curl_exec($this->_ch);
                    if(curl_errno($this->_ch))
                              echo 'Curl error: ' . curl_error($this->_ch);
                    curl_close($this->_ch);
          } 


          // Login
          public function login(){
                    $this->_ckfile = tempnam ('.', 'CURLCOOKIE');
                    $this->_post = array('action' => 'login',
                              'username' => $this->_qlogin,
                              'password' => $this->_qpassword);
                    $this->_qurl = 'api/2.0/fo/session/';
                    $this->_common_curl();
                    $this->_is_logged = true;
          }


          // Logout
          public function logout(){
                    $this->_post = array('action' => 'logout');
                    $this->_qurl = 'api/2.0/fo/session/';
                    $this->_common_curl();
                    $this->_is_logged = false;
                    unlink($this->_ckfile);
          }

          // View IP list
          public function view_ip_list(){
                    $this->_post = array('action' => 'list');
                    $this->_qurl = 'api/2.0/fo/asset/ip/';
                    $this->_common_curl();
          }

          // View host list
          public function view_host_list(){
                    $this->_post = array('action' => 'list');
                    $this->_qurl = 'api/2.0/fo/asset/host/';
                    $this->_common_curl();
          }
}
// Params for the connection : Need services accounts for Qualys and Proxy
// Remove plogin, ppassword, purl, pport for no proxy
// Remove plogin, ppassword for proxy withouth authentication


$params = array('qlogin' => 'Qualys login',
          'connectTimeout' => 10'
          'timeout' => 59'
          'qpassword' => 'Qualys Password',
          'qdomain' => 'Qualys domain without HTTP'; // For example 'qualysapi.qualys.com'
          'plogin' => 'Proxy login',
          'ppassword' => 'Proxy password',
          'headers' => array('X-Requested-With: SimpleQAPI'),
          'purl' => 'http://proxy.to.use',
          'pport' => 'port number');

$SimpleQAPI = new SimpleQAPI($params);
// You have to use the login() method to be able to launch the view_xxx_list() methods
// For each request the answer is stored in $SimpleQAPI->resp
$SimpleQAPI->login();
// This should print : 201x-xx-xxTxx:xx:xxZ Logged in 
echo $SimpleQAPI->resp;
$SimpleQAPI->logout();
?>

 

Please let me know what you think about it.

 

Regards,

Peter

Outcomes