Added the Purl API endpoint (#4)

* Added the Purl API endpoint

* Updated Readme

* Updated Purl, Sbom

---------

Co-authored-by: Orlando Barrera II <[email protected]>

Author: obarrera

README.rst

@@ -215,3 +215,45 @@ Retrieve the Socket Organization Settings
     from socketdev import SocketDev
     socket = SocketDev("REPLACE_ME")
     print(socket.settings.get())
+
+sbom.view(report_id)
+""""""""""""""""""""""
+Retrieve the information for a SBOM Report
+
+**Usage:**
+
+.. code-block::
+
+    from socketdev import SocketDev
+    socket = SocketDev("REPLACE_ME")
+    print(socket.sbom.view("report_id"))
+
+**PARAMETERS:**
+
+- **report_id (str)** - The report ID of the report to view
+
+purl.post(license, components)
+""""""""""""""""""""""
+Retrieve the package information for a purl post
+
+**Usage:**
+
+.. code-block::
+
+    from socketdev import SocketDev
+    socket = SocketDev("REPLACE_ME")
+    license = "true"
+    components = [
+        {
+        "purl": "pkg:pypi/[email protected]"
+        },
+        {
+        "purl": "pkg:pypi/socketsecurity"
+        }
+    ]
+    print(socket.purl.post(license, components))
+
+**PARAMETERS:**
+
+- **license (str)** - The license parameter if enabled will show alerts and license information. If disabled will only show the basic package metadata and scores. Default is true
+- **components (array{dict})** - The components list of packages urls

socketdev/__init__.py

@@ -9,6 +9,7 @@
 from socketdev.quota import Quota
 from socketdev.report import Report
 from socketdev.sbom import Sbom
+from socketdev.purl import Purl
 from socketdev.repositories import Repositories
 from socketdev.settings import Settings
 from socketdev.socket_classes import Dependency, Org, Response
@@ -89,5 +90,6 @@ def __init__(self, token: str):
         self.quota = Quota()
         self.report = Report()
         self.sbom = Sbom()
+        self.purl = Purl()
         self.repositories = Repositories()
         self.settings = Settings()

socketdev/purl/__init__.py

@@ -0,0 +1,36 @@
+import socketdev
+from urllib.parse import urlencode
+import json
+
+class Purl:
+    @staticmethod
+    def post(license: str="true", components: list=[]) -> dict:
+        path = "purl?" + "license="+license
+        components = {"components":components}
+        components = json.dumps(components)
+
+        response = socketdev.do_request(
+            path=path,
+            payload=components,
+            method="POST"
+        )
+        if response.status_code == 200:
+            purl = []
+            purl_dict = {}
+            result = response.text
+            result.strip('"')
+            result.strip()
+            for line in result.split("\n"):
+                if line != '"' and line != "" and line is not None:
+                    item = json.loads(line)
+                    purl.append(item)
+            for val in purl:
+                purl_dict[val['id']] = val
+        else:
+            purl_dict = {}
+            print(f"Error posting {components} to the Purl API")
+            print(response.text)
+       
+        return purl_dict
+
+    

socketdev/sbom/__init__.py

@@ -3,7 +3,7 @@
 
 class Sbom:
     @staticmethod
-    def get_sbom_data(report_id: str) -> list:
+    def view(report_id: str) -> list:
         path = f"sbom/view/{report_id}"
         response = socketdev.do_request(path=path)
         if response.status_code == 200:
@@ -16,7 +16,7 @@ def get_sbom_data(report_id: str) -> list:
                 if line != '"' and line != "" and line is not None:
                     item = json.loads(line)
                     sbom.append(item)
-            for key, val in enumerate(sbom):
+            for val in sbom:
                 sbom_dict[val['id']] = val
         else:
             sbom_dict = {}