Merge branch '2.9.0-branch' into 'develop'

MislavReversingLabs · MislavReversingLabs · commit 9d6721c594f7 · 2025-03-12T15:40:35.000Z
2.9.0 branch

See merge request integrations/sdk/reversinglabs-sdk-py3!13
diff --git a/ReversingLabs/SDK/ticloud.py b/ReversingLabs/SDK/ticloud.py
@@ -6032,10 +6032,9 @@ def feed_query(self, family_name, time_format, time_value, count=100):
 
         self._raise_on_error(response)
 
-        return response 
-
+        return response
 
-class TAXIIRansomwareFeed(TiCloudAPI):
+class TAXIIFeed(TiCloudAPI):
     """TCTF-0001"""
 
     __DISCOVERY_ENDPOINT = "/api/taxii/taxii2/"
@@ -6044,7 +6043,7 @@ class TAXIIRansomwareFeed(TiCloudAPI):
 
     def __init__(self, host, username, password, verify=True, proxies=None, user_agent=DEFAULT_USER_AGENT,
                  allow_none_return=False):
-        super(TAXIIRansomwareFeed, self).__init__(host, username, password, verify, proxies,
+        super(TAXIIFeed, self).__init__(host, username, password, verify, proxies,
                                                   user_agent=user_agent, allow_none_return=allow_none_return)
 
         self._url = "{host}{{endpoint}}".format(host=self._host)
@@ -6194,7 +6193,7 @@ def get_objects_aggregated(self, api_root, collection_id, result_limit=500, adde
 
             response_json = response.json()
 
-            objects = response_json.get("objects")
+            objects = response_json.get("objects", [])
             results.extend(objects)
 
             next_page = response_json.get("next")
@@ -6208,6 +6207,11 @@ def get_objects_aggregated(self, api_root, collection_id, result_limit=500, adde
                 if not more_pages or len(results) >= max_results:
                     return results[:max_results]
 
+class TAXIIRansomwareFeed(TAXIIFeed):
+    def __init__(self, host, username, password, verify=True, proxies=None, user_agent=DEFAULT_USER_AGENT,
+                 allow_none_return=False):
+        super(TAXIIRansomwareFeed, self).__init__(host, username, password, verify, proxies,
+                                                  user_agent=user_agent, allow_none_return=allow_none_return) 
 
 class AdvancedActions(object):
     """A class containing advanced and combined actions
diff --git a/tests/test_ticloud.py b/tests/test_ticloud.py
@@ -5,7 +5,7 @@
 	AdvancedSearch, ExpressionSearch, RHA1FunctionalSimilarity, RHA1Analytics, URIStatistics, URIIndex, FileDownload, \
 	URLThreatIntelligence, AnalyzeURL, DomainThreatIntelligence, IPThreatIntelligence, FileUpload, DeleteFile, \
 	ReanalyzeFile, DataChangeSubscription, DynamicAnalysis, CertificateIndex, RansomwareIndicators, NewMalwareFilesFeed, \
-	NewMalwareURIFeed, ImpHashSimilarity, YARAHunting, YARARetroHunting, TAXIIRansomwareFeed, CustomerUsage, \
+	NewMalwareURIFeed, ImpHashSimilarity, YARAHunting, YARARetroHunting, TAXIIRansomwareFeed, TAXIIFeed, CustomerUsage, \
 	NetworkReputation, FileReputationUserOverride, NetworkReputationUserOverride, MalwareFamilyDetection, \
 	VerticalFeedsStatistics, VerticalFeedsSearch, CertificateAnalytics, CertificateThumbprintSearch, \
 	NewMalwarePlatformFiltered, NewFilesFirstScan, NewFilesFirstAndRescan, FilesWithDetectionChanges, \
@@ -1120,6 +1120,58 @@ def test_get_objects_regular(self, requests_mock):
 			params=query_params
 		)
 
+class TestTAXIIFeed:
+	@classmethod
+	def setup_class(cls):
+		cls.taxii = TAXIIFeed(HOST, USERNAME, PASSWORD)
+
+	def test_get_objects_lite(self, requests_mock):
+		self.taxii.get_objects(
+			api_root="lite-root",
+			collection_id="123456"
+		)
+
+		query_params = {
+			"limit": 500,
+			"added_after": None,
+			"match[id]": None,
+			"next": None
+		}
+
+		expected_url = f"{HOST}/api/taxii/lite-root/collections/123456/objects/"
+
+		requests_mock.get.assert_called_with(
+			url=expected_url,
+			auth=(USERNAME, PASSWORD),
+			verify=True,
+			proxies=None,
+			headers={"User-Agent": DEFAULT_USER_AGENT, 'Accept': 'application/taxii+json;version=2.1'},
+			params=query_params
+		)
+
+	def test_get_objects_regular(self, requests_mock):
+		self.taxii.get_objects(
+			api_root="regular-root",
+			collection_id="654321"
+		)
+
+		query_params = {
+			"limit": 500,
+			"added_after": None,
+			"match[id]": None,
+			"next": None
+		}
+
+		expected_url = f"{HOST}/api/taxii/regular-root/collections/654321/objects/"
+
+		requests_mock.get.assert_called_with(
+			url=expected_url,
+			auth=(USERNAME, PASSWORD),
+			verify=True,
+			proxies=None,
+			headers={"User-Agent": DEFAULT_USER_AGENT, 'Accept': 'application/taxii+json;version=2.1'},
+			params=query_params
+		)
 
 class TestCustomerUsage:
 	@classmethod
