Phoneinfoga analyzer adjustment

api_app/analyzers_manager/migrations/0088_phoneinfoga_parameters.py

@@ -0,0 +1,53 @@
+from django.db import migrations
+
+
+def migrate(apps, schema_editor):
+    Parameter = apps.get_model("api_app", "Parameter")
+    PluginConfig = apps.get_model("api_app", "PluginConfig")
+    PythonModule = apps.get_model("api_app", "PythonModule")
+    pm = PythonModule.objects.get(
+        module="phoneinfoga_scan.Phoneinfoga",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    Parameter.objects.create(
+        name="googlecse_max_results",
+        type="int",
+        description="Number of Google results for [Phoneinfoga](https://sundowndev.github.io/phoneinfoga/)",
+        is_secret=False,
+        required=False,
+        python_module=pm,
+    )
+    p2 = Parameter.objects.create(
+        name="scanners",
+        type="list",
+        description="List of scanner names for [Phoneinfoga](https://sundowndev.github.io/phoneinfoga/). Available options are: `local,numverify,googlecse,ovh`",
+        is_secret=False,
+        required=False,
+        python_module=pm,
+    )
+    p3 = Parameter.objects.get(name="scanner_name", python_module=pm)
+    for config in pm.analyzerconfigs.all():
+        pcs = PluginConfig.objects.filter(analyzer_config=config, parameter=p3)
+        for pc in pcs:
+            pc.value = [pc.value]
+            pc.parameter = p2
+            pc.save()
+    p3.delete()
+    Parameter.objects.create(
+        name="all_scanners",
+        type="bool",
+        description="Set this to True to enable all available scanners. "
+        "If enabled, this overwrite the scanner param",
+        is_secret=False,
+        required=False,
+        python_module=pm,
+    )
+
+
+class Migration(migrations.Migration):
+    atomic = False
+    dependencies = [
+        ("analyzers_manager", "0087_alter_mmdbserver_param"),
+    ]
+
+    operations = [migrations.RunPython(migrate, migrations.RunPython.noop)]

api_app/analyzers_manager/observable_analyzers/phoneinfoga_scan.py

@@ -1,13 +1,27 @@
 import logging
+from enum import Enum
+from typing import Dict, List
 
 import requests
 
 from api_app.analyzers_manager import classes
+from api_app.analyzers_manager.exceptions import AnalyzerConfigurationException
 from tests.mock_utils import MockUpResponse
 
 logger = logging.getLogger(__name__)
 
 
+class SCANNER_NAMES(Enum):
+    LOCAL = "local"
+    NUM_VERIFY = "numverify"
+    GOOGLECSE = "googlecse"
+    OVH = "ovh"
+
+    @classmethod
+    def values(cls):
+        return list(map(lambda c: c.value, cls))
+
+
 class Phoneinfoga(classes.ObservableAnalyzer, classes.DockerBasedAnalyzer):
     """
     Docker based analyzer for phoneinfoga
@@ -17,35 +31,63 @@ def update(self) -> bool:
         pass
 
     observable_name: str
-    scanner_name: str
+    scanners: List[str]
+    all_scanners: bool
+    googlecse_max_results: int = 10
     name: str = "phoneinfoga"
     # here is a list of pre declared api keys, user can put
     # values as per their required scanner, by default it is null
 
     _NUMVERIFY_API_KEY: str = ""
     _GOOGLECSE_CX: str = ""
     _GOOGLE_API_KEY: str = ""
+
     url = "http://phoneinfoga:5000"
 
+    def config(self, runtime_configuration: Dict):
+        super().config(runtime_configuration)
+        if self.all_scanners:
+            self.scanners = SCANNER_NAMES.values()
+        else:
+            for scanner in self.scanners:
+                if scanner not in SCANNER_NAMES.values():
+                    raise AnalyzerConfigurationException(
+                        f"Scanner {scanner} not supported."
+                        f" Choices are {', '.join(SCANNER_NAMES.values())}"
+                    )
+
     def run(self):
-        url: str = f"{self.url}/api/v2/scanners/{self.scanner_name}/run"
-        response = requests.post(
-            url,
-            headers={
-                "Content-Type": "application/json",
-                "accept": "application/json",
-            },
-            json={
-                "number": self.observable_name,
-                "options": {
-                    "NUMVERIFY_API_KEY": self._NUMVERIFY_API_KEY,
-                    "GOOGLECSE_CX": self._GOOGLECSE_CX,
-                    "GOOGLE_API_KEY": self._GOOGLE_API_KEY,
-                },
-            },
-        )
-        response.raise_for_status()
-        return response.json()
+        result = {}
+        for scanner in self.scanners:
+            try:
+                url: str = f"{self.url}/api/v2/scanners/{scanner}/run"
+                options = {}
+                if scanner == SCANNER_NAMES.NUM_VERIFY.value:
+                    options["NUMVERIFY_API_KEY"] = self._NUMVERIFY_API_KEY
+                elif scanner == SCANNER_NAMES.GOOGLECSE.value:
+                    options = {
+                        "GOOGLECSE_CX": self._GOOGLECSE_CX,
+                        "GOOGLE_API_KEY": self._GOOGLE_API_KEY,
+                        "GOOGLECSE_MAX_RESULTS": self.googlecse_max_results,
+                    }
+                response = requests.post(
+                    url,
+                    headers={
+                        "Content-Type": "application/json",
+                        "accept": "application/json",
+                    },
+                    json={"number": self.observable_name, "options": options},
+                )
+                response.raise_for_status()
+                result[scanner] = response.json()
+            except requests.RequestException as e:
+                if scanner == "ovh":
+                    logger.info(f"ovh scanner seems not working. {e}", stack_info=True)
+                else:
+                    logger.error(e, stack_info=True)
+                self.report.errors.append(str(e))
+
+        return result
 
     @staticmethod
     def mocked_docker_analyzer_post(*args, **kwargs):

start

@@ -160,12 +160,12 @@ while [[ $# -gt 0 ]]; do
     shift 1
     ;;
   --pcap_analyzers)
-    params["pcap_analyzers"]=true
+    analyzers["pcap_analyzers"]=true
     shift 1
     ;;
 
   --phoneinfoga)
-    params["phoneinfoga"]=true
+    analyzers["phoneinfoga"]=true
     shift 1
     ;;
   --multi_queue)