MicroFocus · eliaumiller · Mar 25, 2024
diff --git a/...src/main/java/com/hp/octane/integrations/services/vulnerabilities/fod/FODServiceImpl.java b/...src/main/java/com/hp/octane/integrations/services/vulnerabilities/fod/FODServiceImpl.java
@@ -147,7 +147,7 @@ private PplnRunStatus fodScanIsStillInProgress(VulnerabilitiesQueueItem queueIte
                 return new PplnRunStatus(false, true);
             }
         }
-        if (getFailedTries(queueItem) > 10) {
+        if (getFailedTries(queueItem) > 100) {
             logger.error(
                     "scan Id was not found, validate that the release in the pipeline configuration is the same as the release in the Jenkins job.");
             return new PplnRunStatus(false, false);

diff --git a/.../src/main/java/com/hp/octane/integrations/services/vulnerabilities/fod/dto/FODConfig.java b/.../src/main/java/com/hp/octane/integrations/services/vulnerabilities/fod/dto/FODConfig.java
@@ -36,18 +36,23 @@
 public abstract class FODConfig {
 
     public final String authURL;
+    public final String authURLApi;
     public final String entitiesURL;
     public abstract String getAuthBody();
 
-    protected FODConfig(String baseURL){
+    protected FODConfig(String baseURL, String authURLApi){
+        String normalizeURLApi = authURLApi;
+        if(!normalizeURLApi.endsWith("/")){
+            normalizeURLApi = normalizeURLApi + "/";
+        }
+        this.authURLApi = normalizeURLApi + "oauth/token";
 
         String normanlizedURL = baseURL;
         if(!normanlizedURL.endsWith("/")){
             normanlizedURL = normanlizedURL + "/";
         }
         this.authURL = normanlizedURL + "oauth/token";
-        this.entitiesURL = normanlizedURL + "api/v3";
-
+        this.entitiesURL = normalizeURLApi + "api/v3";
     }
 
 
@@ -57,11 +62,11 @@ public static class PasswordFODConfig extends FODConfig{
         String password;
         String tenant;
 
-        static final String authPWDBodyFormat ="grant_type=password&scope=https://hpfod.com/tenant&username=%s\\%s&password=%s";
+        static final String authPWDBodyFormat ="grant_type=client_credentials&scope=api-tenant&client_id=%s&client_secret=%s";
 
-        public PasswordFODConfig(String baseUrl, String username, String password,String tenant) {
+        public PasswordFODConfig(String baseUrl, String authURLApi, String username, String password,String tenant) {
 
-            super(baseUrl);
+            super(baseUrl, authURLApi);
             this.password = password;
             this.username = username;
             this.tenant = tenant;
@@ -74,12 +79,12 @@ public String getAuthBody(){
 
     public static class CredentialsFODConfig extends FODConfig{
 
-        static final String authBodyFormat ="grant_type=client_credentials&scope=https://hpfod.com/tenant&client_id=%s&client_secret=%s";
+        static final String authBodyFormat ="grant_type=client_credentials&scope=api-tenant&client_id=%s&client_secret=%s";
         String client_id;
         String secret;
-        public CredentialsFODConfig(String baseUrl, String clientID, String secret){
+        public CredentialsFODConfig(String baseUrl,String authURLApi, String clientID, String secret){
 
-            super(baseUrl);
+            super(baseUrl, authURLApi);
             this.client_id = clientID;
             this.secret = secret;
         }

diff --git a/...c/main/java/com/hp/octane/integrations/services/vulnerabilities/fod/dto/FODConnector.java b/...c/main/java/com/hp/octane/integrations/services/vulnerabilities/fod/dto/FODConnector.java
@@ -215,7 +215,7 @@ private String getUpdatedAccessToken() {
 
 	private void getAccessToken() {
 
-		HttpPost post = new HttpPost(fodConfig.authURL);
+		HttpPost post = new HttpPost(fodConfig.authURLApi);
 		HttpEntity content = new StringEntity(fodConfig.getAuthBody(), ContentType.APPLICATION_FORM_URLENCODED);
 
 		post.setEntity(content);

diff --git a/...ava/com/hp/octane/integrations/services/vulnerabilities/fod/dto/FodConnectionFactory.java b/...ava/com/hp/octane/integrations/services/vulnerabilities/fod/dto/FodConnectionFactory.java
@@ -75,6 +75,7 @@ public static SecurityTool getFODSecTool() {
         FodServerConfiguration fodProjectConfiguration =
                 configurer.pluginServices.getFodServerConfiguration();
         return new SecurityTool(fodProjectConfiguration.getBaseUrl(),
+                fodProjectConfiguration.getApiUrl(),
                 fodProjectConfiguration.getClientId(),
                 fodProjectConfiguration.getClientSecret());
     }
@@ -86,6 +87,7 @@ private static FODSource createFodConnector(SecurityTool securityToolEntity) {
             return new FodMockSource();
         }else {
             FODConnector instance = new FODConnector(new FODConfig.CredentialsFODConfig(securityToolEntity.getToolUrl(),
+                    securityToolEntity.getToolUrlApi(),
                     securityToolEntity.getApiKey(),
                     securityToolEntity.getSecret()));
             instance.initConnection(configurer);

diff --git a/...c/main/java/com/hp/octane/integrations/services/vulnerabilities/fod/dto/SecurityTool.java b/...c/main/java/com/hp/octane/integrations/services/vulnerabilities/fod/dto/SecurityTool.java
@@ -34,11 +34,13 @@
 public class SecurityTool {
 
     private String toolUrl;
+    private String toolUrlApi;
     private String apiKey;
     private String secret;
 
-    public SecurityTool(String toolUrl, String apiKey, String secret) {
+    public SecurityTool(String toolUrl,String toolUrlApi, String apiKey, String secret) {
         this.toolUrl = toolUrl;
+        this.toolUrlApi = toolUrlApi;
         this.apiKey = apiKey;
         this.secret = secret;
     }
@@ -47,6 +49,10 @@ public String getToolUrl() {
         return toolUrl;
     }
 
+    public String getToolUrlApi() {
+        return toolUrlApi;
+    }
+
     public String getApiKey() {
         return apiKey;
     }