Support for API auth

Packs/ANYRUN/Integrations/ANYRUN/ANYRUN.py

@@ -16,8 +16,11 @@
 PARAMS = demisto.params()
 USERNAME = PARAMS.get('credentials', {}).get('identifier', '')
 PASSWORD = PARAMS.get('credentials', {}).get('password', '')
-AUTH = (USERNAME + ':' + PASSWORD).encode('utf-8')
-BASIC_AUTH = 'Basic ' + b64encode(AUTH).decode()
+if USERNAME == '_token':
+    AUTHORIZATION = f"API-Key {PASSWORD}"
+else:
+    AUTH = (USERNAME + ':' + PASSWORD).encode('utf-8')
+    AUTHORIZATION = 'Basic ' + b64encode(AUTH).decode()
 # Remove trailing slash to prevent wrong URL path to service
 SERVER = PARAMS.get('url', '')
 SERVER = SERVER[:-1] if (SERVER and SERVER.endswith('/')) else SERVER
@@ -28,7 +31,7 @@
 PROXY = PARAMS.get('proxy', False)
 # Headers to be sent in requests
 HEADERS = {
-    'Authorization': BASIC_AUTH
+    'Authorization': AUTHORIZATION
 }
 # Context fields that should always be uppercase
 ALWAYS_UPPER_CASE = {

Packs/ANYRUN/Integrations/ANYRUN/ANYRUN.yml

@@ -29,8 +29,7 @@ script:
     - auto: PREDEFINED
       default: false
       defaultValue: 'false'
-      description: If true, gets team history. If empty, gets your submitted analyses
-        history.
+      description: If true, gets team history. If empty, gets your submitted analyses history.
       isArray: false
       name: team
       predefined:
@@ -49,8 +48,7 @@ script:
       secret: false
     - default: false
       defaultValue: '25'
-      description: Limits the history retrieved/searched to the specified number of
-        executed analyses. The range is 1-100.
+      description: Limits the history retrieved/searched to the specified number of executed analyses. The range is 1-100.
       isArray: false
       name: limit
       required: false
@@ -98,10 +96,7 @@ script:
       type: String
   - arguments:
     - default: false
-      description: Unique task ID. A task ID is returned when submitting a file or
-        URL for analysis using the `anyrun-run-analysis` command. Task IDs can also
-        be located in the `ID` field of the output of executing the `anyrun-get-history`
-        command.
+      description: Unique task ID. A task ID is returned when submitting a file or URL for analysis using the `anyrun-run-analysis` command. Task IDs can also be located in the `ID` field of the output of executing the `anyrun-get-history` command.
       isArray: false
       name: task
       required: true
@@ -238,8 +233,7 @@ script:
       description: SSDeep hash of the file submitted for analysis.
       type: String
     - contextPath: ANYRUN.Task.Verdict
-      description: ANY.RUN verdict for the maliciousness of the submitted file or
-        URL.
+      description: ANY.RUN verdict for the maliciousness of the submitted file or URL.
       type: String
     - contextPath: ANYRUN.Task.Process.FileName
       description: File name of the process.
@@ -348,8 +342,7 @@ script:
       required: false
       secret: false
     - default: false
-      description: URL, used only if 'obj_type' command argument is 'url' or 'download'.
-        Permitted size is 5-512 characters long.
+      description: URL, used only if 'obj_type' command argument is 'url' or 'download'. Permitted size is 5-512 characters long.
       isArray: false
       name: obj_url
       required: false
@@ -432,7 +425,7 @@ script:
     - contextPath: ANYRUN.Task.ID
       description: ID of the task created to analyze the submission.
       type: String
-  dockerimage: demisto/python3:3.10.1.25933
+  dockerimage: demisto/python3:3.10.5.31928
   subtype: python3
   isfetch: false
   runonce: false

Packs/ANYRUN/Integrations/ANYRUN/ANYRUN_description.md

@@ -1 +1,9 @@
-
+ ## ANY.RUN
+
+ ### How to configure
+
+1. Navigate to **Settings** > **Integrations** > **Servers & Services**.
+2. Search for ANYRUN.
+3. Click **Add instance** to create and configure a new integration instance.
+4. If using API Key authentication method, insert the text `_token` into the **Username** parameter and the API key you have into the **Password**.
+5. Click **Test** to validate the URLs, token, and connection.

Packs/ANYRUN/Integrations/ANYRUN/README.md

@@ -16,10 +16,13 @@ ANY.RUN is a cloud-based sanbox with interactive access.
     | --- | --- |
     | Server URL | True |
     | Username | True |
+    | Password | True |
     | Trust any certificate (not secure) | False |
     | Use system proxy settings | False |
 
-4. Click **Test** to validate the URLs, token, and connection.
+4. If using API Key authentication method, insert the text `_token` into the **Username** parameter and the API key you have into the **Password**.
+
+5. Click **Test** to validate the URLs, token, and connection.
 
 ## Commands
 You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook.

Packs/ANYRUN/ReleaseNotes/1_0_10.md

@@ -0,0 +1,5 @@
+
+#### Integrations
+##### ANY.RUN
+- Updated the Docker image to: *demisto/python3:3.10.5.31928*.
+- Add support for the API Key authentication method

Packs/ANYRUN/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "ANY.RUN",
     "description": "ANY.RUN is a cloud-based sandbox with interactive access.",
     "support": "xsoar",
-    "currentVersion": "1.0.9",
+    "currentVersion": "1.0.10",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",