Skip to content

Commit

Permalink
Separated printing and analyzes functionality for twilio (#3118)
Browse files Browse the repository at this point in the history
  • Loading branch information
@abmussani
abmussani authored Jul 31, 2024
1 parent 02fb387 commit 67c01ae
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 13 deletions.
46 changes: 34 additions & 12 deletions pkg/analyzer/analyzers/twilio/twilio.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,11 @@ type VerifyJSON struct {
Code int `json:"code"`
}

type SecretInfo struct {
VerifyJson VerifyJSON
AccountStatusCode int
}

const (
AUTHENTICATED_NO_PERMISSION = 70051
INVALID_CREDENTIALS = 20003
Expand Down Expand Up @@ -96,35 +101,52 @@ func getVerifyServicesStatusCode(cfg *config.Config, sid string, secret string)
return verifyJSON, nil
}

func AnalyzePermissions(cfg *config.Config, key string) {
func AnalyzePermissions(cfg *config.Config, key string) (*SecretInfo, error) {
sid, secret, err := splitKey(key)
if err != nil {
color.Red("[x]" + err.Error())
return
return nil, err
}

verifyJSON, err := getVerifyServicesStatusCode(cfg, sid, secret)
if err != nil {
color.Red("[x]" + err.Error())
return nil, err
}

statusCode, err := getAccountsStatusCode(cfg, sid, secret)
if err != nil {
return nil, err
}

return &SecretInfo{
VerifyJson: verifyJSON,
AccountStatusCode: statusCode,
}, nil
}

func AnalyzeAndPrintPermissions(cfg *config.Config, key string) {
// ToDo: Add in logging
if cfg.LoggingEnabled {
color.Red("[x] Logging is not supported for this analyzer.")
return
}

if verifyJSON.Code == INVALID_CREDENTIALS {
color.Red("[x] Invalid Twilio API Key")
info, err := AnalyzePermissions(cfg, key)
if err != nil {
color.Red("[x] Error: %s", err.Error())
return
}

if verifyJSON.Code == AUTHENTICATED_NO_PERMISSION {
printRestrictedKeyMsg()
if info.VerifyJson.Code == INVALID_CREDENTIALS {
color.Red("[x] Invalid Twilio API Key")
return
}

statusCode, err := getAccountsStatusCode(cfg, sid, secret)
if err != nil {
color.Red("[x]" + err.Error())
if info.VerifyJson.Code == AUTHENTICATED_NO_PERMISSION {
printRestrictedKeyMsg()
return
}
printPermissions(statusCode)

printPermissions(info.AccountStatusCode)
}

// printPermissions prints the permissions based on the status code
Expand Down
2 changes: 1 addition & 1 deletion pkg/analyzer/cli.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,7 @@ func Run(cmd string) {
slack.AnalyzePermissions(cfg, *slackKey)
case twilioScan.FullCommand():
cfg.LogFile = analyzers.CreateLogFileName("twilio")
twilio.AnalyzePermissions(cfg, *twilioKey)
twilio.AnalyzeAndPrintPermissions(cfg, *twilioKey)
case airbrakeScan.FullCommand():
cfg.LogFile = analyzers.CreateLogFileName("airbrake")
airbrake.AnalyzeAndPrintPermissions(cfg, *airbrakeKey)
Expand Down

0 comments on commit 67c01ae

Please sign in to comment.