-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updated Fastly Personal Token Detector #3386
Updated Fastly Personal Token Detector #3386
Conversation
TokenID string `json:"id"` | ||
UserID string `json:"user_id"` | ||
ExpiresAt string `json:"expires_at"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@kashifkhan0771 Response also contains scope of that token. My suggestion would be to include it in the extraData.
continue | ||
extraData, verified, verificationErr := verifyFastlyApiToken(ctx, resMatch) | ||
s1.Verified = verified | ||
if extraData != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: IMO nil check for extraData is unneccesary.
} | ||
got[i].Raw = nil | ||
} | ||
if diff := pretty.Compare(got, tt.want); diff != "" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have doubt that this test will fail due to extraData diff (nil vs Map) in valid & verified cases.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, good catch! I'll update these test cases.
extraData, verified, verificationErr := verifyFastlyApiToken(ctx, match) | ||
s1.Verified = verified | ||
s1.ExtraData = extraData | ||
s1.SetVerificationError(verificationErr) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we're supposed to pass the secret(s) as varargs to SetVerificationErr so they get redacted? Been a while and I'm on my phone so Idk.
I think @ahrav would know.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, it does take secrets as a optional second parameter.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work!
* main: (127 commits) Update SaladCloud description (trufflesecurity#3399) fix tests (trufflesecurity#3400) [chore] Update custom detector default description (trufflesecurity#3398) add description to salad (trufflesecurity#3397) Add detector for SaladCloud API Keys (trufflesecurity#3273) fix(deps): update module github.com/xanzy/go-gitlab to v0.111.0 (trufflesecurity#3393) Add SliceContainsString common util (trufflesecurity#3395) fix: pr template link to golangci-lint (trufflesecurity#3392) fix(deps): update golang.org/x/exp digest to f66d83c (trufflesecurity#3389) Separate detector tests into unit/integration (trufflesecurity#3274) Manually upgrade github dep (trufflesecurity#3387) Updated Fastly Personal Token Detector (trufflesecurity#3386) fix(deps): update module google.golang.org/api to v0.200.0 (trufflesecurity#3391) [Fix] Snowflake privatelink Support (trufflesecurity#3286) Enhanced the easyinsight detector (trufflesecurity#3384) Log skipped files on debug level (trufflesecurity#3383) build: update retracted bluemonday ver (trufflesecurity#3369) Fix git binary handling and add a smoke test (trufflesecurity#3379) fix(deps): update module google.golang.org/protobuf to v1.35.1 (trufflesecurity#3382) Added Cisco Meraki API Key detector (trufflesecurity#3367) ... # Conflicts: # pkg/engine/defaults.go # pkg/pb/detectorspb/detectors.pb.go # proto/detectors.proto
Description:
/tokens/self
.Output format for valid Token:
Pattern Test Cases:
Checklist:
make test-community
)?make lint
this requires golangci-lint)?