trufflehog/pkg/detectors/abuseipdb/abuseipdb_test.go

//go:build detectors
// +build detectors

package abuseipdb

import (
	"context"
	"fmt"
	"testing"
	"time"

	"github.com/google/go-cmp/cmp"
	"github.com/google/go-cmp/cmp/cmpopts"

	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
)

func TestAbuseIPDB_FromChunk(t *testing.T) {
	ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
	defer cancel()
	testSecrets, err := common.GetSecret(ctx, "trufflehog-testing", "detectors1")
	if err != nil {
		t.Fatalf("could not get test secrets from GCP: %s", err)
	}
	secret := testSecrets.MustGetField("ABUSEIPDB")
	inactiveSecret := testSecrets.MustGetField("ABUSEIPDB_INACTIVE")

	type args struct {
		ctx    context.Context
		data   []byte
		verify bool
	}
	tests := []struct {
		name    string
		s       Scanner
		args    args
		want    []detectors.Result
		wantErr bool
	}{
		{
			name: "found, verified",
			s:    Scanner{},
			args: args{
				ctx:    context.Background(),
				data:   []byte(fmt.Sprintf("You can find a abuseipdb secret %s within but verified", secret)),
				verify: true,
			},
			want: []detectors.Result{
				{
					DetectorType: detectorspb.DetectorType_AbuseIPDB,
					Verified:     true,
				},
			},
			wantErr: false,
		},
		{
			name: "found, real secrets, verification error due to timeout",
			s:    Scanner{client: common.SaneHttpClientTimeOut(1 * time.Microsecond)},
			args: args{
				ctx:    context.Background(),
				data:   []byte(fmt.Sprintf("You can find a abuseipdb secret %s within", secret)),
				verify: true,
			},
			want: func() []detectors.Result {
				r := detectors.Result{
					DetectorType: detectorspb.DetectorType_AbuseIPDB,
					Verified:     false,
				}
				r.SetVerificationError(context.DeadlineExceeded)
				return []detectors.Result{r}
			}(),
			wantErr: false,
		},
		{
			name: "found, real secrets, verification error due to unexpected api surface",
			s:    Scanner{client: common.ConstantResponseHttpClient(500, "{}")},
			args: args{
				ctx:    context.Background(),
				data:   []byte(fmt.Sprintf("You can find a abuseipdb secret %s within", secret)),
				verify: true,
			},
			want: func() []detectors.Result {
				r := detectors.Result{
					DetectorType: detectorspb.DetectorType_AbuseIPDB,
					Verified:     false,
				}
				r.SetVerificationError(fmt.Errorf("unexpected HTTP response status 500"))
				return []detectors.Result{r}
			}(),
			wantErr: false,
		},
		{
			name: "found, unverified",
			s:    Scanner{},
			args: args{
				ctx:    context.Background(),
				data:   []byte(fmt.Sprintf("You can find a abuseipdb secret %s within", inactiveSecret)), // the secret would satisfy the regex but not pass validation
				verify: true,
			},
			want: []detectors.Result{
				{
					DetectorType: detectorspb.DetectorType_AbuseIPDB,
					Verified:     false,
				},
			},
			wantErr: false,
		},
		{
			name: "not found",
			s:    Scanner{},
			args: args{
				ctx:    context.Background(),
				data:   []byte("You cannot find the secret within"),
				verify: true,
			},
			want:    nil,
			wantErr: false,
		},
	}
	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			got, err := tt.s.FromData(tt.args.ctx, tt.args.verify, tt.args.data)
			if (err != nil) != tt.wantErr {
				t.Errorf("AbuseIPDB.FromData() error = %v, wantErr %v", err, tt.wantErr)
				return
			}
			for i := range got {
				if len(got[i].Raw) == 0 {
					t.Fatalf("no raw secret present: \n %+v", got[i])
				}
				gotErr := ""
				if got[i].VerificationError() != nil {
					gotErr = got[i].VerificationError().Error()
				}
				wantErr := ""
				if tt.want[i].VerificationError() != nil {
					wantErr = tt.want[i].VerificationError().Error()
				}
				if gotErr != wantErr {
					t.Fatalf("wantVerificationError = %v, verification error = %v", tt.want[i].VerificationError(), got[i].VerificationError())
				}
			}
			ignoreOpts := cmpopts.IgnoreFields(detectors.Result{}, "Raw", "RawV2", "verificationError")
			if diff := cmp.Diff(got, tt.want, ignoreOpts); diff != "" {
				t.Errorf("AbuseIPDB.FromData() %s diff: (-got +want)\n%s", tt.name, diff)
			}
		})
	}
}

func BenchmarkFromData(benchmark *testing.B) {
	ctx := context.Background()
	s := Scanner{}
	for name, data := range detectors.MustGetBenchmarkData() {
		benchmark.Run(name, func(b *testing.B) {
			b.ResetTimer()
			for n := 0; n < b.N; n++ {
				_, err := s.FromData(ctx, false, data)
				if err != nil {
					b.Fatal(err)
				}
			}
		})
	}
}
Mark detector tests with a build flag (#613) 2022-07-07 17:27:21 +00:00			`//go:build detectors`
			`// +build detectors`

added abuseipdb detector 2022-01-19 06:19:01 +00:00			`package abuseipdb`

			`import (`
			`"context"`
			`"fmt"`
			`"testing"`
			`"time"`

Detectors Updates 1 for Tristate Verification (#2187) * updating alibaba * updating agora * updating aeroworkflow * updating aha * updating artifactory * updating abbysale * updating abstract * updating abuseipdb * updating accuweather * updating adafruitio * updating adzuna * cleanup on abuseipdb * cleanup on aha * cleanup on abuseipdb * cleanup on aeroworkflow * cleanup on adzuna * cleanup on accuweather * cleanup/refactor * update token pattern to be explicitly 73char (old) or 64char (new) * comment to clarify 403 on Aha * mocking out verified case for aha + adding inactive account test * using contact response instead of gock * update 403 to be determinate 2024-01-30 17:20:56 +00:00			`"github.com/google/go-cmp/cmp"`
			`"github.com/google/go-cmp/cmp/cmpopts"`
added abuseipdb detector 2022-01-19 06:19:01 +00:00
module v3 2022-02-10 18:54:33 +00:00			`"github.com/trufflesecurity/trufflehog/v3/pkg/common"`
Detectors Updates 1 for Tristate Verification (#2187) * updating alibaba * updating agora * updating aeroworkflow * updating aha * updating artifactory * updating abbysale * updating abstract * updating abuseipdb * updating accuweather * updating adafruitio * updating adzuna * cleanup on abuseipdb * cleanup on aha * cleanup on abuseipdb * cleanup on aeroworkflow * cleanup on adzuna * cleanup on accuweather * cleanup/refactor * update token pattern to be explicitly 73char (old) or 64char (new) * comment to clarify 403 on Aha * mocking out verified case for aha + adding inactive account test * using contact response instead of gock * update 403 to be determinate 2024-01-30 17:20:56 +00:00			`"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"`
module v3 2022-02-10 18:54:33 +00:00			`"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`)`

			`func TestAbuseIPDB_FromChunk(t *testing.T) {`
			`ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)`
			`defer cancel()`
Adding detectors (#46) * rename secret * Add supporting docs and tooling for adding new detectors 2022-02-16 03:19:09 +00:00			`testSecrets, err := common.GetSecret(ctx, "trufflehog-testing", "detectors1")`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`if err != nil {`
			`t.Fatalf("could not get test secrets from GCP: %s", err)`
			`}`
			`secret := testSecrets.MustGetField("ABUSEIPDB")`
			`inactiveSecret := testSecrets.MustGetField("ABUSEIPDB_INACTIVE")`

			`type args struct {`
			`ctx context.Context`
			`data []byte`
			`verify bool`
			`}`
			`tests := []struct {`
			`name string`
			`s Scanner`
			`args args`
			`want []detectors.Result`
			`wantErr bool`
			`}{`
			`{`
			`name: "found, verified",`
			`s: Scanner{},`
			`args: args{`
			`ctx: context.Background(),`
Detectors Updates 1 for Tristate Verification (#2187) * updating alibaba * updating agora * updating aeroworkflow * updating aha * updating artifactory * updating abbysale * updating abstract * updating abuseipdb * updating accuweather * updating adafruitio * updating adzuna * cleanup on abuseipdb * cleanup on aha * cleanup on abuseipdb * cleanup on aeroworkflow * cleanup on adzuna * cleanup on accuweather * cleanup/refactor * update token pattern to be explicitly 73char (old) or 64char (new) * comment to clarify 403 on Aha * mocking out verified case for aha + adding inactive account test * using contact response instead of gock * update 403 to be determinate 2024-01-30 17:20:56 +00:00			`data: []byte(fmt.Sprintf("You can find a abuseipdb secret %s within but verified", secret)),`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`verify: true,`
			`},`
			`want: []detectors.Result{`
			`{`
			`DetectorType: detectorspb.DetectorType_AbuseIPDB,`
			`Verified: true,`
			`},`
			`},`
			`wantErr: false,`
			`},`
Detectors Updates 1 for Tristate Verification (#2187) * updating alibaba * updating agora * updating aeroworkflow * updating aha * updating artifactory * updating abbysale * updating abstract * updating abuseipdb * updating accuweather * updating adafruitio * updating adzuna * cleanup on abuseipdb * cleanup on aha * cleanup on abuseipdb * cleanup on aeroworkflow * cleanup on adzuna * cleanup on accuweather * cleanup/refactor * update token pattern to be explicitly 73char (old) or 64char (new) * comment to clarify 403 on Aha * mocking out verified case for aha + adding inactive account test * using contact response instead of gock * update 403 to be determinate 2024-01-30 17:20:56 +00:00			`{`
			`name: "found, real secrets, verification error due to timeout",`
			`s: Scanner{client: common.SaneHttpClientTimeOut(1 * time.Microsecond)},`
			`args: args{`
			`ctx: context.Background(),`
			`data: []byte(fmt.Sprintf("You can find a abuseipdb secret %s within", secret)),`
			`verify: true,`
			`},`
			`want: func() []detectors.Result {`
			`r := detectors.Result{`
			`DetectorType: detectorspb.DetectorType_AbuseIPDB,`
			`Verified: false,`
			`}`
			`r.SetVerificationError(context.DeadlineExceeded)`
			`return []detectors.Result{r}`
			`}(),`
			`wantErr: false,`
			`},`
			`{`
			`name: "found, real secrets, verification error due to unexpected api surface",`
			`s: Scanner{client: common.ConstantResponseHttpClient(500, "{}")},`
			`args: args{`
			`ctx: context.Background(),`
			`data: []byte(fmt.Sprintf("You can find a abuseipdb secret %s within", secret)),`
			`verify: true,`
			`},`
			`want: func() []detectors.Result {`
			`r := detectors.Result{`
			`DetectorType: detectorspb.DetectorType_AbuseIPDB,`
			`Verified: false,`
			`}`
			`r.SetVerificationError(fmt.Errorf("unexpected HTTP response status 500"))`
			`return []detectors.Result{r}`
			`}(),`
			`wantErr: false,`
			`},`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`{`
			`name: "found, unverified",`
			`s: Scanner{},`
			`args: args{`
			`ctx: context.Background(),`
Detectors Updates 1 for Tristate Verification (#2187) * updating alibaba * updating agora * updating aeroworkflow * updating aha * updating artifactory * updating abbysale * updating abstract * updating abuseipdb * updating accuweather * updating adafruitio * updating adzuna * cleanup on abuseipdb * cleanup on aha * cleanup on abuseipdb * cleanup on aeroworkflow * cleanup on adzuna * cleanup on accuweather * cleanup/refactor * update token pattern to be explicitly 73char (old) or 64char (new) * comment to clarify 403 on Aha * mocking out verified case for aha + adding inactive account test * using contact response instead of gock * update 403 to be determinate 2024-01-30 17:20:56 +00:00			`data: []byte(fmt.Sprintf("You can find a abuseipdb secret %s within", inactiveSecret)), // the secret would satisfy the regex but not pass validation`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`verify: true,`
			`},`
			`want: []detectors.Result{`
			`{`
			`DetectorType: detectorspb.DetectorType_AbuseIPDB,`
			`Verified: false,`
			`},`
			`},`
			`wantErr: false,`
			`},`
			`{`
			`name: "not found",`
			`s: Scanner{},`
			`args: args{`
			`ctx: context.Background(),`
			`data: []byte("You cannot find the secret within"),`
			`verify: true,`
			`},`
			`want: nil,`
			`wantErr: false,`
			`},`
			`}`
			`for _, tt := range tests {`
			`t.Run(tt.name, func(t *testing.T) {`
Detectors Updates 1 for Tristate Verification (#2187) * updating alibaba * updating agora * updating aeroworkflow * updating aha * updating artifactory * updating abbysale * updating abstract * updating abuseipdb * updating accuweather * updating adafruitio * updating adzuna * cleanup on abuseipdb * cleanup on aha * cleanup on abuseipdb * cleanup on aeroworkflow * cleanup on adzuna * cleanup on accuweather * cleanup/refactor * update token pattern to be explicitly 73char (old) or 64char (new) * comment to clarify 403 on Aha * mocking out verified case for aha + adding inactive account test * using contact response instead of gock * update 403 to be determinate 2024-01-30 17:20:56 +00:00			`got, err := tt.s.FromData(tt.args.ctx, tt.args.verify, tt.args.data)`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`if (err != nil) != tt.wantErr {`
			`t.Errorf("AbuseIPDB.FromData() error = %v, wantErr %v", err, tt.wantErr)`
			`return`
			`}`
			`for i := range got {`
			`if len(got[i].Raw) == 0 {`
			`t.Fatalf("no raw secret present: \n %+v", got[i])`
			`}`
Detectors Updates 1 for Tristate Verification (#2187) * updating alibaba * updating agora * updating aeroworkflow * updating aha * updating artifactory * updating abbysale * updating abstract * updating abuseipdb * updating accuweather * updating adafruitio * updating adzuna * cleanup on abuseipdb * cleanup on aha * cleanup on abuseipdb * cleanup on aeroworkflow * cleanup on adzuna * cleanup on accuweather * cleanup/refactor * update token pattern to be explicitly 73char (old) or 64char (new) * comment to clarify 403 on Aha * mocking out verified case for aha + adding inactive account test * using contact response instead of gock * update 403 to be determinate 2024-01-30 17:20:56 +00:00			`gotErr := ""`
			`if got[i].VerificationError() != nil {`
			`gotErr = got[i].VerificationError().Error()`
			`}`
			`wantErr := ""`
			`if tt.want[i].VerificationError() != nil {`
			`wantErr = tt.want[i].VerificationError().Error()`
			`}`
			`if gotErr != wantErr {`
			`t.Fatalf("wantVerificationError = %v, verification error = %v", tt.want[i].VerificationError(), got[i].VerificationError())`
			`}`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`}`
Detectors Updates 1 for Tristate Verification (#2187) * updating alibaba * updating agora * updating aeroworkflow * updating aha * updating artifactory * updating abbysale * updating abstract * updating abuseipdb * updating accuweather * updating adafruitio * updating adzuna * cleanup on abuseipdb * cleanup on aha * cleanup on abuseipdb * cleanup on aeroworkflow * cleanup on adzuna * cleanup on accuweather * cleanup/refactor * update token pattern to be explicitly 73char (old) or 64char (new) * comment to clarify 403 on Aha * mocking out verified case for aha + adding inactive account test * using contact response instead of gock * update 403 to be determinate 2024-01-30 17:20:56 +00:00			`ignoreOpts := cmpopts.IgnoreFields(detectors.Result{}, "Raw", "RawV2", "verificationError")`
			`if diff := cmp.Diff(got, tt.want, ignoreOpts); diff != "" {`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`t.Errorf("AbuseIPDB.FromData() %s diff: (-got +want)\n%s", tt.name, diff)`
			`}`
			`})`
			`}`
			`}`

			`func BenchmarkFromData(benchmark *testing.B) {`
			`ctx := context.Background()`
			`s := Scanner{}`
			`for name, data := range detectors.MustGetBenchmarkData() {`
			`benchmark.Run(name, func(b *testing.B) {`
[chore] - update benchmarks. (#1641) * update benchmarks. * remove dupe timer reset. 2023-08-23 21:34:10 +00:00			`b.ResetTimer()`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`for n := 0; n < b.N; n++ {`
Fix linting and dogfood in CI 2022-03-01 04:38:13 +00:00			`_, err := s.FromData(ctx, false, data)`
			`if err != nil {`
			`b.Fatal(err)`
			`}`
added abuseipdb detector 2022-01-19 06:19:01 +00:00			`}`
			`})`
			`}`
			`}`