Test Gitlab basic authentication with password and personal access token (#474)

2024-11-10 15:14:38 +00:00 · 2022-04-23 19:55:13 -05:00 · 2022-04-23 19:55:13 -05:00 · 8cd0831f77
commit 8cd0831f77
parent 753f116c89
2 changed files with 46 additions and 1 deletions
--- a/pkg/sources/gitlab/gitlab.go
+++ b/pkg/sources/gitlab/gitlab.go
@ -377,7 +377,7 @@ func (s *Source) basicAuthSuccessful(apiClient *gitlab.Client) bool {
 	if err != nil {
 		return false
 	}
-	if resp.StatusCode <= 400 {
+	if resp.StatusCode != 200 {
 		return false
 	}
 	if user != nil {
--- a/pkg/sources/gitlab/gitlab_test.go
+++ b/pkg/sources/gitlab/gitlab_test.go
@ -8,6 +8,7 @@ import (
 	"github.com/kylelemons/godebug/pretty"
 	"google.golang.org/protobuf/types/known/anypb"

+	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/credentialspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"

 	log "github.com/sirupsen/logrus"
@ -27,6 +28,8 @@ func TestSource_Scan(t *testing.T) {
 		t.Fatal(fmt.Errorf("failed to access secret: %v", err))
 	}
 	token := secret.MustGetField("GITLAB_TOKEN")
+	basicUser := secret.MustGetField("GITLAB_USER")
+	basicPass := secret.MustGetField("GITLAB_PASS")

 	type init struct {
 		name       string
@ -74,6 +77,48 @@ func TestSource_Scan(t *testing.T) {
 			},
 			wantErr: false,
 		},
+		{
+			name: "basic auth, scoped repo",
+			init: init{
+				name: "test source basic auth scoped",
+				connection: &sourcespb.GitLab{
+					Repositories: []string{"https://gitlab.com/testermctestface/testy.git"},
+					Credential: &sourcespb.GitLab_BasicAuth{
+						BasicAuth: &credentialspb.BasicAuth{
+							Username: basicUser,
+							Password: basicPass,
+						},
+					},
+				},
+			},
+			wantChunk: &sources.Chunk{
+				SourceType: sourcespb.SourceType_SOURCE_TYPE_GITLAB,
+				SourceName: "test source basic auth scoped",
+				Verify:     false,
+			},
+			wantErr: false,
+		},
+		{
+			name: "basic auth access token, scoped repo",
+			init: init{
+				name: "test source basic auth access token scoped",
+				connection: &sourcespb.GitLab{
+					Repositories: []string{"https://gitlab.com/testermctestface/testy.git"},
+					Credential: &sourcespb.GitLab_BasicAuth{
+						BasicAuth: &credentialspb.BasicAuth{
+							Username: basicUser,
+							Password: token,
+						},
+					},
+				},
+			},
+			wantChunk: &sources.Chunk{
+				SourceType: sourcespb.SourceType_SOURCE_TYPE_GITLAB,
+				SourceName: "test source basic auth access token scoped",
+				Verify:     false,
+			},
+			wantErr: false,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {