Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 07:04:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update result's extra data for Slack (#2779)

Browse source 
* add name of team and user in extra data of results, received from slack'api

* adding token type in extra data for slack
This commit is contained in:
Abdul Basit 2024-05-03 01:16:30 +05:00 committed by GitHub
parent 4ea3a1376b
commit bf25b74224
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
pkg/detectors/slack/slack.go
View file

@ -53,7 +53,7 @@ func (s Scanner) Keywords() []string {
func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
dataStr := string(data)
for _, tokenPat := range tokenPats {
for key, tokenPat := range tokenPats {
tokens := tokenPat.FindAllString(dataStr, -1)
for _, token := range tokens {
@ -63,6 +63,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
}
s1.ExtraData = map[string]string{
"rotation_guide": "https://howtorotate.com/docs/tutorials/slack/",
"token_type": key,
}
if verify {
client := s.client
@ -89,6 +90,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
if authResponse.Ok {
s1.Verified = true
// Store name of user and team in extra data received from slack's api
s1.ExtraData["team"] = authResponse.Team
s1.ExtraData["name"] = authResponse.User
// Slack API returns 200 even if the token is invalid. We need to check the error field.
} else if authResponse.Error == "invalid_auth" {
// The secret is determinately not verified (nothing to do)