[chore] - Sentry detector update (#1746)

* add test case for account deactivated. * Handle empty case.
2024-11-10 07:04:24 +00:00 · 2023-09-11 07:26:09 -07:00 · 2023-09-11 07:26:09 -07:00 · e53a72abd2
commit e53a72abd2
parent 62ce9bac8b
2 changed files with 42 additions and 1 deletions
--- a/pkg/detectors/sentrytoken/sentrytoken.go
+++ b/pkg/detectors/sentrytoken/sentrytoken.go
@ -122,6 +122,9 @@ func verifyToken(ctx context.Context, client *http.Client, token string) (bool,
 	if err = json.Unmarshal(bytes, &resp); err != nil {
 		return false, err
 	}
+	if len(resp) == 0 {
+		return false, fmt.Errorf("unexpected response body: %s", string(bytes))
+	}

 	return isVerified, err
 }
--- a/pkg/detectors/sentrytoken/sentrytoken_test.go
+++ b/pkg/detectors/sentrytoken/sentrytoken_test.go
@ -123,6 +123,40 @@ func TestSentryToken_FromChunk(t *testing.T) {
 			},
 			wantErr: false,
 		},
+		{
+			name: "found, account deactivated",
+			s:    Scanner{client: common.ConstantResponseHttpClient(200, reponseAccountDeactivated)},
+			args: args{
+				ctx:    context.Background(),
+				data:   []byte(fmt.Sprintf("You can find a sentry super secret %s within", secret)),
+				verify: true,
+			},
+			want: []detectors.Result{
+				{
+					DetectorType: detectorspb.DetectorType_SentryToken,
+					Verified:     false,
+				},
+			},
+			wantErr:             false,
+			wantVerificationErr: true,
+		},
+		{
+			name: "found, account deactivated",
+			s:    Scanner{client: common.ConstantResponseHttpClient(200, responseEnmpty)},
+			args: args{
+				ctx:    context.Background(),
+				data:   []byte(fmt.Sprintf("You can find a sentry super secret %s within", secret)),
+				verify: true,
+			},
+			want: []detectors.Result{
+				{
+					DetectorType: detectorspb.DetectorType_SentryToken,
+					Verified:     false,
+				},
+			},
+			wantErr:             false,
+			wantVerificationErr: true,
+		},
 		{
 			name: "not found",
 			s:    Scanner{},
@ -159,7 +193,8 @@ func TestSentryToken_FromChunk(t *testing.T) {
 	}
 }

-const responseBody403 = `
+const (
+	responseBody403 = `
 [
  {
    "organization": {
@ -174,6 +209,9 @@ const responseBody403 = `
  }
 ]
 `
+	reponseAccountDeactivated = `{"detail": "Authentication credentials were not provided"}`
+	responseEnmpty            = `[]`
+)

 func BenchmarkFromData(benchmark *testing.B) {
 	ctx := context.Background()