Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 07:04:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update results's extra data for Twilio (#2807)

Browse source 
* Response structure added for service api of Twilio.
added two response fields in extra data:
1) friendly_name
2) account_sid

* mark credentials verified for non-fatal errors.
also check for atleast one service in response before extracting metadata.
This commit is contained in:
Abdul Basit 2024-05-13 19:09:35 +05:00 committed by GitHub
parent 64be16c940
commit f527da9ecc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 20 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
pkg/detectors/twilio/twilio.go
View file

@ -2,10 +2,12 @@ package twilio
import (
"context"
"encoding/json"
"fmt"
regexp "github.com/wasilibs/go-re2"
"net/http"
regexp "github.com/wasilibs/go-re2"
"github.com/trufflesecurity/trufflehog/v3/pkg/common"
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
@ -25,6 +27,16 @@ var (
keyPat = regexp.MustCompile(`\b[0-9a-f]{32}\b`)
)
type serviceResponse struct {
Services []service `json:"services"`
}
type service struct {
FriendlyName string `json:"friendly_name"` // friendly name of a service
SID string `json:"sid"` // object id of service
AccountSID string `json:"account_sid"` // account sid
}
// Keywords are used for efficiently pre-filtering chunks.
// Use identifiers in the secret preferably, or the provider name.
func (s Scanner) Keywords() []string {
@ -73,10 +85,16 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
req.SetBasicAuth(sid, key)
res, err := client.Do(req)
if err == nil {
res.Body.Close() // The request body is unused.
defer res.Body.Close()
if res.StatusCode >= 200 && res.StatusCode < 300 {
s1.Verified = true
var serviceResponse serviceResponse
if err := json.NewDecoder(res.Body).Decode(&serviceResponse); err == nil && len(serviceResponse.Services) > 0 { // no error in parsing and have atleast one service
service := serviceResponse.Services[0]
s1.ExtraData["friendly_name"] = service.FriendlyName
s1.ExtraData["account_sid"] = service.AccountSID
}
} else if res.StatusCode == 401 || res.StatusCode == 403 {
// The secret is determinately not verified (nothing to do)
} else {