fix: fixed autoklose verification endpoint (#3447)

* fix: fixed autoklose verification endpoint * fix: addressed review comments * fix: addressed review comments * fix: added guard checks for 401 and 200 * fix: added code
2024-11-14 08:57:40 +00:00 · 2024-10-19 02:02:17 +05:30 · 2024-10-19 02:02:17 +05:30 · f7252c525a
commit f7252c525a
parent 3499df65f2
2 changed files with 29 additions and 12 deletions
--- a/pkg/detectors/autoklose/autoklose.go
+++ b/pkg/detectors/autoklose/autoklose.go
@ -4,11 +4,12 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	regexp "github.com/wasilibs/go-re2"
 	"io"
 	"net/http"
 	"strings"

+	regexp "github.com/wasilibs/go-re2"
+
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
@ -50,24 +51,37 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 		}

 		if verify {
-			req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("https://api.autoklose.com/api/campaigns/?api_token=%s", resMatch), nil)
+			// API Documentation: https://api.aklab.xyz/#auth-info-fd71acd1-2e41-4991-8789-3edfd258479a
+			req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("https://api.autoklose.com/api/me/?api_token=%s", resMatch), nil)
 			if err != nil {
 				continue
 			}
+			req.Header.Add("Accept", "application/json")
 			res, err := client.Do(req)
 			if err == nil {
-				bodyBytes, err := io.ReadAll(res.Body)
-				if err != nil {
-					continue
-				}
-				defer res.Body.Close()
-				if res.StatusCode >= 200 && res.StatusCode < 300 {
-					if json.Valid(bodyBytes) {
-						s1.Verified = true
-					} else {
-						s1.Verified = false
+				defer func() {
+					_, _ = io.Copy(io.Discard, res.Body)
+					_ = res.Body.Close()
+				}()
+
+				if res.StatusCode == http.StatusOK {
+					s1.Verified = true
+					bodyBytes, err := io.ReadAll(res.Body)
+					if err != nil {
+						continue
+					}
+
+					var responseBody map[string]interface{}
+					if err := json.Unmarshal(bodyBytes, &responseBody); err == nil {
+						if email, ok := responseBody["email"].(string); ok {
+							s1.ExtraData = map[string]string{
+								"email": email,
+							}
+						}
 					}
 				}
+			} else {
+				s1.SetVerificationError(err, resMatch)
 			}
 		}

--- a/pkg/detectors/autoklose/autoklose_test.go
+++ b/pkg/detectors/autoklose/autoklose_test.go
@ -50,6 +50,9 @@ func TestAutoklose_FromChunk(t *testing.T) {
 				{
 					DetectorType: detectorspb.DetectorType_Autoklose,
 					Verified:     true,
+					ExtraData: map[string]string{
+						"email": "mladen.stevanovic@vanillasoft.com",
+					},
 				},
 			},
 			wantErr: false,