mirror of
https://github.com/trufflesecurity/trufflehog.git
synced 2024-11-10 07:04:24 +00:00
69f5d9b76d
* Fixed the checks for local exported data * Fixed the check for local export files * Fixed the check for local export files * Fixed the check for local export files * Merge branch 'main' into th-899-postman-panic-issue * minor changes in the tests * test update * test
66 lines
2.2 KiB
Go
66 lines
2.2 KiB
Go
package engine
|
|
|
|
import (
|
|
"errors"
|
|
|
|
"google.golang.org/protobuf/proto"
|
|
"google.golang.org/protobuf/types/known/anypb"
|
|
|
|
"github.com/trufflesecurity/trufflehog/v3/pkg/context"
|
|
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
|
|
"github.com/trufflesecurity/trufflehog/v3/pkg/sources"
|
|
"github.com/trufflesecurity/trufflehog/v3/pkg/sources/postman"
|
|
)
|
|
|
|
// ScanPostman scans Postman with the provided options.
|
|
func (e *Engine) ScanPostman(ctx context.Context, c sources.PostmanConfig) error {
|
|
connection := sourcespb.Postman{
|
|
Workspaces: c.Workspaces,
|
|
Collections: c.Collections,
|
|
Environments: c.Environments,
|
|
IncludeCollections: c.IncludeCollections,
|
|
IncludeEnvironments: c.IncludeEnvironments,
|
|
ExcludeCollections: c.ExcludeCollections,
|
|
ExcludeEnvironments: c.ExcludeEnvironments,
|
|
WorkspacePaths: c.WorkspacePaths,
|
|
CollectionPaths: c.CollectionPaths,
|
|
EnvironmentPaths: c.EnvironmentPaths,
|
|
}
|
|
|
|
// Check if postman data is going to be accessed via an api call using a token, or
|
|
// if it has been already exported and exists locally
|
|
if len(c.Token) > 0 {
|
|
connection.Credential = &sourcespb.Postman_Token{
|
|
Token: c.Token,
|
|
}
|
|
} else if len(c.WorkspacePaths) > 0 || len(c.CollectionPaths) > 0 || len(c.EnvironmentPaths) > 0 {
|
|
connection.Credential = &sourcespb.Postman_Unauthenticated{}
|
|
} else {
|
|
return errors.New("no path to locally exported data or API token provided")
|
|
}
|
|
|
|
// Turn AhoCorasick keywordsToDetectors into a map of keywords
|
|
keywords := make(map[string]struct{})
|
|
for key := range e.ahoCorasickCore.KeywordsToDetectors() {
|
|
keywords[key] = struct{}{}
|
|
}
|
|
|
|
var conn anypb.Any
|
|
err := anypb.MarshalFrom(&conn, &connection, proto.MarshalOptions{})
|
|
if err != nil {
|
|
ctx.Logger().Error(err, "failed to marshal Postman connection")
|
|
return err
|
|
}
|
|
|
|
sourceName := "trufflehog - postman"
|
|
sourceID, jobID, _ := e.sourceManager.GetIDs(ctx, sourceName, postman.SourceType)
|
|
|
|
postmanSource := &postman.Source{
|
|
DetectorKeywords: keywords,
|
|
}
|
|
if err := postmanSource.Init(ctx, sourceName, jobID, sourceID, true, &conn, c.Concurrency); err != nil {
|
|
return err
|
|
}
|
|
_, err = e.sourceManager.Run(ctx, sourceName, postmanSource)
|
|
return err
|
|
}
|