Use new nightfall API client (#57)

* Use new nightfall API client

* lint

* remove test logging

* Use nightfall go client tag

Author: bradleymcallister97

go.mod

@@ -4,14 +4,13 @@ go 1.13
 
 require (
 	github.com/gobwas/glob v0.2.3
-	github.com/golang/mock v1.4.3
-	github.com/google/go-cmp v0.5.1 // indirect
+	github.com/golang/mock v1.4.4
 	github.com/google/go-github/v33 v33.0.0
 	github.com/google/uuid v1.1.2
-	github.com/nightfallai/nightfall_go_client v1.0.3
+	github.com/nightfallai/nightfall_go_client v1.1.0
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.6.1
-	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
+	golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99
 	gotest.tools v2.2.0+incompatible
 )

go.sum

@@ -144,6 +144,19 @@ const excludedCreditCardRegex = "4242-4242-4242-[0-9]{4}"
 const excludedApiToken = "xG0Ct4Wsu3OTcJnE1dFLAQfRgL6b8tIv"
 const excludedIPRegex = "^127\\."
 
+var (
+	one                           int32 = 1
+	nightfallDetectorType               = nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR
+	ccDetector                          = nightfallAPI.NIGHTFALLDETECTORTYPE_CREDIT_CARD_NUMBER
+	pnDetector                          = nightfallAPI.NIGHTFALLDETECTORTYPE_PHONE_NUMBER
+	ipDetector                          = nightfallAPI.NIGHTFALLDETECTORTYPE_IP_ADDRESS
+	confidencePossible                  = nightfallAPI.CONFIDENCE_POSSIBLE
+	nightfallAPIKey                     = nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY
+	nightfallAPIKeyName                 = string(nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY)
+	nightfallCryptographicKey           = nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY
+	nightfallCryptographicKeyName       = string(nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY)
+)
+
 var envVars = []string{
 	WorkspacePathEnvVar,
 	CircleCurrentCommitShaEnvVar,
@@ -181,21 +194,21 @@ func (c *circleCiTestSuite) TestLoadConfig() {
 		NightfallAPIKey: apiKey,
 		NightfallConditions: []*nightfallAPI.Condition{
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_CREDIT_CARD_NUMBER,
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &ccDetector,
 				},
 			},
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_PHONE_NUMBER,
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &pnDetector,
 				},
 			},
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_IP_ADDRESS,
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &ipDetector,
 				},
 			},
 		},
@@ -279,22 +292,22 @@ func (c *circleCiTestSuite) TestLoadEmptyConfig() {
 		NightfallAPIKey: apiKey,
 		NightfallConditions: []*nightfallAPI.Condition{
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY,
-					DisplayName:       string(nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY),
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &nightfallAPIKey,
+					DisplayName:       &nightfallAPIKeyName,
 				},
-				MinConfidence:  nightfallAPI.CONFIDENCE_POSSIBLE,
-				MinNumFindings: 1,
+				MinConfidence:  &confidencePossible,
+				MinNumFindings: &one,
 			},
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY,
-					DisplayName:       string(nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY),
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &nightfallCryptographicKey,
+					DisplayName:       &nightfallCryptographicKeyName,
 				},
-				MinConfidence:  nightfallAPI.CONFIDENCE_POSSIBLE,
-				MinNumFindings: 1,
+				MinConfidence:  &confidencePossible,
+				MinNumFindings: &one,
 			},
 		},
 		NightfallMaxNumberRoutines: nightfallconfig.DefaultMaxNumberRoutines,

internal/clients/diffreviewer/circleci/circleci_service_test.go

@@ -145,6 +145,19 @@ const excludedCreditCardRegex = "4242-4242-4242-[0-9]{4}"
 const excludedApiToken = "xG0Ct4Wsu3OTcJnE1dFLAQfRgL6b8tIv"
 const excludedIPRegex = "^127\\."
 
+var (
+	one                           int32 = 1
+	nightfallDetectorType               = nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR
+	ccDetector                          = nightfallAPI.NIGHTFALLDETECTORTYPE_CREDIT_CARD_NUMBER
+	pnDetector                          = nightfallAPI.NIGHTFALLDETECTORTYPE_PHONE_NUMBER
+	ipDetector                          = nightfallAPI.NIGHTFALLDETECTORTYPE_IP_ADDRESS
+	confidencePossible                  = nightfallAPI.CONFIDENCE_POSSIBLE
+	nightfallAPIKey                     = nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY
+	nightfallAPIKeyName                 = string(nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY)
+	nightfallCryptographicKey           = nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY
+	nightfallCryptographicKeyName       = string(nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY)
+)
+
 var envVars = []string{
 	githubservice.WorkspacePathEnvVar,
 	githubservice.EventPathEnvVar,
@@ -177,21 +190,21 @@ func (g *githubTestSuite) TestLoadConfig() {
 		NightfallAPIKey: apiKey,
 		NightfallConditions: []*nightfallAPI.Condition{
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_CREDIT_CARD_NUMBER,
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &ccDetector,
 				},
 			},
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_PHONE_NUMBER,
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &pnDetector,
 				},
 			},
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_IP_ADDRESS,
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &ipDetector,
 				},
 			},
 		},
@@ -268,22 +281,22 @@ func (g *githubTestSuite) TestLoadEmptyConfig() {
 		NightfallAPIKey: apiKey,
 		NightfallConditions: []*nightfallAPI.Condition{
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY,
-					DisplayName:       string(nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY),
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &nightfallAPIKey,
+					DisplayName:       &nightfallAPIKeyName,
 				},
-				MinConfidence:  nightfallAPI.CONFIDENCE_POSSIBLE,
-				MinNumFindings: 1,
+				MinConfidence:  &confidencePossible,
+				MinNumFindings: &one,
 			},
 			{
-				Detector: nightfallAPI.Detector{
-					DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-					NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY,
-					DisplayName:       string(nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY),
+				Detector: &nightfallAPI.Detector{
+					DetectorType:      &nightfallDetectorType,
+					NightfallDetector: &nightfallCryptographicKey,
+					DisplayName:       &nightfallCryptographicKeyName,
 				},
-				MinConfidence:  nightfallAPI.CONFIDENCE_POSSIBLE,
-				MinNumFindings: 1,
+				MinConfidence:  &confidencePossible,
+				MinNumFindings: &one,
 			},
 		},
 		NightfallMaxNumberRoutines: nightfallconfig.DefaultMaxNumberRoutines,

internal/clients/diffreviewer/github/github_service_test.go

@@ -92,12 +92,18 @@ func blurContent(content string) string {
 }
 
 func getCommentMsg(finding nightfallAPI.ScanResponseV2) string {
-	blurredContent := blurContent(finding.Fragment)
-	return fmt.Sprintf("Suspicious content detected (%s, type %s)", blurredContent, finding.DetectorName)
+	if finding.Fragment == nil || finding.DetectorName == nil {
+		return ""
+	}
+	blurredContent := blurContent(*finding.Fragment)
+	return fmt.Sprintf("Suspicious content detected (%s, type %s)", blurredContent, *finding.DetectorName)
 }
 
 func getCommentTitle(finding nightfallAPI.ScanResponseV2) string {
-	return fmt.Sprintf("Detected %s", finding.DetectorName)
+	if finding.DetectorName == nil {
+		return ""
+	}
+	return fmt.Sprintf("Detected %s", *finding.DetectorName)
 }
 
 // wordSplitter is of type bufio.SplitFunc (https://golang.org/pkg/bufio/#SplitFunc)
@@ -172,7 +178,7 @@ func createCommentsFromScanResp(
 	comments := []*diffreviewer.Comment{}
 	for j, findingList := range resp {
 		for _, finding := range findingList {
-			if !isFindingInTokenExclusionList(finding.Fragment, tokenExclusionList) {
+			if finding.Fragment != nil && !isFindingInTokenExclusionList(*finding.Fragment, tokenExclusionList) {
 				// Found sensitive info
 				// Create comment if fragment is not in exclusion set
 				correspondingContent := inputContent[j]
@@ -212,14 +218,22 @@ func (n *Client) CreateScanRequest(items []string) nightfallAPI.ScanRequestV2 {
 	for _, d := range n.Conditions {
 		conds = append(conds, *d)
 	}
+	var conditionSetUUID *string = nil
+	if n.ConditionSetUUID != "" {
+		conditionSetUUID = &n.ConditionSetUUID
+	}
+	var conditionSet *nightfallAPI.ScanRequestV2ConfigConditionSet = nil
+	if len(conds) > 0 {
+		conditionSet = &nightfallAPI.ScanRequestV2ConfigConditionSet{
+			Conditions: &conds,
+		}
+	}
 	return nightfallAPI.ScanRequestV2{
-		Config: nightfallAPI.ScanRequestV2Config{
-			ConditionSetUUID: n.ConditionSetUUID,
-			ConditionSet: nightfallAPI.ScanRequestV2ConfigConditionSet{
-				Conditions: conds,
-			},
+		Config: &nightfallAPI.ScanRequestV2Config{
+			ConditionSetUUID: conditionSetUUID,
+			ConditionSet:     conditionSet,
 		},
-		Payload: items,
+		Payload: &items,
 	}
 }
 
@@ -296,7 +310,7 @@ func (n *Client) Scan(
 		Key:    n.APIKey,
 		Prefix: "",
 	}
-	newCtx := context.WithValue(ctx, nightfallAPI.ContextAPIKey, APIKey)
+	newCtx := context.WithValue(ctx, nightfallAPI.ContextAPIKeys, map[string]nightfallAPI.APIKey{"apiKeyAuth": APIKey})
 	request := n.CreateScanRequest(items)
 	return n.makeScanRequestWithRetries(newCtx, logger, request)
 }
@@ -324,7 +338,7 @@ func (n *Client) makeScanRequestWithRetries(
 			logger.Error(
 				fmt.Sprintf(
 					"Error from Nightfall API, unable to successfully scan %d items",
-					len(request.Payload),
+					len(*request.Payload),
 				),
 			)
 			return nil, err
@@ -380,10 +394,10 @@ func (n *Client) ReviewDiff(
 }
 
 func filterFileDiffs(fileDiffs []*diffreviewer.FileDiff, fileIncludeList, fileExcludeList []string, logger logger.Logger) []*diffreviewer.FileDiff {
-	if fileIncludeList != nil && len(fileIncludeList) > 0 {
+	if len(fileIncludeList) > 0 {
 		fileDiffs = filterByFilePath(fileDiffs, fileIncludeList, true, logger)
 	}
-	if fileExcludeList != nil && len(fileExcludeList) > 0 {
+	if len(fileExcludeList) > 0 {
 		fileDiffs = filterByFilePath(fileDiffs, fileExcludeList, false, logger)
 	}
 	return fileDiffs

internal/clients/nightfall/nightfall.go

@@ -25,5 +25,5 @@ func (c *APIClient) ScanPayload(
 	ctx context.Context,
 	scanReq nightfallAPI.ScanRequestV2,
 ) ([][]nightfallAPI.ScanResponseV2, *http.Response, error) {
-	return c.APIClient.ScanV2Api.ScanPayloadV2(ctx, scanReq)
+	return c.APIClient.ScanApi.ScanPayloadV2(ctx).ScanReqV2(scanReq).Execute()
 }

internal/clients/nightfall/nightfall_api.go

@@ -24,14 +24,6 @@ const (
 	apiKeyContent            = "my api key is yr+ZWwIZp6ifFgaHV8410b2BxbRt5QiAj1EZx1qj"
 )
 
-var allLikelihoods = []nightfallAPI.Confidence{
-	nightfallAPI.CONFIDENCE_VERY_LIKELY,
-	nightfallAPI.CONFIDENCE_UNLIKELY,
-	nightfallAPI.CONFIDENCE_POSSIBLE,
-	nightfallAPI.CONFIDENCE_LIKELY,
-	nightfallAPI.CONFIDENCE_VERY_LIKELY,
-}
-
 func TestChunkContent(t *testing.T) {
 	tests := []struct {
 		haveBufSize int
@@ -382,17 +374,20 @@ func TestMatchGlob(t *testing.T) {
 	}
 }
 func createScanResponse(fragment string, detType nightfallAPI.NightfallDetectorType) nightfallAPI.ScanResponseV2 {
+	detectorName := string(detType)
+	zero := int32(0)
+	end := int32(len(fragment))
 	return nightfallAPI.ScanResponseV2{
-		Fragment:     fragment,
-		DetectorName: string(detType),
-		Location: nightfallAPI.ScanResponseV2Location{
-			ByteRange: nightfallAPI.ScanResponseV2LocationByteRange{
-				Start: 0,
-				End:   int32(len(fragment)),
+		Fragment:     &fragment,
+		DetectorName: &detectorName,
+		Location: &nightfallAPI.ScanResponseLocation{
+			ByteRange: &nightfallAPI.ScanResponseLocationByteRange{
+				Start: &zero,
+				End:   &end,
 			},
-			UnicodeRange: nightfallAPI.ScanResponseV2LocationUnicodeRange{
-				Start: 0,
-				End:   int32(len(fragment)),
+			UnicodeRange: &nightfallAPI.ScanResponseLocationUnicodeRange{
+				Start: &zero,
+				End:   &end,
 			},
 		},
 	}

internal/clients/nightfall/nightfall_internal_test.go

@@ -18,10 +18,19 @@ import (
 	"github.com/stretchr/testify/suite"
 )
 
-const (
+var (
 	exampleCreditCardNumber = "4916-6734-7572-5015"
 	blurredCreditCard       = "49********"
 	maxItemsForAPIReq       = 479
+
+	one                           int32 = 1
+	confidencePossible                  = nightfallAPI.CONFIDENCE_POSSIBLE
+	nightfallDetectorType               = nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR
+	nightfallAPIKey                     = nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY
+	nightfallAPIKeyName                 = string(nightfallAPI.NIGHTFALLDETECTORTYPE_API_KEY)
+	nightfallCryptographicKey           = nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY
+	nightfallCryptographicKeyName       = string(nightfallAPI.NIGHTFALLDETECTORTYPE_CRYPTOGRAPHIC_KEY)
+	nightfallCreditCardName             = string(nightfallAPI.NIGHTFALLDETECTORTYPE_CREDIT_CARD_NUMBER)
 )
 
 type nightfallTestSuite struct {
@@ -30,16 +39,22 @@ type nightfallTestSuite struct {
 
 var testConditions = []*nightfallAPI.Condition{
 	{
-		Detector: nightfallAPI.Detector{
-			DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-			NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_CREDIT_CARD_NUMBER,
+		Detector: &nightfallAPI.Detector{
+			DetectorType:      &nightfallDetectorType,
+			NightfallDetector: &nightfallAPIKey,
+			DisplayName:       &nightfallAPIKeyName,
 		},
+		MinNumFindings: &one,
+		MinConfidence:  &confidencePossible,
 	},
 	{
-		Detector: nightfallAPI.Detector{
-			DetectorType:      nightfallAPI.DETECTORTYPE_NIGHTFALL_DETECTOR,
-			NightfallDetector: nightfallAPI.NIGHTFALLDETECTORTYPE_PHONE_NUMBER,
+		Detector: &nightfallAPI.Detector{
+			DetectorType:      &nightfallDetectorType,
+			NightfallDetector: &nightfallCryptographicKey,
+			DisplayName:       &nightfallCryptographicKeyName,
 		},
+		MinNumFindings: &one,
+		MinConfidence:  &confidencePossible,
 	},
 }
 var testItems = []string{
@@ -52,9 +67,9 @@ var expectedScanResponse = [][]nightfallAPI.ScanResponseV2{
 	{},
 	{
 		{
-			Fragment:     exampleCreditCardNumber,
-			DetectorName: string(nightfallAPI.NIGHTFALLDETECTORTYPE_CREDIT_CARD_NUMBER),
-			Confidence:   nightfallAPI.CONFIDENCE_LIKELY,
+			Fragment:     &exampleCreditCardNumber,
+			DetectorName: &nightfallCreditCardName,
+			Confidence:   &confidencePossible,
 		},
 	},
 	{},