Implemented collection authorization scanning (#3910)

casey-tran · web-flow · commit a13ea81ca5b2 · 2025-02-13T12:59:30.000-06:00
diff --git a/pkg/sources/postman/postman.go b/pkg/sources/postman/postman.go
@@ -321,6 +321,9 @@ func (s *Source) scanCollection(ctx context.Context, chunksChan chan *sources.Ch
 	})
 	metadata.LocationType = source_metadatapb.PostmanLocationType_UNKNOWN_POSTMAN
 
+	// collections don't have URLs in the Postman API, but we can scan the Authorization section without it.
+	s.scanAuth(ctx, chunksChan, metadata, collection.Auth, URL{})
+
 	for _, event := range collection.Events {
 		s.scanEvent(ctx, chunksChan, metadata, event)
 	}
@@ -492,7 +495,11 @@ func (s *Source) scanAuth(ctx context.Context, chunksChan chan *sources.Chunk, m
 	}
 
 	if !m.fromLocal {
-		m.Link += "?tab=auth"
+		if strings.Contains(m.Type, REQUEST_TYPE) {
+			m.Link += "?tab=auth"
+		} else {
+			m.Link += "?tab=authorization"
+		}
 		m.Type += " > authorization"
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -321,6 +321,9 @@ func (s Source) scanCollection(ctx context.Context, chunksChan chan sources.Ch`
`321`	`321`	`})`
`322`	`322`	`metadata.LocationType = source_metadatapb.PostmanLocationType_UNKNOWN_POSTMAN`
`323`	`323`
	`324`	`+ // collections don't have URLs in the Postman API, but we can scan the Authorization section without it.`
	`325`	`+ s.scanAuth(ctx, chunksChan, metadata, collection.Auth, URL{})`
	`326`	`+`
`324`	`327`	`for _, event := range collection.Events {`
`325`	`328`	`s.scanEvent(ctx, chunksChan, metadata, event)`
`326`	`329`	`}`
`@@ -492,7 +495,11 @@ func (s Source) scanAuth(ctx context.Context, chunksChan chan sources.Chunk, m`
`492`	`495`	`}`
`493`	`496`
`494`	`497`	`if !m.fromLocal {`
`495`		`- m.Link += "?tab=auth"`
	`498`	`+ if strings.Contains(m.Type, REQUEST_TYPE) {`
	`499`	`+ m.Link += "?tab=auth"`
	`500`	`+ } else {`
	`501`	`+ m.Link += "?tab=authorization"`
	`502`	`+ }`
`496`	`503`	`m.Type += " > authorization"`
`497`	`504`	`}`
`498`	`505`