Skip to content

Commit f9ce3e8

Browse files
fixed skybiometery detector and integration tests (#3747)
1 parent 8832ac6 commit f9ce3e8

File tree

2 files changed

+58
-33
lines changed

2 files changed

+58
-33
lines changed

pkg/detectors/skybiometry/skybiometry.go

Lines changed: 48 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -2,17 +2,18 @@ package skybiometry
22

33
import (
44
"context"
5-
regexp "github.com/wasilibs/go-re2"
5+
"fmt"
6+
"io"
67
"net/http"
7-
"net/url"
8-
"strings"
8+
9+
regexp "github.com/wasilibs/go-re2"
910

1011
"github.com/trufflesecurity/trufflehog/v3/pkg/common"
1112
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
1213
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
1314
)
1415

15-
type Scanner struct{
16+
type Scanner struct {
1617
detectors.DefaultMultiPartCredentialProvider
1718
}
1819

@@ -37,43 +38,31 @@ func (s Scanner) Keywords() []string {
3738
func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
3839
dataStr := string(data)
3940

40-
matches := keyPat.FindAllStringSubmatch(dataStr, -1)
41-
secretMatches := secretPat.FindAllStringSubmatch(dataStr, -1)
41+
uniqueKeyMatches, uniqueSecretMatches := make(map[string]struct{}), make(map[string]struct{})
4242

43-
for _, match := range matches {
44-
if len(match) != 2 {
45-
continue
46-
}
47-
resMatch := strings.TrimSpace(match[1])
43+
for _, match := range keyPat.FindAllStringSubmatch(dataStr, -1) {
44+
uniqueKeyMatches[match[1]] = struct{}{}
45+
}
46+
47+
for _, match := range secretPat.FindAllStringSubmatch(dataStr, -1) {
48+
uniqueSecretMatches[match[1]] = struct{}{}
49+
}
4850

49-
for _, secretMatch := range secretMatches {
50-
if len(secretMatch) != 2 {
51+
for key := range uniqueKeyMatches {
52+
for secret := range uniqueSecretMatches {
53+
if key == secret {
5154
continue
5255
}
53-
resSecretMatch := strings.TrimSpace(secretMatch[1])
5456

5557
s1 := detectors.Result{
5658
DetectorType: detectorspb.DetectorType_SkyBiometry,
57-
Raw: []byte(resSecretMatch),
59+
Raw: []byte(secret),
5860
}
5961

6062
if verify {
61-
62-
payload := url.Values{}
63-
payload.Add("api_key", resMatch)
64-
payload.Add("api_secret", resSecretMatch)
65-
66-
req, err := http.NewRequestWithContext(ctx, "GET", "https://api.skybiometry.com/fc/account/authenticate?"+payload.Encode(), nil)
67-
if err != nil {
68-
continue
69-
}
70-
res, err := client.Do(req)
71-
if err == nil {
72-
defer res.Body.Close()
73-
if res.StatusCode >= 200 && res.StatusCode < 300 {
74-
s1.Verified = true
75-
}
76-
}
63+
isVerified, verificationErr := verifySkyBiometery(ctx, client, key, secret)
64+
s1.Verified = isVerified
65+
s1.SetVerificationError(verificationErr)
7766
}
7867

7968
results = append(results, s1)
@@ -90,3 +79,31 @@ func (s Scanner) Type() detectorspb.DetectorType {
9079
func (s Scanner) Description() string {
9180
return "SkyBiometry is a facial recognition service. SkyBiometry API keys can be used to access and utilize their facial recognition API."
9281
}
82+
83+
func verifySkyBiometery(ctx context.Context, client *http.Client, apiKey, apiSecret string) (bool, error) {
84+
apiURL := fmt.Sprintf("https://api.skybiometry.com/fc/account/authenticate?api_key=%s&api_secret=%s", apiKey, apiSecret)
85+
86+
req, err := http.NewRequestWithContext(ctx, "GET", apiURL, nil)
87+
if err != nil {
88+
return false, err
89+
}
90+
91+
resp, err := client.Do(req)
92+
if err != nil {
93+
return false, err
94+
}
95+
96+
defer func() {
97+
_, _ = io.Copy(io.Discard, resp.Body)
98+
_ = resp.Body.Close()
99+
}()
100+
101+
switch resp.StatusCode {
102+
case http.StatusOK:
103+
return true, nil
104+
case http.StatusBadRequest, http.StatusUnauthorized:
105+
return false, nil
106+
default:
107+
return false, fmt.Errorf("unexpected status code: %d", resp.StatusCode)
108+
}
109+
}

pkg/detectors/skybiometry/skybiometry_test.go

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,14 +10,14 @@ import (
1010
"time"
1111

1212
"github.com/kylelemons/godebug/pretty"
13-
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
1413

1514
"github.com/trufflesecurity/trufflehog/v3/pkg/common"
15+
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
1616
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
1717
)
1818

1919
func TestSkyBiometry_FromChunk(t *testing.T) {
20-
ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
20+
ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
2121
defer cancel()
2222
testSecrets, err := common.GetSecret(ctx, "trufflehog-testing", "detectors2")
2323
if err != nil {
@@ -53,6 +53,10 @@ func TestSkyBiometry_FromChunk(t *testing.T) {
5353
DetectorType: detectorspb.DetectorType_SkyBiometry,
5454
Verified: true,
5555
},
56+
{
57+
DetectorType: detectorspb.DetectorType_SkyBiometry,
58+
Verified: false,
59+
},
5660
},
5761
wantErr: false,
5862
},
@@ -69,6 +73,10 @@ func TestSkyBiometry_FromChunk(t *testing.T) {
6973
DetectorType: detectorspb.DetectorType_SkyBiometry,
7074
Verified: false,
7175
},
76+
{
77+
DetectorType: detectorspb.DetectorType_SkyBiometry,
78+
Verified: false,
79+
},
7280
},
7381
wantErr: false,
7482
},

0 commit comments

Comments
 (0)