Skip to content

Commit 6d3ba1f

Browse files
zricethezavrgmz
zricethezav
and
rgmz
authored
Enable Auth0 (#3857)
* hit urls with a unique * Update pkg/detectors/auth0oauth/auth0oauth.go Co-authored-by: Richard Gomez <[email protected]> * cleanup --------- Co-authored-by: Richard Gomez <[email protected]>
1 parent 853e1e8 commit 6d3ba1f

File tree

2 files changed

+18
-15
lines changed

2 files changed

+18
-15
lines changed

pkg/detectors/auth0oauth/auth0oauth.go

Lines changed: 16 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ import (
1313
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
1414
)
1515

16-
type Scanner struct{
16+
type Scanner struct {
1717
detectors.DefaultMultiPartCredentialProvider
1818
}
1919

@@ -37,20 +37,22 @@ func (s Scanner) Keywords() []string {
3737
// FromData will find and optionally verify Auth0oauth secrets in a given set of bytes.
3838
func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
3939
dataStr := string(data)
40+
uniqueDomainMatches := make(map[string]struct{})
41+
uniqueClientIDs := make(map[string]struct{})
42+
uniqueSecrets := make(map[string]struct{})
43+
for _, m := range domainPat.FindAllStringSubmatch(dataStr, -1) {
44+
uniqueDomainMatches[strings.TrimSpace(m[1])] = struct{}{}
45+
}
46+
for _, m := range clientIdPat.FindAllStringSubmatch(dataStr, -1) {
47+
uniqueClientIDs[strings.TrimSpace(m[1])] = struct{}{}
48+
}
49+
for _, m := range clientSecretPat.FindAllStringSubmatch(dataStr, -1) {
50+
uniqueSecrets[strings.TrimSpace(m[1])] = struct{}{}
51+
}
4052

41-
clientIdMatches := clientIdPat.FindAllStringSubmatch(dataStr, -1)
42-
clientSecretMatches := clientSecretPat.FindAllStringSubmatch(dataStr, -1)
43-
domainMatches := domainPat.FindAllStringSubmatch(dataStr, -1)
44-
45-
for _, clientIdMatch := range clientIdMatches {
46-
clientIdRes := strings.TrimSpace(clientIdMatch[1])
47-
48-
for _, clientSecretMatch := range clientSecretMatches {
49-
clientSecretRes := strings.TrimSpace(clientSecretMatch[1])
50-
51-
for _, domainMatch := range domainMatches {
52-
domainRes := strings.TrimSpace(domainMatch[1])
53-
53+
for clientIdRes := range uniqueClientIDs {
54+
for clientSecretRes := range uniqueSecrets {
55+
for domainRes := range uniqueDomainMatches {
5456
s1 := detectors.Result{
5557
DetectorType: detectorspb.DetectorType_Auth0oauth,
5658
Redacted: clientIdRes,

pkg/engine/defaults/defaults.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,7 @@ import (
5353
atlassianv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/atlassian/v2"
5454
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/audd"
5555
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/auth0managementapitoken"
56+
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/auth0oauth"
5657
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autodesk"
5758
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autoklose"
5859
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autopilot"
@@ -879,7 +880,7 @@ func buildDetectorList() []detectors.Detector {
879880
&atlassianv2.Scanner{},
880881
&audd.Scanner{},
881882
&auth0managementapitoken.Scanner{},
882-
// &auth0oauth.Scanner{},
883+
&auth0oauth.Scanner{},
883884
&autodesk.Scanner{},
884885
&autoklose.Scanner{},
885886
&autopilot.Scanner{},

0 commit comments

Comments
 (0)