From 6a367ab763b77c47c905bb950a801dbc6bfbe97c Mon Sep 17 00:00:00 2001 From: Kashif Khan <70996046+kashifkhan0771@users.noreply.github.com> Date: Mon, 28 Oct 2024 18:35:04 +0500 Subject: [PATCH] updated gcpapplicationdefaultcredentials detector results with RawV2 (#3499) * updated results with RawV2 * censored the refresh token in result --- .../gcpapplicationdefaultcredentials.go | 2 ++ .../gcpapplicationdefaultcredentials_test.go | 7 +++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/pkg/detectors/gcpapplicationdefaultcredentials/gcpapplicationdefaultcredentials.go b/pkg/detectors/gcpapplicationdefaultcredentials/gcpapplicationdefaultcredentials.go index 3b2de9ebbc95..a732c16508d3 100644 --- a/pkg/detectors/gcpapplicationdefaultcredentials/gcpapplicationdefaultcredentials.go +++ b/pkg/detectors/gcpapplicationdefaultcredentials/gcpapplicationdefaultcredentials.go @@ -79,6 +79,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result s1 := detectors.Result{ DetectorType: detectorspb.DetectorType_GCPApplicationDefaultCredentials, Raw: []byte(detectedClientID), + RawV2: []byte(detectedClientID + creds.RefreshToken), + Redacted: creds.RefreshToken[:3] + "..." + creds.RefreshToken[min(len(creds.RefreshToken)-1, 47):], // censor the refresh token } if verify { diff --git a/pkg/detectors/gcpapplicationdefaultcredentials/gcpapplicationdefaultcredentials_test.go b/pkg/detectors/gcpapplicationdefaultcredentials/gcpapplicationdefaultcredentials_test.go index 4d77c47ebcc8..bb60e754ec6e 100644 --- a/pkg/detectors/gcpapplicationdefaultcredentials/gcpapplicationdefaultcredentials_test.go +++ b/pkg/detectors/gcpapplicationdefaultcredentials/gcpapplicationdefaultcredentials_test.go @@ -2,10 +2,11 @@ package gcpapplicationdefaultcredentials import ( "context" + "testing" + "github.com/google/go-cmp/cmp" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" "github.com/trufflesecurity/trufflehog/v3/pkg/engine/ahocorasick" - "testing" ) func TestGcpapplicationdefaultcredentials_Pattern(t *testing.T) { @@ -24,7 +25,9 @@ func TestGcpapplicationdefaultcredentials_Pattern(t *testing.T) { "refresh_token": "1//0_joijgor3i4ut98579862709342j3kjJOIE02834jijfewoifjowiejfhghyzznfoiwejfwnvuhewiufnwinciwu_-o2i3jjfcc", "type": "authorized_user" }`, - want: []string{"191375729402-oiuj2498ry3497gjveoierj8294jfj41"}, + want: []string{ + "191375729402-oiuj2498ry3497gjveoierj8294jfj411//0_joijgor3i4ut98579862709342j3kjJOIE02834jijfewoifjowiejfhghyzznfoiwejfwnvuhewiufnwinciwu_-o2i3jjfcc", + }, }, }