From 509fc6c0ebdf8547bf3c8652ac38ce05e0fd7f38 Mon Sep 17 00:00:00 2001
From: Corben Leo <19563282+lc@users.noreply.github.com>
Date: Mon, 30 Oct 2023 15:56:30 -0500
Subject: [PATCH] Detector-Competition-Fix: Fix currencycloud.com API key
 (#1917)

* Detector-Competition-Fix: Fix currencycloud.com API environment

* Detector-Competition-Fix: Fix currencycloud.com API environment

* fix(env): update environment
---
 pkg/detectors/currencycloud/currencycloud.go | 39 +++++++++++---------
 1 file changed, 22 insertions(+), 17 deletions(-)

diff --git a/pkg/detectors/currencycloud/currencycloud.go b/pkg/detectors/currencycloud/currencycloud.go
index 0e3d40c4c451..66c0d433a3ed 100644
--- a/pkg/detectors/currencycloud/currencycloud.go
+++ b/pkg/detectors/currencycloud/currencycloud.go
@@ -2,6 +2,7 @@ package currencycloud
 
 import (
 	"context"
+	"fmt"
 	"io"
 	"net/http"
 	"regexp"
@@ -54,29 +55,33 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 				DetectorType: detectorspb.DetectorType_CurrencyCloud,
 				Raw:          []byte(resMatch),
 			}
-
+			environments := []string{"devapi", "api"}
 			if verify {
-				// Get authentication token
-				payload := strings.NewReader(`{"login_id":"` + resEmailMatch + `","api_key":"` + resMatch + `"`)
-				req, err := http.NewRequestWithContext(ctx, "POST", "https://devapi.currencycloud.com/v2/authenticate/api", payload)
-				if err != nil {
-					continue
-				}
-				req.Header.Add("Content-Type", "application/json")
-				res, err := client.Do(req)
-				if err == nil {
-					defer res.Body.Close()
-					bodyBytes, err := io.ReadAll(res.Body)
+				for _, env := range environments {
+					// Get authentication token
+					payload := strings.NewReader(`{"login_id":"` + resEmailMatch + `","api_key":"` + resMatch + `"`)
+					req, err := http.NewRequestWithContext(ctx, "POST", "https://"+env+".currencycloud.com/v2/authenticate/api", payload)
 					if err != nil {
 						continue
 					}
-					body := string(bodyBytes)
-					if strings.Contains(body, "auth_token") {
-						s1.Verified = true
-					} else {
-						if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {
+					req.Header.Add("Content-Type", "application/json")
+					res, err := client.Do(req)
+					if err == nil {
+						defer res.Body.Close()
+						bodyBytes, err := io.ReadAll(res.Body)
+						if err != nil {
 							continue
 						}
+						body := string(bodyBytes)
+						if strings.Contains(body, "auth_token") {
+							s1.Verified = true
+							s1.ExtraData = map[string]string{"environment": fmt.Sprintf("https://%s.currencycloud.com", env)}
+							break
+						} else {
+							if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {
+								continue
+							}
+						}
 					}
 				}
 			}