fix: NewRelic Detector: fallback to EU Api for verification (#1932)

trufflesecurity · Oct 24, 2023 · 8184a62 · 8184a62
1 parent 7bc0b77
commit 8184a62
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/pkg/detectors/newrelicpersonalapikey/newrelicpersonalapikey.go b/pkg/detectors/newrelicpersonalapikey/newrelicpersonalapikey.go
@@ -48,11 +48,16 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 
 		if verify {
 			req, err := http.NewRequestWithContext(ctx, "GET", "https://api.newrelic.com/v2/users.json", nil)
-			if err != nil {
+			reqEU, errEU := http.NewRequestWithContext(ctx, "GET", "https://api.eu.newrelic.com/v2/users.json", nil)
+			if err != nil || errEU != nil {
 				continue
 			}
 			req.Header.Add("X-Api-Key", resMatch)
+			reqEU.Header.Add("X-Api-Key", resMatch)
+
 			res, err := client.Do(req)
+			resEU, errEU := client.Do(reqEU)
+
 			if err == nil {
 				defer res.Body.Close()
 				if res.StatusCode >= 200 && res.StatusCode < 300 {
@@ -63,6 +68,16 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 						continue
 					}
 				}
+			} else if errEU == nil {
+				defer resEU.Body.Close()
+				if resEU.StatusCode >= 200 && resEU.StatusCode < 300 {
+					s1.Verified = true
+				} else {
+					// This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key.
+					if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, false) {
+						continue
+					}
+				}
 			}
 		}