Fixed Aha detector (#4354)

* Fixed Aha detector

* fixed linter issue

Author: kashifkhan0771

pkg/detectors/aha/aha.go

@@ -34,6 +34,14 @@ func (s Scanner) Keywords() []string {
 	return []string{"aha.io"}
 }
 
+func (s Scanner) Type() detectorspb.DetectorType {
+	return detectorspb.DetectorType_Aha
+}
+
+func (s Scanner) Description() string {
+	return "Aha is a product management software suite. Aha API keys can be used to access and modify product data and workflows."
+}
+
 func (s Scanner) getClient() *http.Client {
 	if s.client != nil {
 		return s.client
@@ -44,30 +52,39 @@ func (s Scanner) getClient() *http.Client {
 // FromData will find and optionally verify Aha secrets in a given set of bytes.
 func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
 	dataStr := string(data)
+
+	var uniqueFoundUrls = make(map[string]struct{})
+
 	matches := keyPat.FindAllStringSubmatch(dataStr, -1)
-	URLmatches := URLPat.FindAllStringSubmatch(dataStr, -1)
 
-	resURLMatch := "aha.io"
-	for _, URLmatch := range URLmatches {
-		resURLMatch = strings.TrimSpace(URLmatch[1])
+	for _, match := range URLPat.FindAllStringSubmatch(dataStr, -1) {
+		uniqueFoundUrls[match[1]] = struct{}{}
 	}
 
-	for _, match := range matches {
-		resMatch := strings.TrimSpace(match[1])
-
-		s1 := detectors.Result{
-			DetectorType: detectorspb.DetectorType_Aha,
-			Raw:          []byte(resMatch),
-		}
+	// if no url was found use the default
+	if len(uniqueFoundUrls) == 0 {
+		uniqueFoundUrls["aha.io"] = struct{}{}
+	}
 
-		if verify {
-			client := s.getClient()
-			isVerified, verificationErr := verifyAha(ctx, client, resMatch, resURLMatch)
-			s1.Verified = isVerified
-			s1.SetVerificationError(verificationErr, resMatch)
+	for _, match := range matches {
+		for url := range uniqueFoundUrls {
+			resMatch := strings.TrimSpace(match[1])
+
+			s1 := detectors.Result{
+				DetectorType: detectorspb.DetectorType_Aha,
+				Raw:          []byte(resMatch),
+				RawV2:        []byte(resMatch + url),
+			}
+
+			if verify {
+				client := s.getClient()
+				isVerified, verificationErr := verifyAha(ctx, client, resMatch, url)
+				s1.Verified = isVerified
+				s1.SetVerificationError(verificationErr, resMatch)
+			}
+
+			results = append(results, s1)
 		}
-
-		results = append(results, s1)
 	}
 
 	return results, nil
@@ -98,11 +115,3 @@ func verifyAha(ctx context.Context, client *http.Client, resMatch, resURLMatch s
 		return false, fmt.Errorf("unexpected HTTP response status %d", res.StatusCode)
 	}
 }
-
-func (s Scanner) Type() detectorspb.DetectorType {
-	return detectorspb.DetectorType_Aha
-}
-
-func (s Scanner) Description() string {
-	return "Aha is a product management software suite. Aha API keys can be used to access and modify product data and workflows."
-}

pkg/detectors/aha/aha_test.go

@@ -2,8 +2,6 @@ package aha
 
 import (
 	"context"
-	"fmt"
-	"strings"
 	"testing"
 
 	"github.com/google/go-cmp/cmp"
@@ -12,52 +10,62 @@ import (
 	"github.com/trufflesecurity/trufflehog/v3/pkg/engine/ahocorasick"
 )
 
-var (
-	validPattern   = "00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff/example.aha.io"
-	invalidPattern = "00112233445566778899aabbCC$%eeff00112233445566778899aabbccddeeff/example.fake.io"
-)
-
 func TestAha_Pattern(t *testing.T) {
 	d := Scanner{}
 	ahoCorasickCore := ahocorasick.NewAhoCorasickCore([]detectors.Detector{d})
 
-	key := strings.Split(validPattern, "/")[0]
-	url := strings.Split(validPattern, "/")[1]
-
 	tests := []struct {
 		name  string
 		input string
 		want  []string
 	}{
 		{
-			name:  "valid pattern",
-			input: fmt.Sprintf("aha.io = '%s'", validPattern),
-			want:  []string{key},
-		},
-		{
-			name:  "valid pattern - detect URL far away from keyword",
-			input: fmt.Sprintf("aha.io = '%s\n URL is not close to the keyword but should be detected %s'", key, url),
-			want:  []string{key},
+			name: "valid pattern",
+			input: `
+				[INFO] sending request to the aha.io API
+				[DEBUG] using key = 81a1411a7e276fd88819df3137eb406e0f281f8a8c417947ca4b025890c8541c
+				[DEBUG] using host = example.aha.io
+				[INFO] response received: 200 OK
+			`,
+			want: []string{"81a1411a7e276fd88819df3137eb406e0f281f8a8c417947ca4b025890c8541cexample.aha.io"},
 		},
 		{
-			name:  "valid pattern - key out of prefix range",
-			input: fmt.Sprintf("aha.io keyword is not close to the real key and secret = '%s'", validPattern),
-			want:  nil,
+			name: "valid pattern - key out of prefix range",
+			input: `
+				[INFO] sending request to the aha.io API
+				[WARN] Do not commit the secrets
+				[DEBUG] using key = 81a1411a7e276fd88819df3137eb406e0f281f8a8c417947ca4b025890c8541c
+				[DEBUG] using host = example.aha.io
+				[INFO] response received: 200 OK
+			`,
+			want: nil,
 		},
 		{
-			name:  "valid pattern - only key",
-			input: fmt.Sprintf("aha.io %s", key),
-			want:  []string{key},
+			name: "valid pattern - only key",
+			input: `
+				[INFO] sending request to the aha.io API
+				[DEBUG] using key = 81a1411a7e276fd88819df3137eb406e0f281f8a8c417947ca4b025890c8541c
+				[INFO] response received: 200 OK
+			`,
+			want: []string{"81a1411a7e276fd88819df3137eb406e0f281f8a8c417947ca4b025890c8541caha.io"},
 		},
 		{
-			name:  "valid pattern - only URL",
-			input: fmt.Sprintf("aha.io %s", url),
-			want:  nil,
+			name: "valid pattern - only URL",
+			input: `
+				[INFO] sending request to the example.aha.io API
+				[INFO] response received: 200 OK
+			`,
+			want: nil,
 		},
 		{
-			name:  "invalid pattern",
-			input: fmt.Sprintf("aha.io %s", invalidPattern),
-			want:  nil,
+			name: "invalid pattern",
+			input: `
+				[INFO] sending request to the aha.io API
+				[DEBUG] using key = 81a1411a7e276fd88819df3137eJ406e0f281f8a8c417947ca4b025890c8541c
+				[DEBUG] using host = 1test.aha.io
+				[INFO] response received: 200 OK
+			`,
+			want: nil,
 		},
 	}