github.com/google/osv-scalibr@v0.4.1/veles/secrets/postmanapikey/detector.go

github.com/google/osv-scalibr@v0.4.1/veles/secrets/postmanapikey/detector.go (about)

     1  // Copyright 2025 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package postmanapikey
    16  
    17  import (
    18  	"regexp"
    19  
    20  	"github.com/google/osv-scalibr/veles"
    21  	"github.com/google/osv-scalibr/veles/secrets/common/simpletoken"
    22  )
    23  
    24  var (
    25  	// Ensure constructors satisfy the interface at compile time.
    26  	_ veles.Detector = NewAPIKeyDetector()
    27  	_ veles.Detector = NewCollectionTokenDetector()
    28  )
    29  
    30  // PMAK (Postman API Key) structure seen in examples:
    31  //
    32  //	PMAK-68b96b83f4b88500014cc8d1-d5cba29fdcc8434ed67e4ed2fe95a521e5
    33  //
    34  // Pattern: "PMAK-" + 24 hex chars + "-" + 34 hex chars.
    35  const pmakMaxLen = 64
    36  
    37  var pmakRe = regexp.MustCompile(`PMAK-[A-Fa-f0-9]{24}-[A-Fa-f0-9]{34}`)
    38  
    39  // PMAT (Postman Collection Access Token) structure seen in examples:
    40  //
    41  //	PMAT-01K4A58P2HS2Q43TXHSXFRDBZX
    42  //
    43  // Pattern: "PMAT-" + 26 alphanumeric characters.
    44  const pmatMaxLen = 31
    45  
    46  var pmatRe = regexp.MustCompile(`PMAT-[A-Za-z0-9]{26}`)
    47  
    48  // NewAPIKeyDetector returns a detector for Postman API keys (PMAK-...).
    49  func NewAPIKeyDetector() veles.Detector {
    50  	return simpletoken.Detector{
    51  		MaxLen: pmakMaxLen,
    52  		Re:     pmakRe,
    53  		FromMatch: func(b []byte) (veles.Secret, bool) {
    54  			return PostmanAPIKey{Key: string(b)}, true
    55  		},
    56  	}
    57  }
    58  
    59  // NewCollectionTokenDetector returns a detector for Postman collection
    60  // access tokens (PMAT-...).
    61  func NewCollectionTokenDetector() veles.Detector {
    62  	return simpletoken.Detector{
    63  		MaxLen: pmatMaxLen,
    64  		Re:     pmatRe,
    65  		FromMatch: func(b []byte) (veles.Secret, bool) {
    66  			return PostmanCollectionToken{Key: string(b)}, true
    67  		},
    68  	}
    69  }