Enable Auth0 (#3857)

* hit urls with a unique * Update pkg/detectors/auth0oauth/auth0oauth.go Co-authored-by: Richard Gomez <32133502+rgmz@users.noreply.github.com> * cleanup --------- Co-authored-by: Richard Gomez <32133502+rgmz@users.noreply.github.com>
trufflesecurity · Jan 31, 2025 · 6d3ba1f · 6d3ba1f
1 parent 853e1e8
commit 6d3ba1f
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 15 deletions.
diff --git a/pkg/detectors/auth0oauth/auth0oauth.go b/pkg/detectors/auth0oauth/auth0oauth.go
@@ -13,7 +13,7 @@ import (
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 )
 
-type Scanner struct{
+type Scanner struct {
 	detectors.DefaultMultiPartCredentialProvider
 }
 
@@ -37,20 +37,22 @@ func (s Scanner) Keywords() []string {
 // FromData will find and optionally verify Auth0oauth secrets in a given set of bytes.
 func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
 	dataStr := string(data)
+	uniqueDomainMatches := make(map[string]struct{})
+	uniqueClientIDs := make(map[string]struct{})
+	uniqueSecrets := make(map[string]struct{})
+	for _, m := range domainPat.FindAllStringSubmatch(dataStr, -1) {
+		uniqueDomainMatches[strings.TrimSpace(m[1])] = struct{}{}
+	}
+	for _, m := range clientIdPat.FindAllStringSubmatch(dataStr, -1) {
+		uniqueClientIDs[strings.TrimSpace(m[1])] = struct{}{}
+	}
+	for _, m := range clientSecretPat.FindAllStringSubmatch(dataStr, -1) {
+		uniqueSecrets[strings.TrimSpace(m[1])] = struct{}{}
+	}
 
-	clientIdMatches := clientIdPat.FindAllStringSubmatch(dataStr, -1)
-	clientSecretMatches := clientSecretPat.FindAllStringSubmatch(dataStr, -1)
-	domainMatches := domainPat.FindAllStringSubmatch(dataStr, -1)
-
-	for _, clientIdMatch := range clientIdMatches {
-		clientIdRes := strings.TrimSpace(clientIdMatch[1])
-
-		for _, clientSecretMatch := range clientSecretMatches {
-			clientSecretRes := strings.TrimSpace(clientSecretMatch[1])
-
-			for _, domainMatch := range domainMatches {
-				domainRes := strings.TrimSpace(domainMatch[1])
-
+	for clientIdRes := range uniqueClientIDs {
+		for clientSecretRes := range uniqueSecrets {
+			for domainRes := range uniqueDomainMatches {
 				s1 := detectors.Result{
 					DetectorType: detectorspb.DetectorType_Auth0oauth,
 					Redacted:     clientIdRes,

diff --git a/pkg/engine/defaults/defaults.go b/pkg/engine/defaults/defaults.go
@@ -53,6 +53,7 @@ import (
 	atlassianv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/atlassian/v2"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/audd"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/auth0managementapitoken"
+	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/auth0oauth"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autodesk"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autoklose"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autopilot"
@@ -879,7 +880,7 @@ func buildDetectorList() []detectors.Detector {
 		&atlassianv2.Scanner{},
 		&audd.Scanner{},
 		&auth0managementapitoken.Scanner{},
-		// &auth0oauth.Scanner{},
+		&auth0oauth.Scanner{},
 		&autodesk.Scanner{},
 		&autoklose.Scanner{},
 		&autopilot.Scanner{},