kingfisher/testdata/validators/validators_test.go

package core_test

import (
	"path"
	"path/filepath"
	"runtime"
	"strings"
	"testing"

	"github.com/10gen/kingfisher/core"
)

func rootDir() string {
	_, b, _, _ := runtime.Caller(0)
	return filepath.Dir(path.Dir(b))
}

// TestSignatureData holds the test data for each signature
type TestSignatureData struct {
	SignatureID     string
	ExpectedValid   int
	ExpectedInvalid int
}

func NewTestSession(bkfIgnore bool) (*core.Session, error) {
	session := core.PrepareTestSession()
	session.Testing = true
	session.ReqScanMode = core.LocalFiles
	session.KingfisherIgnore = bkfIgnore
	session.Options.ValidateSecrets = true
	core.GlobalSessionRef = session
	session.InitializeTargetModeClient()
	return session, nil
}

func beginTesting(t *testing.T, fileWithSecrets string, testList []TestSignatureData) {
	testfilePath := fileWithSecrets
	//_, filename := filepath.Split(testfilePath)

	sess, err := NewTestSession(false)
	if err != nil {
		t.Fatal(err)
	}
	matchFile := core.NewMatchFile(testfilePath, sess, nil)
	findingsList := core.BeginFileAnalysis(matchFile)

	// scanning of file is now done

	for _, test := range testList {

		foundValid := 0
		foundInvalid := 0

		sigDescription := ""
		for _, v := range findingsList {
			if v.Signatureid == test.SignatureID {
				if strings.EqualFold(v.Validated, core.ValidationSuccess) {
					foundValid += 1
				} else if strings.EqualFold(v.Validated, core.ValidationFailure) {
					foundInvalid += 1
				}
				sigDescription = v.Description
			}
		}
		if foundValid != test.ExpectedValid {
			core.PrintSessionStats(sess)
			t.Errorf("Expected %d VALID findings, got %d -- <%s> %s", test.ExpectedValid, foundValid, sigDescription, test.SignatureID)
		}

		if foundInvalid != test.ExpectedInvalid {
			core.PrintSessionStats(sess)
			t.Errorf("Expected %d invalid findings, got %d -- <%s> %s", test.ExpectedInvalid, foundInvalid, sigDescription, test.SignatureID)
		}
	}

}

func TestParseFiles(t *testing.T) {
	//
	parentDir := filepath.Dir(filepath.Join(".", "..", "..", "..", ".."))
	relPath := filepath.Join(parentDir, "test-secrets.txt")
	absPath, err := filepath.Abs(relPath)
	if err != nil {
		t.Fatalf("Error getting absolute path: %v", err)
	}
	fileWithSecrets := absPath

	//
	//
	var tests = []TestSignatureData{
		{"8e1ab338-e7b6-4940-835d-77dd4886d1bd", 1, 1}, // AWS Secret Access Key
		{"c8ceb744-6250-4bec-b1cc-a4578d439c32", 1, 0}, // Beamer API Key
		// {"f48a3fed-cddd-4be2-96aa-7aa1b79f5f7d", 2, 0}, // Box.com API Key
		{"080d463d-623c-4601-8f02-a872e2d2e1be", 0, 1}, // Dropbox API secret/key
		{"90039304-f743-4b5f-960f-4e8e73595e31", 1, 0}, // MongoDB API PUBLIC Key
		{"41342148-7420-4af4-ab9c-43ccf2a0a96a", 1, 0}, // MongoDB API Private Key
		{"eebe43c8-59b6-42b2-b781-7681172f8168", 1, 1}, // MongoDB Atlas URI
		{"37c5edde-8b26-454e-814e-c1df70d0c727", 2, 0}, // npm access token
		{"97581c04-0816-4a48-b752-50ac76fe2ba3", 1, 0}, // GCP API Token
		{"0f263ff2-4a4f-465c-90be-0143ea35b742", 1, 0}, // Stripe Key
		{"5b61d5bf-8683-4c1b-97c0-5bb366b3a70b", 1, 0}, // Slack App Token
		{"aca0a44d-d464-437b-bec5-ea2c2ee2518a", 2, 0}, // Slack Webhook
		{"299faa6c-a5b8-4ccc-92ba-c675518d4cf6", 2, 1}, // GitHub Token
		{"0ddf3f0a-41cd-43a2-9aca-5d095e71c483", 2, 1}, // GitLab Private Token
		{"c880513b-304e-46d8-a6da-2b727ddd5687", 1, 1}, // Twilio API ID + Key
	}

	beginTesting(t, fileWithSecrets, tests)

}
preparing for v1.12 2025-06-24 17:17:16 -07:00			`package core_test`

			`import (`
			`"path"`
			`"path/filepath"`
			`"runtime"`
			`"strings"`
			`"testing"`

			`"github.com/10gen/kingfisher/core"`
			`)`

			`func rootDir() string {`
			`_, b, _, _ := runtime.Caller(0)`
			`return filepath.Dir(path.Dir(b))`
			`}`

			`// TestSignatureData holds the test data for each signature`
			`type TestSignatureData struct {`
			`SignatureID string`
			`ExpectedValid int`
			`ExpectedInvalid int`
			`}`

			`func NewTestSession(bkfIgnore bool) (*core.Session, error) {`
			`session := core.PrepareTestSession()`
			`session.Testing = true`
			`session.ReqScanMode = core.LocalFiles`
			`session.KingfisherIgnore = bkfIgnore`
			`session.Options.ValidateSecrets = true`
			`core.GlobalSessionRef = session`
			`session.InitializeTargetModeClient()`
			`return session, nil`
			`}`

			`func beginTesting(t *testing.T, fileWithSecrets string, testList []TestSignatureData) {`
			`testfilePath := fileWithSecrets`
			`//_, filename := filepath.Split(testfilePath)`

			`sess, err := NewTestSession(false)`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`matchFile := core.NewMatchFile(testfilePath, sess, nil)`
			`findingsList := core.BeginFileAnalysis(matchFile)`

			`// scanning of file is now done`

			`for _, test := range testList {`

			`foundValid := 0`
			`foundInvalid := 0`

			`sigDescription := ""`
			`for _, v := range findingsList {`
			`if v.Signatureid == test.SignatureID {`
			`if strings.EqualFold(v.Validated, core.ValidationSuccess) {`
			`foundValid += 1`
			`} else if strings.EqualFold(v.Validated, core.ValidationFailure) {`
			`foundInvalid += 1`
			`}`
			`sigDescription = v.Description`
			`}`
			`}`
			`if foundValid != test.ExpectedValid {`
			`core.PrintSessionStats(sess)`
			`t.Errorf("Expected %d VALID findings, got %d -- <%s> %s", test.ExpectedValid, foundValid, sigDescription, test.SignatureID)`
			`}`

			`if foundInvalid != test.ExpectedInvalid {`
			`core.PrintSessionStats(sess)`
			`t.Errorf("Expected %d invalid findings, got %d -- <%s> %s", test.ExpectedInvalid, foundInvalid, sigDescription, test.SignatureID)`
			`}`
			`}`

			`}`

			`func TestParseFiles(t *testing.T) {`
			`//`
			`parentDir := filepath.Dir(filepath.Join(".", "..", "..", "..", ".."))`
			`relPath := filepath.Join(parentDir, "test-secrets.txt")`
			`absPath, err := filepath.Abs(relPath)`
			`if err != nil {`
			`t.Fatalf("Error getting absolute path: %v", err)`
			`}`
			`fileWithSecrets := absPath`

			`//`
			`//`
			`var tests = []TestSignatureData{`
			`{"8e1ab338-e7b6-4940-835d-77dd4886d1bd", 1, 1}, // AWS Secret Access Key`
			`{"c8ceb744-6250-4bec-b1cc-a4578d439c32", 1, 0}, // Beamer API Key`
			`// {"f48a3fed-cddd-4be2-96aa-7aa1b79f5f7d", 2, 0}, // Box.com API Key`
			`{"080d463d-623c-4601-8f02-a872e2d2e1be", 0, 1}, // Dropbox API secret/key`
			`{"90039304-f743-4b5f-960f-4e8e73595e31", 1, 0}, // MongoDB API PUBLIC Key`
			`{"41342148-7420-4af4-ab9c-43ccf2a0a96a", 1, 0}, // MongoDB API Private Key`
			`{"eebe43c8-59b6-42b2-b781-7681172f8168", 1, 1}, // MongoDB Atlas URI`
			`{"37c5edde-8b26-454e-814e-c1df70d0c727", 2, 0}, // npm access token`
			`{"97581c04-0816-4a48-b752-50ac76fe2ba3", 1, 0}, // GCP API Token`
			`{"0f263ff2-4a4f-465c-90be-0143ea35b742", 1, 0}, // Stripe Key`
			`{"5b61d5bf-8683-4c1b-97c0-5bb366b3a70b", 1, 0}, // Slack App Token`
			`{"aca0a44d-d464-437b-bec5-ea2c2ee2518a", 2, 0}, // Slack Webhook`
			`{"299faa6c-a5b8-4ccc-92ba-c675518d4cf6", 2, 1}, // GitHub Token`
			`{"0ddf3f0a-41cd-43a2-9aca-5d095e71c483", 2, 1}, // GitLab Private Token`
			`{"c880513b-304e-46d8-a6da-2b727ddd5687", 1, 1}, // Twilio API ID + Key`
			`}`

			`beginTesting(t, fileWithSecrets, tests)`

			`}`