Revert "Improved and fixed copper detector (#4394)" (#4470)

This reverts commit 810fcef.

Author: camgunz

pkg/detectors/copper/copper.go

@@ -2,9 +2,8 @@ package copper
 
 import (
 	"context"
-	"fmt"
-	"io"
 	"net/http"
+	"strings"
 
 	regexp "github.com/wasilibs/go-re2"
 
@@ -24,18 +23,10 @@ var (
 	client = common.SaneHttpClient()
 
 	// Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
-	emailPat = regexp.MustCompile(common.EmailPattern)
-	keyPat   = regexp.MustCompile(detectors.PrefixRegex([]string{"copper"}) + `\b([a-f0-9]{32})\b`)
+	keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"copper"}) + `\b([a-z0-9]{32})\b`)
+	idPat  = regexp.MustCompile(`\b([a-z0-9]{4,25}@[a-zA-Z0-9]{2,12}.[a-zA-Z0-9]{2,6})\b`)
 )
 
-func (s Scanner) Type() detectorspb.DetectorType {
-	return detectorspb.DetectorType_Copper
-}
-
-func (s Scanner) Description() string {
-	return "Copper is a CRM platform that helps businesses manage their relationships with customers and leads. Copper API keys can be used to access and modify customer data and interactions."
-}
-
 // Keywords are used for efficiently pre-filtering chunks.
 // Use identifiers in the secret preferably, or the provider name.
 func (s Scanner) Keywords() []string {
@@ -46,28 +37,41 @@ func (s Scanner) Keywords() []string {
 func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
 	dataStr := string(data)
 
-	var emails, apiKeys = make(map[string]struct{}), make(map[string]struct{})
+	matches := keyPat.FindAllStringSubmatch(dataStr, -1)
+	idmatches := idPat.FindAllStringSubmatch(dataStr, -1)
 
-	for _, match := range emailPat.FindAllStringSubmatch(dataStr, -1) {
-		emails[match[1]] = struct{}{}
-	}
-
-	for _, match := range keyPat.FindAllStringSubmatch(dataStr, -1) {
-		apiKeys[match[1]] = struct{}{}
-	}
+	for _, match := range matches {
+		resMatch := strings.TrimSpace(match[1])
+		for _, idmatch := range idmatches {
+			resIdMatch := strings.TrimSpace(idmatch[1])
 
-	for email := range emails {
-		for apiKey := range apiKeys {
 			s1 := detectors.Result{
 				DetectorType: detectorspb.DetectorType_Copper,
-				Raw:          []byte(apiKey),
-				RawV2:        []byte(apiKey + email),
+				Raw:          []byte(resMatch),
+				RawV2:        []byte(resMatch + resIdMatch),
 			}
 
 			if verify {
-				isVerified, verificationErr := verifyCopper(ctx, client, email, apiKey)
-				s1.Verified = isVerified
-				s1.SetVerificationError(verificationErr, apiKey)
+
+				payload := strings.NewReader(`{
+					"page_size": 25,
+					"sort_by": "name"
+					}`)
+				req, err := http.NewRequestWithContext(ctx, "POST", "https://api.copper.com/developer_api/v1/tasks/search", payload)
+				if err != nil {
+					continue
+				}
+				req.Header.Add("X-PW-AccessToken", resMatch)
+				req.Header.Add("X-PW-Application", "developer_api")
+				req.Header.Add("X-PW-UserEmail", resIdMatch)
+				req.Header.Add("Content-Type", "application/json")
+				res, err := client.Do(req)
+				if err == nil {
+					defer res.Body.Close()
+					if res.StatusCode >= 200 && res.StatusCode < 300 {
+						s1.Verified = true
+					}
+				}
 			}
 
 			results = append(results, s1)
@@ -79,33 +83,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 	return results, nil
 }
 
-func verifyCopper(ctx context.Context, client *http.Client, emailID, apiKey string) (bool, error) {
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, "https://api.copper.com/developer_api/v1/account", http.NoBody)
-	if err != nil {
-		return false, err
-	}
-
-	req.Header.Add("X-PW-AccessToken", apiKey)
-	req.Header.Add("X-PW-Application", "developer_api")
-	req.Header.Add("X-PW-UserEmail", emailID)
-	req.Header.Add("Content-Type", "application/json")
-
-	resp, err := client.Do(req)
-	if err != nil {
-		return false, err
-	}
+func (s Scanner) Type() detectorspb.DetectorType {
+	return detectorspb.DetectorType_Copper
+}
 
-	defer func() {
-		_, _ = io.Copy(io.Discard, resp.Body)
-		_ = resp.Body.Close()
-	}()
-
-	switch resp.StatusCode {
-	case http.StatusOK:
-		return true, nil
-	case http.StatusUnauthorized:
-		return false, nil
-	default:
-		return false, fmt.Errorf("unexpected status code: %d", resp.StatusCode)
-	}
+func (s Scanner) Description() string {
+	return "Copper is a CRM platform that helps businesses manage their relationships with customers and leads. Copper API keys can be used to access and modify customer data and interactions."
 }

pkg/detectors/copper/copper_integration_test.go

@@ -9,8 +9,8 @@ import (
 	"testing"
 	"time"
 
-	"github.com/google/go-cmp/cmp"
-	"github.com/google/go-cmp/cmp/cmpopts"
+	"github.com/kylelemons/godebug/pretty"
+
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
@@ -96,11 +96,9 @@ func TestCopper_FromChunk(t *testing.T) {
 					t.Fatalf("no raw secret present: \n %+v", got[i])
 				}
 				got[i].Raw = nil
-				got[i].RawV2 = nil
 			}
-			ignoreOpts := cmpopts.IgnoreFields(detectors.Result{}, "Raw", "RawV2", "verificationError", "primarySecret")
-			if diff := cmp.Diff(got, tt.want, ignoreOpts); diff != "" {
-				t.Errorf("Abstract.FromData() %s diff: (-got +want)\n%s", tt.name, diff)
+			if diff := pretty.Compare(got, tt.want); diff != "" {
+				t.Errorf("Copper.FromData() %s diff: (-got +want)\n%s", tt.name, diff)
 			}
 		})
 	}

pkg/detectors/copper/copper_test.go

@@ -10,6 +10,29 @@ import (
 	"github.com/trufflesecurity/trufflehog/v3/pkg/engine/ahocorasick"
 )
 
+var (
+	validPattern = `
+		# Configuration File: config.yaml
+		database:
+			host: $DB_HOST
+			port: $DB_PORT
+			username: $DB_USERNAME
+			password: $DB_PASS  # IMPORTANT: Do not share this password publicly
+
+		api:
+			auth_type: ""
+			in: "Header"
+			copper_email: "s0ovh@P8I~p3"
+			copper_token: "noqs39jzqaegbam2k6mai9ov1uwsl21y"
+			base_url: "https://api.example.com/v1/user"
+
+		# Notes:
+		# - Remember to rotate the secret every 90 days.
+		# - The above credentials should only be used in a secure environment.
+	`
+	secret = "noqs39jzqaegbam2k6mai9ov1uwsl21ys0ovh@P8I~p3"
+)
+
 func TestCopper_Pattern(t *testing.T) {
 	d := Scanner{}
 	ahoCorasickCore := ahocorasick.NewAhoCorasickCore([]detectors.Detector{d})
@@ -20,27 +43,9 @@ func TestCopper_Pattern(t *testing.T) {
 		want  []string
 	}{
 		{
-			name: "valid pattern",
-			input: `
-				# Configuration File: config.yaml
-				database:
-					host: $DB_HOST
-					port: $DB_PORT
-					username: $DB_USERNAME
-					password: $DB_PASS  # IMPORTANT: Do not share this password publicly
-
-				api:
-					auth_type: ""
-					in: "Header"
-					email: "[email protected]"
-					copper_token: "1affa0d5966556307efd91046e87fe2f"
-					base_url: "https://api.example.com/v1/user"
-
-				# Notes:
-				# - Remember to rotate the secret every 90 days.
-				# - The above credentials should only be used in a secure environment.
-			`,
-			want: []string{"[email protected]"},
+			name:  "valid pattern",
+			input: validPattern,
+			want:  []string{secret},
 		},
 	}