fix mockaroo fps (trufflesecurity#1370)

* fix mockaroo fps * fix test
sainsburys-tech · May 31, 2023 · 5358ed7 · 5358ed7
1 parent 9637f5e
commit 5358ed7
Showing 1 changed file with 16 additions and 3 deletions.
diff --git a/pkg/detectors/mockaroo/mockaroo.go b/pkg/detectors/mockaroo/mockaroo.go
@@ -2,6 +2,8 @@ package mockaroo
 
 import (
 	"context"
+	"encoding/json"
+	"fmt"
 	"net/http"
 	"regexp"
 	"strings"
@@ -47,16 +49,19 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 		}
 
 		if verify {
-			req, err := http.NewRequestWithContext(ctx, "GET", "https://api.mockaroo.com/api/types", nil)
+			req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("https://api.mockaroo.com/api/types?key=%s", resMatch), nil)
 			if err != nil {
 				continue
 			}
-			req.Header.Add("X-API-Key", resMatch)
 			res, err := client.Do(req)
 			if err == nil {
 				defer res.Body.Close()
 				if res.StatusCode >= 200 && res.StatusCode < 300 {
-					s1.Verified = true
+					var t typeRes
+					err = json.NewDecoder(res.Body).Decode(&t)
+					if err == nil && len(t.Types) > 0 {
+						s1.Verified = true
+					}
 				} else {
 					// This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key.
 					if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {
@@ -75,3 +80,11 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 func (s Scanner) Type() detectorspb.DetectorType {
 	return detectorspb.DetectorType_Mockaroo
 }
+
+type typeRes struct {
+	Types []struct {
+		Name       string        `json:"name"`
+		Type       interface{}   `json:"type"`
+		Parameters []interface{} `json:"parameters"`
+	} `json:"types"`
+}