Fixed github oauth2 token detector #3353

kashifkhan0771 · 2024-10-01T07:17:45Z

Description:

Fixed the regex for github oauth client id
Added comments for verification handling

Checklist:

Tests passing (make test-community)?
Lint passing (make lint this requires golangci-lint)?

ahrav · 2024-10-01T11:02:13Z

pkg/detectors/github_oauth2/github_oauth2.go

@@ -70,7 +70,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			}
 			if verify {
 				_, err := config.Token(ctx)
+				// if client id and client secret is correct, it will return bad verification code error as we do not pass any verification code
+				// docs: https://docs.github.com/en/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-oauth-app-access-token-request-errors#bad-verification-code


Fixed github oauth2 token detector

fca874e

ahrav approved these changes Oct 1, 2024

View reviewed changes

ahrav merged commit effee2a into trufflesecurity:main Oct 1, 2024
12 checks passed

kashifkhan0771 added a commit to kashifkhan0771/trufflehog that referenced this pull request Oct 1, 2024

Fixed github oauth2 token detector (trufflesecurity#3353)

9b7bc8d

kashifkhan0771 added hacktoberfest-2024 hacktoberfest-2024-internal and removed hacktoberfest-2024 labels Oct 3, 2024

blsaccess mentioned this pull request Oct 8, 2024

Update trufflehog to 3.82.7 blacklanternsecurity/bbot#1829

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fixed github oauth2 token detector #3353

Fixed github oauth2 token detector #3353

kashifkhan0771 commented Oct 1, 2024 •

edited

Loading

ahrav Oct 1, 2024

Fixed github oauth2 token detector #3353

Fixed github oauth2 token detector #3353

Conversation

kashifkhan0771 commented Oct 1, 2024 • edited Loading

Description:

Checklist:

ahrav Oct 1, 2024

Choose a reason for hiding this comment

kashifkhan0771 commented Oct 1, 2024 •

edited

Loading