Skip to content

New Detector: TelerikLicenseKey [1039] #4479

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 13 commits into
base: main
Choose a base branch
from
Open

New Detector: TelerikLicenseKey [1039] #4479

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
30bf7ac
Added TelerikLicenseKey Detector ID
LanceMcCarthy Sep 26, 2025
092a2d4
Generated default detector code for TelerikLicenseKey detector
LanceMcCarthy Sep 26, 2025
71b8df0
Added regex for detecting Telerik Licensing JWTs.
LanceMcCarthy Sep 29, 2025
56e354b
Update detector description
LanceMcCarthy Sep 29, 2025
7076d62
Set testing keys
LanceMcCarthy Sep 29, 2025
959039e
Decoding and JWT header check added, ongoing test rewrite.
LanceMcCarthy Sep 29, 2025
c2d93e0
In progress
LanceMcCarthy Sep 29, 2025
a6e5086
Finished tests and fixed all verification/validation logic for local …
LanceMcCarthy Sep 29, 2025
fbe2508
Removed HttpClient dep/usage
LanceMcCarthy Sep 29, 2025
d1e6fd9
Merge branch 'trufflesecurity:main' into prgs-devtools-license-key-de…
LanceMcCarthy Sep 29, 2025
e253dc2
Merge branch 'main' into prgs-devtools-license-key-detector
LanceMcCarthy Oct 10, 2025
2b364cd
Merge branch 'main' into prgs-devtools-license-key-detector
LanceMcCarthy Oct 13, 2025
1e3041f
Merge branch 'main' into prgs-devtools-license-key-detector
LanceMcCarthy Oct 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
116 changes: 116 additions & 0 deletions pkg/detectors/teleriklicensekey/teleriklicensekey.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
package teleriklicensekey

import (
"context"
"encoding/base64"
"encoding/json"
"fmt"
"strings"

regexp "github.com/wasilibs/go-re2"

"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
)

type Scanner struct{}

// Ensure the Scanner satisfies the interface at compile time.
var _ detectors.Detector = (*Scanner)(nil)

var (
// Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
keyPat = regexp.MustCompile(`\b(eyJ[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_.+\/]*)\b`)
)

// Keywords are used for efficiently pre-filtering chunks.
// Use identifiers in the secret preferably, or the provider name.
func (s Scanner) Keywords() []string {
return []string{"eyJ"}
}

// FromData will find and optionally verify Teleriklicensekey secrets in a given set of bytes.
func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
dataStr := string(data)

uniqueMatches := make(map[string]struct{})
for _, match := range keyPat.FindAllStringSubmatch(dataStr, -1) {
uniqueMatches[match[1]] = struct{}{}
}

for match := range uniqueMatches {
s1 := detectors.Result{
DetectorType: detectorspb.DetectorType_TelerikLicenseKey,
Raw: []byte(match),
}

if verify {
isVerified, extraData, verificationErr := verifyMatch(match)
s1.Verified = isVerified
s1.ExtraData = extraData
s1.SetVerificationError(verificationErr, match)
}

results = append(results, s1)
}

return
}

func verifyMatch(token string) (bool, map[string]string, error) {
// Decode JWT header
headerClaims, err := decodeJWT(token)
if err != nil {
return false, nil, fmt.Errorf("failed to decode JWT: %w", err)
}

// Get the token type from header - should be "Telerik License Key"
tokenType, ok := headerClaims["typ"].(string)

if ok && tokenType == "Telerik License Key" {
// If the JWT's header "typ" claim is "Telerik License Key", consider it verified
return true, nil, nil
}

// All other tokens are considered unverified
return false, nil, nil
}

func (s Scanner) Type() detectorspb.DetectorType {
return detectorspb.DetectorType_TelerikLicenseKey
}

func (s Scanner) Description() string {
return "Telerik and Kendo license keys are for product license validation that verify the developer compiling an application has active license(s) for the version of the Telerik/Kendo product being used in the project."
}

// This function decodes the JWT header so we can verify the typ=Telerik License Key. No remote API call needed!
func decodeJWT(token string) (map[string]interface{}, error) {
// Split the JWT into its three parts
parts := strings.Split(token, ".")
if len(parts) != 3 {
return nil, fmt.Errorf("invalid JWT format: expected 3 parts, got %d", len(parts))
}

// Decode the header (first part)
header := parts[0]

// Add padding if necessary for base64 decoding
if padding := len(header) % 4; padding != 0 {
header += strings.Repeat("=", 4-padding)
}

// Decode from base64
decoded, err := base64.URLEncoding.DecodeString(header)
if err != nil {
return nil, fmt.Errorf("failed to decode base64 header: %w", err)
}

// Parse JSON
var headerClaims map[string]interface{}
if err := json.Unmarshal(decoded, &headerClaims); err != nil {
return nil, fmt.Errorf("failed to parse JSON header: %w", err)
}

return headerClaims, nil
}
165 changes: 165 additions & 0 deletions pkg/detectors/teleriklicensekey/teleriklicensekey_integration_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,165 @@
//go:build detectors
// +build detectors

package teleriklicensekey

import (
"context"
"fmt"
"testing"

"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"

"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
)

func TestTeleriklicensekey_FromChunk(t *testing.T) {
// ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
// defer cancel()

//testSecrets, err := common.GetSecret(ctx, "trufflehog-testing", "detectors5")
// if err != nil {
// t.Fatalf("could not get test secrets from GCP: %s", err)
// }

// secret := testSecrets.MustGetField("SECRET_TYPE_ONE")
// inactiveSecret := testSecrets.MustGetField("SECRET_TYPE_ONE_INACTIVE")

secret := "eyJhbGciOiJSUzI1NiIsInR5cCI6IlRlbGVyaWsgTGljZW5zZSBLZXkifQ.eyJ0eXBlIjoidGVsZXJpay1saWNlbnNlIiwibGljZW5zZUlkIjoiMTFjZjM1NTYtYTYxMS00MmVjLTkxZGYtMTZmMDdmMzAwZmJjIiwidXNlcklkIjoiYWFhYWFhYWEtYmJiYi1jY2NjLWRkZGQtZWVlZWVlZWVlZWVlIiwiaWF0IjoxNzU5MTU0OTMxLCJsaWNlbnNlcyI6WyJleUpoYkdjaU9pSlNVekkxTmlJc0luUjVjQ0k2SWxSbGJHVnlhV3NnVEdsalpXNXpaU0JGZG1sa1pXNWpaU0o5LmV5SmpiMlJsSWpvaVZVbEJVMUJEVDFKRklpd2lkSGx3WlNJNkluTjFZbk5qY21sd2RHbHZiaUlzSW1WNGNHbHlZWFJwYjI0aU9qRTNOakUzTkRZNU16QXNJblZ6WlhKSlpDSTZJbUZoWVdGaFlXRmhMV0ppWW1JdFkyTmpZeTFrWkdSa0xXVmxaV1ZsWldWbFpXVmxaU0lzSW14cFkyVnVjMlZKWkNJNklqRXhZMll6TlRVMkxXRTJNVEV0TkRKbFl5MDVNV1JtTFRFMlpqQTNaak13TUdaaVl5SjkuMWtfTmhXSk9Na0s1amZ3WGh4OVZYdHVFbl9URjJsemJxbGFyWk5ZMU03eXo3X2c3blFEVlE1TzgzSmJaZ0hjRDdZQjREdDQzQndPNjVlYm03dWdaRUR2U3l1M2NnSkJtWndncUpHeXNNN3ZhYkNoVUxLX0Jqb01DVG1NY25FRzdKQ0h0N0R6U3JPb1VmckNESUhyZ1VXTWFPcWtGeFVYeWFKUUtLcTFhZDdNTVAtV05pYTdEbGVLVTRkQ2pKcU1EX21pd1pkTEVZRVphZXNBdFZsYXp5MHM1VU05YzgyM3BDOFZKU3NkTWhVcXMzU3M2aXFqWFB2RFRXejZ3aUZJdm9IVUxJLXYwRFBDN0kwUjQ3czlWQ3ZiZGl0QW9JWUNWRHJBa0dneFNwSHpmc0Zoa0J2NnZJcFVvLTQydXQyNWxKMFJEQXF4bFpWVHN4d3JMWTY2S2N3IiwiZXlKaGJHY2lPaUpTVXpJMU5pSXNJblI1Y0NJNklsUmxiR1Z5YVdzZ1RHbGpaVzV6WlNCRmRtbGtaVzVqWlNKOS5leUowZVhCbElqb2lkWE5oWjJVaUxDSjFjMlZ5U1dRaU9pSmhZV0ZoWVdGaFlTMWlZbUppTFdOalkyTXRaR1JrWkMxbFpXVmxaV1ZsWldWbFpXVWlMQ0pzYVdObGJuTmxTV1FpT2lJeE1XTm1NelUxTmkxaE5qRXhMVFF5WldNdE9URmtaaTB4Tm1Zd04yWXpNREJtWW1NaUxDSnBjMGx1ZEdWeWJtRnNWWE5oWjJVaU9uUnlkV1Y5LkxtMVY0eHFJWUlIalRHbU94ZUkyd2x2dDFrVEMyZ01McE5UQ1pvYTZIbTdxdXJwZ0M3c1BVMFgxODd3eURYNmEwX0tvNnFOUGJTWlotNjJFdGNHNEwtLUE5MTZscEdtckRIS0Y4LXotRWJjMGVDSG9NM2U4R2ItVjF3c0pucGQ1LUhFYU0yYjZhR2JJTC1HTHllLVVraUVubEZVN2ZuNFktcEFSUVNBTVpKWTRqdnlMYS11OTloRzRKOGxHUGw4NTVUMEt3ci16dkRRUEZzQnB2eVhtMFV6Xy10THRSeHB3OTU0THl4WXNhR1l2RkVEZE1NQU5hWHN0UnFFNmRlNW9EWEJ2aEdIbXluaG9UUXREMHdTdlhKSXVhcms2bk1TWm52Q0JlUEllY2Z4dVNLMmMwNFdLa1FLMkNHMGxFOEE4S3hjSDJHUE9RS0IyU2JEOGN6ci1EQSJdLCJwcm9kdWN0cyI6W10sImF1ZCI6InUqKioubioqKkB0KioqKioqLnRlc3QiLCJsaWNlbnNlSG9sZGVyIjoidSoqKi5uKioqQHQqKioqKioudGVzdCIsImludGVncml0eSI6ImJqSHgvbUZSREloK1hsdWpJbUViM01ic2hKMWlsRzRSWDJEYlM1ZFJnaW89In0.ducvbQWc9JODoG9DFVMerhvuM2EsmsZRG-A8zhNzznJbIgxMAPeev0hcBIEYcSvPgmmAmjRBR1R_luBnl5sOMmP4h4BV0Mc5PY4prrOVEEDyabaKaiMtIUTJApG4gKOkOTZPiuP6DPJVMfy31YcLv0ldKfMJ004IAH1_cOjLVPDyEXlEb6RZv02xtho0Wgo5z6NtylVXO3JDv5F1v4vGibdPf3EY3blpzIVqEvm8NtWBHv44CbDUi8-nYzBf4ZDIg3kvJdOphW9KqHq6Kg7fT8jw5bTV-Lln438y-LMJWMS-agKkEFEJufi7nJjBnCSMasqKgbUQMyG8mFG8j79pOw"

inactiveSecret := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.KMUFsIDTnFmyG3nMiGM6H9FNFUROf3wh7SmqJp-QV30"

type args struct {
ctx context.Context
data []byte
verify bool
}
tests := []struct {
name string
s Scanner
args args
want []detectors.Result
wantErr bool
wantVerificationErr bool
}{
{
name: "found, verified",
s: Scanner{},
args: args{
ctx: context.Background(),
data: []byte(fmt.Sprintf("You can find a teleriklicensekey secret %s within", secret)),
verify: true,
},
want: []detectors.Result{
{
DetectorType: detectorspb.DetectorType_TelerikLicenseKey,
Verified: true,
},
},
wantErr: false,
wantVerificationErr: false,
},
{
name: "found, unverified",
s: Scanner{},
args: args{
ctx: context.Background(),
data: []byte(fmt.Sprintf("You can find a teleriklicensekey secret %s within but not valid", inactiveSecret)), // the secret would satisfy the regex but not pass validation
verify: true,
},
want: []detectors.Result{
{
DetectorType: detectorspb.DetectorType_TelerikLicenseKey,
Verified: false,
},
},
wantErr: false,
wantVerificationErr: false,
},
{
name: "not found",
s: Scanner{},
args: args{
ctx: context.Background(),
data: []byte("You cannot find the secret within"),
verify: true,
},
want: nil,
wantErr: false,
wantVerificationErr: false,
},
{
name: "found, verified (no HTTP client needed for JWT validation)",
s: Scanner{},
args: args{
ctx: context.Background(),
data: []byte(fmt.Sprintf("You can find a teleriklicensekey secret %s within", secret)),
verify: true,
},
want: []detectors.Result{
{
DetectorType: detectorspb.DetectorType_TelerikLicenseKey,
Verified: true,
},
},
wantErr: false,
wantVerificationErr: false,
},
{
name: "found, verified (local JWT validation)",
s: Scanner{},
args: args{
ctx: context.Background(),
data: []byte(fmt.Sprintf("You can find a teleriklicensekey secret %s within", secret)),
verify: true,
},
want: []detectors.Result{
{
DetectorType: detectorspb.DetectorType_TelerikLicenseKey,
Verified: true,
},
},
wantErr: false,
wantVerificationErr: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := tt.s.FromData(tt.args.ctx, tt.args.verify, tt.args.data)
if (err != nil) != tt.wantErr {
t.Errorf("Teleriklicensekey.FromData() error = %v, wantErr %v", err, tt.wantErr)
return
}
for i := range got {
if len(got[i].Raw) == 0 {
t.Fatalf("no raw secret present: \n %+v", got[i])
}
if (got[i].VerificationError() != nil) != tt.wantVerificationErr {
t.Fatalf("wantVerificationError = %v, verification error = %v", tt.wantVerificationErr, got[i].VerificationError())
}
}
ignoreOpts := cmpopts.IgnoreFields(detectors.Result{}, "Raw", "verificationError", "primarySecret")
if diff := cmp.Diff(got, tt.want, ignoreOpts); diff != "" {
t.Errorf("Teleriklicensekey.FromData() %s diff: (-got +want)\n%s", tt.name, diff)
}
})
}
}

func BenchmarkFromData(benchmark *testing.B) {
ctx := context.Background()
s := Scanner{}
for name, data := range detectors.MustGetBenchmarkData() {
benchmark.Run(name, func(b *testing.B) {
b.ResetTimer()
for n := 0; n < b.N; n++ {
_, err := s.FromData(ctx, false, data)
if err != nil {
b.Fatal(err)
}
}
})
}
}
105 changes: 105 additions & 0 deletions pkg/detectors/teleriklicensekey/teleriklicensekey_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
package teleriklicensekey

import (
"context"
"testing"

"github.com/google/go-cmp/cmp"
"github.com/stretchr/testify/require"

"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
"github.com/trufflesecurity/trufflehog/v3/pkg/engine/ahocorasick"
)

func TestTeleriklicensekey_Pattern(t *testing.T) {
d := Scanner{}
ahoCorasickCore := ahocorasick.NewAhoCorasickCore([]detectors.Detector{d})
tests := []struct {
name string
input string
want []string
}{
{
name: "Valid JWT - Telerik License Key",
input: `
[INFO] Checking for Telerik License key
[DEBUG] Using eyJhbGciOiJSUzI1NiIsInR5cCI6IlRlbGVyaWsgTGljZW5zZSBLZXkifQ.eyJ0eXBlIjoidGVsZXJpay1saWNlbnNlIiwibGljZW5zZUlkIjoiMTFjZjM1NTYtYTYxMS00MmVjLTkxZGYtMTZmMDdmMzAwZmJjIiwidXNlcklkIjoiYWFhYWFhYWEtYmJiYi1jY2NjLWRkZGQtZWVlZWVlZWVlZWVlIiwiaWF0IjoxNzU5MTU0OTMxLCJsaWNlbnNlcyI6WyJleUpoYkdjaU9pSlNVekkxTmlJc0luUjVjQ0k2SWxSbGJHVnlhV3NnVEdsalpXNXpaU0JGZG1sa1pXNWpaU0o5LmV5SmpiMlJsSWpvaVZVbEJVMUJEVDFKRklpd2lkSGx3WlNJNkluTjFZbk5qY21sd2RHbHZiaUlzSW1WNGNHbHlZWFJwYjI0aU9qRTNOakUzTkRZNU16QXNJblZ6WlhKSlpDSTZJbUZoWVdGaFlXRmhMV0ppWW1JdFkyTmpZeTFrWkdSa0xXVmxaV1ZsWldWbFpXVmxaU0lzSW14cFkyVnVjMlZKWkNJNklqRXhZMll6TlRVMkxXRTJNVEV0TkRKbFl5MDVNV1JtTFRFMlpqQTNaak13TUdaaVl5SjkuMWtfTmhXSk9Na0s1amZ3WGh4OVZYdHVFbl9URjJsemJxbGFyWk5ZMU03eXo3X2c3blFEVlE1TzgzSmJaZ0hjRDdZQjREdDQzQndPNjVlYm03dWdaRUR2U3l1M2NnSkJtWndncUpHeXNNN3ZhYkNoVUxLX0Jqb01DVG1NY25FRzdKQ0h0N0R6U3JPb1VmckNESUhyZ1VXTWFPcWtGeFVYeWFKUUtLcTFhZDdNTVAtV05pYTdEbGVLVTRkQ2pKcU1EX21pd1pkTEVZRVphZXNBdFZsYXp5MHM1VU05YzgyM3BDOFZKU3NkTWhVcXMzU3M2aXFqWFB2RFRXejZ3aUZJdm9IVUxJLXYwRFBDN0kwUjQ3czlWQ3ZiZGl0QW9JWUNWRHJBa0dneFNwSHpmc0Zoa0J2NnZJcFVvLTQydXQyNWxKMFJEQXF4bFpWVHN4d3JMWTY2S2N3IiwiZXlKaGJHY2lPaUpTVXpJMU5pSXNJblI1Y0NJNklsUmxiR1Z5YVdzZ1RHbGpaVzV6WlNCRmRtbGtaVzVqWlNKOS5leUowZVhCbElqb2lkWE5oWjJVaUxDSjFjMlZ5U1dRaU9pSmhZV0ZoWVdGaFlTMWlZbUppTFdOalkyTXRaR1JrWkMxbFpXVmxaV1ZsWldWbFpXVWlMQ0pzYVdObGJuTmxTV1FpT2lJeE1XTm1NelUxTmkxaE5qRXhMVFF5WldNdE9URmtaaTB4Tm1Zd04yWXpNREJtWW1NaUxDSnBjMGx1ZEdWeWJtRnNWWE5oWjJVaU9uUnlkV1Y5LkxtMVY0eHFJWUlIalRHbU94ZUkyd2x2dDFrVEMyZ01McE5UQ1pvYTZIbTdxdXJwZ0M3c1BVMFgxODd3eURYNmEwX0tvNnFOUGJTWlotNjJFdGNHNEwtLUE5MTZscEdtckRIS0Y4LXotRWJjMGVDSG9NM2U4R2ItVjF3c0pucGQ1LUhFYU0yYjZhR2JJTC1HTHllLVVraUVubEZVN2ZuNFktcEFSUVNBTVpKWTRqdnlMYS11OTloRzRKOGxHUGw4NTVUMEt3ci16dkRRUEZzQnB2eVhtMFV6Xy10THRSeHB3OTU0THl4WXNhR1l2RkVEZE1NQU5hWHN0UnFFNmRlNW9EWEJ2aEdIbXluaG9UUXREMHdTdlhKSXVhcms2bk1TWm52Q0JlUEllY2Z4dVNLMmMwNFdLa1FLMkNHMGxFOEE4S3hjSDJHUE9RS0IyU2JEOGN6ci1EQSJdLCJwcm9kdWN0cyI6W10sImF1ZCI6InUqKioubioqKkB0KioqKioqLnRlc3QiLCJsaWNlbnNlSG9sZGVyIjoidSoqKi5uKioqQHQqKioqKioudGVzdCIsImludGVncml0eSI6ImJqSHgvbUZSREloK1hsdWpJbUViM01ic2hKMWlsRzRSWDJEYlM1ZFJnaW89In0.ducvbQWc9JODoG9DFVMerhvuM2EsmsZRG-A8zhNzznJbIgxMAPeev0hcBIEYcSvPgmmAmjRBR1R_luBnl5sOMmP4h4BV0Mc5PY4prrOVEEDyabaKaiMtIUTJApG4gKOkOTZPiuP6DPJVMfy31YcLv0ldKfMJ004IAH1_cOjLVPDyEXlEb6RZv02xtho0Wgo5z6NtylVXO3JDv5F1v4vGibdPf3EY3blpzIVqEvm8NtWBHv44CbDUi8-nYzBf4ZDIg3kvJdOphW9KqHq6Kg7fT8jw5bTV-Lln438y-LMJWMS-agKkEFEJufi7nJjBnCSMasqKgbUQMyG8mFG8j79pOw
[INFO] Result: Valid JWT containing a Telerik License Key.
`,
want: []string{"eyJhbGciOiJSUzI1NiIsInR5cCI6IlRlbGVyaWsgTGljZW5zZSBLZXkifQ.eyJ0eXBlIjoidGVsZXJpay1saWNlbnNlIiwibGljZW5zZUlkIjoiMTFjZjM1NTYtYTYxMS00MmVjLTkxZGYtMTZmMDdmMzAwZmJjIiwidXNlcklkIjoiYWFhYWFhYWEtYmJiYi1jY2NjLWRkZGQtZWVlZWVlZWVlZWVlIiwiaWF0IjoxNzU5MTU0OTMxLCJsaWNlbnNlcyI6WyJleUpoYkdjaU9pSlNVekkxTmlJc0luUjVjQ0k2SWxSbGJHVnlhV3NnVEdsalpXNXpaU0JGZG1sa1pXNWpaU0o5LmV5SmpiMlJsSWpvaVZVbEJVMUJEVDFKRklpd2lkSGx3WlNJNkluTjFZbk5qY21sd2RHbHZiaUlzSW1WNGNHbHlZWFJwYjI0aU9qRTNOakUzTkRZNU16QXNJblZ6WlhKSlpDSTZJbUZoWVdGaFlXRmhMV0ppWW1JdFkyTmpZeTFrWkdSa0xXVmxaV1ZsWldWbFpXVmxaU0lzSW14cFkyVnVjMlZKWkNJNklqRXhZMll6TlRVMkxXRTJNVEV0TkRKbFl5MDVNV1JtTFRFMlpqQTNaak13TUdaaVl5SjkuMWtfTmhXSk9Na0s1amZ3WGh4OVZYdHVFbl9URjJsemJxbGFyWk5ZMU03eXo3X2c3blFEVlE1TzgzSmJaZ0hjRDdZQjREdDQzQndPNjVlYm03dWdaRUR2U3l1M2NnSkJtWndncUpHeXNNN3ZhYkNoVUxLX0Jqb01DVG1NY25FRzdKQ0h0N0R6U3JPb1VmckNESUhyZ1VXTWFPcWtGeFVYeWFKUUtLcTFhZDdNTVAtV05pYTdEbGVLVTRkQ2pKcU1EX21pd1pkTEVZRVphZXNBdFZsYXp5MHM1VU05YzgyM3BDOFZKU3NkTWhVcXMzU3M2aXFqWFB2RFRXejZ3aUZJdm9IVUxJLXYwRFBDN0kwUjQ3czlWQ3ZiZGl0QW9JWUNWRHJBa0dneFNwSHpmc0Zoa0J2NnZJcFVvLTQydXQyNWxKMFJEQXF4bFpWVHN4d3JMWTY2S2N3IiwiZXlKaGJHY2lPaUpTVXpJMU5pSXNJblI1Y0NJNklsUmxiR1Z5YVdzZ1RHbGpaVzV6WlNCRmRtbGtaVzVqWlNKOS5leUowZVhCbElqb2lkWE5oWjJVaUxDSjFjMlZ5U1dRaU9pSmhZV0ZoWVdGaFlTMWlZbUppTFdOalkyTXRaR1JrWkMxbFpXVmxaV1ZsWldWbFpXVWlMQ0pzYVdObGJuTmxTV1FpT2lJeE1XTm1NelUxTmkxaE5qRXhMVFF5WldNdE9URmtaaTB4Tm1Zd04yWXpNREJtWW1NaUxDSnBjMGx1ZEdWeWJtRnNWWE5oWjJVaU9uUnlkV1Y5LkxtMVY0eHFJWUlIalRHbU94ZUkyd2x2dDFrVEMyZ01McE5UQ1pvYTZIbTdxdXJwZ0M3c1BVMFgxODd3eURYNmEwX0tvNnFOUGJTWlotNjJFdGNHNEwtLUE5MTZscEdtckRIS0Y4LXotRWJjMGVDSG9NM2U4R2ItVjF3c0pucGQ1LUhFYU0yYjZhR2JJTC1HTHllLVVraUVubEZVN2ZuNFktcEFSUVNBTVpKWTRqdnlMYS11OTloRzRKOGxHUGw4NTVUMEt3ci16dkRRUEZzQnB2eVhtMFV6Xy10THRSeHB3OTU0THl4WXNhR1l2RkVEZE1NQU5hWHN0UnFFNmRlNW9EWEJ2aEdIbXluaG9UUXREMHdTdlhKSXVhcms2bk1TWm52Q0JlUEllY2Z4dVNLMmMwNFdLa1FLMkNHMGxFOEE4S3hjSDJHUE9RS0IyU2JEOGN6ci1EQSJdLCJwcm9kdWN0cyI6W10sImF1ZCI6InUqKioubioqKkB0KioqKioqLnRlc3QiLCJsaWNlbnNlSG9sZGVyIjoidSoqKi5uKioqQHQqKioqKioudGVzdCIsImludGVncml0eSI6ImJqSHgvbUZSREloK1hsdWpJbUViM01ic2hKMWlsRzRSWDJEYlM1ZFJnaW89In0.ducvbQWc9JODoG9DFVMerhvuM2EsmsZRG-A8zhNzznJbIgxMAPeev0hcBIEYcSvPgmmAmjRBR1R_luBnl5sOMmP4h4BV0Mc5PY4prrOVEEDyabaKaiMtIUTJApG4gKOkOTZPiuP6DPJVMfy31YcLv0ldKfMJ004IAH1_cOjLVPDyEXlEb6RZv02xtho0Wgo5z6NtylVXO3JDv5F1v4vGibdPf3EY3blpzIVqEvm8NtWBHv44CbDUi8-nYzBf4ZDIg3kvJdOphW9KqHq6Kg7fT8jw5bTV-Lln438y-LMJWMS-agKkEFEJufi7nJjBnCSMasqKgbUQMyG8mFG8j79pOw"},
},
{
name: "Valid JWT - Not a Telerik License Key",
input: `
[INFO] Checking for Telerik License key
[DEBUG] Using eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.KMUFsIDTnFmyG3nMiGM6H9FNFUROf3wh7SmqJp-QV30
[ERROR] Response received: Valid JWT, but is not a Telerik License Key.
`,
want: []string{"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.KMUFsIDTnFmyG3nMiGM6H9FNFUROf3wh7SmqJp-QV30"},
},
{
name: "Malformed JWT - no JWT pattern detected",
input: `
[INFO] Checking for Telerik License key
[DEBUG] Using MjM0NTY3ODkwIiwibmFtZSI6Ik
[ERROR] Response received: Not a valid base64url JWT.
`,
want: []string{},
},
{
name: "No JWT present",
input: `
[INFO] Checking for Telerik License key
[DEBUG] Using some other text that doesn't contain JWT.
[ERROR] Response received: No JWT present.
`,
want: []string{},
},
}

for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
matchedDetectors := ahoCorasickCore.FindDetectorMatches([]byte(test.input))

// If we expect no results, and no detectors were matched, that's correct
if len(test.want) == 0 {
if len(matchedDetectors) > 0 {
t.Errorf("test %q failed: expected no keywords to be found but found %v", test.name, d.Keywords())
}
return
}

// If we expect results but no detectors were matched, that's an error
if len(matchedDetectors) == 0 {
t.Errorf("test %q failed: expected keywords %v to be found in the input", test.name, d.Keywords())
return
}

results, err := d.FromData(context.Background(), false, []byte(test.input))
require.NoError(t, err)

if len(results) != len(test.want) {
t.Errorf("mismatch in result count: expected %d, got %d", len(test.want), len(results))
return
}

actual := make(map[string]struct{}, len(results))
for _, r := range results {
if len(r.RawV2) > 0 {
actual[string(r.RawV2)] = struct{}{}
} else {
actual[string(r.Raw)] = struct{}{}
}
}

expected := make(map[string]struct{}, len(test.want))
for _, v := range test.want {
expected[v] = struct{}{}
}

if diff := cmp.Diff(expected, actual); diff != "" {
t.Errorf("%s diff: (-want +got)\n%s", test.name, diff)
}
})
}
}
Loading