diff --git a/pkg/detectors/meraki/meraki.go b/pkg/detectors/meraki/meraki.go index e326e84ced34..39c0c7567962 100644 --- a/pkg/detectors/meraki/meraki.go +++ b/pkg/detectors/meraki/meraki.go @@ -73,7 +73,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result if verify { client := s.getClient() - organizations, isVerified, verificationErr := verifyMerakiApiKey(ctx, client, match) + organizations, isVerified, verificationErr := verifyMerakiApiKey(ctx, client, "https://api.meraki.com/api/v1/organizations", match) s1.Verified = isVerified if verificationErr != nil { s1.SetVerificationError(verificationErr) @@ -101,8 +101,8 @@ func (s Scanner) Type() detectorspb.DetectorType { verifyMerakiApiKey verifies if the passed matched api key for meraki is active or not. docs: https://developer.cisco.com/meraki/api-v1/authorization/#authorization */ -func verifyMerakiApiKey(ctx context.Context, client *http.Client, match string) ([]merakiOrganizations, bool, error) { - req, err := http.NewRequestWithContext(ctx, "GET", "https://api.meraki.com/api/v1/organizations", http.NoBody) +func verifyMerakiApiKey(ctx context.Context, client *http.Client, apiURL, match string) ([]merakiOrganizations, bool, error) { + req, err := http.NewRequestWithContext(ctx, "GET", apiURL, http.NoBody) if err != nil { return nil, false, err } diff --git a/pkg/detectors/meraki/meraki_test.go b/pkg/detectors/meraki/meraki_test.go index d59e5e9c82c6..c39c97afbeef 100644 --- a/pkg/detectors/meraki/meraki_test.go +++ b/pkg/detectors/meraki/meraki_test.go @@ -2,11 +2,14 @@ package meraki import ( "context" + "encoding/json" "fmt" + "net/http" "testing" "github.com/google/go-cmp/cmp" + "github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" "github.com/trufflesecurity/trufflehog/v3/pkg/engine/ahocorasick" ) @@ -100,3 +103,62 @@ func TestMeraki_Pattern(t *testing.T) { }) } } + +func TestMeraki_Fake(t *testing.T) { + // mock response data + mockOrganizations := []merakiOrganizations{ + {ID: "123", Name: "Example Organization 1"}, + {ID: "456", Name: "Example Organization 2"}, + } + mockResponse, err := json.Marshal(mockOrganizations) + if err != nil { + t.Fatalf("failed to marshal mock organizations: %v", err) + } + + // test cases + tests := []struct { + name string + client *http.Client + secret string + verified bool + wantErr bool + }{ + { + name: "success - 200 OK", + client: common.ConstantResponseHttpClient(http.StatusOK, string(mockResponse)), + secret: "e9e0f062f587b423bb6cc6328eb786d75b45783e", + verified: true, + wantErr: false, + }, + { + name: "fail - 401 UnAuthorized", + client: common.ConstantResponseHttpClient(http.StatusUnauthorized, ""), + secret: "e9e0f062f587b423bb6cc6328eb786d75b45783f", + verified: false, + wantErr: false, + }, + { + name: "fail - 400 unexpected status code error", + client: common.ConstantResponseHttpClient(http.StatusBadRequest, ""), + secret: "", + verified: false, + wantErr: true, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + // calling FromData does not work cause APIURLs are hardcoded + _, isVerified, verificationErr := verifyMerakiApiKey(context.Background(), test.client, "http://example.com", test.secret) + if (verificationErr != nil) != test.wantErr { + t.Errorf("[%s] unexpected error: got %v, wantErr: %t", test.name, verificationErr, test.wantErr) + } + + if isVerified != test.verified { + t.Errorf("[%s] verification status mismatch: got %t, want %t", test.name, isVerified, test.verified) + } + + // additional checks if required + }) + } +}