keyhog-scanner 0.5.37

keyhog-scanner: high-performance SIMD-accelerated secret detection engine
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

use super::{ChecksumResult, ChecksumValidator};

/// Validates GitLab token structure.
///
/// GitLab PATs: `glpat-` + 20 alphanumeric chars
/// GitLab CI tokens: `glcbt-` + variable length
/// GitLab runner tokens: `glrt-` + variable length
pub struct GitlabTokenValidator;

impl ChecksumValidator for GitlabTokenValidator {
    fn validator_id(&self) -> &str {
        "gitlab-token"
    }

    fn validate(&self, credential: &str) -> ChecksumResult {
        if let Some(payload) = credential.strip_prefix("glpat-") {
            // GitLab PATs are exactly 20 alphanumeric characters after prefix
            if payload.len() == 20
                && payload
                    .chars()
                    .all(|c| c.is_ascii_alphanumeric() || c == '-' || c == '_')
            {
                return ChecksumResult::Valid;
            }
            return ChecksumResult::Invalid;
        }
        if let Some(payload) = credential
            .strip_prefix("glcbt-")
            .or_else(|| credential.strip_prefix("glrt-"))
        {
            if payload.len() >= 16
                && payload
                    .chars()
                    .all(|c| c.is_ascii_alphanumeric() || c == '-' || c == '_')
            {
                return ChecksumResult::Valid;
            }
            return ChecksumResult::Invalid;
        }
        ChecksumResult::NotApplicable
    }
}