leaktor 0.4.0

A secrets scanner with pattern matching, entropy analysis, and live validation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

use crate::models::{Secret, SecretType};
use crate::validators::Validator;
use anyhow::Result;
use reqwest::Client;

pub struct HttpValidator {
    #[allow(dead_code)]
    client: Client,
}

impl HttpValidator {
    pub fn new() -> Self {
        Self {
            client: Client::builder()
                .timeout(std::time::Duration::from_secs(5))
                .build()
                .unwrap(),
        }
    }

    /// Generic HTTP-based validation
    /// This can be extended for various API keys that can be validated via HTTP
    #[allow(dead_code)]
    async fn validate_http_endpoint(&self, url: &str, token: &str) -> Result<bool> {
        let response = self
            .client
            .get(url)
            .header("Authorization", format!("Bearer {}", token))
            .send()
            .await?;

        Ok(response.status().is_success())
    }
}

impl Default for HttpValidator {
    fn default() -> Self {
        Self::new()
    }
}

#[async_trait::async_trait]
impl Validator for HttpValidator {
    async fn validate(&self, secret: &Secret) -> Result<bool> {
        // Generic HTTP validator - can be extended for specific API keys
        match secret.secret_type {
            SecretType::GenericApiKey | SecretType::OAuthToken => {
                // For generic API keys, we can't validate without knowing the endpoint
                // Return false to indicate unknown
                Ok(false)
            }
            _ => Ok(false),
        }
    }

    fn supports(&self, secret_type: &SecretType) -> bool {
        matches!(
            secret_type,
            SecretType::GenericApiKey | SecretType::OAuthToken
        )
    }
}