Skip to content

Commit

Permalink
Merge pull request #338 from projectdiscovery/fix-invalid-resp-err-auth
Browse files Browse the repository at this point in the history
Fix auth err when username is empty
  • Loading branch information
tarunKoyalwar authored Feb 20, 2024
2 parents 788663f + 7ad29d3 commit f803b96
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 4 deletions.
14 changes: 12 additions & 2 deletions auth/pdcp/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ func CheckNValidateCredentials(toolName string) {
// validate by fetching user profile
gotCreds, err := h.ValidateAPIKey(creds.APIKey, creds.Server, toolName)
if err == nil {
gologger.Info().Msgf("You are logged in as (@%v)", gotCreds.Username)
gologger.Info().Msgf("You are logged in as (%v)", userIdentifier(gotCreds))
os.Exit(0)
}
gologger.Error().Msgf("Invalid API key found in file, please recheck or recreate your API key and retry.")
Expand All @@ -56,7 +56,7 @@ func CheckNValidateCredentials(toolName string) {
// validate by fetching user profile
validatedCreds, err := h.ValidateAPIKey(apiKey, apiServer, toolName)
if err == nil {
gologger.Info().Msgf("Successfully logged in as (@%v)", validatedCreds.Username)
gologger.Info().Msgf("Successfully logged in as (%v)", userIdentifier(validatedCreds))
if saveErr := h.SaveCreds(validatedCreds); saveErr != nil {
gologger.Warning().Msgf("Could not save credentials to file: %s\n", saveErr)
}
Expand All @@ -73,3 +73,13 @@ func maskKey(key string) string {
}
return fmt.Sprintf("%v%v", key[:3], strings.Repeat("*", len(key)-3))
}

// userIdentifier returns user identifier in format @username
// if username is empty, it returns email
func userIdentifier(creds *PDCPCredentials) string {
user := fmt.Sprintf("@%v", creds.Username)
if creds.Username == "" {
user = creds.Email
}
return user
}
6 changes: 4 additions & 2 deletions auth/pdcp/creds.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,14 @@ const (

type PDCPCredentials struct {
Username string `yaml:"username"`
Email string `yaml:"email"`
APIKey string `yaml:"api-key"`
Server string `yaml:"server"`
}

type PDCPUserProfileResponse struct {
UserName string `json:"name"`
Email string `json:"email"`
// there are more fields but we don't need them
/// below fields are added later on and not part of the response
}
Expand Down Expand Up @@ -128,10 +130,10 @@ func (p *PDCPCredHandler) ValidateAPIKey(key string, host string, toolName strin
if err != nil {
return nil, err
}
if profile.UserName == "" {
if profile.Email == "" {
return nil, fmt.Errorf("invalid response from server got %v", string(bin))
}
return &PDCPCredentials{Username: profile.UserName, APIKey: key, Server: host}, nil
return &PDCPCredentials{Username: profile.UserName, Email: profile.Email, APIKey: key, Server: host}, nil
}

func init() {
Expand Down
1 change: 1 addition & 0 deletions auth/pdcp/creds_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (

var exampleCred = `
- username: test
email: [email protected]
api-key: testpassword
server: https://scanme.sh
`
Expand Down

0 comments on commit f803b96

Please sign in to comment.