Add Regexer and more tests

Author: sebastianfeldmann

src/Detector.php

@@ -13,7 +13,6 @@
 
 namespace CaptainHook\Secrets;
 
-use CaptainHook\Secrets\Detector\Result;
 use CaptainHook\Secrets\Regex\Supplier;
 use RuntimeException;
 
@@ -98,7 +97,7 @@ public function useRegex(string ...$regularExpressions): self
      * Detect secrets in string
      *
      * @param string $content
-     * @return \CaptainHook\Secrets\Detector\Result
+     * @return \CaptainHook\Secrets\Result
      */
     public function detectIn(string $content): Result
     {

src/Regex/Grouped.php

@@ -0,0 +1,32 @@
+<?php
+
+/**
+ * This file is part of CaptainHook Secrets.
+ *
+ * (c) Sebastian Feldmann <sf@sebastian-feldmann.info>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+declare(strict_types=1);
+
+namespace CaptainHook\Secrets\Regex;
+
+/**
+ * Grouped Interface
+ *
+ * @package CaptainHook-Secrets
+ * @author  Sebastian Feldmann <sf@sebastian-feldmann.info>
+ * @link    https://github.com/captainhookphp/secrets
+ * @since   Class available since Release 0.9.4
+ */
+interface Grouped extends Supplier
+{
+    /**
+     * Returns the capture group index of the potential password
+     *
+     * @return array<int>
+     */
+    public function indexes(): array;
+}

src/Regex/Supplier/Aws.php

@@ -46,11 +46,11 @@ public function patterns(): array
             // AWS secrets, keys, access token
             '#' . Util::OPTIONAL_QUOTE . self::AWS . '(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)'
             . Util::OPTIONAL_QUOTE . Util::CONNECT
-            . Util::OPTIONAL_QUOTE . '[A-Za-z0-9/\\+=]{40}' . Util::OPTIONAL_QUOTE . '#',
+            . Util::OPTIONAL_QUOTE . '([A-Za-z0-9/\\+=]{40})' . Util::OPTIONAL_QUOTE . '#',
 
             // AWS account id
             '#' . Util::OPTIONAL_QUOTE . self::AWS . '(ACCOUNT|account|Account)_?(ID|id|Id)?' . Util::OPTIONAL_QUOTE
-            . Util::CONNECT . Util::OPTIONAL_QUOTE . '[0-9]{4}\\-?[0-9]{4}\\-?[0-9]{4}' . Util::OPTIONAL_QUOTE . '#',
+            . Util::CONNECT . Util::OPTIONAL_QUOTE . '([0-9]{4}\\-?[0-9]{4}\\-?[0-9]{4})' . Util::OPTIONAL_QUOTE . '#',
         ];
     }
 }

src/Regex/Supplier/GitHub.php

@@ -36,16 +36,16 @@ public function patterns(): array
     {
         return [
             // Personal Access Token (Classic)
-            '#' . Util::OPTIONAL_QUOTE . 'ghp_[a-zA-Z0-9]{36}' . Util::OPTIONAL_QUOTE . '#',
+            '#' . Util::OPTIONAL_QUOTE . '(ghp_[a-zA-Z0-9]{36})' . Util::OPTIONAL_QUOTE . '#',
 
             // Personal Access Token (Fine-Grained)
-            '#' . Util::OPTIONAL_QUOTE . 'github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}' . Util::OPTIONAL_QUOTE . '#',
+            '#' . Util::OPTIONAL_QUOTE . '(github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59})' . Util::OPTIONAL_QUOTE . '#',
 
             // User-To-Server Access Token
-            '#' . Util::OPTIONAL_QUOTE . 'ghu_[a-zA-Z0-9]{36}' . Util::OPTIONAL_QUOTE . '#',
+            '#' . Util::OPTIONAL_QUOTE . '(ghu_[a-zA-Z0-9]{36})' . Util::OPTIONAL_QUOTE . '#',
 
             // Server-To-Server Access Token
-            '#' . Util::OPTIONAL_QUOTE . 'ghs_[a-zA-Z0-9]{36}' . Util::OPTIONAL_QUOTE . '#',
+            '#' . Util::OPTIONAL_QUOTE . '(ghs_[a-zA-Z0-9]{36})' . Util::OPTIONAL_QUOTE . '#',
         ];
     }
 }

src/Regex/Supplier/Google.php

@@ -36,7 +36,7 @@ public function patterns(): array
     {
         return [
             // API Key
-            '#' . Util::OPTIONAL_QUOTE . 'AIza[0-9A-Za-z\-_]{35}' . Util::OPTIONAL_QUOTE . '#',
+            '#' . Util::OPTIONAL_QUOTE . '(AIza[0-9A-Za-z\-_]{35})' . Util::OPTIONAL_QUOTE . '#',
         ];
     }
 }

src/Regex/Supplier/Ini.php

@@ -0,0 +1,46 @@
+<?php
+
+/**
+ * This file is part of CaptainHook Secrets.
+ *
+ * (c) Sebastian Feldmann <sf@sebastian-feldmann.info>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace CaptainHook\Secrets\Regex\Supplier;
+
+use CaptainHook\Secrets\Regex\Grouped;
+
+/**
+ * Find any possible string assignment in a php file
+ *
+ * Finds:
+ *  - foo = "string"
+ *  - foo = string
+ */
+class Ini implements Grouped
+{
+    /**
+     * Returns a list of patterns to check
+     *
+     * @return array<string>
+     */
+    public function patterns(): array
+    {
+        return [
+            '#=\\s*("?)([^\n]*)\\1+\\s*#i',
+        ];
+    }
+
+    /**
+     * Return capture group to access the password
+     *
+     * @return array<int>
+     */
+    public function indexes(): array
+    {
+        return [2];
+    }
+}

src/Regex/Supplier/Json.php

@@ -0,0 +1,46 @@
+<?php
+
+/**
+ * This file is part of CaptainHook Secrets.
+ *
+ * (c) Sebastian Feldmann <sf@sebastian-feldmann.info>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace CaptainHook\Secrets\Regex\Supplier;
+
+use CaptainHook\Secrets\Regex\Grouped;
+
+/**
+ * Find any possible string assignment in a json file
+ *
+ * Finds:
+ *  - "foo": "string"
+ */
+class Json implements Grouped
+{
+    /**
+     * Returns a list of patterns to check
+     *
+     * @return array<string>
+     */
+    public function patterns(): array
+    {
+        return [
+            // detecting any string assignment
+            '#:\\s*' . Util::QUOTE . '(.*?)' . Util::QUOTE . '#i',
+        ];
+    }
+
+    /**
+     * Return capture group to access the password
+     *
+     * @return array<int>
+     */
+    public function indexes(): array
+    {
+        return [2];
+    }
+}

src/Regex/Supplier/PHP.php

@@ -0,0 +1,48 @@
+<?php
+
+/**
+ * This file is part of CaptainHook Secrets.
+ *
+ * (c) Sebastian Feldmann <sf@sebastian-feldmann.info>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace CaptainHook\Secrets\Regex\Supplier;
+
+use CaptainHook\Secrets\Regex\Grouped;
+
+/**
+ * Find any possible string assignment in a php file
+ *
+ * Finds:
+ *  - $foo = "string"
+ *  - $foo = ["foo" => "string"]
+ */
+class PHP implements Grouped
+{
+    /**
+     * Returns a list of patterns to check
+     *
+     * @return array<string>
+     */
+    public function patterns(): array
+    {
+        return [
+            // detecting any string assignment
+            // = "some string", => 'some-string' return 'some-string
+            '#(=>?|return)\\s*' . Util::QUOTE . '(.*?)' . Util::QUOTE . '#i',
+        ];
+    }
+
+    /**
+     * Return capture group to access the password
+     *
+     * @return array<int>
+     */
+    public function indexes(): array
+    {
+        return [3];
+    }
+}

src/Regex/Supplier/Password.php

@@ -37,7 +37,7 @@ public function patterns(): array
         return [
             // Generic passwords
             '#password' . Util::OPTIONAL_QUOTE . Util::CONNECT . Util::OPTIONAL_QUOTE
-            . '[a-z\\-_\\#/\\+0-9]{16,}' . Util::OPTIONAL_QUOTE . '#i',
+            . '([a-z\\-_\\#/\\+0-9]{16,})' . Util::OPTIONAL_QUOTE . '#i',
         ];
     }
 }

src/Regex/Supplier/Stripe.php

@@ -36,7 +36,7 @@ public function patterns(): array
     {
         return [
             // Standard API Key & Restricted API Key
-            '#' . Util::OPTIONAL_QUOTE . 'sk_live_[0-9a-z]{24}' . Util::OPTIONAL_QUOTE . '#',
+            '#' . Util::OPTIONAL_QUOTE . '(sk_live_[0-9a-z]{24})' . Util::OPTIONAL_QUOTE . '#',
         ];
     }
 }