1313//!
1414//! OPTIONS:
1515//! --default_entropy_threshold <DEFAULT_ENTROPY_THRESHOLD> Default entropy threshold (0.6 by default)
16- //! --authtoken <BEARERTOKEN> Confluence basic auth bearer token (instead of user & pass)
16+ //! --authtoken <BEARERTOKEN> Confluence PAT (instead of user & pass, crafts basic auth header )
1717//! -o, --outputfile <OUTPUT> Sets the path to write the scanner results to (stdout by default)
18- //! --password <PASSWORD> Confluence password (crafts basic auth header)
18+ //! --password <PASSWORD> Confluence password or PAT (crafts basic auth header)
1919//! --regex <REGEX> Sets a custom regex JSON file
20- //! --username <USERNAME> Confluence username (crafts basic auth header)
20+ //! --username <USERNAME> Confluence username or email address (crafts basic auth header)
2121//!
2222//! ARGS:
2323//! <PAGEID> The ID (e.g. 1234) of the confluence page you want to scan
@@ -73,9 +73,9 @@ pub struct ConfluencePage {
7373/// Main entry function that uses the [clap crate](https://docs.rs/clap/2.33.0/clap/)
7474#[ tokio:: main]
7575async fn main ( ) {
76- let matches = clap_app ! ( gottingen_hog =>
76+ let matches = clap_app ! ( essex_hog =>
7777 ( version: "1.0.11" )
78- ( author: "Emily Cain <ecain@newrelic.com>, Scott Cutler" )
78+ ( author: "Emily Cain <ecain@newrelic.com>, Scott Cutler, Valentijn Scholten <valentijnscholten@gmail.com> " )
7979 ( about: "Confluence secret scanner in Rust." )
8080 ( @arg REGEX : --regex +takes_value "Sets a custom regex JSON file" )
8181 ( @arg PAGEID : +required "The ID (e.g. 1234) of the confluence page you want to scan" )
@@ -86,9 +86,9 @@ async fn main() {
8686 ( @arg CASE : --caseinsensitive "Sets the case insensitive flag for all regexes" )
8787 ( @arg OUTPUT : -o --outputfile +takes_value "Sets the path to write the scanner results to (stdout by default)" )
8888 ( @arg PRETTYPRINT : --prettyprint "Outputs the JSON in human readable format" )
89- ( @arg USERNAME : --username +takes_value conflicts_with[ AUTHTOKEN ] "Confluence username (crafts basic auth header)" )
90- ( @arg PASSWORD : --password +takes_value conflicts_with[ AUTHTOKEN ] "Confluence password (crafts basic auth header)" )
91- ( @arg BEARERTOKEN : --authtoken +takes_value conflicts_with[ USERNAME PASSWORD ] "Confluence basic auth bearer token (instead of user & pass)" )
89+ ( @arg USERNAME : --username +takes_value conflicts_with[ AUTHTOKEN ] "Confluence username or email for cloud (crafts basic auth header)" )
90+ ( @arg PASSWORD : --password +takes_value conflicts_with[ AUTHTOKEN ] "Confluence password or PAT for cloud (crafts basic auth header)" )
91+ ( @arg BEARERTOKEN : --authtoken +takes_value conflicts_with[ USERNAME PASSWORD ] "Confluence PAT (instead of user & pass, crafts basic auth header )" )
9292 ( @arg ALLOWLIST : -a --allowlist +takes_value "Sets a custom allowlist JSON file" )
9393 )
9494 . get_matches ( ) ;
@@ -107,9 +107,9 @@ async fn run<'b>(arg_matches: ArgMatches<'b>) -> Result<(), SimpleError> {
107107 let ssb = SecretScannerBuilder :: new ( ) . conf_argm ( & arg_matches) ;
108108 let secret_scanner = ssb. build ( ) ;
109109
110- let jirausername = arg_matches. value_of ( "USERNAME" ) ;
111- let jirapassword = arg_matches. value_of ( "PASSWORD" ) ;
112- let jiraauthtoken = arg_matches. value_of ( "BEARERTOKEN" ) ;
110+ let confluenceusername = arg_matches. value_of ( "USERNAME" ) ;
111+ let confluencepassword = arg_matches. value_of ( "PASSWORD" ) ;
112+ let confluenceauthtoken = arg_matches. value_of ( "BEARERTOKEN" ) ;
113113 let base_url_input = arg_matches
114114 . value_of ( "URL" )
115115 . unwrap_or ( "https://confluence.atlassian.com" )
@@ -125,18 +125,18 @@ async fn run<'b>(arg_matches: ArgMatches<'b>) -> Result<(), SimpleError> {
125125 let https = hyper_rustls:: HttpsConnector :: with_native_roots ( ) ;
126126 let hyper_client: client:: Client < _ , hyper:: Body > = client:: Client :: builder ( ) . build ( https) ;
127127
128- // TODO: Support other modes of JIRA authentication
129- let auth_string = match jirausername {
130- // craft auth header using username and password if present
128+ // TODO: Support other modes of Confluence authentication
129+ let auth_string = match confluenceusername {
130+ // craft auth header using username and password (or PAT) if present
131131 Some ( u) => {
132132 format ! (
133133 "Basic {}" ,
134- base64:: encode( format!( "{}:{}" , u, jirapassword . unwrap( ) ) )
134+ base64:: encode( format!( "{}:{}" , u, confluencepassword . unwrap( ) ) )
135135 )
136136 }
137137 // otherwise use AUTHTOKEN to craft the auth header
138138 None => {
139- format ! ( "Bearer {}" , jiraauthtoken . unwrap( ) )
139+ format ! ( "Bearer {}" , confluenceauthtoken . unwrap( ) )
140140 }
141141 } ;
142142
0 commit comments