fix(query): false positive detections in "api_key_exposed" function

[Tohar-orca]

Closes #

Proposed Changes

• add checks to the api_key_exposed function to verify the server is not using https

I submit this contribution under the Apache-2.0 license.

[JoaoAtGit]

Hi @Tohar-orca,
how are you?
Can you give me more context about this false positive?
Can you tell which query was returning the result and a small code sample?

Thank you :)

[Tohar-orca]

Hi @Tohar-orca, how are you? Can you give me more context about this false positive? Can you tell which query was returning the result and a small code sample?

Thank you :)

Hi @JoaoCxMartins :)
There are 2 queries which were returning false positives due to this issue:
openAPI/general/api_key_exposed_in_global_security and openAPI/general/api_key_exposed_in_operation_security
For example:

openapi: "3.0.1"
info:
  title: "test"
  version: "1.0"
servers:
  - url: "https://@API-GW-ID.execute-api.us-east-1.amazonaws.com/{basePath}"
    variables:
      basePath:
        default: "/api"
  
paths:
  /address:
    get:
      summary: test
      description: test
      security:
        - authorizer: [ ]

components:
  securitySchemes:
    authorizer:
      type: "apiKey"
      name: "authorization"
      in: "header"

[JoaoAtGit]

Hi @Tohar-orca, how are you? Can you give me more context about this false positive? Can you tell which query was returning the result and a small code sample?
Thank you :)

Hi @JoaoCxMartins :) There are 2 queries which were returning false positives due to this issue: openAPI/general/api_key_exposed_in_global_security and openAPI/general/api_key_exposed_in_operation_security For example:

openapi: "3.0.1"
info:
  title: "test"
  version: "1.0"
servers:
  - url: "https://@API-GW-ID.execute-api.us-east-1.amazonaws.com/{basePath}"
    variables:
      basePath:
        default: "/api"
  
paths:
  /address:
    get:
      summary: test
      description: test
      security:
        - authorizer: [ ]

components:
  securitySchemes:
    authorizer:
      type: "apiKey"
      name: "authorization"
      in: "header"

Hi @Tohar-orca :)

To close this pr, can you implement a test for each one of the queries?
Using the same code sample that you put here, showing that we don't present results for the these queries.

Thank you :)

[Tohar-orca]

Hi @Tohar-orca, how are you? Can you give me more context about this false positive? Can you tell which query was returning the result and a small code sample?
Thank you :)

Hi @JoaoCxMartins :) There are 2 queries which were returning false positives due to this issue: openAPI/general/api_key_exposed_in_global_security and openAPI/general/api_key_exposed_in_operation_security For example:

openapi: "3.0.1"
info:
  title: "test"
  version: "1.0"
servers:
  - url: "https://@API-GW-ID.execute-api.us-east-1.amazonaws.com/{basePath}"
    variables:
      basePath:
        default: "/api"
  
paths:
  /address:
    get:
      summary: test
      description: test
      security:
        - authorizer: [ ]

components:
  securitySchemes:
    authorizer:
      type: "apiKey"
      name: "authorization"
      in: "header"

Hi @Tohar-orca :)

To close this pr, can you implement a test for each one of the queries? Using the same code sample that you put here, showing that we don't present results for the these queries.

Thank you :)

Sure, done :)

[JoaoAtGit]

Hi @Tohar-orca, how are you? Can you give me more context about this false positive? Can you tell which query was returning the result and a small code sample?
Thank you :)

Hi @JoaoCxMartins :) There are 2 queries which were returning false positives due to this issue: openAPI/general/api_key_exposed_in_global_security and openAPI/general/api_key_exposed_in_operation_security For example:

openapi: "3.0.1"
info:
  title: "test"
  version: "1.0"
servers:
  - url: "https://@API-GW-ID.execute-api.us-east-1.amazonaws.com/{basePath}"
    variables:
      basePath:
        default: "/api"
  
paths:
  /address:
    get:
      summary: test
      description: test
      security:
        - authorizer: [ ]

components:
  securitySchemes:
    authorizer:
      type: "apiKey"
      name: "authorization"
      in: "header"

Hi @Tohar-orca :)
To close this pr, can you implement a test for each one of the queries? Using the same code sample that you put here, showing that we don't present results for the these queries.
Thank you :)

Sure, done :)

TY for your help @Tohar-orca