Skip to content

Commit

Permalink
Refactoring ValidatorBase (#534)
Browse files Browse the repository at this point in the history 
* Adding new implementation

* Separating static from dynamic validator

* Refactoring ValidatorsCache

* Refactoring everything, updating tests

* Addressing PR feedback

* Adding docs to sln, updating docs with recent changes
  • Loading branch information
@eddynaka
eddynaka committed Aug 14, 2021
1 parent 28b53ca commit 686f9b3
Show file tree
Hide file tree
Showing 84 changed files with 781 additions and 1,721 deletions.
30 changes: 3 additions & 27 deletions Src/Plugins/Security/SEC101_001.HttpAuthorizationRequestHeaderValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,33 +12,9 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class HttpAuthorizationRequestHeaderValidator : ValidatorBase
public class HttpAuthorizationRequestHeaderValidator : DynamicValidatorBase
{
internal static HttpAuthorizationRequestHeaderValidator Instance;

static HttpAuthorizationRequestHeaderValidator()
{
Instance = new HttpAuthorizationRequestHeaderValidator();
}

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

public static ValidationState IsValidDynamic(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
return IsValidDynamic(Instance,
ref fingerprint,
ref message,
options,
ref resultLevelKind);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetNonEmptyValue("host", out FlexMatch host) ||
!groups.TryGetNonEmptyValue("scheme", out FlexMatch scheme) ||
Expand Down Expand Up @@ -66,7 +42,7 @@ protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<

protected override ValidationState IsValidDynamicHelper(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
IDictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
string host = fingerprint.Host;
Expand Down
16 changes: 2 additions & 14 deletions Src/Plugins/Security/SEC101_002.GoogleOAuthCredentialsValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,21 +8,9 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class GoogleOAuthCredentialsValidator : ValidatorBase
public class GoogleOAuthCredentialsValidator : StaticValidatorBase
{
internal static GoogleOAuthCredentialsValidator Instance;

static GoogleOAuthCredentialsValidator()
{
Instance = new GoogleOAuthCredentialsValidator();
}

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetValue("id", out FlexMatch id) ||
!groups.TryGetValue("secret", out FlexMatch secret))
Expand Down
34 changes: 5 additions & 29 deletions Src/Plugins/Security/SEC101_003.GoogleApiKeyValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,33 +12,9 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class GoogleApiKeyValidator : ValidatorBase
public class GoogleApiKeyValidator : DynamicValidatorBase
{
internal static GoogleApiKeyValidator Instance;

static GoogleApiKeyValidator()
{
Instance = new GoogleApiKeyValidator();
}

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

public static ValidationState IsValidDynamic(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
return IsValidDynamic(Instance,
ref fingerprint,
ref message,
options,
ref resultLevelKind);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetNonEmptyValue("secret", out FlexMatch secret))
{
Expand Down Expand Up @@ -66,9 +42,9 @@ protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<
}

protected override ValidationState IsValidDynamicHelper(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
ref string message,
IDictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
const string Invalid = "RequestDenied: The provided API key is invalid";
const string Expired = "RequestDenied: The provided API key is expired";
Expand Down
30 changes: 3 additions & 27 deletions Src/Plugins/Security/SEC101_004.FacebookAppCredentialsValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,33 +12,9 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class FacebookAppCredentialsValidator : ValidatorBase
public class FacebookAppCredentialsValidator : DynamicValidatorBase
{
internal static FacebookAppCredentialsValidator Instance;

static FacebookAppCredentialsValidator()
{
Instance = new FacebookAppCredentialsValidator();
}

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

public static ValidationState IsValidDynamic(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
return IsValidDynamic(Instance,
ref fingerprint,
ref message,
options,
ref resultLevelKind);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetValue("id", out FlexMatch id) ||
!groups.TryGetValue("secret", out FlexMatch secret))
Expand All @@ -62,7 +38,7 @@ protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<

protected override ValidationState IsValidDynamicHelper(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
IDictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
string id = fingerprint.Id;
Expand Down
27 changes: 3 additions & 24 deletions Src/Plugins/Security/SEC101_005.SlackTokenValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,8 @@

using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Text.Json;
using System.Text.Json.Serialization;

Expand All @@ -15,28 +13,9 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class SlackTokenValidator : ValidatorBase
public class SlackTokenValidator : DynamicValidatorBase
{
internal static SlackTokenValidator Instance = new SlackTokenValidator();

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

public static ValidationState IsValidDynamic(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
return IsValidDynamic(Instance,
ref fingerprint,
ref message,
options,
ref resultLevelKind);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetNonEmptyValue("secret", out FlexMatch secret))
{
Expand Down Expand Up @@ -65,7 +44,7 @@ protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<

protected override ValidationState IsValidDynamicHelper(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
IDictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
const string uri = "https://slack.com/api/auth.test";
Expand Down
30 changes: 3 additions & 27 deletions Src/Plugins/Security/SEC101_006.GitHubPatValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,33 +13,9 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class GitHubPatValidator : ValidatorBase
public class GitHubPatValidator : DynamicValidatorBase
{
internal static GitHubPatValidator Instance;

static GitHubPatValidator()
{
Instance = new GitHubPatValidator();
}

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

public static ValidationState IsValidDynamic(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
return IsValidDynamic(Instance,
ref fingerprint,
ref message,
options,
ref resultLevelKind);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetNonEmptyValue("secret", out FlexMatch secret))
{
Expand Down Expand Up @@ -102,7 +78,7 @@ protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<

protected override ValidationState IsValidDynamicHelper(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
IDictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
string pat = fingerprint.Secret;
Expand Down
30 changes: 3 additions & 27 deletions Src/Plugins/Security/SEC101_007.GitHubAppCredentialsValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,33 +12,9 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class GitHubAppCredentialsValidator : ValidatorBase
public class GitHubAppCredentialsValidator : DynamicValidatorBase
{
internal static GitHubAppCredentialsValidator Instance;

static GitHubAppCredentialsValidator()
{
Instance = new GitHubAppCredentialsValidator();
}

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

public static ValidationState IsValidDynamic(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
return IsValidDynamic(Instance,
ref fingerprint,
ref message,
options,
ref resultLevelKind);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetNonEmptyValue("id", out FlexMatch id) ||
!groups.TryGetNonEmptyValue("secret", out FlexMatch secret))
Expand Down Expand Up @@ -69,7 +45,7 @@ protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<

protected override ValidationState IsValidDynamicHelper(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
IDictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
string id = fingerprint.Id;
Expand Down
27 changes: 4 additions & 23 deletions Src/Plugins/Security/SEC101_008.AwsCredentialsValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,41 +12,22 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class AwsCredentialsValidator : ValidatorBase
public class AwsCredentialsValidator : DynamicValidatorBase
{
internal static IRegex RegexEngine;
internal static AwsCredentialsValidator Instance;

private const string UserPrefix = "User: ";
private const string UserSuffix = " is not authorized";
private static readonly string AwsUserExpression = $"^{UserPrefix}.+?{UserSuffix}";

static AwsCredentialsValidator()
public AwsCredentialsValidator()
{
RegexEngine = RE2Regex.Instance;
Instance = new AwsCredentialsValidator();

RegexEngine.IsMatch(string.Empty, AwsUserExpression);
}

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

public static ValidationState IsValidDynamic(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
return IsValidDynamic(Instance,
ref fingerprint,
ref message,
options,
ref resultLevelKind);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetNonEmptyValue("id", out FlexMatch id) ||
!groups.TryGetNonEmptyValue("secret", out FlexMatch secret))
Expand All @@ -70,7 +51,7 @@ protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<

protected override ValidationState IsValidDynamicHelper(ref Fingerprint fingerprint,
ref string message,
Dictionary<string, string> options,
IDictionary<string, string> options,
ref ResultLevelKind resultLevelKind)
{
string id = fingerprint.Id;
Expand Down
16 changes: 2 additions & 14 deletions Src/Plugins/Security/SEC101_009.LinkedInCredentialsValidator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,21 +8,9 @@

namespace Microsoft.CodeAnalysis.Sarif.PatternMatcher.Plugins.Security
{
public class LinkedInCredentialsValidator : ValidatorBase
public class LinkedInCredentialsValidator : StaticValidatorBase
{
internal static LinkedInCredentialsValidator Instance;

static LinkedInCredentialsValidator()
{
Instance = new LinkedInCredentialsValidator();
}

public static IEnumerable<ValidationResult> IsValidStatic(Dictionary<string, FlexMatch> groups)
{
return IsValidStatic(Instance, groups);
}

protected override IEnumerable<ValidationResult> IsValidStaticHelper(Dictionary<string, FlexMatch> groups)
protected override IEnumerable<ValidationResult> IsValidStaticHelper(IDictionary<string, FlexMatch> groups)
{
if (!groups.TryGetNonEmptyValue("id", out FlexMatch id) ||
!groups.TryGetNonEmptyValue("secret", out FlexMatch secret))
Expand Down

0 comments on commit 686f9b3

Please sign in to comment.