diff --git a/packages/backend/src/controller/accessTokenDetector.ts b/packages/backend/src/controller/accessTokenDetector.ts index 8093a54..6e95120 100644 --- a/packages/backend/src/controller/accessTokenDetector.ts +++ b/packages/backend/src/controller/accessTokenDetector.ts @@ -51,7 +51,7 @@ export class AccessTokenLeakController { return { found: true, location: 'url', - title: "Access Token Leak in URL", + title: "Token Leak in URL", description: `요청 URL에 토큰이 포함되어 있습니다. (토큰: ${extractedTokenFromUrl.substring(0, 20)}...)`, value: url }; @@ -69,7 +69,7 @@ export class AccessTokenLeakController { return { found: true, location: 'body', - title: "Access Token Leak in Request Body", + title: "Token Leak in Request Body", description: `요청 Body에 토큰이이 포함되어 있습니다. (토큰: ${extractedTokenFromBody.substring(0, 20)}...)`, value: bodyText }; @@ -98,7 +98,7 @@ export class AccessTokenLeakController { return { found: true, location: 'header', - title: "Access Token Leak in Redirect URL", + title: "Token Leak in Redirect URL", description: `Location 헤더에 토큰이 노출되었습니다: ${locationHeaderStr} (토큰: ${extractedTokenFromHeader.substring(0, 20)}...)`, value: locationHeaderStr }; @@ -117,7 +117,7 @@ export class AccessTokenLeakController { return { found: true, location: 'body', - title: "Access Token Leak in Response Body", + title: "Token Leak in Response Body", description: `HTTP 응답 본문에 토큰이 노출되었습니다. (토큰: ${extractedTokenFromBody.substring(0, 20)}...)`, value: bodyText }; @@ -136,10 +136,18 @@ private extractTokenFromText(text: string): string | null { // 토큰 관련 키워드 리스트 const tokenKeys = [ 'access_token', - 'id_token', + 'accesstoken', + 'Access-Token', + 'Refresh_Token', + 'Refresh-Token', + 'RefreshToken', + 'Secret_Token', + 'Secret-Token', + 'SecretToken', + 'SSO_Auth', + 'SSO-Auth', + 'SSOAuth', 'auth_token', - 'token', - 'jwt', 'session_token' ];