From f1b5ef5f9b668d57a2c9999b34e142531bc8afac Mon Sep 17 00:00:00 2001
From: KMINGON <rlaalsrhs59@gmail.com>
Date: Sat, 31 May 2025 12:37:54 +0900
Subject: [PATCH] =?UTF-8?q?REFACTOR=20:=20findings=EB=A5=BCindex=EA=B0=80?=
 =?UTF-8?q?=20=EC=95=84=EB=8B=8C=20=EB=AA=A8=EB=93=88=EC=95=A0=EC=84=9C=20?=
 =?UTF-8?q?=EB=A7=8C=EB=93=A4=EB=8F=84=EB=A1=9D=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/controller/accessTokenDetector.ts     | 48 ++++++++++++++-----
 packages/backend/src/index.ts                 |  4 ++
 2 files changed, 40 insertions(+), 12 deletions(-)

diff --git a/packages/backend/src/controller/accessTokenDetector.ts b/packages/backend/src/controller/accessTokenDetector.ts
index 22be16e..8093a54 100644
--- a/packages/backend/src/controller/accessTokenDetector.ts
+++ b/packages/backend/src/controller/accessTokenDetector.ts
@@ -1,22 +1,46 @@
 import type { Request, Response } from "caido:utils";
+import type { SDK, DefineAPI } from "caido:plugin";
 
 // 토큰 누출 검사 결과를 담는 구조
 export interface TokenLeakResult {
-    found: boolean;        // 토큰이 발견되었는지 여부 (true/false)
-    location: 'url' | 'body' | 'header';  // 토큰이 발견된 위치 (url, body, header 중 하나)
-    title: string;         // 경고 제목
-    description: string;   // 상세 설명
-    value?: string;        // 실제 발견된 값 (선택적)
+  found: boolean;        // 토큰이 발견되었는지 여부 (true/false)
+  location: 'url' | 'body' | 'header';  // 토큰이 발견된 위치 (url, body, header 중 하나)
+  title: string;         // 경고 제목
+  description: string;   // 상세 설명
+  value?: string;        // 실제 발견된 값 (선택적)
 }
 
 // 액세스 토큰 누출 검사 클래스
 export class AccessTokenLeakController {
-    
-    /**
-     * @param request - 검사할 HTTP 요청 객체
-     * @returns 토큰이 발견되면 결과 객체, 없으면 null
-     */
-    async testReq(request: Request): Promise<TokenLeakResult | null> {
+  async testReq(sdk: SDK<DefineAPI<{}>>, request: Request): Promise<void> {
+    const result = await this._scanRequest(request);
+    if (result) {
+      await sdk.findings.create({
+        title: result.title,
+        description: result.description,
+        request,
+        reporter: "",
+      });
+    }
+  }
+
+  async testResp(sdk: SDK<DefineAPI<{}>>, response: Response, request: Request): Promise<void> {
+    const result = await this._scanResponse(response);
+    if (result) {
+      await sdk.findings.create({
+        title: result.title,
+        description: result.description,
+        request,
+        reporter: "",
+      });
+    }
+  }
+
+  /**
+   * @param request - 검사할 HTTP 요청 객체
+   * @returns 토큰이 발견되면 결과 객체, 없으면 null
+   */
+  async _scanRequest(request: Request): Promise<TokenLeakResult | null> {
     
     // === 1. URL에서 토큰 검사 ===
     const url = request.getUrl();
@@ -60,7 +84,7 @@ export class AccessTokenLeakController {
    * @param response - 검사할 HTTP 응답 객체
    * @returns 토큰이 발견되면 결과 객체, 없으면 null
    */
-  async testResp(response: Response): Promise<TokenLeakResult | null> {
+  async _scanResponse(response: Response): Promise<TokenLeakResult | null> {
     
     // === 1. Location 헤더에서 토큰 검사 ===
     const locationHeader = response.getHeader("Location");
diff --git a/packages/backend/src/index.ts b/packages/backend/src/index.ts
index a24d2c7..9cf32b2 100644
--- a/packages/backend/src/index.ts
+++ b/packages/backend/src/index.ts
@@ -4,6 +4,7 @@ import type { Request, Response } from "caido:utils";
 // import { AuthZCodeGrantController } from "./controller/authZCodeGrant";
 import { CsrfCheck } from "./controller/csrfCheck";
 import { PKCECheck } from "./controller/PKCECheck";
+import { AccessTokenLeakController } from "./controller/accessTokenDetector";
 
 export type API = DefineAPI<{}>;
 
@@ -11,6 +12,7 @@ const csrfCheck = new CsrfCheck();
 // const implicitGrantController = new ImplicitGrantController();
 // const authZCodeGrantController = new AuthZCodeGrantController();
 const pkceCheckController = new PKCECheck();
+const tokenCheck = new AccessTokenLeakController();
 
 export function init(sdk: SDK<API>) {
   // sdk.events.onInterceptRequest(async (sdk, req: Request) => {
@@ -30,6 +32,8 @@ export function init(sdk: SDK<API>) {
     async (sdk: SDK<DefineAPI<{}>, {}>, req: Request, resp: Response) => {
       await csrfCheck.checker(sdk, req, resp);
       await pkceCheckController.test(sdk, req);
+      await tokenCheck.testReq(sdk, req);
+      await tokenCheck.testResp(sdk, resp, req);
       // sdk.events.onInterceptRequest(async (sdk, req: Request) => {
       //   const result =
       //     authZCodeGrantController.testReq(req) ||