diff --git a/pkg/runner/options.go b/pkg/runner/options.go index c120d84..77f2068 100644 --- a/pkg/runner/options.go +++ b/pkg/runner/options.go @@ -3,7 +3,7 @@ package runner import "github.com/projectdiscovery/goflags" type Options struct { - PdcpAuth bool + PdcpAuth string CveIds goflags.StringSlice CweIds goflags.StringSlice Vendor goflags.StringSlice diff --git a/pkg/runner/runner.go b/pkg/runner/runner.go index 7794100..c4fba89 100644 --- a/pkg/runner/runner.go +++ b/pkg/runner/runner.go @@ -95,7 +95,7 @@ func ParseOptions() *Options { flagset.SetDescription(`Navigate the CVE jungle with ease.`) flagset.CreateGroup("config", "Config", - flagset.BoolVar(&options.PdcpAuth, "auth", false, "configure projectdiscovery cloud (pdcp) api key"), + flagset.DynamicVar(&options.PdcpAuth, "auth", "true", "configure projectdiscovery cloud (pdcp) api key"), ) flagset.CreateGroup("OPTIONS", "options", @@ -154,6 +154,25 @@ func ParseOptions() *Options { if !options.Debug { options.Debug = env.GetEnvOrDefault("DEBUG", false) } + if options.Version { + gologger.Info().Msgf("Current Version: %s\n", Version) + os.Exit(0) + } + + // api key hierarchy: cli flag > env var > .pdcp/credential file + if options.PdcpAuth == "true" { + AuthWithPDCP() + } else if len(options.PdcpAuth) == 36 { + PDCPApiKey = options.PdcpAuth + ph := pdcp.PDCPCredHandler{} + if _, err := ph.GetCreds(); err == pdcp.ErrNoCreds { + apiServer := env.GetEnvOrDefault("PDCP_API_SERVER", pdcp.DefaultApiServer) + if validatedCreds, err := ph.ValidateAPIKey(PDCPApiKey, apiServer, "cvemap"); err == nil { + _ = ph.SaveCreds(validatedCreds) + } + } + } + if options.Limit > maxLimit { options.Limit = maxLimit } @@ -194,15 +213,6 @@ func New(options *Options) *Runner { } func (r *Runner) Run() { - if r.Options.Version { - gologger.Info().Msgf("Current Version: %s\n", Version) - os.Exit(0) - } - - if r.Options.PdcpAuth { - AuthWithPDCP() - } - if r.Options.Silent { gologger.DefaultLogger.SetMaxLevel(levels.LevelSilent) } else if r.Options.Verbose {