From bffdaf18f2180562bc25e7c11c7d93a4cf2b754c Mon Sep 17 00:00:00 2001
From: Ian Carroll <ian@ian.sh>
Date: Mon, 17 Jan 2022 18:39:21 -0800
Subject: [PATCH] Add support for Bufferover non-commercial API keys.

---
 v2/pkg/runner/config.go                       |  5 +++++
 .../sources/bufferover/bufferover.go          | 19 +++++++++++++------
 v2/pkg/subscraping/types.go                   |  1 +
 3 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/v2/pkg/runner/config.go b/v2/pkg/runner/config.go
index 0d6d2f9a2..ed1980479 100644
--- a/v2/pkg/runner/config.go
+++ b/v2/pkg/runner/config.go
@@ -29,6 +29,7 @@ type ConfigFile struct {
 	// ExcludeSources contains the sources to not include in the enumeration process
 	ExcludeSources []string `yaml:"exclude-sources,omitempty"`
 	// API keys for different sources
+	Bufferover     []string `yaml:"bufferover"`
 	Binaryedge     []string `yaml:"binaryedge"`
 	Censys         []string `yaml:"censys"`
 	Certspotter    []string `yaml:"certspotter"`
@@ -122,6 +123,10 @@ func (c *ConfigFile) GetKeys() subscraping.Keys {
 		keys.Binaryedge = c.Binaryedge[rand.Intn(len(c.Binaryedge))]
 	}
 
+	if len(c.Bufferover) > 0 {
+		keys.Bufferover = c.Bufferover[rand.Intn(len(c.Bufferover))]
+	}
+
 	if len(c.Censys) > 0 {
 		censysKeys := c.Censys[rand.Intn(len(c.Censys))]
 		parts := strings.Split(censysKeys, ":")
diff --git a/v2/pkg/subscraping/sources/bufferover/bufferover.go b/v2/pkg/subscraping/sources/bufferover/bufferover.go
index b5672f8f0..3f3fb2aa5 100644
--- a/v2/pkg/subscraping/sources/bufferover/bufferover.go
+++ b/v2/pkg/subscraping/sources/bufferover/bufferover.go
@@ -28,18 +28,25 @@ func (s *Source) Run(ctx context.Context, domain string, session *subscraping.Se
 	results := make(chan subscraping.Result)
 
 	go func() {
-		// Run enumeration on subdomain dataset for historical SONAR datasets
-		s.getData(ctx, fmt.Sprintf("https://dns.bufferover.run/dns?q=.%s", domain), session, results)
-		s.getData(ctx, fmt.Sprintf("https://tls.bufferover.run/dns?q=.%s", domain), session, results)
+		defer close(results)
 
-		close(results)
+		// DNS data does not rely on an API key.
+		s.getData(ctx, fmt.Sprintf("https://dns.bufferover.run/dns?q=.%s", domain), "", session, results)
+
+		if session.Keys.Bufferover == "" {
+			return
+		}
+
+		// TLS data relies on an API key.
+		s.getData(ctx, fmt.Sprintf("https://tls.bufferover.run/dns?q=.%s", domain), session.Keys.Bufferover, session, results)
 	}()
 
 	return results
 }
 
-func (s *Source) getData(ctx context.Context, sourceURL string, session *subscraping.Session, results chan subscraping.Result) {
-	resp, err := session.SimpleGet(ctx, sourceURL)
+func (s *Source) getData(ctx context.Context, sourceURL string, apiKey string, session *subscraping.Session, results chan subscraping.Result) {
+	resp, err := session.Get(ctx, sourceURL, "", map[string]string{"x-api-key": apiKey})
+
 	if err != nil && resp == nil {
 		results <- subscraping.Result{Source: s.Name(), Type: subscraping.Error, Error: err}
 		session.DiscardHTTPResponse(resp)
diff --git a/v2/pkg/subscraping/types.go b/v2/pkg/subscraping/types.go
index 5d9525214..1f1ce4705 100644
--- a/v2/pkg/subscraping/types.go
+++ b/v2/pkg/subscraping/types.go
@@ -40,6 +40,7 @@ type Session struct {
 // Keys contains the current API Keys we have in store
 type Keys struct {
 	Binaryedge           string   `json:"binaryedge"`
+	Bufferover           string   `json:"bufferover"`
 	CensysToken          string   `json:"censysUsername"`
 	CensysSecret         string   `json:"censysPassword"`
 	Certspotter          string   `json:"certspotter"`