Improve finegrained token support (#3179)

pkg/analyzer/analyzers/github/common/github.go

@@ -14,31 +14,40 @@ import (
 	"github.com/trufflesecurity/trufflehog/v3/pkg/analyzer/analyzers"
 )
 
-func checkFineGrained(token string, oauthScopes []analyzers.Permission) (string, bool) {
+type TokenType string
+
+const (
+	TokenTypeFineGrainedPAT TokenType = "Fine-Grained GitHub Personal Access Token"
+	TokenTypeClassicPAT     TokenType = "Classic GitHub Personal Access Token"
+	TokenTypeUserToServer   TokenType = "GitHub User-to-Server Token"
+	TokenTypeGitHubToken    TokenType = "GitHub Token"
+)
+
+func checkFineGrained(token string, oauthScopes []analyzers.Permission) (TokenType, bool) {
 	// For details on token prefixes, see:
 	// https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/
 
 	// Special case for ghu_ prefix tokens (ex: in a codespace) that don't have the X-OAuth-Scopes header
 	if strings.HasPrefix(token, "ghu_") {
-		return "GitHub User-to-Server Token", true
+		return TokenTypeUserToServer, true
 	}
 
 	// Handle github_pat_ tokens
 	if strings.HasPrefix(token, "github_pat") {
-		return "Fine-Grained GitHub Personal Access Token", true
+		return TokenTypeFineGrainedPAT, true
 	}
 
 	// Handle classic PATs
 	if strings.HasPrefix(token, "ghp_") {
-		return "Classic GitHub Personal Access Token", false
+		return TokenTypeClassicPAT, false
 	}
 
 	// Catch-all for any other types
 	// If resp.Header "X-OAuth-Scopes" doesn't exist, then we have fine-grained permissions
 	if len(oauthScopes) > 0 {
-		return "GitHub Token", false
+		return TokenTypeGitHubToken, false
 	}
-	return "GitHub Token", true
+	return TokenTypeGitHubToken, true
 }
 
 type Permission int
@@ -55,7 +64,7 @@ type SecretInfo struct {
 }
 
 type TokenMetadata struct {
-	Type        string
+	Type        TokenType
 	FineGrained bool
 	User        *gh.User
 	Expiration  time.Time