From f98eb1843c38498dfe92ea6cc5039583344e3dfa Mon Sep 17 00:00:00 2001
From: Ramana Reddy <ramanaredy.manda@gmail.com>
Date: Thu, 19 Sep 2024 11:50:03 +0530
Subject: [PATCH] fix loading dynamic auth templates on fuzzing

---
 internal/runner/lazy.go      |  1 +
 pkg/catalog/loader/loader.go | 11 ++++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/internal/runner/lazy.go b/internal/runner/lazy.go
index eb41374513..900850b673 100644
--- a/internal/runner/lazy.go
+++ b/internal/runner/lazy.go
@@ -51,6 +51,7 @@ func GetAuthTmplStore(opts types.Options, catalog catalog.Catalog, execOpts prot
 	opts.ExcludeProtocols = nil
 	opts.IncludeConditions = nil
 	cfg := loader.NewConfig(&opts, catalog, execOpts)
+	cfg.StoreId = loader.AuthStoreId
 	store, err := loader.New(cfg)
 	if err != nil {
 		return nil, errorutil.NewWithErr(err).Msgf("failed to initialize dynamic auth templates store")
diff --git a/pkg/catalog/loader/loader.go b/pkg/catalog/loader/loader.go
index e1d8371e35..37f7db0226 100644
--- a/pkg/catalog/loader/loader.go
+++ b/pkg/catalog/loader/loader.go
@@ -32,6 +32,7 @@ import (
 const (
 	httpPrefix  = "http://"
 	httpsPrefix = "https://"
+	AuthStoreId = "auth_store"
 )
 
 var (
@@ -40,6 +41,7 @@ var (
 
 // Config contains the configuration options for the loader
 type Config struct {
+	StoreId                  string // used to set store id (optional)
 	Templates                []string
 	TemplateURLs             []string
 	Workflows                []string
@@ -66,6 +68,7 @@ type Config struct {
 
 // Store is a storage for loaded nuclei templates
 type Store struct {
+	id             string // id of the store (optional)
 	tagFilter      *templates.TagFilter
 	pathFilter     *filter.PathFilter
 	config         *Config
@@ -131,6 +134,7 @@ func New(cfg *Config) (*Store, error) {
 
 	// Create a tag filter based on provided configuration
 	store := &Store{
+		id:        cfg.StoreId,
 		config:    cfg,
 		tagFilter: tagFilter,
 		pathFilter: filter.NewPathFilter(&filter.PathFilterConfig{
@@ -229,6 +233,10 @@ func (store *Store) ReadTemplateFromURI(uri string, remote bool) ([]byte, error)
 	}
 }
 
+func (store *Store) ID() string {
+	return store.id
+}
+
 // Templates returns all the templates in the store
 func (store *Store) Templates() []*templates.Template {
 	return store.templates
@@ -471,7 +479,8 @@ func (store *Store) LoadTemplatesWithTags(templatesList, tags []string) []*templ
 						return
 					}
 					// DAST only templates
-					if store.config.ExecutorOptions.Options.DAST {
+					// Skip DAST filter when loading auth templates
+					if store.ID() != AuthStoreId && store.config.ExecutorOptions.Options.DAST {
 						// check if the template is a DAST template
 						if parsed.IsFuzzing() {
 							loadTemplate(parsed)