diff --git a/src/falconpy/_token_fail_reason.py b/src/falconpy/_token_fail_reason.py new file mode 100644 index 000000000..f88e018ce --- /dev/null +++ b/src/falconpy/_token_fail_reason.py @@ -0,0 +1,52 @@ +"""CrowdStrike API token failure reason enumerator. + + _______ __ _______ __ __ __ +| _ .----.-----.--.--.--.--| | _ | |_.----|__| |--.-----. +|. 1___| _| _ | | | | _ | 1___| _| _| | <| -__| +|. |___|__| |_____|________|_____|____ |____|__| |__|__|__|_____| +|: 1 | |: 1 | +|::.. . | CROWDSTRIKE FALCON |::.. . | FalconPy +`-------' `-------' + +OAuth2 API - Customer SDK + +This is free and unencumbered software released into the public domain. + +Anyone is free to copy, modify, publish, use, compile, sell, or +distribute this software, either in source code form or as a compiled +binary, for any purpose, commercial or non-commercial, and by any +means. + +In jurisdictions that recognize copyright laws, the author or authors +of this software dedicate any and all copyright interest in the +software to the public domain. We make this dedication for the benefit +of the public at large and to the detriment of our heirs and +successors. We intend this dedication to be an overt act of +relinquishment in perpetuity of all present and future rights to this +software under copyright law. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +For more information, please refer to +""" +from enum import Enum + + +class TokenFailReason(Enum): + """Token failure reason enumerator. + + This enum provides the text used to describe various token + authentication failures. These strings are used as metadata + to describe the token in generic failure scenarios, and are + stored here in order to avoid false positives generated by + bandit hardcoded password checks. (PyCQA/bandit#843) + """ + + INVALID = "Invalid credentials specified" + UNEXPECTED = "Unexpected API response received" diff --git a/src/falconpy/api_complete.py b/src/falconpy/api_complete.py index 3c123172d..81c0eb957 100644 --- a/src/falconpy/api_complete.py +++ b/src/falconpy/api_complete.py @@ -39,6 +39,7 @@ from ._util import _ALLOWED_METHODS from ._util import perform_request, generate_b64cred, generate_error_result from ._util import confirm_base_url, args_to_params, confirm_base_region +from ._token_fail_reason import TokenFailReason from ._endpoint import api_endpoints @@ -183,7 +184,7 @@ def authenticate(self: object) -> bool: self.token_fail_reason = result["body"]["errors"][0]["message"] else: self.authenticated = False - self.token_fail_reason = "Unexpected API response received" + self.token_fail_reason = TokenFailReason["UNEXPECTED"].value self.token_status = 403 return self.authenticated diff --git a/src/falconpy/oauth2.py b/src/falconpy/oauth2.py index b816aaaf8..7f1224718 100644 --- a/src/falconpy/oauth2.py +++ b/src/falconpy/oauth2.py @@ -38,6 +38,7 @@ import time from ._util import perform_request, generate_b64cred, confirm_base_region from ._util import confirm_base_url, generate_error_result +from ._token_fail_reason import TokenFailReason from ._endpoint._oauth2 import _oauth2_endpoints as Endpoints @@ -154,11 +155,11 @@ def token(self: object) -> dict: self.token_fail_reason = returned["body"]["errors"][0]["message"] else: returned = generate_error_result("Unexpected API response received", 403) - self.token_fail_reason = "Unexpected API response received" + self.token_fail_reason = TokenFailReason["UNEXPECTED"].value self.token_status = 403 else: returned = generate_error_result("Invalid credentials specified", 403) - self.token_fail_reason = "Invalid credentials specified" + self.token_fail_reason = TokenFailReason["INVALID"].value self.token_status = 403 return returned