Skip to content

Commit

Permalink
Refactor IBM Cloud IAM verification for owner resolution reuse (Yelp#205
Browse files Browse the repository at this point in the history
)

Related to git-defenders/detect-secrets-stream#222
Supports git-defenders/detect-secrets-discuss#203
  • Loading branch information
justineyster committed Jun 24, 2020
1 parent ef40340 commit 013f609
Showing 1 changed file with 19 additions and 14 deletions.
33 changes: 19 additions & 14 deletions detect_secrets/plugins/ibm_cloud_iam.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,20 +42,25 @@ class IBMCloudIAMDetector(RegexBasedDetector):
]

def verify(self, token, **kwargs):
if type(token) == bytes:
token = token.decode('UTF-8')
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'application/json',
}
response = requests.post(
'https://iam.cloud.ibm.com/identity/token',
headers=headers,
data={
'grant_type': 'urn:ibm:params:oauth:grant-type:apikey',
'apikey': token,
},
)
response = verify_cloud_iam_api_key(token)

return VerifiedResult.VERIFIED_TRUE if response.status_code == 200 \
else VerifiedResult.VERIFIED_FALSE


def verify_cloud_iam_api_key(apikey): # pragma: no cover
if type(apikey) == bytes:
apikey = apikey.decode('UTF-8')
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'application/json',
}
response = requests.post(
'https://iam.cloud.ibm.com/identity/token',
headers=headers,
data={
'grant_type': 'urn:ibm:params:oauth:grant-type:apikey',
'apikey': apikey,
},
)
return response

0 comments on commit 013f609

Please sign in to comment.