Catch Slack webhook with 10 char (Yelp#325)

We were getting report that slack custom application webhook will contain a different foramt for webhooks. In particualar the B+8 chars could become B+10 chars format User reprot https://ibm-cio-gi.slack.com/archives/CDMGJ9QG2/p1591018601323500?thread_ts=1590777088.301300&cid=CDMGJ9QG2 We also noticed the response error message is differnet, this commit tried to address that issue and allow us to catch webhook for custom Slack applications
IBM · Sep 9, 2020 · 21fcdea · 21fcdea
1 parent 3b10500
commit 21fcdea
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 1 deletion.
diff --git a/detect_secrets/plugins/slack.py b/detect_secrets/plugins/slack.py
@@ -26,20 +26,33 @@ class SlackDetector(RegexBasedDetector):
         re.compile(r'xox(?:a|b|p|o|s|r)-(?:\d+-)+[a-z0-9]+', flags=re.IGNORECASE),
         # Slack Webhooks
         re.compile(
+<<<<<<< HEAD
             r'https://hooks.slack.com/services/T[a-zA-Z0-9_]+/B[a-zA-Z0-9_]+/[a-zA-Z0-9_]+',
+=======
+            r"""
+            https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8,10}/[a-zA-Z0-9_]{24}
+            """,
+>>>>>>> Catch Slack webhook with 10 char (#325)
             flags=re.IGNORECASE | re.VERBOSE,
         ),
     )
 
-    def verify(self, token, **kwargs):  # pragma: no cover
+    def verify(self, token, *args, **kwargs):  # pragma: no cover
         if token.startswith('https://hooks.slack.com/services/T'):
             response = requests.post(
                 token,
                 json={
                     'text': '',
                 },
             )
+<<<<<<< HEAD
             valid = response.text in ['missing_text_or_fallback_or_attachments', 'no_text']
+=======
+            valid = (
+                response.text == 'missing_text_or_fallback_or_attachments'
+                or response.text == 'no_text'
+            )
+>>>>>>> Catch Slack webhook with 10 char (#325)
         else:
             response = requests.post(
                 'https://slack.com/api/auth.test',

diff --git a/tests/plugins/slack_test.py b/tests/plugins/slack_test.py
@@ -33,6 +33,9 @@ class TestSlackDetector:
             (
                 'https://hooks.slack.com/services/Txxxxxxxx/Bxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx'
             ),
+            (
+                'https://hooks.slack.com/services/Txxxxxxxx/Bxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx'
+            ),
         ],
     )
     def test_analyze(self, file_content):