adding basic auth plugin

detect_secrets/core/usage.py

@@ -220,6 +220,11 @@ class PluginOptions(object):
             disable_flag_text='--no-private-key-scan',
             disable_help_text='Disables scanning for private keys.',
         ),
+        PluginDescriptor(
+            classname='BasicAuthDetector',
+            disable_flag_text='--no-basic-auth-scan',
+            disable_help_text='Disables scanning for Basic Auth formatted URIs.',
+        ),
     ]
 
     def __init__(self, parser):

detect_secrets/plugins/basic_auth.py

@@ -0,0 +1,32 @@
+from __future__ import absolute_import
+
+import re
+
+from .base import BasePlugin
+from detect_secrets.core.potential_secret import PotentialSecret
+
+
+BASIC_AUTH_REGEX = re.compile(
+    r'.*?://[^:]+:([^@]+)@',
+)
+
+
+class BasicAuthDetector(BasePlugin):
+
+    secret_type = 'Basic Auth Credentials'
+
+    def analyze_string(self, string, line_num, filename):
+        output = {}
+
+        results = BASIC_AUTH_REGEX.findall(string)
+        for result in results:
+            print(result)
+            secret = PotentialSecret(
+                self.secret_type,
+                filename,
+                line_num,
+                result,
+            )
+            output[secret] = secret
+
+        return output

detect_secrets/plugins/core/initialize.py

@@ -5,6 +5,7 @@
     from functools32 import lru_cache
 
 from ..base import BasePlugin
+from ..basic_auth import BasicAuthDetector                  # noqa: F401
 from ..high_entropy_strings import Base64HighEntropyString  # noqa: F401
 from ..high_entropy_strings import HexHighEntropyString     # noqa: F401
 from ..private_key import PrivateKeyDetector                # noqa: F401

tests/plugins/basic_auth_test.py

@@ -0,0 +1,20 @@
+from __future__ import absolute_import
+
+import pytest
+
+from detect_secrets.plugins.basic_auth import BasicAuthDetector
+
+
+class TestBasicAuthDetector(object):
+
+    @pytest.mark.parametrize(
+        'payload, should_flag',
+        [
+            ('https://username:password@yelp.com', True,),
+        ],
+    )
+    def test_analyze_string(self, payload, should_flag):
+        logic = BasicAuthDetector()
+
+        output = logic.analyze_string(payload, 1, 'mock_filename')
+        assert len(output) == int(should_flag)