Merge pull request #103 from JoshuaRLi/refactor-detectors

refactor various detectors to use RegexBasedDetector
Yelp · Dec 18, 2018 · 66bfb4c · 66bfb4c
2 parents 5f4a055 + 2f24180
commit 66bfb4c
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 62 deletions.
diff --git a/detect_secrets/plugins/base.py b/detect_secrets/plugins/base.py
@@ -126,5 +126,5 @@ def analyze_string(self, string, line_num, filename):
 
     def secret_generator(self, string):
         for regex in self.blacklist:
-            if regex.search(string):
-                yield regex.pattern
+            for match in regex.findall(string):
+                yield match
diff --git a/detect_secrets/plugins/basic_auth.py b/detect_secrets/plugins/basic_auth.py
@@ -2,38 +2,20 @@
 
 import re
 
-from .base import BasePlugin
-from detect_secrets.core.potential_secret import PotentialSecret
+from .base import RegexBasedDetector
 
 
 SPECIAL_URL_CHARACTERS = ':/?#[]@'
-BASIC_AUTH_REGEX = re.compile(
-    r'://[^{}\s]+:([^{}\s]+)@'.format(
-        re.escape(SPECIAL_URL_CHARACTERS),
-        re.escape(SPECIAL_URL_CHARACTERS),
-    ),
-)
 
 
-class BasicAuthDetector(BasePlugin):
+class BasicAuthDetector(RegexBasedDetector):
 
     secret_type = 'Basic Auth Credentials'
-
-    def analyze_string(self, string, line_num, filename):
-        output = {}
-
-        for result in self.secret_generator(string):
-            secret = PotentialSecret(
-                self.secret_type,
-                filename,
-                result,
-                line_num,
-            )
-            output[secret] = secret
-
-        return output
-
-    def secret_generator(self, string):
-        results = BASIC_AUTH_REGEX.findall(string)
-        for result in results:
-            yield result
+    blacklist = [
+        re.compile(
+            r'://[^{}\s]+:([^{}\s]+)@'.format(
+                re.escape(SPECIAL_URL_CHARACTERS),
+                re.escape(SPECIAL_URL_CHARACTERS),
+            ),
+        ),
+    ]
diff --git a/detect_secrets/plugins/private_key.py b/detect_secrets/plugins/private_key.py
@@ -26,43 +26,26 @@
 """
 from __future__ import absolute_import
 
-from .base import BasePlugin
-from detect_secrets.core.potential_secret import PotentialSecret
+import re
 
+from .base import RegexBasedDetector
 
-BLACKLIST = (
-    'BEGIN RSA PRIVATE KEY',
-    'BEGIN DSA PRIVATE KEY',
-    'BEGIN EC PRIVATE KEY',
-    'BEGIN OPENSSH PRIVATE KEY',
-    'BEGIN PRIVATE KEY',
-    'PuTTY-User-Key-File-2',
-    'BEGIN SSH2 ENCRYPTED PRIVATE KEY',
-)
 
-
-class PrivateKeyDetector(BasePlugin):
+class PrivateKeyDetector(RegexBasedDetector):
     """This checks for private keys by determining whether the blacklisted
     lines are present in the analyzed string.
     """
 
     secret_type = 'Private Key'
-
-    def analyze_string(self, string, line_num, filename):
-        output = {}
-
-        for identifier in self.secret_generator(string):
-            secret = PotentialSecret(
-                self.secret_type,
-                filename,
-                identifier,
-                line_num,
-            )
-            output[secret] = secret
-
-        return output
-
-    def secret_generator(self, string):
-        for line in BLACKLIST:
-            if line in string:
-                yield line
+    blacklist = [
+        re.compile(regexp)
+        for regexp in (
+            r'BEGIN RSA PRIVATE KEY',
+            r'BEGIN DSA PRIVATE KEY',
+            r'BEGIN EC PRIVATE KEY',
+            r'BEGIN OPENSSH PRIVATE KEY',
+            r'BEGIN PRIVATE KEY',
+            r'PuTTY-User-Key-File-2',
+            r'BEGIN SSH2 ENCRYPTED PRIVATE KEY',
+        )
+    ]