From 84a33ff84e9e652fc9910648aac0ac47a40234fe Mon Sep 17 00:00:00 2001 From: XIANJUN ZHU Date: Thu, 10 Oct 2019 16:31:44 -0400 Subject: [PATCH] Use RegexBasedDetector.assign_regex_generator (#215) * feat: use assign regex in cloudant * feat: use assign regex in db2 * feat: use assign regex in gh * feat: use assign regex in iam * feat: use assign regex in sl * address comments * address comments * address comments --- cloudant.py | 27 +++++----------- cloudant_test.py | 81 ++++++++++++++++++++++++------------------------ 2 files changed, 47 insertions(+), 61 deletions(-) diff --git a/cloudant.py b/cloudant.py index 41a3143dd..2525ab995 100644 --- a/cloudant.py +++ b/cloudant.py @@ -69,7 +69,7 @@ class CloudantDetector(RegexBasedDetector): def verify(self, token, content, potential_secret=None): - hosts = get_host(content) + hosts = find_host(content) if not hosts: return VerifiedResult.UNVERIFIED @@ -79,28 +79,15 @@ def verify(self, token, content, potential_secret=None): return VerifiedResult.VERIFIED_FALSE -def get_host(content): - - # opt means optional - opt_quote = r'(?:"|\'|)' - opt_cl = r'(?:cloudant|cl|)' - opt_dash_undrscr = r'(?:_|-|)' +def find_host(content): opt_hostname_keyword = r'(?:hostname|host|username|id|user|userid|user-id|user-name|' \ 'name|user_id|user_name|uname)' - opt_space = r'(?: |)' - assignment = r'(?:\=|:|:=|=>)+' hostname = r'(\w(?:\w|_|-)+)' - regex = re.compile( - r'{opt_quote}{opt_cl}{opt_dash_undrscr}{opt_hostname_keyword}{opt_space}{opt_quote}' - '{assignment}{opt_space}{opt_quote}{hostname}{opt_quote}'.format( - opt_quote=opt_quote, - opt_cl=opt_cl, - opt_dash_undrscr=opt_dash_undrscr, - opt_hostname_keyword=opt_hostname_keyword, - opt_space=opt_space, - hostname=hostname, - assignment=assignment, - ), flags=re.IGNORECASE, + + regex = RegexBasedDetector.assign_regex_generator( + prefix_regex=CloudantDetector.cl, + password_keyword_regex=opt_hostname_keyword, + password_regex=hostname, ) return [ diff --git a/cloudant_test.py b/cloudant_test.py index d815f71e5..0b88c1584 100644 --- a/cloudant_test.py +++ b/cloudant_test.py @@ -8,7 +8,7 @@ from detect_secrets.core.constants import VerifiedResult from detect_secrets.core.potential_secret import PotentialSecret from detect_secrets.plugins.cloudant import CloudantDetector -from detect_secrets.plugins.cloudant import get_host +from detect_secrets.plugins.cloudant import find_host CL_HOST = 'testy_test' # also called user # only detecting 64 hex CL generated password @@ -113,50 +113,49 @@ def test_verify_no_secret(self): 'no_un={}'.format(CL_HOST), ) == VerifiedResult.UNVERIFIED - -@pytest.mark.parametrize( - 'content, expected_output', - ( + @pytest.mark.parametrize( + 'content, expected_output', ( - textwrap.dedent(""" - --cloudant-hostname = {} - """)[1:-1].format( - CL_HOST, + ( + textwrap.dedent(""" + --cloudant-hostname = {} + """)[1:-1].format( + CL_HOST, + ), + [CL_HOST], ), - [CL_HOST], - ), - # With quotes - ( - textwrap.dedent(""" - cl_host = "{}" - """)[1:-1].format( - CL_HOST, + # With quotes + ( + textwrap.dedent(""" + cl_host = "{}" + """)[1:-1].format( + CL_HOST, + ), + [CL_HOST], ), - [CL_HOST], - ), - # multiple candidates - ( - textwrap.dedent(""" - cloudant_id = '{}' - cl-user = '{}' - CLOUDANT_USERID = '{}' - cloudant-uname: {} - """)[1:-1].format( - CL_HOST, - 'test2_testy_test', - 'test3-testy-testy', - 'notanemail', + # multiple candidates + ( + textwrap.dedent(""" + cloudant_id = '{}' + cl-user = '{}' + CLOUDANT_USERID = '{}' + cloudant-uname: {} + """)[1:-1].format( + CL_HOST, + 'test2_testy_test', + 'test3-testy-testy', + 'notanemail', + ), + [ + CL_HOST, + 'test2_testy_test', + 'test3-testy-testy', + 'notanemail', + ], ), - [ - CL_HOST, - 'test2_testy_test', - 'test3-testy-testy', - 'notanemail', - ], ), - ), -) -def test_get_host(content, expected_output): - assert get_host(content) == expected_output + ) + def test_find_host(self, content, expected_output): + assert find_host(content) == expected_output