Use RegexBasedDetector.assign_regex_generator (Yelp#215)

* feat: use assign regex in cloudant * feat: use assign regex in db2 * feat: use assign regex in gh * feat: use assign regex in iam * feat: use assign regex in sl * address comments * address comments * address comments
alichebel · Oct 18, 2019 · da3d9ca · da3d9ca
1 parent f949ae2
commit da3d9ca
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 84 deletions.
diff --git a/softlayer.py b/softlayer.py
@@ -13,39 +13,24 @@ class SoftLayerDetector(RegexBasedDetector):
     secret_type = 'SoftLayer Credentials'
 
     # opt means optional
-    opt_quote = r'(?:"|\'|)'
-    opt_dashes = r'(?:--|)'
-    sl = r'(?:softlayer|sl)'
-    opt_dash_undrscr = r'(?:_|-|)'
-    opt_api = r'(?:api|)'
+    sl = r'(?:softlayer|sl)(?:_|-|)(?:api|)'
     key_or_pass = r'(?:key|pwd|password|pass|token)'
-    opt_space = r'(?: *)'
-    opt_assignment = r'(?:=|:|:=|=>|)'
     secret = r'([a-z0-9]{64})'
     denylist = [
-        re.compile(
-            r'{opt_quote}{opt_dashes}{sl}{opt_dash_undrscr}{opt_api}{opt_dash_undrscr}{key_or_pass}'
-            '{opt_quote}{opt_space}{opt_assignment}{opt_space}{opt_quote}{secret}'
-            '{opt_quote}'.format(
-                opt_quote=opt_quote,
-                opt_dashes=opt_dashes,
-                sl=sl,
-                opt_dash_undrscr=opt_dash_undrscr,
-                opt_api=opt_api,
-                key_or_pass=key_or_pass,
-                opt_space=opt_space,
-                opt_assignment=opt_assignment,
-                secret=secret,
-            ), flags=re.IGNORECASE,
+        RegexBasedDetector.assign_regex_generator(
+            prefix_regex=sl,
+            password_keyword_regex=key_or_pass,
+            password_regex=secret,
         ),
+
         re.compile(
             r'(?:http|https)://api.softlayer.com/soap/(?:v3|v3.1)/([a-z0-9]{64})',
             flags=re.IGNORECASE,
         ),
     ]
 
     def verify(self, token, content, potential_secret=None):
-        usernames = get_username(content)
+        usernames = find_username(content)
         if not usernames:
             return VerifiedResult.UNVERIFIED
 
@@ -55,30 +40,17 @@ def verify(self, token, content, potential_secret=None):
         return VerifiedResult.VERIFIED_FALSE
 
 
-def get_username(content):
+def find_username(content):
     # opt means optional
-    opt_quote = r'(?:"|\'|)'
-    opt_dashes = r'(?:--|)'
-    opt_sl = r'(?:softlayer|sl|)'
-    opt_dash_undrscr = r'(?:_|-|)'
-    opt_api = r'(?:api|)'
-    username_keyword = r'(?:username|id|user|userid|user-id|user-name|name|user_id|user_name|uname)'
-    opt_space = r'(?: |)'
-    seperator = r'(?: |=|:|:=|=>)+'
+    username_keyword = r'(?:username|id|user|userid|user-id|user-name|' + \
+        r'name|user_id|user_name|uname)'
     username = r'(\w(?:\w|_|@|\.|-)+)'
     regex = re.compile(
-        r'{opt_quote}{opt_dashes}{opt_sl}{opt_dash_undrscr}{opt_api}{opt_dash_undrscr}'
-        '{username_keyword}{opt_quote}{seperator}{opt_quote}{username}{opt_quote}'.format(
-            opt_quote=opt_quote,
-            opt_dashes=opt_dashes,
-            opt_sl=opt_sl,
-            opt_dash_undrscr=opt_dash_undrscr,
-            opt_api=opt_api,
-            username_keyword=username_keyword,
-            opt_space=opt_space,
-            username=username,
-            seperator=seperator,
-        ), flags=re.IGNORECASE,
+        RegexBasedDetector.assign_regex_generator(
+            prefix_regex=SoftLayerDetector.sl,
+            password_keyword_regex=username_keyword,
+            password_regex=username,
+        ),
     )
 
     return [

diff --git a/softlayer_test.py b/softlayer_test.py
@@ -7,7 +7,7 @@
 
 from detect_secrets.core.constants import VerifiedResult
 from detect_secrets.core.potential_secret import PotentialSecret
-from detect_secrets.plugins.softlayer import get_username
+from detect_secrets.plugins.softlayer import find_username
 from detect_secrets.plugins.softlayer import SoftLayerDetector
 
 SL_USERNAME = '[email protected]'
@@ -123,50 +123,49 @@ def test_verify_no_secret(self):
             'no_un={}'.format(SL_USERNAME),
         ) == VerifiedResult.UNVERIFIED
 
-
-@pytest.mark.parametrize(
-    'content, expected_output',
-    (
+    @pytest.mark.parametrize(
+        'content, expected_output',
         (
-            textwrap.dedent("""
-                --softlayer-username = {}
-            """)[1:-1].format(
-                SL_USERNAME,
+            (
+                textwrap.dedent("""
+                    --softlayer-username = {}
+                """)[1:-1].format(
+                    SL_USERNAME,
+                ),
+                [SL_USERNAME],
             ),
-            [SL_USERNAME],
-        ),
 
-        # With quotes
-        (
-            textwrap.dedent("""
-                sl_user_id = "{}"
-            """)[1:-1].format(
-                SL_USERNAME,
+            # With quotes
+            (
+                textwrap.dedent("""
+                    sl_user_id = "{}"
+                """)[1:-1].format(
+                    SL_USERNAME,
+                ),
+                [SL_USERNAME],
             ),
-            [SL_USERNAME],
-        ),
 
-        # multiple candidates
-        (
-            textwrap.dedent("""
-                softlayer_id = '{}'
-                sl-user = '{}'
-                SOFTLAYER_USERID = '{}'
-                softlayer-uname: {}
-            """)[1:-1].format(
-                SL_USERNAME,
-                '[email protected]',
-                '[email protected]',
-                'notanemail',
+            # multiple candidates
+            (
+                textwrap.dedent("""
+                    softlayer_id = '{}'
+                    sl-user = '{}'
+                    SOFTLAYER_USERID = '{}'
+                    softlayer-uname: {}
+                """)[1:-1].format(
+                    SL_USERNAME,
+                    '[email protected]',
+                    '[email protected]',
+                    'notanemail',
+                ),
+                [
+                    SL_USERNAME,
+                    '[email protected]',
+                    '[email protected]',
+                    'notanemail',
+                ],
             ),
-            [
-                SL_USERNAME,
-                '[email protected]',
-                '[email protected]',
-                'notanemail',
-            ],
         ),
-    ),
-)
-def test_get_username(content, expected_output):
-    assert get_username(content) == expected_output
+    )
+    def test_find_username(self, content, expected_output):
+        assert find_username(content) == expected_output