def test_npmrc(self, line, should_flag):
logic = ArtifactoryDetector()
output = logic.analyze_line(line,
1,
'somepackage\\.npmrc',
output_raw=True)
assert bool(output) == should_flag
def test_verify_status_not_200_401_403(self):
responses.add(
responses.GET,
'https://%s/api/system/ping' %
ArtifactoryDetector().artifactory_url,
status=500,
)
assert ArtifactoryDetector().verify(
ARTIFACTORY_TOKEN) == VerifiedResult.UNVERIFIED
def test_verify_valid_secret(self):
responses.add(
responses.GET,
'https://%s/api/system/ping' %
ArtifactoryDetector().artifactory_url,
status=200,
)
assert ArtifactoryDetector().verify(
ARTIFACTORY_TOKEN) == VerifiedResult.VERIFIED_TRUE
def test_analyze_line(self, token, payload, should_flag):
logic = ArtifactoryDetector()
output = logic.analyze_line(payload,
1,
'mock_filename',
output_raw=True)
assert len(output) == int(should_flag)
if len(output) > 0:
assert list(output.keys())[0].secret == token
def test_verify_invalid_secret_bytes(self):
responses.add(
responses.GET,
'https://%s/api/system/ping' %
ArtifactoryDetector().artifactory_url,
status=401,
)
assert ArtifactoryDetector().verify(ARTIFACTORY_TOKEN_BYTES) == \
VerifiedResult.VERIFIED_FALSE
responses.add(
responses.GET,
'https://%s/api/system/ping' %
ArtifactoryDetector().artifactory_url,
status=403,
)
assert ArtifactoryDetector().verify(ARTIFACTORY_TOKEN_BYTES) == \
VerifiedResult.VERIFIED_FALSE
def test_analyze_line(self, payload, should_flag):
logic = ArtifactoryDetector()
output = logic.analyze_line(payload, 1, 'mock_filename')
assert len(output) == int(should_flag)
def test_verify_unverified_secret(self):
assert ArtifactoryDetector().verify(
ARTIFACTORY_TOKEN) == VerifiedResult.UNVERIFIED