def test_analyze_line(self, payload, should_flag):
logic = IbmCosHmacDetector()
output = logic.analyze_line(payload, 1, 'mock_filename')
assert len(output) == int(should_flag)
if should_flag:
assert list(output.values())[0].secret_value == SECRET_ACCESS_KEY
def test_verify_unverified_secret_no_match(self, mock_hmac_verify):
mock_hmac_verify.side_effect = requests.exceptions.RequestException('oops')
assert IbmCosHmacDetector().verify(
SECRET_ACCESS_KEY,
get_code_snippet(['something={}'.format(ACCESS_KEY_ID)], 1),
) == VerifiedResult.UNVERIFIED
mock_hmac_verify.assert_not_called()
def test_verify_valid_secret(self, mock_hmac_verify):
mock_hmac_verify.return_value = True
assert IbmCosHmacDetector().verify(
SECRET_ACCESS_KEY,
get_code_snippet(['access_key_id={}'.format(ACCESS_KEY_ID)], 1),
) == VerifiedResult.VERIFIED_TRUE
mock_hmac_verify.assert_called_with(ACCESS_KEY_ID, SECRET_ACCESS_KEY)
def test_verify_invalid_secret(self, mock_hmac_verify):
mock_hmac_verify.return_value = False
assert IbmCosHmacDetector().verify(
SECRET_ACCESS_KEY,
'''access_key_id={}'''.format(ACCESS_KEY_ID),
) == VerifiedResult.VERIFIED_FALSE
mock_hmac_verify.assert_called_with(ACCESS_KEY_ID, SECRET_ACCESS_KEY)
def test_verify_unverified_secret(self, mock_hmac_verify):
mock_hmac_verify.side_effect = requests.exceptions.RequestException(
'oops')
assert IbmCosHmacDetector().verify(
SECRET_ACCESS_KEY,
'''access_key_id={}'''.format(ACCESS_KEY_ID),
) == VerifiedResult.UNVERIFIED
mock_hmac_verify.assert_called_with(ACCESS_KEY_ID, SECRET_ACCESS_KEY)
def test_verify_unverified_secret_no_match(self, mock_hmac_verify):
mock_hmac_verify.side_effect = requests.exceptions.RequestException('oops')
potential_secret = PotentialSecret('test', 'test filename', SECRET_ACCESS_KEY)
assert IbmCosHmacDetector().verify(
SECRET_ACCESS_KEY,
'''something={}'''.format(ACCESS_KEY_ID),
potential_secret,
) == VerifiedResult.UNVERIFIED
mock_hmac_verify.assert_not_called()
def test_verify_valid_secret(self, mock_hmac_verify):
mock_hmac_verify.return_value = True
potential_secret = PotentialSecret('test', 'test filename', SECRET_ACCESS_KEY)
assert IbmCosHmacDetector().verify(
SECRET_ACCESS_KEY,
'''access_key_id={}'''.format(ACCESS_KEY_ID),
potential_secret,
) == VerifiedResult.VERIFIED_TRUE
mock_hmac_verify.assert_called_with(ACCESS_KEY_ID, SECRET_ACCESS_KEY)
def test_analyze_line(self, payload, should_flag):
logic = IbmCosHmacDetector()
output = logic.analyze_line(payload, 1, 'mock_filename')
assert len(output) == int(should_flag)