trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add bandit to CI

Browse source
This commit is contained in:
Jens Langhammer 2018-12-09 17:44:54 +01:00
parent f4c5ba27cc
commit 10bb06cc7e
No known key found for this signature in database
GPG key ID: BEBC05297D92821B
4 changed files with 9 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.gitlab-ci.yml
View file

@ -31,6 +31,10 @@ coverage:
- coverage run manage.py test - coverage run manage.py test
- coverage report - coverage report
stage: test stage: test
bandit:
script:
- bandit -r passbook
stage: test
# package-3.5: # package-3.5:
# before_script: # before_script:

4
passbook/oauth_client/clients.py
View file

@ -19,7 +19,7 @@ class BaseOAuthClient:
_session = None _session = None
def __init__(self, source, token=''): def __init__(self, source, token=''): # nosec
self.source = source self.source = source
self.token = token self.token = token
self._session = Session() self._session = Session()
@ -238,7 +238,7 @@ class OAuth2Client(BaseOAuthClient):
return 'oauth-client-{0}-request-state'.format(self.source.name) return 'oauth-client-{0}-request-state'.format(self.source.name)
def get_client(source, token=''): def get_client(source, token=''): # nosec
"Return the API client for the given source." "Return the API client for the given source."
cls = OAuth2Client cls = OAuth2Client
if source.request_token_url: if source.request_token_url:

13
passbook/oauth_client/views/core.py
View file

@ -152,18 +152,7 @@ class OAuthCallback(OAuthClientMixin, View):
# pylint: disable=unused-argument # pylint: disable=unused-argument
def get_or_create_user(self, source, access, info): def get_or_create_user(self, source, access, info):
"Create a shell auth.User." "Create a shell auth.User."
digest = hashlib.sha1(smart_bytes(access)).digest() raise NotImplementedError()
# Base 64 encode to get below 30 characters
# Removed padding characters
username = force_text(base64.urlsafe_b64encode(digest)).replace('=', '')
# pylint: disable=invalid-name
User = get_user_model() # noqa
kwargs = {
User.USERNAME_FIELD: username,
'email': '',
'password': None
}
return User.objects.create_user(**kwargs)
# pylint: disable=unused-argument # pylint: disable=unused-argument
def get_user_id(self, source, info): def get_user_id(self, source, info):

3
requirements-dev.txt
View file

@ -9,4 +9,5 @@ django-debug-toolbar
pycodestyle<2.4.0,>=2.0.0 pycodestyle<2.4.0,>=2.0.0
bumpversion bumpversion
unittest-xml-reporting unittest-xml-reporting
autopep8 autopep8
bandit