summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.travis.yml2
-rw-r--r--bandit.json830
-rw-r--r--tox.ini8
3 files changed, 839 insertions, 1 deletions
diff --git a/.travis.yml b/.travis.yml
index e304ce6..c7978d7 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -15,6 +15,8 @@ matrix:
env: TOXENV=py36
- python: 3.7
env: TOXENV=py37
+ - python: 3.7
+ env: TOXENV=bandit
- python: pypy3.5
env: TOXENV=pypy3
install:
diff --git a/bandit.json b/bandit.json
new file mode 100644
index 0000000..46b4618
--- /dev/null
+++ b/bandit.json
@@ -0,0 +1,830 @@
+{
+ "errors": [],
+ "generated_at": "2018-12-13T10:39:37Z",
+ "metrics": {
+ "_totals": {
+ "CONFIDENCE.HIGH": 3.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 2.0,
+ "SEVERITY.MEDIUM": 1.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 8009,
+ "nosec": 0
+ },
+ "oauthlib/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 13,
+ "nosec": 0
+ },
+ "oauthlib/common.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 331,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 16,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/__init__.py": {
+ "CONFIDENCE.HIGH": 1.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 1.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 231,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/endpoints/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 8,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/endpoints/access_token.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 152,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/endpoints/authorization.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 135,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/endpoints/base.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 142,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/endpoints/pre_configured.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 10,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/endpoints/request_token.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 141,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/endpoints/resource.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 97,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/endpoints/signature_only.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 53,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/errors.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 58,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/parameters.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 75,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/request_validator.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 630,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/signature.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 374,
+ "nosec": 0
+ },
+ "oauthlib/oauth1/rfc5849/utils.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 61,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 33,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 50,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/clients/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 13,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/clients/backend_application.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 56,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/clients/base.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 379,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/clients/legacy_application.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 67,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/clients/mobile_application.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 140,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/clients/service_application.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 144,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/clients/web_application.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 165,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 18,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/authorization.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 85,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/base.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 50,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/introspect.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 109,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/metadata.py": {
+ "CONFIDENCE.HIGH": 2.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 2.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 155,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/pre_configured.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 189,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/resource.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 65,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/revocation.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 102,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/endpoints/token.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 76,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/errors.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 270,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/grant_types/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 10,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/grant_types/authorization_code.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 328,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/grant_types/base.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 173,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/grant_types/client_credentials.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 99,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/grant_types/implicit.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 274,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/grant_types/refresh_token.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 104,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 159,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/parameters.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 335,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/request_validator.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 583,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/tokens.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 278,
+ "nosec": 0
+ },
+ "oauthlib/oauth2/rfc6749/utils.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 70,
+ "nosec": 0
+ },
+ "oauthlib/openid/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 6,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 0,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 0,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/endpoints/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 8,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/endpoints/pre_configured.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 89,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/exceptions.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 117,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/grant_types/__init__.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 15,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/grant_types/authorization_code.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 16,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/grant_types/base.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 203,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/grant_types/dispatchers.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 66,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/grant_types/exceptions.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 26,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/grant_types/hybrid.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 24,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/grant_types/implicit.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 20,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/request_validator.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 146,
+ "nosec": 0
+ },
+ "oauthlib/openid/connect/core/tokens.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 42,
+ "nosec": 0
+ },
+ "oauthlib/signals.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 32,
+ "nosec": 0
+ },
+ "oauthlib/uri_validate.py": {
+ "CONFIDENCE.HIGH": 0.0,
+ "CONFIDENCE.LOW": 0.0,
+ "CONFIDENCE.MEDIUM": 0.0,
+ "CONFIDENCE.UNDEFINED": 0.0,
+ "SEVERITY.HIGH": 0.0,
+ "SEVERITY.LOW": 0.0,
+ "SEVERITY.MEDIUM": 0.0,
+ "SEVERITY.UNDEFINED": 0.0,
+ "loc": 93,
+ "nosec": 0
+ }
+ },
+ "results": [
+ {
+ "code": "182 if request.body is not None and content_type_eligible:\n183 params.append(('oauth_body_hash', base64.b64encode(hashlib.sha1(request.body.encode('utf-8')).digest()).decode('utf-8')))\n184 \n",
+ "filename": "oauthlib/oauth1/rfc5849/__init__.py",
+ "issue_confidence": "HIGH",
+ "issue_severity": "MEDIUM",
+ "issue_text": "Use of insecure MD2, MD4, MD5, or SHA1 hash function.",
+ "line_number": 183,
+ "line_range": [
+ 183
+ ],
+ "more_info": "https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b303-md5",
+ "test_id": "B303",
+ "test_name": "blacklist"
+ },
+ {
+ "code": "45 def __init__(self, endpoints, claims={}, raise_errors=True):\n46 assert isinstance(claims, dict)\n47 for endpoint in endpoints:\n",
+ "filename": "oauthlib/oauth2/rfc6749/endpoints/metadata.py",
+ "issue_confidence": "HIGH",
+ "issue_severity": "LOW",
+ "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.",
+ "line_number": 46,
+ "line_range": [
+ 46
+ ],
+ "more_info": "https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html",
+ "test_id": "B101",
+ "test_name": "assert_used"
+ },
+ {
+ "code": "47 for endpoint in endpoints:\n48 assert isinstance(endpoint, BaseEndpoint)\n49 \n",
+ "filename": "oauthlib/oauth2/rfc6749/endpoints/metadata.py",
+ "issue_confidence": "HIGH",
+ "issue_severity": "LOW",
+ "issue_text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.",
+ "line_number": 48,
+ "line_range": [
+ 48
+ ],
+ "more_info": "https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html",
+ "test_id": "B101",
+ "test_name": "assert_used"
+ }
+ ]
+} \ No newline at end of file
diff --git a/tox.ini b/tox.ini
index 47237d8..4893175 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
[tox]
-envlist = py27,py34,py35,py36,py37,pypy,pypy3,docs,readme
+envlist = py27,py34,py35,py36,py37,pypy,pypy3,docs,readme,bandit
[testenv]
deps=
@@ -27,3 +27,9 @@ whitelist_externals=echo
commands=
python setup.py check -r -s
echo setup.py/long description is syntaxly correct
+
+[testenv:bandit]
+skipsdist=True
+deps=bandit
+commands=bandit -b bandit.json -r oauthlib/
+whitelist_externals=bandit
View Lorry Controller Status