Skip to content

Commit 3c66f57

Browse files
RabeaZrRabeaZr
authored
Fix JWT regex (#246)
1 parent 1f1be9a commit 3c66f57

File tree

2 files changed

+2
-1
lines changed

2 files changed

+2
-1
lines changed

detect_secrets/plugins/jwt.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ class JwtTokenDetector(RegexBasedDetector):
1313
"""Scans for JWTs."""
1414
secret_type = 'JSON Web Token'
1515
denylist = [
16-
re.compile(r'eyJ[A-Za-z0-9-_=]+\.[A-Za-z0-9-_=]+\.?[A-Za-z0-9-_.+/=]*?'),
16+
re.compile(r'eyJ[A-Za-z0-9-_=]+\.[A-Za-z0-9-_=]+\.?[A-Za-z0-9-_.+/=]*'),
1717
]
1818

1919
def analyze_string(self, string: str) -> Generator[str, None, None]:

tests/plugins/jwt_test.py

+1
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@ class TestJwtTokenDetector:
3535
# good by regex, but otherwise totally not JWT
3636
('eyJAAAA.eyJBBB', False), # noqa: E501
3737
('eyJBB.eyJCC.eyJDDDD', False), # noqa: E501
38+
('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1c2VyIiwianRpIjoiYXQtdThjZms2YjdncGF1c2tvIn0.ZaYs5sGS90G-ef0qsXFhOPY3RMxEsngldkRSZ1umEIs', True), # noqa: E501
3839
],
3940
)
4041
def test_analyze_line(self, payload, should_flag):

0 commit comments

Comments
 (0)