Merge pull request #614 from syn-4ck/feature/discord-plugin

Add Discord Bot token detector

Author: lorenzodb1

README.md

@@ -96,6 +96,8 @@ AWSKeyDetector
 AzureStorageKeyDetector
 BasicAuthDetector
 CloudantDetector
+DiscordBotTokenDetector
+GitHubTokenDetector
 Base64HighEntropyString
 HexHighEntropyString
 IbmCloudIamDetector
@@ -105,8 +107,10 @@ KeywordDetector
 MailchimpDetector
 NpmDetector
 PrivateKeyDetector
+SendGridDetector
 SlackDetector
 SoftlayerDetector
+SquareOAuthDetector
 StripeDetector
 TwilioKeyDetector
 ```

detect_secrets/plugins/discord.py

@@ -0,0 +1,17 @@
+"""
+This plugin searches for Discord Bot Token
+"""
+import re
+
+from .base import RegexBasedDetector
+
+
+class DiscordBotTokenDetector(RegexBasedDetector):
+    """Scans for Discord Bot token."""
+    secret_type = 'Discord Bot Token'
+
+    denylist = [
+        # Discord Bot Token ([M|N]XXXXXXXXXXXXXXXXXXXXXXX.XXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXX)
+        # Reference: https://discord.com/developers/docs/reference#authentication
+        re.compile(r'[MN][a-zA-Z\d_-]{23}\.[a-zA-Z\d_-]{6}\.[a-zA-Z\d_-]{27}'),
+    ]

tests/plugins/discord_test.py

@@ -0,0 +1,43 @@
+import pytest
+
+from detect_secrets.plugins.discord import DiscordBotTokenDetector
+
+
+class TestDiscordBotTokenDetector:
+
+    @pytest.mark.parametrize(
+        'payload, should_flag',
+        [
+            # From https://discord.com/developers/docs/reference#authentication
+            (
+                'MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWs',
+                True,
+            ),
+            (
+                'Nzk5MjgxNDk0NDc2NDU1OTg3.YABS5g.2lmzECVlZv3vv6miVnUaKPQi2wI',
+                True,
+            ),
+            # From https://docs.gitguardian.com/secrets-detection/detectors/specifics/discord_bot_token#examples  # noqa: E501
+            (
+                'MZ1yGvKTjE0rY0cV8i47CjAa.uRHQPq.Xb1Mk2nEhe-4iUcrGOuegj57zMC',
+                True,
+            ),
+            # Random values to fail
+            (
+                'MZ1yGvKTj0rY0cV8i47CjAa.uHQPq.Xb1Mk2nEhe-4icrGOuegj57zMC',
+                False,
+            ),
+            (
+                'SZ1yGvKTj0rY0cV8i47CjAa.uHQPq.Xb1Mk2nEhe-4icrGOuegj57zMC',
+                False,
+            ),
+            (
+                'MZ1yGvKTj0rY0cV8i47CjAa.uHQPq.Xb1Mk2nEhe-4icrGOuegj57zM',
+                False,
+            ),
+        ],
+    )
+    def test_analyze(self, payload, should_flag):
+        logic = DiscordBotTokenDetector()
+        output = logic.analyze_line(filename='mock_filename', line=payload)
+        assert len(output) == (1 if should_flag else 0)