Skip to content

Commit

Permalink
🎉 Add verification for Stripe secret API keys
Browse files Browse the repository at this point in the history
  • Loading branch information
@KevinHock
KevinHock committed Sep 21, 2019
1 parent 977c4fb commit 9cabbe0
Showing 1 changed file with 23 additions and 0 deletions.
23 changes: 23 additions & 0 deletions detect_secrets/plugins/stripe.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,12 @@
from __future__ import absolute_import

import re
from base64 import b64encode

import requests

from .base import RegexBasedDetector
from detect_secrets.core.constants import VerifiedResult


class StripeDetector(RegexBasedDetector):
Expand All @@ -16,3 +20,22 @@ class StripeDetector(RegexBasedDetector):
# Stripe standard keys begin with sk_live and restricted with rk_live
re.compile(r'(?:r|s)k_live_[0-9a-zA-Z]{24}'),
)

def verify(self, token, **kwargs): # pragma: no cover
response = requests.get(
'https://api.stripe.com/v1/charges',
headers={
'Authorization': b'Basic ' + b64encode(
'{}:'.format(token).encode('utf-8'),
),
},
)

if response.status_code == 200:
return VerifiedResult.VERIFIED_TRUE

# Restricted keys may be limited to certain endpoints
if token.startswith('rk_live'):
return VerifiedResult.UNVERIFIED

return VerifiedResult.VERIFIED_FALSE

0 comments on commit 9cabbe0

Please sign in to comment.