fix(scripts): Harden code scanning findings
This commit is contained in:
sickn33
@@ -50,6 +50,7 @@ def test_tls_handshake(host, port=443, timeout=5):
|
||||
"""Testa tempo do handshake TLS."""
|
||||
try:
|
||||
context = ssl.create_default_context()
|
||||
context.minimum_version = ssl.TLSVersion.TLSv1_2
|
||||
start = time.time()
|
||||
with socket.create_connection((host, port), timeout=timeout) as sock:
|
||||
with context.wrap_socket(sock, server_hostname=host) as ssock:
|
||||
|
||||
@@ -10,7 +10,6 @@ Usage:
|
||||
"""
|
||||
|
||||
import argparse
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
|
||||
@@ -78,17 +77,11 @@ def send_test(to: str, message: str) -> None:
|
||||
error = data.get("error", {})
|
||||
print(f"Error sending message:")
|
||||
print(f" Code: {error.get('code', '?')}")
|
||||
print(f" Message: {error.get('message', 'Unknown error')}")
|
||||
if error.get("error_data"):
|
||||
print(f" Details: {error['error_data'].get('details', '')}")
|
||||
print(f" Status: {response.status_code}")
|
||||
print(" Message: Request rejected by WhatsApp Cloud API.")
|
||||
|
||||
print()
|
||||
print("Full response:")
|
||||
# Mask token in response output to prevent credential leakage
|
||||
response_str = json.dumps(data, indent=2)
|
||||
if token and token in response_str:
|
||||
response_str = response_str.replace(token, _mask_secret(token))
|
||||
print(response_str)
|
||||
print("Response details omitted to avoid exposing sensitive API data.")
|
||||
|
||||
except httpx.ConnectError:
|
||||
print("Error: Connection failed. Check your internet connection.")
|
||||
@@ -96,10 +89,8 @@ def send_test(to: str, message: str) -> None:
|
||||
except httpx.TimeoutException:
|
||||
print("Error: Request timed out.")
|
||||
sys.exit(1)
|
||||
except Exception as e:
|
||||
# Mask token in error output to prevent credential leakage
|
||||
safe_err = str(e).replace(token, _mask_secret(token)) if token else str(e)
|
||||
print(f"Error: {safe_err}")
|
||||
except Exception:
|
||||
print("Error: Unexpected failure while sending the message.")
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
|
||||
@@ -54,6 +54,15 @@ def _mask_secret(value: str) -> str:
|
||||
return f"{value[:6]}...masked"
|
||||
|
||||
|
||||
def _extract_error_code(response: httpx.Response) -> str:
|
||||
"""Return an API error code without logging response details."""
|
||||
try:
|
||||
error = response.json().get("error", {})
|
||||
return str(error.get("code", "?"))
|
||||
except Exception:
|
||||
return "?"
|
||||
|
||||
|
||||
def test_api_connection() -> tuple[bool, str]:
|
||||
"""Test connection to WhatsApp Cloud API."""
|
||||
token = os.environ.get("WHATSAPP_TOKEN", "")
|
||||
@@ -70,23 +79,18 @@ def test_api_connection() -> tuple[bool, str]:
|
||||
if response.status_code == 200:
|
||||
data = response.json()
|
||||
return True, (
|
||||
f"Phone: {data.get('display_phone_number', 'N/A')}\n"
|
||||
f" Name: {data.get('verified_name', 'N/A')}\n"
|
||||
f" Status: {data.get('code_verification_status', 'N/A')}\n"
|
||||
f" Quality: {data.get('quality_rating', 'N/A')}"
|
||||
)
|
||||
else:
|
||||
error = response.json().get("error", {})
|
||||
return False, f"API Error {error.get('code', '?')}: {error.get('message', 'Unknown')}"
|
||||
return False, f"API request failed with status {response.status_code} (code {_extract_error_code(response)})"
|
||||
|
||||
except httpx.ConnectError:
|
||||
return False, "Connection failed. Check your internet connection."
|
||||
except httpx.TimeoutException:
|
||||
return False, "Request timed out after 10 seconds."
|
||||
except Exception as e:
|
||||
# Mask token in error output to prevent credential leakage
|
||||
safe_err = str(e).replace(token, _mask_secret(token)) if token else str(e)
|
||||
return False, f"Unexpected error: {safe_err}"
|
||||
except Exception:
|
||||
return False, "Unexpected error while checking phone number access."
|
||||
|
||||
|
||||
def test_waba_access() -> tuple[bool, str]:
|
||||
@@ -106,13 +110,10 @@ def test_waba_access() -> tuple[bool, str]:
|
||||
count = len(data.get("data", []))
|
||||
return True, f"WABA accessible. {count} phone number(s) found."
|
||||
else:
|
||||
error = response.json().get("error", {})
|
||||
return False, f"API Error {error.get('code', '?')}: {error.get('message', 'Unknown')}"
|
||||
return False, f"API request failed with status {response.status_code} (code {_extract_error_code(response)})"
|
||||
|
||||
except Exception as e:
|
||||
# Mask token in error output to prevent credential leakage
|
||||
safe_err = str(e).replace(token, _mask_secret(token)) if token else str(e)
|
||||
return False, f"Error: {safe_err}"
|
||||
except Exception:
|
||||
return False, "Unexpected error while checking WABA access."
|
||||
|
||||
|
||||
def main():
|
||||
|
||||
@@ -50,6 +50,7 @@ def test_tls_handshake(host, port=443, timeout=5):
|
||||
"""Testa tempo do handshake TLS."""
|
||||
try:
|
||||
context = ssl.create_default_context()
|
||||
context.minimum_version = ssl.TLSVersion.TLSv1_2
|
||||
start = time.time()
|
||||
with socket.create_connection((host, port), timeout=timeout) as sock:
|
||||
with context.wrap_socket(sock, server_hostname=host) as ssock:
|
||||
|
||||
@@ -10,7 +10,6 @@ Usage:
|
||||
"""
|
||||
|
||||
import argparse
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
|
||||
@@ -78,17 +77,11 @@ def send_test(to: str, message: str) -> None:
|
||||
error = data.get("error", {})
|
||||
print(f"Error sending message:")
|
||||
print(f" Code: {error.get('code', '?')}")
|
||||
print(f" Message: {error.get('message', 'Unknown error')}")
|
||||
if error.get("error_data"):
|
||||
print(f" Details: {error['error_data'].get('details', '')}")
|
||||
print(f" Status: {response.status_code}")
|
||||
print(" Message: Request rejected by WhatsApp Cloud API.")
|
||||
|
||||
print()
|
||||
print("Full response:")
|
||||
# Mask token in response output to prevent credential leakage
|
||||
response_str = json.dumps(data, indent=2)
|
||||
if token and token in response_str:
|
||||
response_str = response_str.replace(token, _mask_secret(token))
|
||||
print(response_str)
|
||||
print("Response details omitted to avoid exposing sensitive API data.")
|
||||
|
||||
except httpx.ConnectError:
|
||||
print("Error: Connection failed. Check your internet connection.")
|
||||
@@ -96,10 +89,8 @@ def send_test(to: str, message: str) -> None:
|
||||
except httpx.TimeoutException:
|
||||
print("Error: Request timed out.")
|
||||
sys.exit(1)
|
||||
except Exception as e:
|
||||
# Mask token in error output to prevent credential leakage
|
||||
safe_err = str(e).replace(token, _mask_secret(token)) if token else str(e)
|
||||
print(f"Error: {safe_err}")
|
||||
except Exception:
|
||||
print("Error: Unexpected failure while sending the message.")
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
|
||||
@@ -54,6 +54,15 @@ def _mask_secret(value: str) -> str:
|
||||
return f"{value[:6]}...masked"
|
||||
|
||||
|
||||
def _extract_error_code(response: httpx.Response) -> str:
|
||||
"""Return an API error code without logging response details."""
|
||||
try:
|
||||
error = response.json().get("error", {})
|
||||
return str(error.get("code", "?"))
|
||||
except Exception:
|
||||
return "?"
|
||||
|
||||
|
||||
def test_api_connection() -> tuple[bool, str]:
|
||||
"""Test connection to WhatsApp Cloud API."""
|
||||
token = os.environ.get("WHATSAPP_TOKEN", "")
|
||||
@@ -70,23 +79,18 @@ def test_api_connection() -> tuple[bool, str]:
|
||||
if response.status_code == 200:
|
||||
data = response.json()
|
||||
return True, (
|
||||
f"Phone: {data.get('display_phone_number', 'N/A')}\n"
|
||||
f" Name: {data.get('verified_name', 'N/A')}\n"
|
||||
f" Status: {data.get('code_verification_status', 'N/A')}\n"
|
||||
f" Quality: {data.get('quality_rating', 'N/A')}"
|
||||
)
|
||||
else:
|
||||
error = response.json().get("error", {})
|
||||
return False, f"API Error {error.get('code', '?')}: {error.get('message', 'Unknown')}"
|
||||
return False, f"API request failed with status {response.status_code} (code {_extract_error_code(response)})"
|
||||
|
||||
except httpx.ConnectError:
|
||||
return False, "Connection failed. Check your internet connection."
|
||||
except httpx.TimeoutException:
|
||||
return False, "Request timed out after 10 seconds."
|
||||
except Exception as e:
|
||||
# Mask token in error output to prevent credential leakage
|
||||
safe_err = str(e).replace(token, _mask_secret(token)) if token else str(e)
|
||||
return False, f"Unexpected error: {safe_err}"
|
||||
except Exception:
|
||||
return False, "Unexpected error while checking phone number access."
|
||||
|
||||
|
||||
def test_waba_access() -> tuple[bool, str]:
|
||||
@@ -106,13 +110,10 @@ def test_waba_access() -> tuple[bool, str]:
|
||||
count = len(data.get("data", []))
|
||||
return True, f"WABA accessible. {count} phone number(s) found."
|
||||
else:
|
||||
error = response.json().get("error", {})
|
||||
return False, f"API Error {error.get('code', '?')}: {error.get('message', 'Unknown')}"
|
||||
return False, f"API request failed with status {response.status_code} (code {_extract_error_code(response)})"
|
||||
|
||||
except Exception as e:
|
||||
# Mask token in error output to prevent credential leakage
|
||||
safe_err = str(e).replace(token, _mask_secret(token)) if token else str(e)
|
||||
return False, f"Error: {safe_err}"
|
||||
except Exception:
|
||||
return False, "Unexpected error while checking WABA access."
|
||||
|
||||
|
||||
def main():
|
||||
|
||||
Reference in New Issue
Block a user