[MC-1506] Fix prospector

rapid7 · Oct 3, 2023 · be29544 · be29544
1 parent ddd7d87
commit be29544
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 6 deletions.
diff --git a/plugins/sentinelone/komand_sentinelone/actions/activities_types/action.py b/plugins/sentinelone/komand_sentinelone/actions/activities_types/action.py
@@ -14,5 +14,5 @@ def __init__(self):
             output=ActivitiesTypesOutput(),
         )
 
-    def run(self, params={}):
+    def run(self, params={}):  # pylint: disable=unused-argument
         return {Output.ACTIVITYTYPES: clean(self.connection.client.get_activity_types().get("data", []))}
diff --git a/plugins/sentinelone/komand_sentinelone/actions/get_threat_summary/action.py b/plugins/sentinelone/komand_sentinelone/actions/get_threat_summary/action.py
@@ -14,7 +14,7 @@ def __init__(self):
             output=GetThreatSummaryOutput(),
         )
 
-    def run(self, params={}):
+    def run(self, params={}):  # pylint: disable=unused-argument
         response = self.connection.client.get_threat_summary()
 
         return {

diff --git a/plugins/sentinelone/komand_sentinelone/util/api.py b/plugins/sentinelone/komand_sentinelone/util/api.py
@@ -266,15 +266,19 @@ def _get_auth_token(self) -> Tuple[str, str]:
             return self._api_key, version
         request_data = {DATA_FIELD: {API_TOKEN_FIELD: self._api_key}}
         self.logger.info(f"Trying to authenticate with API version {version}")
-        response = requests.post(f"{self.url}{LOGIN_BY_TOKEN_ENDPOINT.format(version=version)}", json=request_data)
+        response = requests.post(
+            f"{self.url}{LOGIN_BY_TOKEN_ENDPOINT.format(version=version)}", json=request_data, timeout=60
+        )
         self.raise_for_status(response)
 
         if response.status_code == 200:
             token = response.json().get(DATA_FIELD, {}).get("token")
         else:
             version = "2.0"
             self.logger.info(f"API v2.1 failed... trying v{version}")
-            response = requests.post(f"{self.url}{LOGIN_BY_TOKEN_ENDPOINT.format(version=version)}", json=request_data)
+            response = requests.post(
+                f"{self.url}{LOGIN_BY_TOKEN_ENDPOINT.format(version=version)}", json=request_data, timeout=60
+            )
             self.raise_for_status(response)
             token = response.json().get(DATA_FIELD, {}).get("token")
             # We know the connection failed when both 2.1 and 2.0 do not give 200 responses

diff --git a/plugins/sentinelone/komand_sentinelone/util/endpoints.py b/plugins/sentinelone/komand_sentinelone/util/endpoints.py
@@ -4,7 +4,7 @@
 CANCEL_QUERY_ENDPOINT = "dv/cancel-query"
 CREATE_QUERY_ENDPOINT = "dv/init-query"
 FETCH_FILE_BY_AGENT_ID_ENDPOINT = "agents/{agent_id}/actions/fetch-files"
-LOGIN_BY_TOKEN_ENDPOINT = "web/api/v{version}/users/login/by-api-token"
+LOGIN_BY_TOKEN_ENDPOINT = "web/api/v{version}/users/login/by-api-token"  # nosec bandit B105
 ACCOUNT_NAME_AVAILABLE_ENDPOINT = "private/accounts/name-available"
 MITIGATE_THREAT_ENDPOINT = "threats/mitigate/{action}"
 MARK_AS_THREAT_ENDPOINT = "threats/mark-as-threat"

diff --git a/plugins/sentinelone/komand_sentinelone/util/helper.py b/plugins/sentinelone/komand_sentinelone/util/helper.py
@@ -32,5 +32,5 @@ def check_password_meets_requirements(password: str) -> Union[None, PluginExcept
     if not re.match("^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{10,}$", password):
         raise PluginException(
             cause="Invalid password.",
-            assistance=f"The password must be 10 or more characters with a mix of upper and lower case letters, numbers, and symbols.",
+            assistance="The password must be 10 or more characters with a mix of upper and lower case letters, numbers, and symbols.",
         )