whs-authz-authn/oauth-backend
1
0
Fork 0
mirror of https://github.com/j93es/oauth-backend.git synced 2026-06-04 06:51:51 +09:00
Code Issues Projects Releases Packages Wiki Activity

[Update] save vuln report logic

Browse source
This commit is contained in:
tv0924@icloud.com 2025-06-26 12:20:41 +09:00
commit 3a1422a2f2
9 changed files with 121 additions and 190 deletions
Download patch file Download diff file Expand all files Collapse all files

16
addon/scope_detection.py
View file

@ -1,5 +1,5 @@
import lib.cur_target_url as cur_target_url
from lib.report_vuln import save_report
from lib.report_vuln import report_vuln
class ScopeDetection:
def get_scope_from_query(self, query: str) -> str | None:
@ -43,11 +43,9 @@ class ScopeDetection:
result = await self.check_scope(flow)
if result != 0:
report_data = [{
'target': cur_target_url.load(),
'status': "WARNING",
'title': "OAuth scope value issue",
'description': f"{method} {url}: {', '.join(result)}",
'uri': url
}]
save_report(report_data)
report_vuln(
title="OAuth Scope Value Issue",
desc=f"Detected scope value issue in {method} {url}: {', '.join(result)}",
status="WARNING",
uri=url
)