From c1470bbfa5fd30544052383990bdcd6eeffd6d0d Mon Sep 17 00:00:00 2001
From: Michael Schlenker <MichaelSchlenker@gmx.net>
Date: Mon, 15 Apr 2019 23:01:52 +0200
Subject: [PATCH] Add bandit to the quality tools

Adding the bandit tool to the toolbox.

And fix some trivial py3 syntax errors in the op3 example so it doesn't blow up right away.
---
 Makefile                   | 5 +++++
 oidc_example/op3/server.py | 8 +++++---
 setup.py                   | 2 +-
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index 623a38e03..59433c8eb 100644
--- a/Makefile
+++ b/Makefile
@@ -16,6 +16,7 @@ help:
 	@echo "  test       to run the tests"
 	@echo "  isort      to sort imports"
 	@echo "  blacken    to format the code"
+	@echo "  bandit     to run some simple security checkers"
 .PHONY: help
 
 clean:
@@ -55,6 +56,10 @@ check-black:
 	@pipenv run black src/ --check
 .PHONY: blacken check-black
 
+bandit:
+	@pipenv run bandit -a file -r src/ oauth_example/ oidc_example/ 
+.PHONY: bandit
+
 check-pylama:
 	@pipenv run pylama $(OICDIR) $(TESTDIR)
 .PHONY: check-pylama
diff --git a/oidc_example/op3/server.py b/oidc_example/op3/server.py
index 283ddc8c4..c6e47301d 100755
--- a/oidc_example/op3/server.py
+++ b/oidc_example/op3/server.py
@@ -10,6 +10,8 @@
 import traceback
 import argparse
 import importlib
+import logging
+
 from mako.lookup import TemplateLookup
 
 from oic import rndstr
@@ -243,7 +245,7 @@ def meta_info(self, environ, start_response):
              ]}
 
         """
-        print '\n in meta-info'
+        print('\n in meta-info')
         pass
 
     def webfinger(self, environ, start_response):
@@ -275,7 +277,7 @@ def application(self, environ, start_response):
         """
         path = environ.get('PATH_INFO', '').lstrip('/')
 
-        print 'start_response: ', start_response
+        print('start_response: ', start_response)
 
         if path == "robots.txt":
             return static(self, environ, start_response, "static/robots.txt")
@@ -470,7 +472,7 @@ def mako_renderer(template_name, context):
     server = wsgiserver.CherryPyWSGIServer(('0.0.0.0', config.PORT), _app.application)
     server.ssl_adapter = BuiltinSSLAdapter(config.SERVER_CERT, config.SERVER_KEY)
 
-    print "OIDC Provider server started (issuer={}, port={})".format(config.ISSUER, config.PORT)
+    print("OIDC Provider server started (issuer={}, port={})".format(config.ISSUER, config.PORT))
 
     try:
         server.start()
diff --git a/setup.py b/setup.py
index 402ffdfb3..f7bf0c19c 100755
--- a/setup.py
+++ b/setup.py
@@ -75,7 +75,7 @@ def run_tests(self):
         'develop': ["cherrypy==3.2.4", "pyOpenSSL"],
         'testing': tests_requires,
         'docs': ['Sphinx', 'sphinx-autobuild', 'alabaster'],
-        'quality': ['pylama', 'isort', 'eradicate', 'mypy', 'black'],
+        'quality': ['pylama', 'isort', 'eradicate', 'mypy', 'black', 'bandit'],
         'ldap_authn': ['pyldap'],
     },
     install_requires=[