diff options
| -rw-r--r-- | .github/workflows/deploy.yml | 1 | ||||
| -rw-r--r-- | bot/exts/filters/token_remover.py | 10 |
2 files changed, 5 insertions, 6 deletions
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 88abe6fb6..79eef8821 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -30,7 +30,6 @@ jobs: uses: actions/checkout@v2 with: repository: python-discord/kubernetes - token: ${{ secrets.REPO_TOKEN }} - name: Authenticate with Kubernetes uses: azure/k8s-set-context@v1 diff --git a/bot/exts/filters/token_remover.py b/bot/exts/filters/token_remover.py index a0d5aa7b6..29f80671d 100644 --- a/bot/exts/filters/token_remover.py +++ b/bot/exts/filters/token_remover.py @@ -29,7 +29,7 @@ DELETION_MESSAGE_TEMPLATE = ( "token in your message and have removed your message. " "This means that your token has been **compromised**. " "Please change your token **immediately** at: " - "<https://discordapp.com/developers/applications/me>\n\n" + "<https://discord.com/developers/applications>\n\n" "Feel free to re-post it with the token removed. " "If you believe this was a mistake, please let us know!" ) @@ -39,8 +39,8 @@ TOKEN_EPOCH = 1_293_840_000 # Three parts delimited by dots: user ID, creation timestamp, HMAC. # The HMAC isn't parsed further, but it's in the regex to ensure it at least exists in the string. # Each part only matches base64 URL-safe characters. -# Padding has never been observed, but the padding character '=' is matched just in case. -TOKEN_RE = re.compile(r"([\w\-=]+)\.([\w\-=]+)\.([\w\-=]+)", re.ASCII) +# These regexes were taken from discord-developers, which are used by the client itself. +TOKEN_RE = re.compile(r"([\w-]{10,})\.([\w-]{5,})\.([\w-]{10,})") class Token(t.NamedTuple): @@ -52,7 +52,7 @@ class Token(t.NamedTuple): class TokenRemover(Cog): - """Scans messages for potential discord.py bot tokens and removes them.""" + """Scans messages for potential discord client tokens and removes them.""" def __init__(self, bot: Bot): self.bot = bot @@ -166,7 +166,7 @@ class TokenRemover(Cog): return token # No matching substring - return + return None @staticmethod def extract_user_id(b64_content: str) -> t.Optional[int]: |