From 7b7d81d09e4168a901cf14eb78f33d5725a75875 Mon Sep 17 00:00:00 2001
From: Vishakha Agarwal <agarwalvishakha18@gmail.com>
Date: Tue, 25 Jun 2019 14:09:47 +0530
Subject: [PATCH] Follow bandit B105: hardcoded_password_string

tox -e bandit failing due to the string 'token'
in [1]. According to the bandit 105 any password
assigned to a string should not contain any of the
variables in [2]

[1]https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/common/cms.py#L41
[2]https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html

Change-Id: I822e1195532df2b701f10087cabceda458211986
---
 keystoneclient/common/cms.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/keystoneclient/common/cms.py b/keystoneclient/common/cms.py
index 9c3e0bdfb..abd6ef6b7 100644
--- a/keystoneclient/common/cms.py
+++ b/keystoneclient/common/cms.py
@@ -38,7 +38,8 @@ PKI_ASN1_PREFIX = 'MII'
 PKIZ_PREFIX = 'PKIZ_'
 PKIZ_CMS_FORM = 'DER'
 PKI_ASN1_FORM = 'PEM'
-DEFAULT_TOKEN_DIGEST_ALGORITHM = 'sha256'
+# Adding nosec since this fails bandit B105, 'Possible hardcoded password'.
+DEFAULT_TOKEN_DIGEST_ALGORITHM = 'sha256'  # nosec
 
 
 # The openssl cms command exits with these status codes.