From 6eff03a32cfde40a9aa9c4d4d26b2d19fa818b24 Mon Sep 17 00:00:00 2001
From: Seren Kwok <86184664+seren5240@users.noreply.github.com>
Date: Fri, 5 Apr 2024 05:55:10 +0100
Subject: [PATCH] fix: pattern name (#171)

---
 ...orithm.md => jwt_python_none_algorithm.md} | 21 ++-----------------
 1 file changed, 2 insertions(+), 19 deletions(-)
 rename .grit/patterns/python/{jwt_go_none_algorithm.md => jwt_python_none_algorithm.md} (90%)

diff --git a/.grit/patterns/python/jwt_go_none_algorithm.md b/.grit/patterns/python/jwt_python_none_algorithm.md
similarity index 90%
rename from .grit/patterns/python/jwt_go_none_algorithm.md
rename to .grit/patterns/python/jwt_python_none_algorithm.md
index db07cb3f..0646692f 100644
--- a/.grit/patterns/python/jwt_go_none_algorithm.md
+++ b/.grit/patterns/python/jwt_python_none_algorithm.md
@@ -6,6 +6,7 @@ tags: [fix, correctness, jwt, security]
 Detected use of the `'none'` algorithm in a JWT token. The `'none'` algorithm assumes the integrity of the token has already been verified. This would allow a malicious actor to forge a `JWT` token that will automatically be verified. Do not explicitly use the `'none'` algorithm. Instead, use an algorithm such as `'HS256'`.
 
 ## references
+
 - [Cryptographic Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures)
 
 ```grit
@@ -40,7 +41,6 @@ def bad1():
     return encoded
 ```
 
-
 ## `algorithm=['none']`
 
 ```python
@@ -59,7 +59,6 @@ def bad2(encoded):
     return encoded
 ```
 
-
 ## `algorithm='HS256'`
 
 ```python
@@ -70,14 +69,6 @@ def ok(secret_key):
     return encoded
 ```
 
-```python
-import jwt
-
-def ok(secret_key):
-    encoded = jwt.encode({'some': 'payload'}, secret_key, algorithm='HS256')
-    return encoded
-```
-
 ## `algorithms=["none", "other", "HS256"]`
 
 ```python
@@ -106,14 +97,6 @@ def bad2(encoded):
     return encoded
 ```
 
-```python
-import jwt
-
-def bad2(encoded):
-    jwt.decode(encoded, None, algorithms=["HS256"])
-    return encoded
-```
-
 ## `algorithms=["none", "md5"]`
 
 ```python
@@ -130,4 +113,4 @@ import jwt
 def bad2(encoded):
     jwt.decode(encoded, None, algorithms=[ "md5"])
     return encoded
-```
\ No newline at end of file
+```