From e7b1791df3d94c2dc646079ba498686250cb302f Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Tue, 8 Feb 2022 10:59:15 -0500
Subject: [PATCH] Modify input in bandit-friendly way

bandit erroneously flags 'input' based
on possible python2-ism.  Avoid the
error by using 'getinput', making that
input or raw_input based on the python version.
---
 confluent_client/confluent/client.py | 10 +++++-----
 confluent_server/confluent/pam.py    |  6 +++---
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/confluent_client/confluent/client.py b/confluent_client/confluent/client.py
index fae497ee..bee16f00 100644
--- a/confluent_client/confluent/client.py
+++ b/confluent_client/confluent/client.py
@@ -42,9 +42,9 @@ _attraliases = {
 }
 
 try:
-    input = raw_input
+    getinput = raw_input
 except NameError:
-    pass
+    getinput = input
 
 
 class NestedDict(dict):
@@ -284,9 +284,9 @@ class Command(object):
                 nodename = list(self.read(
                     '/noderange/{0}/nodes/'.format(noderange)))[0].get('item', {}).get('href', None)
                 nodename = nodename[:-1]
-                p = input('Command is about to affect node {0}, continue (y/n)? '.format(nodename))
+                p = getinput('Command is about to affect node {0}, continue (y/n)? '.format(nodename))
             else:
-                p = input('Command is about to affect {0} nodes, continue (y/n)? '.format(nsize))
+                p = getinput('Command is about to affect {0} nodes, continue (y/n)? '.format(nsize))
             if p.lower() != 'y':
                 sys.stderr.write('Aborting at user request\n')
                 sys.exit(1)
@@ -401,7 +401,7 @@ class Command(object):
                 if fingerprint == khf[hostid]:
                     return
                 else:
-                    replace = input(
+                    replace = getinput(
                         "MISMATCHED CERTIFICATE DATA, ACCEPT NEW? (y/n):")
                     if replace not in ('y', 'Y'):
                         raise Exception("BAD CERTIFICATE")
diff --git a/confluent_server/confluent/pam.py b/confluent_server/confluent/pam.py
index ed57fc8a..5316a565 100644
--- a/confluent_server/confluent/pam.py
+++ b/confluent_server/confluent/pam.py
@@ -242,10 +242,10 @@ if __name__ == "__main__":
         readline.set_pre_input_hook(hook)
 
         if sys.version_info >= (3,):
-            result = input(prompt)
+            getinput = input
         else:
-            result = raw_input(prompt)
-
+            getinput = raw_input
+        result = getinput(prompt)
         readline.set_pre_input_hook()
         return result