Polish qhelp and libraries

Author: jorgectf

python/ql/src/experimental/Security/CWE-347/JWTEmptyKeyOrAlgorithm.qhelp

@@ -27,4 +27,4 @@ empty key. Both examples leave the payload insecurely encoded.
 <li>Python-Jose: <a href="https://github.com/mpdavis/python-jose">Documentation</a>.</li>
 <li>Auth0 Blog: <a href="https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/#Meet-the--None--Algorithm">Meet the "None" Algorithm</a>.</li>
 </references>
-</qhelp>
+</qhelp>

python/ql/src/experimental/Security/CWE-347/JWTMissingSecretOrPublicKeyVerification.qhelp

@@ -27,4 +27,4 @@ argument set to <code>False</code>.
 <li>Authlib JWT: <a href="https://docs.authlib.org/en/latest/specs/rfc7519.html">Documentation</a>.</li>
 <li>Python-Jose: <a href="https://github.com/mpdavis/python-jose">Documentation</a>.</li>
 </references>
-</qhelp>
+</qhelp>

python/ql/src/experimental/semmle/python/libraries/Authlib.qll

@@ -4,12 +4,12 @@ private import semmle.python.ApiGraphs
 private import experimental.semmle.python.frameworks.JWT
 
 private module Authlib {
-  /** Gets a reference to `authlib.jose` */
-  private API::Node authlib() { result = API::moduleImport("authlib.jose") }
-
   /** Gets a reference to `authlib.jose.(jwt|JsonWebToken)` */
   private API::Node authlibJWT() {
-    result in [authlib().getMember("jwt"), authlib().getMember("JsonWebToken").getReturn()]
+    result in [
+        API::moduleImport("authlib.jose").getMember("jwt"),
+        API::moduleImport("authlib.jose").getMember("JsonWebToken").getReturn()
+      ]
   }
 
   /** Gets a reference to `jwt.encode` */

python/ql/src/experimental/semmle/python/libraries/PyJWT.qll

@@ -4,14 +4,11 @@ private import semmle.python.ApiGraphs
 private import experimental.semmle.python.frameworks.JWT
 
 private module PyJWT {
-  /** Gets a reference to `jwt` */
-  private API::Node pyjwt() { result = API::moduleImport("jwt") }
-
   /** Gets a reference to `jwt.encode` */
-  private API::Node pyjwtEncode() { result = pyjwt().getMember("encode") }
+  private API::Node pyjwtEncode() { result = API::moduleImport("jwt").getMember("encode") }
 
   /** Gets a reference to `jwt.decode` */
-  private API::Node pyjwtDecode() { result = pyjwt().getMember("decode") }
+  private API::Node pyjwtDecode() { result = API::moduleImport("jwt").getMember("decode") }
 
   // def encode(self, payload, key, algorithm="HS256", headers=None, json_encoder=None)
   private class PyJWTEncodeCall extends DataFlow::CallCfgNode, JWTEncoding::Range {

python/ql/src/experimental/semmle/python/libraries/PythonJose.qll

@@ -4,11 +4,8 @@ private import semmle.python.ApiGraphs
 private import experimental.semmle.python.frameworks.JWT
 
 private module PythonJose {
-  /** Gets a reference to `jose` */
-  private API::Node jose() { result = API::moduleImport("jose") }
-
   /** Gets a reference to `jwt` */
-  private API::Node joseJWT() { result = jose().getMember("jwt") }
+  private API::Node joseJWT() { result = API::moduleImport("jose").getMember("jwt") }
 
   /** Gets a reference to `jwt.encode` */
   private API::Node joseJWTEncode() { result = joseJWT().getMember("encode") }