From 3f8a4a568af9efe89a52f31e85a8264f68e51099 Mon Sep 17 00:00:00 2001
From: lhhyung <lhhyung511@megazone.com>
Date: Fri, 13 Dec 2024 15:47:49 +0900
Subject: [PATCH] refactor: Improve security by replacing random.choice with
 secrets.choice

---
 src/spaceone/plugin/service/plugin_service.py | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/spaceone/plugin/service/plugin_service.py b/src/spaceone/plugin/service/plugin_service.py
index e4e54ab..7fac2d5 100644
--- a/src/spaceone/plugin/service/plugin_service.py
+++ b/src/spaceone/plugin/service/plugin_service.py
@@ -1,13 +1,12 @@
 import logging
-import random
+import secrets
 
-from spaceone.core.service import *
 from spaceone.core import config
-
+from spaceone.core.service import *
 from spaceone.plugin.error import *
 from spaceone.plugin.manager.plugin_manager import *
-from spaceone.plugin.manager.supervisor_manager import *
 from spaceone.plugin.manager.repository_manager import RepositoryManager
+from spaceone.plugin.manager.supervisor_manager import *
 
 _LOGGER = logging.getLogger(__name__)
 
@@ -264,7 +263,7 @@ def _select_endpoint(self, plugin_ref, updated_version=None):
     @staticmethod
     def _select_one(choice_list, algorithm="random"):
         if algorithm == "random":
-            return random.choice(choice_list)
+            return secrets.choice(choice_list)
         _LOGGER.error(f"[_select_one] unimplemented algorithm: {algorithm}")
 
     def _check_plugin(self, plugin_id: str, domain_id: str, version: str, token: str):