Skip to content

Commit 1e5d6bd

Browse files
author
ffaraoneim
authored
Merge pull request #35 from cloudblue/LITE-22290
LITE-22290: Obfuscate Authorization header
2 parents 7ffa103 + 38bc54d commit 1e5d6bd

2 files changed

Lines changed: 28 additions & 2 deletions

File tree

connect/client/logger.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,12 @@ class RequestLogger:
66
def __init__(self, file=sys.stdout):
77
self._file = file
88

9+
def obfuscate(self, value):
10+
if value.startswith('ApiKey SU-'):
11+
return value.split(':')[0] + '*' * 10
12+
else:
13+
return '*' * 20
14+
915
def log_request(self, method, url, kwargs):
1016
other_args = {k: v for k, v in kwargs.items() if k not in ('headers', 'json', 'params')}
1117

@@ -20,6 +26,8 @@ def log_request(self, method, url, kwargs):
2026

2127
if 'headers' in kwargs:
2228
for k, v in kwargs['headers'].items():
29+
if k == 'Authorization':
30+
v = self.obfuscate(v)
2331
lines.append(f'{k}: {v}')
2432

2533
if 'json' in kwargs:

tests/client/test_logger.py

Lines changed: 20 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,9 +20,27 @@ def test_log_request():
2020

2121
ios.truncate(0)
2222
ios.seek(0, 0)
23-
rl.log_request('get', PATH1, {'headers': {'Auth': 'None', 'Cookie': 'XXX'}})
23+
rl.log_request(
24+
'get',
25+
PATH1,
26+
{'headers': {'Auth': 'None', 'Cookie': 'XXX', 'Authorization': 'ApiKey SU-XXXX:YYYYY'}},
27+
)
2428
assert ios.getvalue() == LOG_REQUEST_HEADER + 'GET ' + PATH1 + ' \n' + """Auth: None
2529
Cookie: XXX
30+
Authorization: ApiKey SU-XXXX**********
31+
32+
"""
33+
34+
ios.truncate(0)
35+
ios.seek(0, 0)
36+
rl.log_request(
37+
'get',
38+
PATH1,
39+
{'headers': {'Auth': 'None', 'Cookie': 'XXX', 'Authorization': 'SecretToken'}},
40+
)
41+
assert ios.getvalue() == LOG_REQUEST_HEADER + 'GET ' + PATH1 + ' \n' + """Auth: None
42+
Cookie: XXX
43+
Authorization: ********************
2644
2745
"""
2846

@@ -52,7 +70,7 @@ def test_log_request():
5270
assert ios.getvalue() == LOG_REQUEST_HEADER + 'GET ' + PATH2 + '&limit=10&offset=0 \n\n'
5371

5472

55-
def test_log_resposne(mocker):
73+
def test_log_response(mocker):
5674
LOG_RESPONSE_HEADER = '--- HTTP Response ---\n'
5775

5876
ios = io.StringIO()

0 commit comments

Comments
 (0)