Log token with sha1

By logging the sha1 hash of the token, it can be tracked through different services. Closes-bug: #1329301 Change-Id: I9c338f6a418ab8dd34dbaaf918b0ea6e9cbe79d7
2014-09-24 14:24:39 -05:00 · 2014-09-24 14:24:39 -05:00 · 2b305a718c
commit 2b305a718c
parent d715405776
1 changed files with 5 additions and 1 deletions
--- a/keystoneclient/session.py
+++ b/keystoneclient/session.py
@ -12,6 +12,7 @@

 import argparse
 import functools
+import hashlib
 import logging
 import os
 import time
@ -122,7 +123,10 @@ class Session(object):
        secure_headers = ('authorization', 'x-auth-token',
                          'x-subject-token',)
        if header[0].lower() in secure_headers:
-            return (header[0], 'TOKEN_REDACTED')
+            token_hasher = hashlib.sha1()
+            token_hasher.update(header[1].encode('utf-8'))
+            token_hash = token_hasher.hexdigest()
+            return (header[0], '{SHA1}%s' % token_hash)
        return header

    @utils.positional()