Browse Source

Ouput a placeholder instead of the auth_token

As the name of the get_logging_values suggests, that function will
get entries from the context for logging purposes. For this, we
shouldn't need the auth_token since it might potentially leak
in the logs.

This filters out the auth_token by setting it as '***' by
default.

Change-Id: I2b245c1665c3587be3c476b803122788d186e5d5
Juan Antonio Osorio Robles 1 year ago
parent
commit
a8d86df940

+ 7
- 0
oslo_context/context.py View File

@@ -353,6 +353,13 @@ class RequestContext(object):
353 353
                   'user_domain_name': self.user_domain_name,
354 354
                   'project_domain_name': self.project_domain_name}
355 355
         values.update(self.to_dict())
356
+        if self.auth_token:
357
+            # NOTE(jaosorior): Gotta obfuscate the token since this dict is
358
+            # meant for logging and we shouldn't leak it.
359
+            values['auth_token'] = '***'
360
+        else:
361
+            values['auth_token'] = None
362
+
356 363
         return values
357 364
 
358 365
     @property

+ 1
- 0
oslo_context/tests/test_context.py View File

@@ -486,6 +486,7 @@ class ContextTest(test_base.BaseTestCase):
486 486
 
487 487
         d = ctx.get_logging_values()
488 488
         self.assertIn('auth_token', d)
489
+        self.assertEqual(d['auth_token'], '***')
489 490
         self.assertIn('user', d)
490 491
         self.assertIn('tenant', d)
491 492
         self.assertIn('domain', d)

+ 7
- 0
releasenotes/notes/dont-leak-auth-token-fb7075316cf87b7c.yaml View File

@@ -0,0 +1,7 @@
1
+---
2
+security:
3
+  - |
4
+    The ``get_logging_values`` function no longer outputs the auth_token, but
5
+    instead leaves it as ``***`` instead. As the name suggests, this function is
6
+    meant for logging, and letting the auth_token there might leak sensitive
7
+    data.

Loading…
Cancel
Save