From eeb327b590b489a7f6b0e2176b288f7201de6aa9 Mon Sep 17 00:00:00 2001
From: Lucas Alvares Gomes <lucasagomes@gmail.com>
Date: Tue, 5 Jan 2016 17:37:00 +0000
Subject: [PATCH] Do not log secrets

When logging the curl command or the http response we should obfuscate
the secrets.

Change-Id: Iaf8aef795782b5c4608f3a2be6887d0429176250
Partial-Bug: 1530972
---
 ironicclient/common/http.py          |  5 ++++-
 ironicclient/tests/unit/test_http.py | 20 ++++++++++++++++++++
 2 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/ironicclient/common/http.py b/ironicclient/common/http.py
index 98b109d80..a42c576e5 100644
--- a/ironicclient/common/http.py
+++ b/ironicclient/common/http.py
@@ -25,6 +25,7 @@ import textwrap
 import time
 
 from keystoneclient import adapter
+from oslo_utils import strutils
 import six
 import six.moves.urllib.parse as urlparse
 
@@ -265,7 +266,8 @@ class HTTPClient(VersionNegotiationMixin):
             curl.append('-k')
 
         if 'body' in kwargs:
-            curl.append('-d \'%s\'' % kwargs['body'])
+            body = strutils.mask_password(kwargs['body'])
+            curl.append('-d \'%s\'' % body)
 
         curl.append(urlparse.urljoin(self.endpoint_trimmed, url))
         LOG.debug(' '.join(curl))
@@ -277,6 +279,7 @@ class HTTPClient(VersionNegotiationMixin):
         dump.extend(['%s: %s' % (k, v) for k, v in resp.getheaders()])
         dump.append('')
         if body:
+            body = strutils.mask_password(body)
             dump.extend([body, ''])
         LOG.debug('\n'.join(dump))
 
diff --git a/ironicclient/tests/unit/test_http.py b/ironicclient/tests/unit/test_http.py
index 00070b0e2..5d7d7fc35 100644
--- a/ironicclient/tests/unit/test_http.py
+++ b/ironicclient/tests/unit/test_http.py
@@ -449,6 +449,26 @@ class HttpClientTest(utils.BaseTestCase):
         self.assertEqual(200, response.status)
         self.assertEqual(1, mock_negotiate.call_count)
 
+    @mock.patch.object(http.LOG, 'debug', autospec=True)
+    def test_log_curl_request_mask_password(self, mock_log):
+        client = http.HTTPClient('http://localhost/')
+        kwargs = {'headers': {'foo-header': 'bar-header'},
+                  'body': '{"password": "foo"}'}
+        client.log_curl_request('foo', 'http://127.0.0.1', kwargs)
+        expected_log = ("curl -i -X foo -H 'foo-header: bar-header' "
+                        "-d '{\"password\": \"***\"}' http://127.0.0.1")
+        mock_log.assert_called_once_with(expected_log)
+
+    @mock.patch.object(http.LOG, 'debug', autospec=True)
+    def test_log_http_response_mask_password(self, mock_log):
+        client = http.HTTPClient('http://localhost/')
+        fake_response = utils.FakeResponse({}, version=1, reason='foo',
+                                           status=200)
+        body = '{"password": "foo"}'
+        client.log_http_response(fake_response, body=body)
+        expected_log = ("\nHTTP/0.1 200 foo\n\n{\"password\": \"***\"}\n")
+        mock_log.assert_called_once_with(expected_log)
+
 
 class SessionClientTest(utils.BaseTestCase):