From 57640764c0e42e7d1ac3df08574e3fd0d846d3ba Mon Sep 17 00:00:00 2001
From: Kevin Kreitner <kevin.kreitner@real-digital.de>
Date: Wed, 20 Jan 2021 20:56:13 +0100
Subject: [PATCH] Use logger for sensitive data logging to be able to disable
 it (#1002)

* Add sensible logging flag to default setup for logger

* Use logger instead of fmt for info logging with sensible data

* Remove sensible logging flag

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
---
 CHANGELOG.md        | 1 +
 providers/azure.go  | 2 +-
 providers/gitlab.go | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f60bb000..3f29a99d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -63,6 +63,7 @@
   - Please note that `--cookie-refresh` must be 0 (the default) or equal to the token lifespan configured in Azure AD to make
     Azure token refresh reliable. Setting this value to 0 means that it relies on the provider implementation
     to decide if a refresh is required.
+- [#1002](https://github.com/oauth2-proxy/oauth2-proxy/pull/1002) Use logger for logging refreshed session in azure and gitlab provider.
 
 ## Changes since v6.1.1
 
diff --git a/providers/azure.go b/providers/azure.go
index e646bc5c..92974540 100644
--- a/providers/azure.go
+++ b/providers/azure.go
@@ -172,7 +172,7 @@ func (p *AzureProvider) RefreshSessionIfNeeded(ctx context.Context, s *sessions.
 		return false, fmt.Errorf("unable to redeem refresh token: %v", err)
 	}
 
-	fmt.Printf("refreshed id token %s (expired on %s)\n", s, origExpiration)
+	logger.Printf("refreshed id token %s (expired on %s)\n", s, origExpiration)
 	return true, nil
 }
 
diff --git a/providers/gitlab.go b/providers/gitlab.go
index c5922abb..f54430fc 100644
--- a/providers/gitlab.go
+++ b/providers/gitlab.go
@@ -135,7 +135,7 @@ func (p *GitLabProvider) RefreshSessionIfNeeded(ctx context.Context, s *sessions
 		return false, fmt.Errorf("unable to redeem refresh token: %v", err)
 	}
 
-	fmt.Printf("refreshed id token %s (expired on %s)\n", s, origExpiration)
+	logger.Printf("refreshed id token %s (expired on %s)\n", s, origExpiration)
 	return true, nil
 }