1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-11-24 08:52:25 +02:00

Merge pull request #292 from nickmiller-wf/redact-access-token

Strip sensitive URL parameters from provider log output
This commit is contained in:
Jehiah Czebotar 2016-08-02 23:19:22 -04:00 committed by GitHub
commit a0e4a36821
3 changed files with 55 additions and 5 deletions

View File

@ -85,7 +85,8 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
return false, err
}
if resp.StatusCode != 200 {
return false, fmt.Errorf("got %d from %q %s", resp.StatusCode, endpoint, body)
return false, fmt.Errorf(
"got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body)
}
if err := json.Unmarshal(body, &orgs); err != nil {
@ -140,7 +141,8 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
return false, err
}
if resp.StatusCode != 200 {
return false, fmt.Errorf("got %d from %q %s", resp.StatusCode, endpoint, body)
return false, fmt.Errorf(
"got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body)
}
if err := json.Unmarshal(body, &teams); err != nil {
@ -217,9 +219,10 @@ func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error) {
}
if resp.StatusCode != 200 {
return "", fmt.Errorf("got %d from %q %s", resp.StatusCode, endpoint, body)
return "", fmt.Errorf("got %d from %q %s",
resp.StatusCode, stripToken(endpoint.String()), body)
} else {
log.Printf("got %d from %q %s", resp.StatusCode, endpoint, body)
log.Printf("got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body)
}
if err := json.Unmarshal(body, &emails); err != nil {

View File

@ -9,6 +9,42 @@ import (
"github.com/bitly/oauth2_proxy/api"
)
// stripToken is a helper function to obfuscate "access_token"
// query parameters
func stripToken(endpoint string) string {
return stripParam("access_token", endpoint)
}
// stripParam generalizes the obfuscation of a particular
// query parameter - typically 'access_token' or 'client_secret'
// The parameter's second half is replaced by '...' and returned
// as part of the encoded query parameters.
// If the target parameter isn't found, the endpoint is returned
// unmodified.
func stripParam(param, endpoint string) string {
u, err := url.Parse(endpoint)
if err != nil {
log.Printf("error attempting to strip %s: %s", param, err)
return endpoint
}
if u.RawQuery != "" {
values, err := url.ParseQuery(u.RawQuery)
if err != nil {
log.Printf("error attempting to strip %s: %s", param, err)
return u.String()
}
if val := values.Get(param); val != "" {
values.Set(param, val[:(len(val)/2)]+"...")
u.RawQuery = values.Encode()
return u.String()
}
}
return endpoint
}
// validateToken returns true if token is valid
func validateToken(p Provider, access_token string, header http.Header) bool {
if access_token == "" || p.Data().ValidateURL == nil {
@ -28,7 +64,7 @@ func validateToken(p Provider, access_token string, header http.Header) bool {
body, _ := ioutil.ReadAll(resp.Body)
resp.Body.Close()
log.Printf("%d GET %s %s", resp.StatusCode, endpoint, body)
log.Printf("%d GET %s %s", resp.StatusCode, stripToken(endpoint), body)
if resp.StatusCode == 200 {
return true

View File

@ -119,3 +119,14 @@ func TestValidateSessionStateExpiredToken(t *testing.T) {
vt_test.response_code = 401
assert.Equal(t, false, validateToken(vt_test.provider, "foobar", nil))
}
func TestStripTokenNotPresent(t *testing.T) {
test := "http://local.test/api/test?a=1&b=2"
assert.Equal(t, test, stripToken(test))
}
func TestStripToken(t *testing.T) {
test := "http://local.test/api/test?access_token=deadbeef&b=1&c=2"
expected := "http://local.test/api/test?access_token=dead...&b=1&c=2"
assert.Equal(t, expected, stripToken(test))
}