Skip to content

Commit

Permalink
Merge pull request #819 from gdbranco/fix/ocm-250
Browse files Browse the repository at this point in the history
OCM-250 | redact aws access_key and secret_access_key
  • Loading branch information
ciaranRoche authored Aug 15, 2023
2 parents 47a9734 + 46f62a8 commit bf9ca4f
Showing 1 changed file with 11 additions and 9 deletions.
20 changes: 11 additions & 9 deletions dump.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,14 +117,16 @@ const (

// redactFields are removed from log output when dumped.
var redactFields = map[string]bool{
"access_token": true,
"admin": true,
"id_token": true,
"refresh_token": true,
"password": true,
"client_secret": true,
"kubeconfig": true,
"ssh": true,
"access_token": true,
"admin": true,
"id_token": true,
"refresh_token": true,
"password": true,
"client_secret": true,
"kubeconfig": true,
"ssh": true,
"access_key_id": true,
"secret_access_key": true,
}

// dumpRequest dumps to the log, in debug level, the details of the given HTTP request.
Expand Down Expand Up @@ -244,7 +246,7 @@ func (d *dumpRoundTripper) dumpForm(ctx context.Context, data []byte) {
for _, value := range values {
var redacted string
if redactFields[name] {
redacted = "***"
redacted = redactionStr
} else {
redacted = url.QueryEscape(value)
}
Expand Down

0 comments on commit bf9ca4f

Please sign in to comment.