diff --git a/README.md b/README.md
index 164f36b78..3b8142d94 100644
--- a/README.md
+++ b/README.md
@@ -302,14 +302,14 @@ e.g. *password*.
Logbook supports different types of filters:
-| Type | Operates on | Applies to | Default |
-|------------------|--------------------------------|------------|-----------------------------------------------------------------------------------|
-| `QueryFilter` | Query string | request | `access_token` |
-| `PathFilter` | Path | request | n/a |
-| `HeaderFilter` | Header (single key-value pair) | both | `Authorization` |
-| `BodyFilter` | Content-Type and body | both | json: `access_token` and `refresh_token`
form: `client_secret` and `password` |
-| `RequestFilter` | `HttpRequest` | request | Replace binary, multipart and stream bodies. |
-| `ResponseFilter` | `HttpResponse` | response | Replace binary, multipart and stream bodies. |
+| Type | Operates on | Applies to | Default |
+|------------------|--------------------------------|------------|----------------------------------------------------------------------------------------------------|
+| `QueryFilter` | Query string | request | `access_token` |
+| `PathFilter` | Path | request | n/a |
+| `HeaderFilter` | Header (single key-value pair) | both | `Authorization` |
+| `BodyFilter` | Content-Type and body | both | json: `access_token` and `refresh_token`
form: `client_secret`, `password` and `refresh_token` |
+| `RequestFilter` | `HttpRequest` | request | Replace binary, multipart and stream bodies. |
+| `ResponseFilter` | `HttpResponse` | response | Replace binary, multipart and stream bodies. |
`QueryFilter`, `PathFilter`, `HeaderFilter` and `BodyFilter` are relatively high-level and should cover all needs in ~90% of all
cases. For more complicated setups one should fallback to the low-level variants, i.e. `RequestFilter` and `ResponseFilter`
diff --git a/logbook-core/src/main/java/org/zalando/logbook/core/BodyFilters.java b/logbook-core/src/main/java/org/zalando/logbook/core/BodyFilters.java
index 6f4bef919..34e2066d9 100644
--- a/logbook-core/src/main/java/org/zalando/logbook/core/BodyFilters.java
+++ b/logbook-core/src/main/java/org/zalando/logbook/core/BodyFilters.java
@@ -33,6 +33,7 @@ public static BodyFilter oauthRequest() {
final Set properties = new HashSet<>();
properties.add("client_secret");
properties.add("password");
+ properties.add("refresh_token");
return replaceFormUrlEncodedProperty(properties, "XXX");
}
diff --git a/logbook-core/src/test/java/org/zalando/logbook/core/BodyFiltersTest.java b/logbook-core/src/test/java/org/zalando/logbook/core/BodyFiltersTest.java
index bc661b9b6..d446cc8ae 100644
--- a/logbook-core/src/test/java/org/zalando/logbook/core/BodyFiltersTest.java
+++ b/logbook-core/src/test/java/org/zalando/logbook/core/BodyFiltersTest.java
@@ -1,6 +1,8 @@
package org.zalando.logbook.core;
import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
import org.zalando.logbook.BodyFilter;
import static java.util.Collections.singleton;
@@ -12,13 +14,14 @@
final class BodyFiltersTest {
- @Test
- void filtersClientSecretByOauthRequestFilterByDefault() {
+ @ParameterizedTest
+ @ValueSource(strings = {"client_secret", "password", "refresh_token"})
+ void filtersParameterByOauthRequestFilterByDefault(String parameterName) {
final BodyFilter unit = defaultValue();
- final String actual = unit.filter("application/x-www-form-urlencoded", "client_secret=secret");
+ final String actual = unit.filter("application/x-www-form-urlencoded", parameterName + "=secret");
- assertThat(actual).isEqualTo("client_secret=XXX");
+ assertThat(actual).isEqualTo(parameterName + "=XXX");
}
@Test