diff --git a/lib/pact_broker/string_refinements.rb b/lib/pact_broker/string_refinements.rb new file mode 100644 index 000000000..677a6ba71 --- /dev/null +++ b/lib/pact_broker/string_refinements.rb @@ -0,0 +1,9 @@ +module PactBroker + module StringRefinements + refine String do + def not_blank? + self && self.strip.size > 0 + end + end + end +end \ No newline at end of file diff --git a/lib/pact_broker/webhooks/redact_logs.rb b/lib/pact_broker/webhooks/redact_logs.rb index a13158a17..240bc2358 100644 --- a/lib/pact_broker/webhooks/redact_logs.rb +++ b/lib/pact_broker/webhooks/redact_logs.rb @@ -1,9 +1,26 @@ +require 'pact_broker/string_refinements' + module PactBroker module Webhooks - class RedactLogs - def self.call logs - logs.gsub(/(Authorization: )(.*)/i,'\1[REDACTED]') - .gsub(/(Token: )(.*)/i,'\1[REDACTED]') + module RedactLogs + HEADER_SUBSTITUTIONS = [[/(Authorization: )(.*)/i, '\1[REDACTED]'], [ /(Token: )(.*)/i, '\1[REDACTED]']] + + using PactBroker::StringRefinements + + def redact_logs(logs, values) + RedactLogs.call(logs, values) + end + + def self.call logs, values + substitutions = HEADER_SUBSTITUTIONS + value_substitutions(values) + + substitutions.reduce(logs) do | logs, (find, replace) | + logs.gsub(find, replace) + end + end + + def self.value_substitutions(values) + values.select(&:not_blank?).collect{ | value | [value, "********"] } end end end diff --git a/spec/lib/pact_broker/webhooks/redact_logs_spec.rb b/spec/lib/pact_broker/webhooks/redact_logs_spec.rb index 307d26bf1..902cc7ef8 100644 --- a/spec/lib/pact_broker/webhooks/redact_logs_spec.rb +++ b/spec/lib/pact_broker/webhooks/redact_logs_spec.rb @@ -4,6 +4,8 @@ module PactBroker module Webhooks describe RedactLogs do describe ".call" do + let(:values) { [] } + let(:string) do "Authorization: foo\nX-Thing: bar" end @@ -25,23 +27,32 @@ module Webhooks end it "hides the value of the Authorization header" do - expect(RedactLogs.call(string)).to eq "Authorization: [REDACTED]\nX-Thing: bar" + expect(RedactLogs.call(string, values)).to eq "Authorization: [REDACTED]\nX-Thing: bar" end it "hides the value of the X-Authorization header" do - expect(RedactLogs.call(x_auth_string)).to eq "X-Authorization: [REDACTED]\nX-Thing: bar" + expect(RedactLogs.call(x_auth_string, values)).to eq "X-Authorization: [REDACTED]\nX-Thing: bar" end it "hides the value of the X-Auth-Token header" do - expect(RedactLogs.call(x_auth_token)).to eq "X-Auth-Token: [REDACTED]\nX-Thing: bar" + expect(RedactLogs.call(x_auth_token, values)).to eq "X-Auth-Token: [REDACTED]\nX-Thing: bar" end it "hides the value of the X-Authorization-Token header" do - expect(RedactLogs.call(x_authorization_token)).to eq "X-Authorization-Token: [REDACTED]\nX-Thing: bar" + expect(RedactLogs.call(x_authorization_token, values)).to eq "X-Authorization-Token: [REDACTED]\nX-Thing: bar" end it "hides the value of the authorization header" do - expect(RedactLogs.call(string_lower)).to eq "authorization: [REDACTED]\nX-Thing: bar" + expect(RedactLogs.call(string_lower, values)).to eq "authorization: [REDACTED]\nX-Thing: bar" + end + + context "with values" do + let(:values) { %w[foo bar] } + let(:string) { "blahfoo\nbar wiffle" } + + it "hides the passed in values" do + expect(RedactLogs.call(string, values)).to eq "blah********\n******** wiffle" + end end end end