Merge pull request #1238 from roberth/redact-authorization-header
servant-client-core: Redact Authorization header
This commit is contained in:
commit
e1039523ec
4 changed files with 47 additions and 1 deletions
2
changelog.d/pull1238
Normal file
2
changelog.d/pull1238
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
synopsis: Redact the authorization header in Show and exceptions
|
||||||
|
prs: #1238
|
|
@ -96,6 +96,7 @@ test-suite spec
|
||||||
main-is: Spec.hs
|
main-is: Spec.hs
|
||||||
other-modules:
|
other-modules:
|
||||||
Servant.Client.Core.Internal.BaseUrlSpec
|
Servant.Client.Core.Internal.BaseUrlSpec
|
||||||
|
Servant.Client.Core.RequestSpec
|
||||||
|
|
||||||
-- Dependencies inherited from the library. No need to specify bounds.
|
-- Dependencies inherited from the library. No need to specify bounds.
|
||||||
build-depends:
|
build-depends:
|
||||||
|
|
|
@ -64,8 +64,32 @@ data RequestF body path = Request
|
||||||
, requestHeaders :: Seq.Seq Header
|
, requestHeaders :: Seq.Seq Header
|
||||||
, requestHttpVersion :: HttpVersion
|
, requestHttpVersion :: HttpVersion
|
||||||
, requestMethod :: Method
|
, requestMethod :: Method
|
||||||
} deriving (Generic, Typeable, Eq, Show, Functor, Foldable, Traversable)
|
} deriving (Generic, Typeable, Eq, Functor, Foldable, Traversable)
|
||||||
|
|
||||||
|
instance (Show a, Show b) =>
|
||||||
|
Show (Servant.Client.Core.Request.RequestF a b) where
|
||||||
|
showsPrec p req
|
||||||
|
= showParen
|
||||||
|
(p >= 11)
|
||||||
|
( showString "Request {requestPath = "
|
||||||
|
. showsPrec 0 (requestPath req)
|
||||||
|
. showString ", requestQueryString = "
|
||||||
|
. showsPrec 0 (requestQueryString req)
|
||||||
|
. showString ", requestBody = "
|
||||||
|
. showsPrec 0 (requestBody req)
|
||||||
|
. showString ", requestAccept = "
|
||||||
|
. showsPrec 0 (requestAccept req)
|
||||||
|
. showString ", requestHeaders = "
|
||||||
|
. showsPrec 0 (redactSensitiveHeader <$> requestHeaders req))
|
||||||
|
. showString ", requestHttpVersion = "
|
||||||
|
. showsPrec 0 (requestHttpVersion req)
|
||||||
|
. showString ", requestMethod = "
|
||||||
|
. showsPrec 0 (requestMethod req)
|
||||||
|
. showString "}"
|
||||||
|
where
|
||||||
|
redactSensitiveHeader :: Header -> Header
|
||||||
|
redactSensitiveHeader ("Authorization", _) = ("Authorization", "<REDACTED>")
|
||||||
|
redactSensitiveHeader h = h
|
||||||
instance Bifunctor RequestF where bimap = bimapDefault
|
instance Bifunctor RequestF where bimap = bimapDefault
|
||||||
instance Bifoldable RequestF where bifoldMap = bifoldMapDefault
|
instance Bifoldable RequestF where bifoldMap = bifoldMapDefault
|
||||||
instance Bitraversable RequestF where
|
instance Bitraversable RequestF where
|
||||||
|
|
19
servant-client-core/test/Servant/Client/Core/RequestSpec.hs
Normal file
19
servant-client-core/test/Servant/Client/Core/RequestSpec.hs
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
{-# OPTIONS_GHC -fno-warn-orphans #-}
|
||||||
|
{-# LANGUAGE OverloadedStrings #-}
|
||||||
|
module Servant.Client.Core.RequestSpec (spec) where
|
||||||
|
|
||||||
|
|
||||||
|
import Prelude ()
|
||||||
|
import Prelude.Compat
|
||||||
|
import Control.Monad
|
||||||
|
import Data.List (isInfixOf)
|
||||||
|
import Servant.Client.Core.Request
|
||||||
|
import Test.Hspec
|
||||||
|
|
||||||
|
spec :: Spec
|
||||||
|
spec = do
|
||||||
|
describe "Request" $ do
|
||||||
|
describe "show" $ do
|
||||||
|
it "redacts the authorization header" $ do
|
||||||
|
let request = void $ defaultRequest { requestHeaders = pure ("authorization", "secret") }
|
||||||
|
isInfixOf "secret" (show request) `shouldBe` False
|
Loading…
Add table
Reference in a new issue