fix(logging): replace password in auth gotOptions (#4108)

4a43ebce · Michael Kriese · Rhys Arkins · 642deb0b · 4a43ebce · 4a43ebce
Commit 4a43ebce authored 6 years ago by Michael Kriese Committed by Rhys Arkins 6 years ago
--- a/lib/logger/err-serializer.js
+++ b/lib/logger/err-serializer.js
@@ -15,7 +15,14 @@ export default function errSerializer(err) {
  if (err.stack) {
    response.stack = err.stack;
  }
-  if (err.gotOptions && err.gotOptions.headers) {
+  if (response.gotOptions) {
+    if (is.string(response.gotOptions.auth)) {
+      response.gotOptions.auth = response.gotOptions.auth.replace(
+        /:.*/,
+        ':***********'
+      );
+    }
+    if (err.gotOptions.headers) {
      const redactedHeaders = [
        'authorization',
        'private-header',
@@ -27,6 +34,7 @@ export default function errSerializer(err) {
        }
      });
    }
+  }
  const redactedFields = ['message', 'stack', 'stdout', 'stderr'];
  for (const field of redactedFields) {
    if (is.string(response[field])) {

--- a/test/logger/__snapshots__/err-serializer.spec.js.snap
+++ b/test/logger/__snapshots__/err-serializer.spec.js.snap
@@ -6,6 +6,7 @@ Object {
  "b": 2,
  "body": "some response body",
  "gotOptions": Object {
+    "auth": "test:***********",
    "headers": Object {
      "authorization": "** redacted **",
    },

--- a/test/logger/err-serializer.spec.js
+++ b/test/logger/err-serializer.spec.js
@@ -13,6 +13,7 @@ describe('logger/err-serializer', () => {
        headers: {
          authorization: 'Bearer abc',
        },
+        auth: 'test:token',
      },
    };
    expect(configSerializer(err)).toMatchSnapshot();