diff options
author | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-11-07 06:29:35 +0000 |
---|---|---|
committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-11-07 13:08:11 +0200 |
commit | a8d86df94099317f2918bd0cf1f147b822bfc599 (patch) | |
tree | 34296d2052d6577c8f4fe6e99988b8f704fa577f /oslo_context/context.py | |
parent | e75f4c5ad91962e272d65daa770e00f70f931ecb (diff) | |
download | oslo-context-a8d86df94099317f2918bd0cf1f147b822bfc599.tar.gz |
Ouput a placeholder instead of the auth_token2.19.3
As the name of the get_logging_values suggests, that function will
get entries from the context for logging purposes. For this, we
shouldn't need the auth_token since it might potentially leak
in the logs.
This filters out the auth_token by setting it as '***' by
default.
Change-Id: I2b245c1665c3587be3c476b803122788d186e5d5
Diffstat (limited to 'oslo_context/context.py')
-rw-r--r-- | oslo_context/context.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/oslo_context/context.py b/oslo_context/context.py index 24ded43..6475c2c 100644 --- a/oslo_context/context.py +++ b/oslo_context/context.py @@ -353,6 +353,13 @@ class RequestContext(object): 'user_domain_name': self.user_domain_name, 'project_domain_name': self.project_domain_name} values.update(self.to_dict()) + if self.auth_token: + # NOTE(jaosorior): Gotta obfuscate the token since this dict is + # meant for logging and we shouldn't leak it. + values['auth_token'] = '***' + else: + values['auth_token'] = None + return values @property |