diff options
| author | Jenkins <jenkins@review.openstack.org> | 2014-02-03 21:56:47 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2014-02-03 21:56:47 +0000 |
| commit | 2c3e366e8a635c1b3cbfa6f7195fc53e6e8c0025 (patch) | |
| tree | 17f27b6ec32e461460516bcdb9a6d6a15f6805c9 /pycadf | |
| parent | 32e23772a93a17091238095e1b5fc28d61bff801 (diff) | |
| parent | 777831ddff76ba043d5d60f85513911a63244086 (diff) | |
| download | pycadf-2c3e366e8a635c1b3cbfa6f7195fc53e6e8c0025.tar.gz | |
Merge "mask token values"
Diffstat (limited to 'pycadf')
| -rw-r--r-- | pycadf/credential.py | 3 | ||||
| -rw-r--r-- | pycadf/tests/audit/test_api.py | 3 | ||||
| -rw-r--r-- | pycadf/tests/test_cadf_spec.py | 5 | ||||
| -rw-r--r-- | pycadf/tests/test_utils.py | 31 | ||||
| -rw-r--r-- | pycadf/utils.py | 29 |
5 files changed, 66 insertions, 5 deletions
diff --git a/pycadf/credential.py b/pycadf/credential.py index 9274b80..3b7141a 100644 --- a/pycadf/credential.py +++ b/pycadf/credential.py @@ -17,6 +17,7 @@ import six from pycadf import cadftype +from pycadf import utils TYPE_URI_CRED = cadftype.CADF_VERSION_1_0_0 + 'credential' @@ -39,7 +40,7 @@ class Credential(cadftype.CADFAbstractType): def __init__(self, token, type=None): # Credential.token - setattr(self, CRED_KEYNAME_TOKEN, token) + setattr(self, CRED_KEYNAME_TOKEN, utils.mask_value(token)) # Credential.type if type is not None: diff --git a/pycadf/tests/audit/test_api.py b/pycadf/tests/audit/test_api.py index 774e494..10abe1c 100644 --- a/pycadf/tests/audit/test_api.py +++ b/pycadf/tests/audit/test_api.py @@ -85,7 +85,8 @@ class TestAuditApi(base.TestCase): '192.168.0.1') self.assertEqual(payload['initiator']['typeURI'], 'service/security/account/user') - self.assertEqual(payload['initiator']['credential']['token'], 'token') + self.assertNotEqual(payload['initiator']['credential']['token'], + 'token') self.assertEqual(payload['initiator']['credential']['identity_status'], 'Confirmed') self.assertNotIn('reason', payload) diff --git a/pycadf/tests/test_cadf_spec.py b/pycadf/tests/test_cadf_spec.py index 0635cdd..fdbd60c 100644 --- a/pycadf/tests/test_cadf_spec.py +++ b/pycadf/tests/test_cadf_spec.py @@ -15,8 +15,6 @@ # under the License. import time -import testtools - from pycadf import attachment from pycadf import credential from pycadf import endpoint @@ -30,10 +28,11 @@ from pycadf import reason from pycadf import reporterstep from pycadf import resource from pycadf import tag +from pycadf.tests import base from pycadf import timestamp -class TestCADFSpec(testtools.TestCase): +class TestCADFSpec(base.TestCase): def test_endpoint(self): endp = endpoint.Endpoint(url='http://192.168.0.1', name='endpoint name', diff --git a/pycadf/tests/test_utils.py b/pycadf/tests/test_utils.py new file mode 100644 index 0000000..8eaa22a --- /dev/null +++ b/pycadf/tests/test_utils.py @@ -0,0 +1,31 @@ +# +# Copyright 2013 OpenStack LLC +# All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +import uuid + +from pycadf.tests import base +from pycadf import utils + + +class TestUtils(base.TestCase): + def test_mask_value(self): + value = str(uuid.uuid4()) + m_percent = 0.125 + obfuscate = utils.mask_value(value, m_percent) + visible = int(round(len(value) * m_percent)) + self.assertEqual(value[:visible], obfuscate[:visible]) + self.assertNotEqual(value[:visible + 1], obfuscate[:visible + 1]) + self.assertEqual(value[-visible:], obfuscate[-visible:]) + self.assertNotEqual(value[-visible - 1:], obfuscate[-visible - 1:]) diff --git a/pycadf/utils.py b/pycadf/utils.py new file mode 100644 index 0000000..fba4fbf --- /dev/null +++ b/pycadf/utils.py @@ -0,0 +1,29 @@ +# -*- encoding: utf-8 -*- +# +# Copyright 2013 IBM Corp. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +import six + + +def mask_value(value, s_percent=0.125): + """Obfuscate a given string to show only a percentage of leading + and trailing characters. + + :param s_percent: The percentage of characters to replace + """ + if isinstance(value, six.string_types): + visible = (32 if int(round(len(value) * s_percent)) > 32 + else int(round(len(value) * s_percent))) + return value[:visible] + " xxxxxxxx " + value[-visible:] + return value |