diff options
author | Jenkins <jenkins@review.openstack.org> | 2014-07-23 19:47:08 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2014-07-23 19:47:08 +0000 |
commit | e90c3c4bdd764d88475c09cfe20e9496237ad688 (patch) | |
tree | 5d8700612e493e73fbf4a49ef7dfbe43331b8601 | |
parent | ead36aa22173605adc3bea2b4079603d4e602895 (diff) | |
parent | e5048043e211ea9cc094e439a51099fdc7e38e2e (diff) | |
download | python-ceilometerclient-e90c3c4bdd764d88475c09cfe20e9496237ad688.tar.gz |
Merge "Don't expose X-Auth-Token in ceilometer CLI"
-rw-r--r-- | ceilometerclient/common/http.py | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/ceilometerclient/common/http.py b/ceilometerclient/common/http.py index f440abe..56373ee 100644 --- a/ceilometerclient/common/http.py +++ b/ceilometerclient/common/http.py @@ -14,6 +14,7 @@ # under the License. import copy +import hashlib import logging import os import socket @@ -39,6 +40,7 @@ from ceilometerclient import exc LOG = logging.getLogger(__name__) USER_AGENT = 'python-ceilometerclient' CHUNKSIZE = 1024 * 64 # 64kB +SENSITIVE_HEADERS = ('X-Auth-Token',) class HTTPClient(object): @@ -84,11 +86,21 @@ class HTTPClient(object): except httplib.InvalidURL: raise exc.InvalidEndpoint() + def safe_header(self, name, value): + if name in SENSITIVE_HEADERS: + # because in python3 byte string handling is ... ug + v = value.encode('utf-8') + h = hashlib.sha1(v) + d = h.hexdigest() + return name, "{SHA1}%s" % d + else: + return name, value + def log_curl_request(self, method, url, kwargs): curl = ['curl -i -X %s' % method] for (key, value) in kwargs['headers'].items(): - header = '-H \'%s: %s\'' % (key, value) + header = '-H \'%s: %s\'' % self.safe_header(key, value) curl.append(header) conn_params_fmt = [ |