From 398c8fb5160a05d4b28fb11147a9a295e11bcf31 Mon Sep 17 00:00:00 2001
From: Tin Lam <tinlam@gmail.com>
Date: Mon, 9 Jan 2017 10:31:35 -0600
Subject: X-Serivce-Token should be hashed in the log

Currently, logs display the hash values of X-Auth-Token,
Authorization, and X-Subject-Token, but not the value of
the X-Service-Token.  This patch set adds the X-Service-Token
to the list of header fields to be hashed for logging purposes.

Change-Id: Iaa3a27f4b6c3baf964fa0c71328ffe9df43b2c0a
Closes-Bug: #1654847
(cherry picked from commit 56af8c90ecbb3cb5d29036151108b1e4e7a69bcc)
---
 keystoneclient/session.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'keystoneclient/session.py')

diff --git a/keystoneclient/session.py b/keystoneclient/session.py
index 1e08213..9e26b76 100644
--- a/keystoneclient/session.py
+++ b/keystoneclient/session.py
@@ -164,7 +164,7 @@ class Session(object):
     def _process_header(header):
         """Redacts the secure headers to be logged."""
         secure_headers = ('authorization', 'x-auth-token',
-                          'x-subject-token',)
+                          'x-subject-token', 'x-service-token')
         if header[0].lower() in secure_headers:
             token_hasher = hashlib.sha1()
             token_hasher.update(header[1].encode('utf-8'))
-- 
cgit v1.2.1