diff options
author | Jenkins <jenkins@review.openstack.org> | 2014-10-09 15:01:05 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2014-10-09 15:01:05 +0000 |
commit | 89dc951f7d5a603f0c34b7c2cb9f7d26d73d9916 (patch) | |
tree | 5f44f867bc3cdfc0792fa42d34f045c75a2248ee /keystoneclient | |
parent | 1d1d92a6a3b3ee3ae29ecec7eb203fd4b40faccf (diff) | |
parent | 23d20452d24dc3adeb404ab44799585ec1169247 (diff) | |
download | python-keystoneclient-89dc951f7d5a603f0c34b7c2cb9f7d26d73d9916.tar.gz |
Merge "Log token with sha1"
Diffstat (limited to 'keystoneclient')
-rw-r--r-- | keystoneclient/session.py | 6 | ||||
-rw-r--r-- | keystoneclient/tests/test_session.py | 2 |
2 files changed, 6 insertions, 2 deletions
diff --git a/keystoneclient/session.py b/keystoneclient/session.py index a382cc7..577c2bf 100644 --- a/keystoneclient/session.py +++ b/keystoneclient/session.py @@ -12,6 +12,7 @@ import argparse import functools +import hashlib import logging import os import time @@ -122,7 +123,10 @@ class Session(object): secure_headers = ('authorization', 'x-auth-token', 'x-subject-token',) if header[0].lower() in secure_headers: - return (header[0], 'TOKEN_REDACTED') + token_hasher = hashlib.sha1() + token_hasher.update(header[1].encode('utf-8')) + token_hash = token_hasher.hexdigest() + return (header[0], '{SHA1}%s' % token_hash) return header @utils.positional() diff --git a/keystoneclient/tests/test_session.py b/keystoneclient/tests/test_session.py index 4c5b460..99c9e6e 100644 --- a/keystoneclient/tests/test_session.py +++ b/keystoneclient/tests/test_session.py @@ -168,7 +168,7 @@ class SessionTests(utils.TestCase): # Assert that response headers contains actual values and # only debug logs has been masked for k, v in six.iteritems(security_headers): - self.assertIn('%s: TOKEN_REDACTED' % k, self.logger.output) + self.assertIn('%s: {SHA1}' % k, self.logger.output) self.assertEqual(v, resp.headers[k]) self.assertNotIn(v, self.logger.output) |