From f009311140121a1987b460932210b67fd7f71417 Mon Sep 17 00:00:00 2001 From: Brock Allen Date: Fri, 23 Sep 2022 13:47:49 -0400 Subject: [PATCH] change claims logging to trace --- .../BackchannelLogout/DefaultBackchannelLogoutService.cs | 3 +-- src/Duende.Bff/EndpointServices/User/DefaultUserService.cs | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/Duende.Bff/EndpointServices/BackchannelLogout/DefaultBackchannelLogoutService.cs b/src/Duende.Bff/EndpointServices/BackchannelLogout/DefaultBackchannelLogoutService.cs index 2113ea48..7a05c0fd 100644 --- a/src/Duende.Bff/EndpointServices/BackchannelLogout/DefaultBackchannelLogoutService.cs +++ b/src/Duende.Bff/EndpointServices/BackchannelLogout/DefaultBackchannelLogoutService.cs @@ -127,8 +127,7 @@ await UserSession.RevokeSessionsAsync(new UserSessionsFilter } else { - // TODO: any sensitive data here, or are we ok with LogDebug? - Logger.LogDebug("Claims found in back-channel JWT {claims}", claims.Claims); + Logger.LogTrace("Claims found in back-channel JWT {claims}", claims.Claims); } if (claims.FindFirst("sub") == null && claims.FindFirst("sid") == null) diff --git a/src/Duende.Bff/EndpointServices/User/DefaultUserService.cs b/src/Duende.Bff/EndpointServices/User/DefaultUserService.cs index b9165edb..105dbc32 100644 --- a/src/Duende.Bff/EndpointServices/User/DefaultUserService.cs +++ b/src/Duende.Bff/EndpointServices/User/DefaultUserService.cs @@ -80,8 +80,7 @@ public virtual async Task ProcessRequestAsync(HttpContext context) context.Response.ContentType = "application/json"; await context.Response.WriteAsync(json, Encoding.UTF8); - // TODO: any PII filtering we need here, or are we ok since it's Debug? - Logger.LogDebug("User endpoint indicates the user is logged in with claims {claims}", claims); + Logger.LogTrace("User endpoint indicates the user is logged in with claims {claims}", claims); } }