avoid showing full basic auth creds in proxy endpoint logs

centrifugal · Sep 26, 2024 · 3b4ac34 · 3b4ac34
1 parent 7876a33
commit 3b4ac34
Show file tree

Hide file tree

Showing 4 changed files with 133 additions and 37 deletions.
diff --git a/internal/tools/address.go b/internal/tools/address.go
diff --git a/internal/tools/logging.go b/internal/tools/logging.go
@@ -0,0 +1,59 @@
+package tools
+
+import (
+	"net/url"
+	"strings"
+)
+
+// StripPassword from URL address.
+func StripPassword(address string) string {
+	u, err := url.Parse(address)
+	if err != nil {
+		return address
+	}
+	pass, passSet := u.User.Password()
+	if passSet {
+		return strings.Replace(u.String(), pass+"@", "***@", 1)
+	}
+	return u.String()
+}
+
+// GetLogAddresses returns a string with addresses (concatenated with comma)
+// with password stripped from each address.
+func GetLogAddresses(addresses []string) string {
+	cleanedAddresses := make([]string, 0, len(addresses))
+	for _, a := range addresses {
+		cleanedAddress := StripPassword(a)
+		cleanedAddresses = append(cleanedAddresses, cleanedAddress)
+	}
+	return strings.Join(cleanedAddresses, ", ")
+}
+
+// RedactedLogURLs prepares URLs to be logged or shown in UI stripping auth info from them.
+func RedactedLogURLs(urls ...string) []string {
+	var result []string
+
+	for _, input := range urls {
+		// Split the input by commas to handle comma-separated URLs.
+		urlParts := strings.Split(input, ",")
+		var cleanedParts []string
+
+		for _, urlString := range urlParts {
+			parsedURL, err := url.Parse(strings.TrimSpace(urlString))
+			var cleanedURL string
+			if err != nil {
+				cleanedURL = "<invalid_url>"
+			} else {
+				cleanedURL = parsedURL.Redacted()
+			}
+			cleanedParts = append(cleanedParts, cleanedURL)
+		}
+
+		// Combine the cleaned URLs back into a comma-separated string.
+		if len(cleanedParts) > 0 {
+			result = append(result, strings.Join(cleanedParts, ","))
+		}
+	}
+
+	return result
+}
diff --git a/internal/tools/logging_test.go b/internal/tools/logging_test.go
@@ -0,0 +1,67 @@
+package tools
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+// TestGetLogURLs tests the RedactedLogURLs function using Redacted method.
+func TestGetLogURLs(t *testing.T) {
+	t.Run("Single URL with auth info", func(t *testing.T) {
+		input := "https://user:[email protected]/resource"
+		expected := []string{"https://user:[email protected]/resource"}
+		actual := RedactedLogURLs(input)
+		require.Equal(t, expected, actual)
+	})
+
+	t.Run("Multiple URLs with mixed auth info", func(t *testing.T) {
+		input := "https://user:[email protected]/resource,https://another.com"
+		expected := []string{"https://user:[email protected]/resource,https://another.com"}
+		actual := RedactedLogURLs(input)
+		require.Equal(t, expected, actual)
+	})
+
+	t.Run("Multiple URLs with mixed spaces", func(t *testing.T) {
+		input := "https://user:[email protected]/resource, https://another.com"
+		expected := []string{"https://user:[email protected]/resource,https://another.com"}
+		actual := RedactedLogURLs(input)
+		require.Equal(t, expected, actual)
+	})
+
+	t.Run("Single URL without auth info", func(t *testing.T) {
+		input := "https://domain.com/resource"
+		expected := []string{"https://domain.com/resource"}
+		actual := RedactedLogURLs(input)
+		require.Equal(t, expected, actual)
+	})
+
+	t.Run("Invalid URL", func(t *testing.T) {
+		input := "://invalid-url"
+		expected := []string{"<invalid_url>"}
+		actual := RedactedLogURLs(input)
+		require.Equal(t, expected, actual)
+	})
+
+	t.Run("Mixed valid and invalid URLs", func(t *testing.T) {
+		input := "https://user:[email protected]/resource, ://invalid-url, https://valid.com"
+		expected := []string{"https://user:[email protected]/resource,<invalid_url>,https://valid.com"}
+		actual := RedactedLogURLs(input)
+		require.Equal(t, expected, actual)
+	})
+
+	t.Run("Multiple comma-separated URLs with auth", func(t *testing.T) {
+		input := "https://user:[email protected], https://admin:[email protected], httpss://example.com/resource"
+		expected := []string{"https://user:[email protected],https://admin:[email protected],httpss://example.com/resource"}
+		actual := RedactedLogURLs(input)
+		require.Equal(t, expected, actual)
+	})
+
+	t.Run("GRPC addresses work correctly", func(t *testing.T) {
+		// We use such format for GRPC proxy config.
+		input := []string{"grpc://user:[email protected]:9000", "grpc://127.0.0.1:10000"}
+		expected := []string{"grpc://user:[email protected]:9000", "grpc://127.0.0.1:10000"}
+		actual := RedactedLogURLs(input...)
+		require.Equal(t, expected, actual)
+	})
+}
diff --git a/main.go b/main.go
@@ -2090,7 +2090,7 @@ func proxyMapConfig() (*client.ProxyMap, bool) {
 		if err != nil {
 			log.Fatal().Msgf("error creating connect proxy: %v", err)
 		}
-		log.Info().Str("endpoint", connectEndpoint).Msg("connect proxy enabled")
+		log.Info().Str("endpoint", tools.RedactedLogURLs(connectEndpoint)[0]).Msg("connect proxy enabled")
 	}
 
 	if refreshEndpoint != "" {
@@ -2101,7 +2101,7 @@ func proxyMapConfig() (*client.ProxyMap, bool) {
 		if err != nil {
 			log.Fatal().Msgf("error creating refresh proxy: %v", err)
 		}
-		log.Info().Str("endpoint", refreshEndpoint).Msg("refresh proxy enabled")
+		log.Info().Str("endpoint", tools.RedactedLogURLs(refreshEndpoint)[0]).Msg("refresh proxy enabled")
 	}
 
 	if subscribeEndpoint != "" {
@@ -2112,7 +2112,7 @@ func proxyMapConfig() (*client.ProxyMap, bool) {
 			log.Fatal().Msgf("error creating subscribe proxy: %v", err)
 		}
 		proxyMap.SubscribeProxies[""] = sp
-		log.Info().Str("endpoint", subscribeEndpoint).Msg("subscribe proxy enabled")
+		log.Info().Str("endpoint", tools.RedactedLogURLs(subscribeEndpoint)[0]).Msg("subscribe proxy enabled")
 	}
 
 	if publishEndpoint != "" {
@@ -2123,7 +2123,7 @@ func proxyMapConfig() (*client.ProxyMap, bool) {
 			log.Fatal().Msgf("error creating publish proxy: %v", err)
 		}
 		proxyMap.PublishProxies[""] = pp
-		log.Info().Str("endpoint", publishEndpoint).Msg("publish proxy enabled")
+		log.Info().Str("endpoint", tools.RedactedLogURLs(publishEndpoint)[0]).Msg("publish proxy enabled")
 	}
 
 	if rpcEndpoint != "" {
@@ -2134,7 +2134,7 @@ func proxyMapConfig() (*client.ProxyMap, bool) {
 			log.Fatal().Msgf("error creating rpc proxy: %v", err)
 		}
 		proxyMap.RpcProxies[""] = rp
-		log.Info().Str("endpoint", rpcEndpoint).Msg("RPC proxy enabled")
+		log.Info().Str("endpoint", tools.RedactedLogURLs(rpcEndpoint)[0]).Msg("RPC proxy enabled")
 	}
 
 	if subRefreshEndpoint != "" {
@@ -2145,7 +2145,7 @@ func proxyMapConfig() (*client.ProxyMap, bool) {
 			log.Fatal().Msgf("error creating sub refresh proxy: %v", err)
 		}
 		proxyMap.SubRefreshProxies[""] = srp
-		log.Info().Str("endpoint", subRefreshEndpoint).Msg("sub refresh proxy enabled")
+		log.Info().Str("endpoint", tools.RedactedLogURLs(subRefreshEndpoint)[0]).Msg("sub refresh proxy enabled")
 	}
 
 	if proxyStreamSubscribeEndpoint != "" {
@@ -2156,7 +2156,7 @@ func proxyMapConfig() (*client.ProxyMap, bool) {
 			log.Fatal().Msgf("error creating subscribe stream proxy: %v", err)
 		}
 		proxyMap.SubscribeStreamProxies[""] = streamProxy
-		log.Info().Str("endpoint", proxyStreamSubscribeEndpoint).Msg("subscribe stream proxy enabled")
+		log.Info().Str("endpoint", tools.RedactedLogURLs(proxyStreamSubscribeEndpoint)[0]).Msg("subscribe stream proxy enabled")
 	}
 
 	keepHeadersInContext := connectEndpoint != "" || refreshEndpoint != "" ||