From 68837bd34b2b3bd620562509c3cc0d69cc80203f Mon Sep 17 00:00:00 2001
From: Kristina Spring <kmspring57@gmail.com>
Date: Thu, 11 Apr 2019 15:35:54 -0700
Subject: [PATCH 1/4] log testing

---
 bascule/basculehttp/enforcer.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bascule/basculehttp/enforcer.go b/bascule/basculehttp/enforcer.go
index e095d25..88c4d2d 100644
--- a/bascule/basculehttp/enforcer.go
+++ b/bascule/basculehttp/enforcer.go
@@ -2,6 +2,7 @@ package basculehttp
 
 import (
 	"context"
+	"fmt"
 	"net/http"
 
 	"github.com/Comcast/comcast-bascule/bascule"
@@ -31,6 +32,10 @@ func (e *enforcer) decorate(next http.Handler) http.Handler {
 		if logger == nil {
 			logger = bascule.GetDefaultLoggerFunc(ctx)
 		}
+		err := logger.Log(level.Key(), level.ErrorValue(), "msg", "testing logger")
+		if err != nil {
+			panic(fmt.Sprintf("panicking from log error: %v", err.Error()))
+		}
 		auth, ok := bascule.FromContext(ctx)
 		if !ok {
 			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "no authentication found",

From 93247d3f95513e02914371e2dea09cced91e6fae Mon Sep 17 00:00:00 2001
From: Kristina Spring <kmspring57@gmail.com>
Date: Thu, 11 Apr 2019 16:00:08 -0700
Subject: [PATCH 2/4] new log messages

---
 bascule/basculehttp/constructor.go | 16 +++++++++-------
 bascule/basculehttp/enforcer.go    | 16 +++++-----------
 2 files changed, 14 insertions(+), 18 deletions(-)

diff --git a/bascule/basculehttp/constructor.go b/bascule/basculehttp/constructor.go
index 1646192..20b1fef 100644
--- a/bascule/basculehttp/constructor.go
+++ b/bascule/basculehttp/constructor.go
@@ -28,7 +28,8 @@ func (c *constructor) decorate(next http.Handler) http.Handler {
 		}
 		authorization := request.Header.Get(c.headerName)
 		if len(authorization) == 0 {
-			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "no authorization header", "request", request)
+			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "no authorization header",
+				"request header", request.Header, "request URL", request.URL)
 			response.WriteHeader(http.StatusForbidden)
 			return
 		}
@@ -36,7 +37,7 @@ func (c *constructor) decorate(next http.Handler) http.Handler {
 		i := strings.IndexByte(authorization, ' ')
 		if i < 1 {
 			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "unexpected authorization header value",
-				"request", request, "auth", authorization)
+				"auth", authorization)
 			response.WriteHeader(http.StatusBadRequest)
 			return
 		}
@@ -47,8 +48,8 @@ func (c *constructor) decorate(next http.Handler) http.Handler {
 
 		tf, supported := c.authorizations[key]
 		if !supported {
-			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "key not supported", "request", request,
-				"key", key, "auth", authorization[i+1:])
+			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "key not supported", "key", key,
+				"auth", authorization[i+1:])
 			response.WriteHeader(http.StatusForbidden)
 			return
 		}
@@ -56,8 +57,8 @@ func (c *constructor) decorate(next http.Handler) http.Handler {
 		ctx := request.Context()
 		token, err := tf.ParseAndValidate(ctx, request, key, authorization[i+1:])
 		if err != nil {
-			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, err.Error(), "request", request,
-				"key", key, "auth", authorization[i+1:])
+			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, err.Error(), "key", key,
+				"auth", authorization[i+1:])
 			WriteResponse(response, http.StatusUnauthorized, err)
 			return
 		}
@@ -69,7 +70,8 @@ func (c *constructor) decorate(next http.Handler) http.Handler {
 				Token:         token,
 			},
 		)
-		logger.Log(level.Key(), level.DebugValue(), "msg", "authentication added to context", "request", request,
+		logger.Log(level.Key(), level.DebugValue(), "msg", "authentication added to context",
+			"request headers", request.Header, "request URL", request.URL,
 			"token", token, "key", key)
 
 		next.ServeHTTP(response, request.WithContext(ctx))
diff --git a/bascule/basculehttp/enforcer.go b/bascule/basculehttp/enforcer.go
index 88c4d2d..f84205b 100644
--- a/bascule/basculehttp/enforcer.go
+++ b/bascule/basculehttp/enforcer.go
@@ -2,7 +2,6 @@ package basculehttp
 
 import (
 	"context"
-	"fmt"
 	"net/http"
 
 	"github.com/Comcast/comcast-bascule/bascule"
@@ -32,21 +31,17 @@ func (e *enforcer) decorate(next http.Handler) http.Handler {
 		if logger == nil {
 			logger = bascule.GetDefaultLoggerFunc(ctx)
 		}
-		err := logger.Log(level.Key(), level.ErrorValue(), "msg", "testing logger")
-		if err != nil {
-			panic(fmt.Sprintf("panicking from log error: %v", err.Error()))
-		}
 		auth, ok := bascule.FromContext(ctx)
 		if !ok {
-			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "no authentication found",
-				"request", request)
+			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "no authentication found")
 			response.WriteHeader(http.StatusForbidden)
 			return
 		}
 		rules, ok := e.rules[auth.Authorization]
 		if !ok {
 			logger.Log(level.Key(), level.ErrorValue(),
-				bascule.ErrorKey, "no rules found for authorization", "request", request)
+				bascule.ErrorKey, "no rules found for authorization", "rules", rules,
+				"authorization", auth.Authorization, "behavior", e.notFoundBehavior)
 			switch e.notFoundBehavior {
 			case Forbid:
 				response.WriteHeader(http.StatusForbidden)
@@ -66,14 +61,13 @@ func (e *enforcer) decorate(next http.Handler) http.Handler {
 						errs = append(errs, e.Error())
 					}
 				}
-				logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, errs,
-					"request", request)
+				logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, errs)
 				WriteResponse(response, http.StatusUnauthorized, err)
 				return
 			}
 		}
 		logger.Log(level.Key(), level.DebugValue(), "msg", "authentication accepted by enforcer",
-			"request", request)
+			"request headers", request.Header, "request URL", request.URL)
 		next.ServeHTTP(response, request)
 	})
 }

From ef462f02f48d5474a0b2d6bc310f76b21384ba94 Mon Sep 17 00:00:00 2001
From: Kristina Spring <kmspring57@gmail.com>
Date: Thu, 11 Apr 2019 18:27:42 -0700
Subject: [PATCH 3/4] removed any request values from log messages

---
 bascule/basculehttp/constructor.go | 4 +---
 bascule/basculehttp/enforcer.go    | 3 +--
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/bascule/basculehttp/constructor.go b/bascule/basculehttp/constructor.go
index 20b1fef..4b5d2c0 100644
--- a/bascule/basculehttp/constructor.go
+++ b/bascule/basculehttp/constructor.go
@@ -28,8 +28,7 @@ func (c *constructor) decorate(next http.Handler) http.Handler {
 		}
 		authorization := request.Header.Get(c.headerName)
 		if len(authorization) == 0 {
-			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "no authorization header",
-				"request header", request.Header, "request URL", request.URL)
+			logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, "no authorization header")
 			response.WriteHeader(http.StatusForbidden)
 			return
 		}
@@ -71,7 +70,6 @@ func (c *constructor) decorate(next http.Handler) http.Handler {
 			},
 		)
 		logger.Log(level.Key(), level.DebugValue(), "msg", "authentication added to context",
-			"request headers", request.Header, "request URL", request.URL,
 			"token", token, "key", key)
 
 		next.ServeHTTP(response, request.WithContext(ctx))
diff --git a/bascule/basculehttp/enforcer.go b/bascule/basculehttp/enforcer.go
index f84205b..e841ab2 100644
--- a/bascule/basculehttp/enforcer.go
+++ b/bascule/basculehttp/enforcer.go
@@ -66,8 +66,7 @@ func (e *enforcer) decorate(next http.Handler) http.Handler {
 				return
 			}
 		}
-		logger.Log(level.Key(), level.DebugValue(), "msg", "authentication accepted by enforcer",
-			"request headers", request.Header, "request URL", request.URL)
+		logger.Log(level.Key(), level.DebugValue(), "msg", "authentication accepted by enforcer")
 		next.ServeHTTP(response, request)
 	})
 }

From cfc829d5b4f1f042a73876a5df3bf7b970837785 Mon Sep 17 00:00:00 2001
From: Kristina Spring <kmspring57@gmail.com>
Date: Thu, 11 Apr 2019 18:43:09 -0700
Subject: [PATCH 4/4] [skip ci] updated changelog

---
 CHANGELOG.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d0af106..1854df7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+## [v0.2.1]
+- Removed request from logging statements
+
 ## [v0.2.0]
  - Added checks
  - Added configurable behavior on a key not found in `enforcer`
@@ -21,7 +24,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Added constructor, enforcer, and listener alice decorators
 - Basic code and structure established
 
-[Unreleased]: https://github.com/Comcast/comcast-bascule/compare/v0.2.0...HEAD
+[Unreleased]: https://github.com/Comcast/comcast-bascule/compare/v0.2.1...HEAD
+[v0.2.1]: https://github.com/Comcast/comcast-bascule/compare/0.2.0...v0.2.1
 [v0.2.0]: https://github.com/Comcast/comcast-bascule/compare/0.1.1...v0.2.0
 [v0.1.1]: https://github.com/Comcast/comcast-bascule/compare/0.1.0...v0.1.1
 [v0.1.0]: https://github.com/Comcast/comcast-bascule/compare/0.0.0...v0.1.0