Update header redaction function

ShocOne · ShocOne · commit 84e7115a187b · 2024-03-26T06:35:14.000Z
diff --git a/httpclient/httpclient_auth_oauth.go b/httpclient/httpclient_auth_oauth.go
@@ -101,7 +101,7 @@ func (c *Client) ObtainOAuthToken(credentials AuthConfig) error {
 	expirationTime := time.Now().Add(expiresIn)
 
 	// Modified log call using the helper function
-	redactedAccessToken := RedactSensitiveData(c, "AccessToken", oauthResp.AccessToken)
+	redactedAccessToken := RedactSensitiveHeaderData(c, "AccessToken", oauthResp.AccessToken)
 	log.Info("OAuth token obtained successfully", zap.String("AccessToken", redactedAccessToken), zap.Duration("ExpiresIn", expiresIn), zap.Time("ExpirationTime", expirationTime))
 
 	c.Token = oauthResp.AccessToken
diff --git a/httpclient/httpclient_cookies.go b/httpclient/httpclient_cookies.go
@@ -0,0 +1,49 @@
+package httpclient
+
+import (
+	"net/http"
+	"strings"
+)
+
+// RedactSensitiveCookies redacts sensitive information from cookies.
+// It takes a slice of *http.Cookie and returns a redacted slice of *http.Cookie.
+func RedactSensitiveCookies(cookies []*http.Cookie) []*http.Cookie {
+	// Define sensitive cookie names that should be redacted.
+	sensitiveCookieNames := map[string]bool{
+		"SessionID": true, // Example sensitive cookie name
+		// Add more sensitive cookie names as needed.
+	}
+
+	// Iterate over the cookies and redact sensitive ones.
+	for _, cookie := range cookies {
+		if _, found := sensitiveCookieNames[cookie.Name]; found {
+			cookie.Value = "REDACTED"
+		}
+	}
+
+	return cookies
+}
+
+// Utility function to convert cookies from http.Header to []*http.Cookie.
+// This can be useful if cookies are stored in http.Header (e.g., from a response).
+func CookiesFromHeader(header http.Header) []*http.Cookie {
+	cookies := []*http.Cookie{}
+	for _, cookieHeader := range header["Set-Cookie"] {
+		if cookie := ParseCookieHeader(cookieHeader); cookie != nil {
+			cookies = append(cookies, cookie)
+		}
+	}
+	return cookies
+}
+
+// ParseCookieHeader parses a single Set-Cookie header and returns an *http.Cookie.
+func ParseCookieHeader(header string) *http.Cookie {
+	headerParts := strings.Split(header, ";")
+	if len(headerParts) > 0 {
+		cookieParts := strings.SplitN(headerParts[0], "=", 2)
+		if len(cookieParts) == 2 {
+			return &http.Cookie{Name: cookieParts[0], Value: cookieParts[1]}
+		}
+	}
+	return nil
+}
diff --git a/httpclient/httpclient_headers.go b/httpclient/httpclient_headers.go
@@ -109,7 +109,7 @@ func (h *HeaderManager) SetRequestHeaders(endpoint string) {
 }
 
 // LogHeaders prints all the current headers in the http.Request using the zap logger.
-// It uses the RedactSensitiveData function to redact sensitive data if required.
+// It uses the RedactSensitiveHeaderData function to redact sensitive data if required.
 func (h *HeaderManager) LogHeaders(client *Client) {
 	if h.log.GetLogLevel() <= logger.LogLevelDebug {
 		// Initialize a new Header to hold the potentially redacted headers
@@ -119,7 +119,7 @@ func (h *HeaderManager) LogHeaders(client *Client) {
 			// Redact sensitive values
 			if len(values) > 0 {
 				// Use the first value for simplicity; adjust if multiple values per header are expected
-				redactedValue := RedactSensitiveData(client, name, values[0])
+				redactedValue := RedactSensitiveHeaderData(client, name, values[0])
 				redactedHeaders.Set(name, redactedValue)
 			}
 		}
diff --git a/httpclient/httpclient_helpers.go b/httpclient/httpclient_helpers.go
@@ -10,8 +10,8 @@ func ParseISO8601Date(dateStr string) (time.Time, error) {
 	return time.Parse(time.RFC3339, dateStr)
 }
 
-// RedactSensitiveData redacts sensitive data if the HideSensitiveData flag is set to true.
-func RedactSensitiveData(client *Client, key string, value string) string {
+// RedactSensitiveHeaderData redacts sensitive data if the HideSensitiveData flag is set to true.
+func RedactSensitiveHeaderData(client *Client, key string, value string) string {
 	if client.clientConfig.ClientOptions.HideSensitiveData {
 		// Define sensitive data keys that should be redacted.
 		sensitiveKeys := map[string]bool{
diff --git a/httpclient/httpclient_helpers_test.go b/httpclient/httpclient_helpers_test.go
@@ -70,7 +70,7 @@ func TestRedactSensitiveData(t *testing.T) {
 				},
 			}
 
-			result := RedactSensitiveData(client, tt.key, tt.value)
+			result := RedactSensitiveHeaderData(client, tt.key, tt.value)
 			assert.Equal(t, tt.expectedOutcome, result, "Redaction outcome should match expected")
 		})
 	}

Original file line number	Diff line number	Diff line change
`@@ -109,7 +109,7 @@ func (h *HeaderManager) SetRequestHeaders(endpoint string) {`
`109`	`109`	`}`
`110`	`110`
`111`	`111`	`// LogHeaders prints all the current headers in the http.Request using the zap logger.`
`112`		`-// It uses the RedactSensitiveData function to redact sensitive data if required.`
	`112`	`+// It uses the RedactSensitiveHeaderData function to redact sensitive data if required.`
`113`	`113`	`func (h HeaderManager) LogHeaders(client Client) {`
`114`	`114`	`if h.log.GetLogLevel() <= logger.LogLevelDebug {`
`115`	`115`	`// Initialize a new Header to hold the potentially redacted headers`
`@@ -119,7 +119,7 @@ func (h HeaderManager) LogHeaders(client Client) {`
`119`	`119`	`// Redact sensitive values`
`120`	`120`	`if len(values) > 0 {`
`121`	`121`	`// Use the first value for simplicity; adjust if multiple values per header are expected`
`122`		`- redactedValue := RedactSensitiveData(client, name, values[0])`
	`122`	`+ redactedValue := RedactSensitiveHeaderData(client, name, values[0])`
`123`	`123`	`redactedHeaders.Set(name, redactedValue)`
`124`	`124`	`}`
`125`	`125`	`}`
Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,7 @@ func TestRedactSensitiveData(t *testing.T) {`
`70`	`70`	`},`
`71`	`71`	`}`
`72`	`72`
`73`		`- result := RedactSensitiveData(client, tt.key, tt.value)`
	`73`	`+ result := RedactSensitiveHeaderData(client, tt.key, tt.value)`
`74`	`74`	`assert.Equal(t, tt.expectedOutcome, result, "Redaction outcome should match expected")`
`75`	`75`	`})`
`76`	`76`	`}`