Skip to content

Commit

Permalink
fix(oxauth): corrected logging in TokenRestWebServiceImpl #1910 (#1921)
Browse files Browse the repository at this point in the history
  • Loading branch information
@yuriyz
yuriyz authored Aug 26, 2024
1 parent 07af0b7 commit 34e88b2
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
3 changes: 3 additions & 0 deletions Server/src/main/java/org/gluu/oxauth/util/ServerUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,9 @@ public static Map<String, String[]> prepareForLogs(Map<String, String[]> paramet
if (result.containsKey("client_secret")) {
result.put("client_secret", new String[] {"*****"});
}
if (result.containsKey("password")) {
result.put("password", new String[] {"*****"});
}
return result;
}

Expand Down
10 changes: 10 additions & 0 deletions Server/src/test/java/org/gluu/oxauth/util/ServerUtilTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,4 +21,14 @@ public void prepareForLogs_whenCalled_shouldNotHaveClearTextClientPassword() {

assertEquals("*****", result.get("client_secret")[0]);
}

@Test
public void prepareForLogs_whenCalled_shouldNotHaveClearTextPassword() {
Map<String, String[]> parameters = new HashMap<>();
parameters.put("password", new String[] {"124"});

final Map<String, String[]> result = ServerUtil.prepareForLogs(parameters);

assertEquals("*****", result.get("password")[0]);
}
}

0 comments on commit 34e88b2

Please sign in to comment.