Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: remove logging of api key from TokenBasedAuthenticationExtension #1788

Merged
merged 1 commit into from
Aug 5, 2022
Merged

fix: remove logging of api key from TokenBasedAuthenticationExtension #1788

merged 1 commit into from
Aug 5, 2022

Conversation

juliapampus
Copy link
Contributor

What this PR changes/adds

Removes plain key from log line.

Why it does that

Password shouldn't be part of the log file

Further notes

--

Linked Issue(s)

Closes #1780

Checklist

  • added appropriate tests?
  • performed checkstyle check locally?
  • added/updated copyright headers?
  • documented public classes/methods?
  • added/updated relevant documentation?
  • assigned appropriate label? (exclude from changelog with label no-changelog)
  • formatted title correctly? (take a look at the CONTRIBUTING and styleguide for details)

@juliapampus juliapampus added the bug Something isn't working label Aug 5, 2022
@codecov-commenter
Copy link

codecov-commenter commented Aug 5, 2022
edited
Loading

Codecov Report

Merging #1788 (6b924ba) into main (a9b98b7) will decrease coverage by 0.00%.
The diff coverage is 50.00%.

@@            Coverage Diff             @@
##             main    #1788      +/-   ##
==========================================
- Coverage   67.85%   67.85%   -0.01%     
==========================================
  Files         793      793              
  Lines       16838    16837       -1     
  Branches     1077     1077              
==========================================
- Hits        11426    11425       -1     
  Misses       4939     4939              
  Partials      473      473
Impacted Files Coverage Δ
...or/api/auth/TokenBasedAuthenticationExtension.java 90.00% <50.00%> (-10.00%) ⬇️
...iation/ProviderContractNegotiationManagerImpl.java 90.55% <0.00%> (+0.55%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@juliapampus juliapampus force-pushed the fix/remove_sensitive_data_from_log_line branch from 5a58f16 to 6b924ba Compare August 5, 2022 07:28
@juliapampus juliapampus merged commit 83d1c4e into eclipse-edc:main Aug 5, 2022
@juliapampus juliapampus deleted the fix/remove_sensitive_data_from_log_line branch August 5, 2022 07:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ndr-brt ndr-brt ndr-brt approved these changes

@paullatzelsperger paullatzelsperger Awaiting requested review from paullatzelsperger

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Security: TokenBasedAuthenticationExtension logs API Key on start-up
3 participants
@juliapampus @codecov-commenter @ndr-brt