@bitrix24/b24jssdk/dist/esm/core/http/redact.mjs.map

Bitrix24 REST API JavaScript SDK

{"version":3,"file":"redact.mjs","sources":["../../../../src/core/http/redact.ts"],"sourcesContent":["/**\n * Bounded-depth redact for params that may contain credentials before they\n * enter any logger or error-rendering surface.\n *\n * Callers: `Http._sanitizeParams` (logger context), `_makeAxiosRequest`\n * (`post/send` and `post/catchError` info logs), `AjaxError` constructor\n * (stores `requestInfo.params` exposed by `toJSON()` / `toString()`).\n * Keeping a single source of truth means the redaction list stays\n * consistent across all of them.\n *\n * The walk descends two levels into nested objects and arrays. That is\n * the minimum that covers batch payloads (`{ cmd: [{ method, params:\n * { ...credentials... } }, ...] }`) where the credential lives at\n * `cmd[i].params.<key>`, as well as flat one-level-nested payloads like\n * `{ data: { token } }`. Deeper walks risk arbitrary cost on\n * user-supplied trees and brittle false positives; two levels is the\n * documented contract — beyond that, redact at the callsite.\n *\n * Empty / nullish values are still considered sensitive — an empty\n * `access_token` is unusual but not safe to leave un-redacted.\n */\n\nexport const SENSITIVE_PARAM_KEYS: readonly string[] = [\n  'auth',\n  'password',\n  'token',\n  'secret',\n  'access_token',\n  'refresh_token'\n]\n\nexport const REDACTED_PLACEHOLDER = '***REDACTED***'\n\nfunction isPlainObject(value: unknown): value is Record<string, unknown> {\n  return value !== null && typeof value === 'object' && !Array.isArray(value)\n}\n\nfunction redactObject(\n  source: Record<string, unknown>,\n  depth: number\n): Record<string, unknown> {\n  const sanitized: Record<string, unknown> = { ...source }\n  for (const key of Object.keys(sanitized)) {\n    if (SENSITIVE_PARAM_KEYS.includes(key)) {\n      sanitized[key] = REDACTED_PLACEHOLDER\n      continue\n    }\n    if (depth <= 0) continue\n    const child = sanitized[key]\n    if (isPlainObject(child)) {\n      sanitized[key] = redactObject(child, depth - 1)\n    } else if (Array.isArray(child)) {\n      sanitized[key] = child.map(item =>\n        isPlainObject(item) ? redactObject(item, depth - 1) : item\n      )\n    }\n  }\n  return sanitized\n}\n\nconst DEFAULT_REDACT_DEPTH = 2\n\n/**\n * Returns a copy of `params` with any known credential-bearing key\n * replaced by `REDACTED_PLACEHOLDER`. Walks up to two levels into nested\n * objects/arrays so batch-shaped payloads (`cmd[i].params.<key>`) are\n * covered. Non-object inputs are returned as-is so callers don't have\n * to pre-check.\n */\nexport function redactSensitiveParams(\n  params: Record<string, unknown>\n): Record<string, unknown>\nexport function redactSensitiveParams<T>(params: T): T\nexport function redactSensitiveParams(params: unknown): unknown {\n  if (!isPlainObject(params)) return params\n  return redactObject(params, DEFAULT_REDACT_DEPTH)\n}\n"],"names":[],"mappings":";;;;;;;;;;AAsBO,MAAM,oBAAA,GAA0C;AAAA,EACrD,MAAA;AAAA,EACA,UAAA;AAAA,EACA,OAAA;AAAA,EACA,QAAA;AAAA,EACA,cAAA;AAAA,EACA;AACF;AAEO,MAAM,oBAAA,GAAuB;AAEpC,SAAS,cAAc,KAAA,EAAkD;AACvE,EAAA,OAAO,KAAA,KAAU,QAAQ,OAAO,KAAA,KAAU,YAAY,CAAC,KAAA,CAAM,QAAQ,KAAK,CAAA;AAC5E;AAFS,MAAA,CAAA,aAAA,EAAA,eAAA,CAAA;AAIT,SAAS,YAAA,CACP,QACA,KAAA,EACyB;AACzB,EAAA,MAAM,SAAA,GAAqC,EAAE,GAAG,MAAA,EAAO;AACvD,EAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,EAAG;AACxC,IAAA,IAAI,oBAAA,CAAqB,QAAA,CAAS,GAAG,CAAA,EAAG;AACtC,MAAA,SAAA,CAAU,GAAG,CAAA,GAAI,oBAAA;AACjB,MAAA;AAAA,IACF;AACA,IAAA,IAAI,SAAS,CAAA,EAAG;AAChB,IAAA,MAAM,KAAA,GAAQ,UAAU,GAAG,CAAA;AAC3B,IAAA,IAAI,aAAA,CAAc,KAAK,CAAA,EAAG;AACxB,MAAA,SAAA,CAAU,GAAG,CAAA,GAAI,YAAA,CAAa,KAAA,EAAO,QAAQ,CAAC,CAAA;AAAA,IAChD,CAAA,MAAA,IAAW,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG;AAC/B,MAAA,SAAA,CAAU,GAAG,IAAI,KAAA,CAAM,GAAA;AAAA,QAAI,CAAA,IAAA,KACzB,cAAc,IAAI,CAAA,GAAI,aAAa,IAAA,EAAM,KAAA,GAAQ,CAAC,CAAA,GAAI;AAAA,OACxD;AAAA,IACF;AAAA,EACF;AACA,EAAA,OAAO,SAAA;AACT;AArBS,MAAA,CAAA,YAAA,EAAA,cAAA,CAAA;AAuBT,MAAM,oBAAA,GAAuB,CAAA;AAatB,SAAS,sBAAsB,MAAA,EAA0B;AAC9D,EAAA,IAAI,CAAC,aAAA,CAAc,MAAM,CAAA,EAAG,OAAO,MAAA;AACnC,EAAA,OAAO,YAAA,CAAa,QAAQ,oBAAoB,CAAA;AAClD;AAHgB,MAAA,CAAA,qBAAA,EAAA,uBAAA,CAAA;;;;"}