UNPKG

ibm-cloud-sdk-core

Version:

Core functionality to support SDKs generated with IBM's OpenAPI SDK Generator.

github.com/IBM/node-sdk-core

IBM/node-sdk-core

59 lines (58 loc) 2.07 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
/** * (C) Copyright IBM Corp. 2024. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ // Keywords that should be redacted. const redactedKeywords = [ 'apikey', 'api_key', 'passcode', 'password', 'token', 'aadClientId', 'aadClientSecret', 'auth', 'auth_provider_x509_cert_url', 'auth_uri', 'client_email', 'client_id', 'client_x509_cert_url', 'key', 'project_id', 'secret', 'subscriptionId', 'tenantId', 'thumbprint', 'token_uri', ]; const redactedTokens = redactedKeywords.join('|'); // Pre-compiled regular expressions used by redactSecrets(). const reAuthHeader = new RegExp(`^(Authorization|X-Auth\\S*): .*$`, 'gim'); const rePropertySetting = new RegExp(`(${redactedTokens})=[^&]*(&|$)`, 'gi'); const reJsonField = new RegExp(`"([^"]*(${redactedTokens})[^"_]*)":\\s*"[^\\,]*"`, 'gi'); // RedactSecrets() returns the input string with secrets redacted. /** * Redacts secrets found in "input" so that the resulting string * is suitable for debug logging. * @param input - the string that potentially contains secrets * @returns the input string with secrets replaced with "[redacted]" */ export function redactSecrets(input) { const redacted = '[redacted]'; let redactedString = input; redactedString = redactedString.replace(reAuthHeader, `$1: ${redacted}`); redactedString = redactedString.replace(rePropertySetting, `$1=${redacted}$2`); redactedString = redactedString.replace(reJsonField, `"$1":"${redacted}"`); return redactedString; }