From cdc03991536bed8665574866477c7c4a7efe1a02 Mon Sep 17 00:00:00 2001
From: arlowatts <arlowatts1@gmail.com>
Date: Thu, 3 Aug 2023 13:42:49 -0700
Subject: [PATCH] Comment out sensitive log messages

---
 Services/Common/src/Delegates/PharmanetDelegate.cs | 11 +++++++++++
 Services/Common/src/Services/PharmanetService.cs   |  9 +++++++++
 2 files changed, 20 insertions(+)

diff --git a/Services/Common/src/Delegates/PharmanetDelegate.cs b/Services/Common/src/Delegates/PharmanetDelegate.cs
index 1700304d..fee1cb70 100644
--- a/Services/Common/src/Delegates/PharmanetDelegate.cs
+++ b/Services/Common/src/Delegates/PharmanetDelegate.cs
@@ -49,6 +49,9 @@ private string TrimBadCharactersInMessage(string hl7base64Message = @"")
             byte[] bytes = Convert.FromBase64String(hl7base64Message);
             byte[] newBytes = new byte[bytes.Length];
 
+            // This log statement logs sensitive health information - use it only for debugging in a development environment
+            // Logger.LogDebug(this.logger, $"RESPONSE B64='{hl7base64Message}'");
+
             Span<byte> span = bytes;
             int i = 0;
             foreach(byte aByte in span)
@@ -65,6 +68,9 @@ private string TrimBadCharactersInMessage(string hl7base64Message = @"")
             }
             string b64ResultStr = Convert.ToBase64String(newBytes, 0, i);
 
+            // This log statement logs sensitive health information - use it only for debugging in a development environment
+            // Logger.LogDebug(this.logger, $"UPDATED RESPONSE B64='{b64ResultStr}'");
+
             return b64ResultStr;
         }
 
@@ -102,6 +108,9 @@ public async Task<RequestResult<PharmanetMessageModel>> SubmitRequest(PharmanetM
             {
                 Uri delegateUri = new Uri(this.pharmanetDelegateConfig.Endpoint);
 
+                // This log statement logs sensitive health information - use it only for debugging in a development environment
+                // Logger.LogDebug(this.logger, $"PharmanetDelegate Proxy POST {delegateUri}. Payload: {jsonOutput}");
+
                 HttpResponseMessage response = await this.httpClient.PostAsync(delegateUri, content).ConfigureAwait(true);
                 requestResult.IsSuccessStatusCode = response.IsSuccessStatusCode;
                 requestResult.StatusCode = response.StatusCode;
@@ -120,6 +129,8 @@ public async Task<RequestResult<PharmanetMessageModel>> SubmitRequest(PharmanetM
 
                     responseMessage!.Hl7Message = TrimBadCharactersInMessage(responseMessage!.Hl7Message); // Workaround stray chars from Delegate
                     requestResult.Payload = responseMessage;
+                    // This log statement does not log sensitive health information, even though it looks like it might
+                    Logger.LogDebug(this.logger, $"PharmanetDelegate Proxy Response: {responseMessage}");
                 }
             }
 #pragma warning disable CA1031 // Do not catch general exception types
diff --git a/Services/Common/src/Services/PharmanetService.cs b/Services/Common/src/Services/PharmanetService.cs
index 3873080e..b822913b 100644
--- a/Services/Common/src/Services/PharmanetService.cs
+++ b/Services/Common/src/Services/PharmanetService.cs
@@ -65,6 +65,9 @@ public async Task<RequestResult<DocumentReference>> SubmitRequest(DocumentRefere
 
             try
             {
+                // This log statement logs sensitive health information - use it only for debugging in a development environment
+                // Logger.LogDebug(this.logger, $"Pharmanet Request: {requestMessage.Hl7Message}");
+
                 RequestResult<PharmanetMessageModel> result = await this.pharmanetDelegate.SubmitRequest(requestMessage).ConfigureAwait(true);
 
                 response.StatusCode = result.StatusCode;
@@ -74,9 +77,15 @@ public async Task<RequestResult<DocumentReference>> SubmitRequest(DocumentRefere
                 {
                     PharmanetMessageModel? message = result.Payload;
 
+                    // This log statement logs sensitive health information - use it only for debugging in a development environment
+                    // this.logger.LogDebug($"Pharmanet Response: {message!.Hl7Message}");
+
                     ResourceReference reference = PharmanetDelegateAdapter.RelatedToDocumentReference(request);
                     response.Payload = PharmanetDelegateAdapter.ToDocumentReference(message!, reference);
 
+                    // This log statement does not log sensitive health information, even though it looks like it might
+                    this.logger.LogDebug($"FHIR Response: {response!.Payload.ToString()}");
+
                     response.IsSuccessStatusCode = true;
                 }
                 else