Merge 8c9268d into a044368

mia-platform · Sep 22, 2022 · 85f5b38 · 85f5b38
2 parents a044368 + 8c9268d
commit 85f5b38
Show file tree

Hide file tree

Showing 4 changed files with 102 additions and 2 deletions.
diff --git a/lib/httpClient.js b/lib/httpClient.js
@@ -20,6 +20,17 @@ const axios = require('axios')
 const httpsClient = require('https')
 const Pino = require('pino')
 
+const defaultRedactionRules = {
+  paths: [
+    'email', '[*].email',
+    'password', '[*].password',
+    'username', '[*].username',
+    'authorization', '[*].authorization',
+    'cookie', '[*].cookie',
+  ],
+  censor: '[REDACTED]',
+}
+
 class HttpClient {
   constructor(baseUrl, requestHeadersToProxy, baseOptions = {}) {
     this.baseURL = baseUrl
@@ -70,7 +81,10 @@ class HttpClient {
   }
 
   getLogger(options) {
-    return options.logger || this.baseOptions.logger || Pino({ level: 'silent' })
+    return options.logger || this.baseOptions.logger || Pino({
+      level: 'silent',
+      redact: defaultRedactionRules,
+    })
   }
 
   getMaxValues(options) {
@@ -215,4 +229,5 @@ function getHeaders(options, miaHeaders, baseOptions, payload) {
 }
 
 module.exports = HttpClient
+module.exports.defaultRedactionRules = defaultRedactionRules
 
diff --git a/package.json b/package.json
@@ -62,6 +62,7 @@
     "nock": "^13.2.4",
     "pre-commit": "^1.2.2",
     "proxy": "^1.0.2",
+    "ramda": "^0.28.0",
     "split2": "^4.1.0",
     "swagger-parser": "^10.0.3",
     "tap": "^16.1.0",

diff --git a/tap-snapshots/tests/httpClient.test.js.test.cjs b/tap-snapshots/tests/httpClient.test.js.test.cjs
@@ -0,0 +1,32 @@
+/* IMPORTANT
+ * This snapshot file is auto-generated, but designed for humans.
+ * It should be checked into source control and tracked carefully.
+ * Re-generate by setting TAP_SNAPSHOT=1 and running tests.
+ * Make sure to inspect the output below.  Do not ignore changes!
+ */
+'use strict'
+exports[`tests/httpClient.test.js TAP httpClient logger log correctly - redact data > must match snapshot 1`] = `
+Array [
+  Object {
+    "headers": Object {
+      "authorization": "[REDACTED]",
+      "content-type": "application/json;charset=utf-8",
+      "cookie": "[REDACTED]",
+    },
+    "payload": Object {
+      "email": "[REDACTED]",
+      "password": "[REDACTED]",
+      "username": "[REDACTED]",
+    },
+  },
+  Object {
+    "headers": Object {
+      "content-length": "18",
+      "content-type": "application/json",
+    },
+    "payload": Object {
+      "the": "response",
+    },
+  },
+]
+`
diff --git a/tests/httpClient.test.js b/tests/httpClient.test.js
@@ -2,7 +2,8 @@
 
 const tap = require('tap')
 const nock = require('nock')
-const { Readable } = require('stream')
+const { pick } = require('ramda')
+const { Readable, PassThrough } = require('stream')
 const http = require('http')
 const proxy = require('proxy')
 const fs = require('fs')
@@ -13,6 +14,7 @@ const lc39 = require('@mia-platform/lc39')
 const httpsClient = require('https')
 
 const HttpClient = require('../lib/httpClient')
+const { defaultRedactionRules } = require('../lib/httpClient')
 
 const MY_AWESOME_SERVICE_PROXY_HTTP_URL = 'http://my-awesome-service'
 const MY_AWESOME_SERVICE_PROXY_HTTPS_URL = 'https://my-awesome-service'
@@ -2078,6 +2080,56 @@ tap.test('httpClient', test => {
 
       myServiceNameScope.done()
     })
+
+    innerTest.test('log correctly - redact data', async assert => {
+      const data = []
+      const logStream = new PassThrough()
+        .on('data', (streamData) => {
+          data.push(Buffer.from(streamData, 'utf8').toString())
+        })
+
+      const myServiceNameScope = nock(MY_AWESOME_SERVICE_PROXY_HTTP_URL)
+        .replyContentLength()
+        .post('/foo')
+        .delay(101)
+        .reply(200, { the: 'response' })
+
+      const httpClient = new HttpClient(MY_AWESOME_SERVICE_PROXY_HTTP_URL, {}, {
+        logger: Pino({
+          level: 'trace',
+          redact: defaultRedactionRules,
+        }, Pino.multistream([{ level: 'trace', stream: logStream }])),
+      })
+
+      try {
+        await httpClient.post('/foo', {
+          username: 'username',
+          password: 'password',
+          email: 'email@email.com',
+        }, {
+          headers: {
+            authorization: '1234',
+            cookie: 'sid=1234',
+          },
+        })
+      } catch (error) {
+        assert.equal(error.message, 'timeout of 100ms exceeded')
+      }
+
+      myServiceNameScope.done()
+
+      const logs = data.reduce((acc, log) => {
+        const parseLog = JSON.parse(log)
+        const pickedValues = pick(['headers', 'payload'], parseLog)
+        if (Object.keys(pickedValues).length === 0) {
+          return acc
+        }
+        return [...acc, pick(['headers', 'payload'], parseLog)]
+      }, [])
+
+      assert.matchSnapshot(logs)
+      assert.end()
+    })
   })
 
   test.end()