PA-6959 obfuscate sensitive data from command (#58)

* PA-6959 obfuscate sensitive data from command * nit formatting
soos-io · Dec 12, 2022 · 14cd718 · 14cd718
1 parent 5ca4509
commit 14cd718
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 2 deletions.
diff --git a/VERSION.txt b/VERSION.txt
@@ -1 +1 @@
-1.0.16
+1.0.17
diff --git a/main.py b/main.py
@@ -439,6 +439,17 @@ def __make_soos_start_analysis_request__(self, command: str) -> DASTStartAnalysi
                 log("projectName and scanMode are required", LogLevel.ERROR)
                 sys.exit(1)
 
+            # Obfuscate sensitive data
+            obfuscated_command = command
+            if self.auth_bearer_token is not None:
+                obfuscated_command = obfuscated_command.replace(self.auth_bearer_token, "********")
+            if self.auth_password is not None:
+                obfuscated_command = obfuscated_command.replace(self.auth_password, "********")
+            if self.auth_username is not None:
+                obfuscated_command = obfuscated_command.replace(self.auth_username, "********")
+            if self.oauth_token_url is not None:
+                obfuscated_command = obfuscated_command.replace
+
             param_values: dict = dict(
                 projectName=self.project_name,
                 name=datetime.now().strftime("%m/%d/%Y, %H:%M:%S"),
@@ -447,7 +458,7 @@ def __make_soos_start_analysis_request__(self, command: str) -> DASTStartAnalysi
                 appVersion=self.app_version,
                 toolName=self.dast_analysis_tool,
                 toolVersion=self.dast_analysis_tool_version,
-                commandLine=command,
+                commandLine=obfuscated_command,
                 scanMode=self.scan_mode,
                 commitHash=self.commit_hash,
                 branch=self.branch_name,