Actions
Bug #21077
closed
Don't display oauth/oidc client secret in logs
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:
Description
We need to hide OIDC/oauth client secret in app log.
We can't do it in plugin, because of init order, which is a bit sad, so we need to do it in rudder main.
Updated by François ARMAND almost 2 years ago
- Status changed from New to In progress
- Assignee set to François ARMAND
Updated by François ARMAND almost 2 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Nicolas CHARLES
- Pull Request set to https://github.com/Normation/rudder/pull/4261
Updated by François ARMAND almost 2 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|7c95ec90323fce874e1df407d80abc4db488cbd6.
Updated by François ARMAND almost 2 years ago
- Fix check changed from To do to Checked
The property is totally absent from log, which is OK for the need, but a bit surprising compared to other protected info. Not sure why.
[2022-05-31 13:24:49+0000] INFO application - registered property: rudder.auth.displayLoginForm="hide"
[2022-05-31 13:24:49+0000] INFO application - registered property: rudder.auth.oauth2.provider.okta.authMethod="basic"
[2022-05-31 13:24:49+0000] INFO application - registered property: rudder.auth.oauth2.provider.okta.client.id="0oa3snkopsIRIIHb35d7"
<---- here, rudder.auth.oauth2.provider.okta.client.secret is not present, but not present with ******* like jdbc.password below ---->
[2022-05-31 13:24:49+0000] INFO application - registered property: rudder.auth.oauth2.provider.okta.client.redirect="http://localhost:8082/rudder-web/login/oauth2/code/{registrationId}"
...
[2022-05-31 13:24:49+0000] INFO application - registered property: rudder.jdbc.maxPoolSize="25"
[2022-05-31 13:24:49+0000] INFO application - registered property: rudder.jdbc.password=**********
[2022-05-31 13:24:49+0000] INFO application - registered property: rudder.jdbc.url="jdbc:postgresql://localhost:5432/rudder"
Updated by Vincent MEMBRÉ almost 2 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 6.2.14 which was released today.
Actions