oauth2 icon indicating copy to clipboard operation
oauth2 copied to clipboard

Published 20 hours ago verified publisher icon ueberauth

Redact sensitive struct fields on inspect

Open grzuy opened this issue 1 year ago • 2 comments

Hi,

Thanks for this great library.

Noticed these fields end up on our app's logs and/or error tracking reports in cases like e.g. MatchError: no match of right hand side value: %OAuth2.Client{..., client_secret: "<secret>", ...} when having match errors when doing stuff like

%{
  ...
} = oauth2_client

We temporarily fixed this on our app's end by writing

defimpl Inspect, for: OAuth2.Client do
  def inspect(%OAuth2.Client{} = client, opts) do
    client
    |> Map.replace(:client_secret, "[REDACTED]")
    |> Inspect.Any.inspect(opts)
  end
end

defimpl Inspect, for: OAuth2.AccessToken do
  def inspect(%OAuth2.AccessToken{} = client, opts) do
    client
    |> Map.replace(:access_token, "[REDACTED]")
    |> Map.replace(:refresh_token, "[REDACTED]")
    |> Inspect.Any.inspect(opts)
  end
end

But maybe you wanted to consider adding it to the package?

Thanks.

grzuy avatar Jul 25 '24 13:07 grzuy