Filter out auth_token_info from logging values

auth_token_info is a common field that subclasses of RequestContext add. It contains things like the token itself and the entire catalog, both of which are undesirable to log. The token is a security concern and the catalog is huge, which bloats the logs an unacceptable amount. This change removes the auth_token_info key from the logging dict that we return to the log formatter, which eliminates both problems. Change-Id: If5ebaa3c1859d32cd05f51defe173fc625b21af5 Closes-Bug: 1866705
2020-03-10 17:55:16 +00:00 · 2020-03-10 17:55:16 +00:00 · 1dd72d1d20
commit 1dd72d1d20
parent 730bf256d8
2 changed files with 17 additions and 6 deletions
--- a/oslo_context/context.py
+++ b/oslo_context/context.py
@ -371,6 +371,12 @@ class RequestContext(object):
            values['auth_token'] = '***'
        else:
            values['auth_token'] = None
+        # NOTE(bnemec: auth_token_info isn't defined in oslo.context, but it's
+        # a common pattern in project context subclasses so we handle it here.
+        # It largely contains things that we don't want logged, like the token
+        # itself (which needs to be removed for security) and the catalog
+        # (which needs to be removed because it bloats the logs terribly).
+        values.pop('auth_token_info', None)

        return values

--- a/oslo_context/tests/test_context.py
+++ b/oslo_context/tests/test_context.py
@ -60,15 +60,15 @@ class TestContext(context.RequestContext):
    This is representative of how at least some of our consumers use the
    RequestContext class in their projects.
    """
-    FROM_DICT_EXTRA_KEYS = ['foo']
+    FROM_DICT_EXTRA_KEYS = ['auth_token_info']

-    def __init__(self, foo=None, **kwargs):
+    def __init__(self, auth_token_info=None, **kwargs):
        super(TestContext, self).__init__(**kwargs)
-        self.foo = foo
+        self.auth_token_info = auth_token_info

    def to_dict(self):
        d = super(TestContext, self).to_dict()
-        d['foo'] = self.foo
+        d['auth_token_info'] = self.auth_token_info
        return d


@ -201,10 +201,10 @@ class ContextTest(test_base.BaseTestCase):
        self.assertTrue(ctx.read_only)

    def test_from_dict_extended(self):
-        initial = TestContext(foo='bar')
+        initial = TestContext(auth_token_info='foo')
        dct = initial.to_dict()
        final = TestContext.from_dict(dct)
-        self.assertEqual('bar', final.foo)
+        self.assertEqual('foo', final.auth_token_info)
        self.assertEqual(dct, final.to_dict())

    def test_is_user_context(self):
@ -516,6 +516,11 @@ class ContextTest(test_base.BaseTestCase):
        self.assertEqual(user_domain_name, d['user_domain_name'])
        self.assertEqual(project_domain_name, d['project_domain_name'])

+    def test_auth_token_info_removed(self):
+        ctx = TestContext(auth_token_info={'auth_token': 'topsecret'})
+        d = ctx.get_logging_values()
+        self.assertNotIn('auth_token_info', d)
+
    def test_dict_empty_user_identity(self):
        ctx = context.RequestContext()
        d = ctx.to_dict()