enhance sanitization of complex objects to return dictionary representation

hjgraca · hjgraca · commit 3861907bcae1 · 2025-10-01T10:09:20.000+01:00
diff --git a/libraries/src/AWS.Lambda.Powertools.Tracing/Internal/XRayRecorder.cs b/libraries/src/AWS.Lambda.Powertools.Tracing/Internal/XRayRecorder.cs
@@ -381,7 +381,7 @@ private static object SanitizeValueRecursive(object value, int depth)
             return collectionResult;
 
         // Handle complex objects
-        return SanitizeComplexObject(value, type);
+        return SanitizeComplexObject(value, type, depth);
     }
 
     /// <summary>
@@ -529,22 +529,52 @@ private static object SanitizeEnumerable(System.Collections.IEnumerable enumerab
     }
 
     /// <summary>
-    ///     Sanitizes complex objects by converting them to safe string representation.
+    ///     Sanitizes complex objects by converting them to dictionaries.
+    ///     Uses reflection with proper AOT attributes for compatibility.
     /// </summary>
     /// <param name="value">The object to sanitize</param>
     /// <param name="type">The object type</param>
-    /// <returns>Sanitized string representation</returns>
-    private static object SanitizeComplexObject(object value, Type type)
+    /// <param name="depth">Current recursion depth</param>
+    /// <returns>Sanitized dictionary representation or string fallback</returns>
+    [UnconditionalSuppressMessage("Trimming", "IL2026:Members annotated with 'RequiresUnreferencedCodeAttribute' require dynamic access otherwise can break functionality when trimming application code", Justification = "Complex object properties are preserved for tracing scenarios")]
+    [UnconditionalSuppressMessage("AOT", "IL3050:Calling members annotated with 'RequiresDynamicCodeAttribute' may break functionality when AOT compiling", Justification = "Complex object properties are preserved for tracing scenarios")]
+    private static object SanitizeComplexObject(object value, Type type, int depth)
     {
         try
         {
-            // This ensures the object can be serialized without issues
-            return $"[{type.Name}] {value}";
+            var properties = type.GetProperties(System.Reflection.BindingFlags.Public | System.Reflection.BindingFlags.Instance);
+            var sanitizedObject = new System.Collections.Generic.Dictionary<string, object>();
+
+            foreach (var prop in properties)
+            {
+                try
+                {
+                    if (prop.CanRead && prop.GetIndexParameters().Length == 0) // Skip indexers
+                    {
+                        var propValue = prop.GetValue(value);
+                        sanitizedObject[prop.Name] = SanitizeValueRecursive(propValue, depth + 1);
+                    }
+                }
+                catch (Exception ex)
+                {
+                    // If we can't read a property, record the error
+                    sanitizedObject[prop.Name] = $"[Error reading property: {ex.Message}]";
+                }
+            }
+
+            return sanitizedObject;
         }
         catch (Exception ex)
         {
-            // If all else fails, return a safe fallback
-            return $"[Object conversion failed: {ex.Message}]";
+            // If reflection fails, fall back to string representation
+            try
+            {
+                return $"[{type.Name}] {value}";
+            }
+            catch (Exception toStringEx)
+            {
+                return $"[Object conversion failed: {ex.Message}, ToString failed: {toStringEx.Message}]";
+            }
         }
     }
 
diff --git a/libraries/tests/AWS.Lambda.Powertools.Tracing.Tests/XRayRecorderSanitizationAdvancedTests.cs b/libraries/tests/AWS.Lambda.Powertools.Tracing.Tests/XRayRecorderSanitizationAdvancedTests.cs
@@ -376,6 +376,49 @@ public void AddMetadata_WithMaxDepthReached_ReturnsMaxDepthMessage()
         _mockAwsXRayRecorder.Received(1).AddMetadata("test", "very_deep", Arg.Any<object>());
     }
 
+    [Fact]
+    public void AddMetadata_WithComplexObject_SerializesToDictionary()
+    {
+        // Arrange - Create a complex object that should be serialized to a dictionary
+        var complexObject = new
+        {
+            SystemInfo = new
+            {
+                DotNetVersion = "10.0.0",
+                RuntimeVersion = ".NET 10.0.0-rc.1.25451.107",
+                OSDescription = "Amazon Linux 2023.8.20250915",
+                OSArchitecture = "Arm64",
+                ProcessArchitecture = "Arm64",
+                RuntimeIdentifier = "linux-arm64",
+                MachineName = "169",
+                ProcessorCount = 2,
+                WorkingSet = 74358784L,
+                Is64BitOperatingSystem = true,
+                Is64BitProcess = true,
+                CLRVersion = "10.0.0",
+                CurrentDirectory = "/var/task"
+            },
+            LambdaInfo = new
+            {
+                FunctionName = "dotnet10-container",
+                FunctionVersion = "$LATEST",
+                InvokedFunctionArn = "arn:aws:lambda:eu-west-1:746792595426:function:dotnet10-container",
+                MemoryLimitInMB = 512,
+                RemainingTime = TimeSpan.FromSeconds(28.3635803),
+                RequestId = "fa48e22e-6312-47b7-8744-e0ae3f0b78bd",
+                LogGroupName = "/aws/lambda/dotnet10-container",
+                LogStreamName = "2025/10/01/[$LATEST]03cfeb57967e457db33a7011743f0217"
+            }
+        };
+
+        // Act
+        _xrayRecorder.AddMetadata("dotnet10-ns", "FunctionHandler response", complexObject);
+
+        // Assert - Verify the call was made and the object should be serialized as a dictionary structure
+        _mockAwsXRayRecorder.Received(1).AddMetadata("dotnet10-ns", "FunctionHandler response", 
+            Arg.Is<object>(obj => obj is System.Collections.Generic.Dictionary<string, object>));
+    }
+
     [Fact]
     public void SanitizeValueForMetadata_WithObjectThatThrowsInToString_ReturnsSanitizationFailedMessage()
     {
