allow customizing sanitization keys

Author: mwwoda

src/main/java/com/box/sdk/BoxSensitiveDataSanitizer.java

@@ -6,16 +6,28 @@
 import okhttp3.Headers;
 import org.jetbrains.annotations.NotNull;
 
-final class BoxSensitiveDataSanitizer {
+/**
+ * Class used to sanitize sensitive data from payload.
+ */
+public final class BoxSensitiveDataSanitizer {
     private static final Set<String> SENSITIVE_KEYS = new HashSet<>(Arrays.asList("authorization", "access_token",
         "refresh_token", "subject_token", "token", "client_id", "client_secret", "code", "shared_link", "download_url",
         "jwt_private_key", "jwt_private_key_passphrase", "password"));
 
     private BoxSensitiveDataSanitizer() {
     }
 
+    /**
+     * Add key that should be sanitized
+     *
+     * @param key key to be sanitized
+     */
+    public static void addKeyToSanitize(String key) {
+        SENSITIVE_KEYS.add(key);
+    }
+
     @NotNull
-    public static Headers sanitizeHeaders(Headers originalHeaders) {
+    static Headers sanitizeHeaders(Headers originalHeaders) {
         Headers.Builder sanitizedHeadersBuilder = originalHeaders.newBuilder();
 
         for (String originalHeaderName : originalHeaders.names()) {

src/test/java/com/box/sdk/BoxSensitiveDataSanitizerTest.java

@@ -72,4 +72,17 @@ public void returnEmptyHeadersWhenEmptyHeadersPassed() {
 
         assertThat(sanitizedHeaders.size(), is(0));
     }
+
+    @Test
+    public void sanitizeAddedKeys() {
+        Map<String, String> headersMap = new HashMap<>();
+        headersMap.put("x-auth", "token");
+
+        Headers headers = Headers.of(headersMap);
+        BoxSensitiveDataSanitizer.addKeyToSanitize("x-auth");
+        Headers sanitizedHeaders = BoxSensitiveDataSanitizer.sanitizeHeaders(headers);
+
+        assertThat(sanitizedHeaders.size(), is(1));
+        assertThat(sanitizedHeaders.get("x-auth"), is("[REDACTED]"));
+    }
 }