fix: remove sensitive data when BoxAPIException logs request

mwwoda · mwwoda · commit 4592a76eda28 · 2025-01-17T10:02:24.000+01:00
diff --git a/src/main/java/com/box/sdk/BoxAPIConnection.java b/src/main/java/com/box/sdk/BoxAPIConnection.java
@@ -34,6 +34,7 @@
 import okhttp3.OkHttpClient;
 import okhttp3.Request;
 import okhttp3.Response;
+import okhttp3.Headers;
 
 /**
  * Represents an authenticated connection to the Box API.
@@ -1265,7 +1266,7 @@ private Response executeOnClient(OkHttpClient httpClient, Request request) {
         try {
             return createNewCall(httpClient, request).execute();
         } catch (IOException e) {
-            throw new BoxAPIException("Couldn't connect to the Box API due to a network error. Request\n" + request, e);
+            throw new BoxAPIException("Couldn't connect to the Box API due to a network error. Request\n" + toSanitizedRequest(request), e);
         }
     }
 
@@ -1298,4 +1299,12 @@ protected enum ResourceLinkType {
          */
         SharedLink
     }
+
+    private Request toSanitizedRequest(Request originalRequest) {
+        Headers sanitizedHeaders = BoxSensitiveDataSanitizer.sanitizeHeaders(originalRequest.headers());
+
+        return originalRequest.newBuilder()
+            .headers(sanitizedHeaders)
+            .build();
+    }
 }
diff --git a/src/main/java/com/box/sdk/BoxSensitiveDataSanitizer.java b/src/main/java/com/box/sdk/BoxSensitiveDataSanitizer.java
@@ -0,0 +1,46 @@
+package com.box.sdk;
+
+import okhttp3.Headers;
+
+import java.util.Set;
+import java.util.HashSet;
+import java.util.Arrays;
+
+class BoxSensitiveDataSanitizer {
+	private static final Set<String> sensitiveKeys = new HashSet<>(Arrays.asList(
+		"authorization",
+		"access_token",
+		"refresh_token",
+		"subject_token",
+		"token",
+		"client_id",
+		"client_secret",
+		"code",
+		"shared_link",
+		"download_url",
+		"jwt_private_key",
+		"jwt_private_key_passphrase",
+		"password"
+	));
+
+	public static Headers sanitizeHeaders(Headers originalHeaders) {
+		Headers.Builder sanitizedHeadersBuilder = originalHeaders.newBuilder();
+
+		for (String originalHeaderName : originalHeaders.names()) {
+			if (isSensitiveKey(originalHeaderName)) {
+				sanitizedHeadersBuilder.set(originalHeaderName, "[REDACTED]");
+			} else {
+				String headerValue = originalHeaders.get(originalHeaderName);
+				if(headerValue != null) {
+					sanitizedHeadersBuilder.set(originalHeaderName, headerValue);
+				}
+			}
+		}
+
+		return sanitizedHeadersBuilder.build();
+	}
+
+	private static boolean isSensitiveKey(String key) {
+		return sensitiveKeys.contains(key.toLowerCase());
+	}
+}
diff --git a/src/test/java/com/box/sdk/BoxSensitiveDataSanitizerTest.java b/src/test/java/com/box/sdk/BoxSensitiveDataSanitizerTest.java
@@ -0,0 +1,81 @@
+package com.box.sdk;
+
+import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.is;
+import com.github.tomakehurst.wiremock.junit.WireMockRule;
+import java.util.HashMap;
+import java.util.Map;
+
+import okhttp3.Headers;
+import org.junit.Rule;
+import org.junit.Test;
+
+public class BoxSensitiveDataSanitizerTest {
+	@Rule
+	public WireMockRule wireMockRule = new WireMockRule(wireMockConfig().dynamicHttpsPort().httpDisabled(true));
+
+	@Test
+	public void removeSensitiveDataFromHeaders() {
+		Map<String, String> headersMap = new HashMap<>();
+		headersMap.put("authorization", "token");
+		headersMap.put("user-agent", "java-sdk");
+
+		Headers headers = Headers.of(headersMap);
+		Headers sanitizedHeaders = BoxSensitiveDataSanitizer.sanitizeHeaders(headers);
+
+		assertThat(sanitizedHeaders.size(), is(2));
+		assertThat(sanitizedHeaders.get("authorization"), is("[REDACTED]"));
+		assertThat(sanitizedHeaders.get("user-agent"), is("java-sdk"));
+	}
+
+	@Test
+	public void removeAllHeadersWhenOnlySensitiveData() {
+		Map<String, String> headersMap = new HashMap<>();
+		headersMap.put("authorization", "token");
+		headersMap.put("password", "123");
+
+		Headers headers = Headers.of(headersMap);
+		Headers sanitizedHeaders = BoxSensitiveDataSanitizer.sanitizeHeaders(headers);
+
+		assertThat(sanitizedHeaders.size(), is(2));
+		assertThat(sanitizedHeaders.get("authorization"), is("[REDACTED]"));
+		assertThat(sanitizedHeaders.get("password"), is("[REDACTED]"));
+	}
+
+	@Test
+	public void removeSensitiveDataFromHeadersWhenUppercase() {
+		Map<String, String> headersMap = new HashMap<>();
+		headersMap.put("Authorization", "token");
+		headersMap.put("user-agent", "java-sdk");
+
+		Headers headers = Headers.of(headersMap);
+		Headers sanitizedHeaders = BoxSensitiveDataSanitizer.sanitizeHeaders(headers);
+
+		assertThat(sanitizedHeaders.size(), is(2));
+		assertThat(sanitizedHeaders.get("Authorization"), is("[REDACTED]"));
+		assertThat(sanitizedHeaders.get("user-agent"), is("java-sdk"));
+	}
+
+	@Test
+	public void headersNotRemovedWhenNoSensitiveData() {
+		Map<String, String> headersMap = new HashMap<>();
+		headersMap.put("accept", "application/json");
+		headersMap.put("user-agent", "java-sdk");
+
+		Headers headers = Headers.of(headersMap);
+		Headers sanitizedHeaders = BoxSensitiveDataSanitizer.sanitizeHeaders(headers);
+
+		assertThat(sanitizedHeaders.size(), is(2));
+		assertThat(sanitizedHeaders.get("accept"), is("application/json"));
+		assertThat(sanitizedHeaders.get("user-agent"), is("java-sdk"));
+	}
+
+	@Test
+	public void returnEmptyHeadersWhenEmptyHeadersPassed() {
+		Headers headers = Headers.of(new HashMap<>());
+		Headers sanitizedHeaders = BoxSensitiveDataSanitizer.sanitizeHeaders(headers);
+
+		assertThat(sanitizedHeaders.size(), is(0));
+	}
+}
