Merge master into branch

Author: victorli-cloudinary

lib-es5/api_client/execute_request.js

@@ -1,5 +1,7 @@
 'use strict';
 
+var _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; };
+
 // eslint-disable-next-line import/order
 var config = require("../config");
 var https = /^http:/.test(config().upload_prefix) ? require('http') : require('https');
@@ -74,6 +76,21 @@ function execute_request(method, params, auth, api_url, callback) {
     request_options.headers['Content-Length'] = Buffer.byteLength(query_params);
   }
   handle_response = function handle_response(res) {
+    var _config = config(),
+        _config$hide_sensitiv = _config.hide_sensitive,
+        hide_sensitive = _config$hide_sensitiv === undefined ? false : _config$hide_sensitiv;
+
+    var sanitizedOptions = _extends({}, request_options);
+
+    if (hide_sensitive === true) {
+      if ("auth" in sanitizedOptions) {
+        delete sanitizedOptions.auth;
+      }
+      if ("Authorization" in sanitizedOptions.headers) {
+        delete sanitizedOptions.headers.Authorization;
+      }
+    }
+
     if (includes([200, 400, 401, 403, 404, 409, 420, 500], res.statusCode)) {
       var buffer = "";
       var error = false;
@@ -106,7 +123,7 @@ function execute_request(method, params, auth, api_url, callback) {
 
         if (result.error) {
           deferred.reject(Object.assign({
-            request_options,
+            request_options: sanitizedOptions,
             query_params
           }, result));
         } else {
@@ -122,7 +139,7 @@ function execute_request(method, params, auth, api_url, callback) {
           error: {
             message: e,
             http_code: res.statusCode,
-            request_options,
+            request_options: sanitizedOptions,
             query_params
           }
         };
@@ -136,7 +153,7 @@ function execute_request(method, params, auth, api_url, callback) {
         error: {
           message: "Server returned unexpected status code - " + res.statusCode,
           http_code: res.statusCode,
-          request_options,
+          request_options: sanitizedOptions,
           query_params
         }
       };

lib-es5/utils/consts.js

@@ -85,4 +85,4 @@ module.exports = {
   UPLOAD_PREFIX,
   SUPPORTED_SIGNATURE_ALGORITHMS,
   DEFAULT_SIGNATURE_ALGORITHM
-};
+};

lib-es5/utils/index.js

@@ -567,6 +567,12 @@ function generate_transformation_string(options) {
     options.start_offset = _split_range2[0];
     options.end_offset = _split_range2[1];
   }
+  if (options.start_offset) {
+    options.start_offset = normalize_expression(options.start_offset);
+  }
+  if (options.end_offset) {
+    options.end_offset = normalize_expression(options.end_offset);
+  }
   var overlay = process_layer(consumeOption(options, "overlay"));
   var radius = process_radius(consumeOption(options, "radius"));
   var underlay = process_layer(consumeOption(options, "underlay"));

lib/api_client/execute_request.js

@@ -66,6 +66,14 @@ function execute_request(method, params, auth, api_url, callback, options = {})
     request_options.headers['Content-Length'] = Buffer.byteLength(query_params);
   }
   handle_response = function (res) {
+    const {hide_sensitive = false} = config();
+    const sanitizedOptions = {...request_options};
+
+    if (hide_sensitive === true){
+      if ("auth" in sanitizedOptions) { delete sanitizedOptions.auth; }
+      if ("Authorization" in sanitizedOptions.headers) { delete sanitizedOptions.headers.Authorization; }
+    }
+
     if (includes([200, 400, 401, 403, 404, 409, 420, 500], res.statusCode)) {
       let buffer = "";
       let error = false;
@@ -98,7 +106,7 @@ function execute_request(method, params, auth, api_url, callback, options = {})
 
         if (result.error) {
           deferred.reject(Object.assign({
-            request_options,
+            request_options: sanitizedOptions,
             query_params
           }, result));
         } else {
@@ -114,7 +122,7 @@ function execute_request(method, params, auth, api_url, callback, options = {})
           error: {
             message: e,
             http_code: res.statusCode,
-            request_options,
+            request_options: sanitizedOptions,
             query_params
           }
         };
@@ -128,7 +136,7 @@ function execute_request(method, params, auth, api_url, callback, options = {})
         error: {
           message: "Server returned unexpected status code - " + res.statusCode,
           http_code: res.statusCode,
-          request_options,
+          request_options: sanitizedOptions,
           query_params
         }
       };

lib/utils/index.js

@@ -510,6 +510,12 @@ function generate_transformation_string(options) {
   if (options.offset != null) {
     [options.start_offset, options.end_offset] = split_range(consumeOption(options, "offset"));
   }
+  if (options.start_offset) {
+    options.start_offset = normalize_expression(options.start_offset);
+  }
+  if (options.end_offset) {
+    options.end_offset = normalize_expression(options.end_offset);
+  }
   let overlay = process_layer(consumeOption(options, "overlay"));
   let radius = process_radius(consumeOption(options, "radius"));
   let underlay = process_layer(consumeOption(options, "underlay"));

test/unit/config.spec.js

@@ -20,6 +20,35 @@ describe("config", function () {
     cloudinary.config(true);
   });
 
+  it("should not have a `hide_sensitive` property by default", function () {
+    const config = cloudinary.config();
+    expect(config).not.to.have.property("hide_sensitive");
+  });
+
+  it("should support `hide_sensitive` config param", function () {
+    const config = cloudinary.config({hide_sensitive: true});
+    expect(config.hide_sensitive).to.eql(true)
+  });
+
+  it("should hide API key and secret upon error when `hide_sensitive` is true", async function () {
+    try {
+      cloudinary.config({hide_sensitive: true});
+      const result = await cloudinary.v2.api.resource("?");
+      expect(result).fail();
+    } catch (err) {
+      expect(err.request_options).not.to.have.property("auth");
+    }
+  });
+
+  it("should hide Authorization header upon error when `hide_sensitive` is true", async function () {
+    try {
+      cloudinary.config({hide_sensitive: true});
+      const result = await cloudinary.v2.api.resource("?", { oauth_token: 'irrelevant' });
+      expect(result).fail();
+    } catch (err) {
+      expect(err.request_options.headers).not.to.have.property("Authorization");
+    }
+  });
 
   it("should allow nested values in CLOUDINARY_URL", function () {
     process.env.CLOUDINARY_URL = "cloudinary://key:secret@test123?foo[bar]=value";

test/unit/normalize_expression_spec.js

@@ -1,7 +1,8 @@
 const cloudinary = require("../../cloudinary");
 const createTestConfig = require('../testUtils/createTestConfig');
 const helper = require("../spechelper");
-const { SIMPLE_PARAMS } = require(`../../${helper.libPath}/utils/consts`);
+const {SIMPLE_PARAMS} = require(`../../${helper.libPath}/utils/consts`);
+const {generate_transformation_string} = require("../../lib/utils");
 
 describe("normalize_expression tests", function () {
   beforeEach(function () {
@@ -12,7 +13,21 @@ describe("normalize_expression tests", function () {
     }));
   });
 
-  it("Expression normalization", function() {
+  it('should normalize start_offset', function () {
+    const result = generate_transformation_string({
+      "start_offset": "idu - 5"
+    });
+    expect(result).to.equal("so_idu_sub_5");
+  });
+
+  it('should normalize end_offset', function () {
+    const result = generate_transformation_string({
+      "end_offset": "idu - 5"
+    });
+    expect(result).to.equal("eo_idu_sub_5");
+  });
+
+  it("Expression normalization", function () {
     const cases = {
       'null is not affected': [null, null],
       'None is not affected': ['None', 'None'],
@@ -61,8 +76,8 @@ describe("normalize_expression tests", function () {
     const value = "width * 2";
     const normalizedValue = "w_mul_2";
     const normalizedParams = ["angle", "aspect_ratio", "dpr", "effect", "height", "opacity", "quality", "radius",
-      "width", "x", "y", "zoom"];
-    const nonNormalizedParams = simpleTransformationParams.concat('overlay', 'underlay')
+      "width", "x", "y", "zoom", "end_offset", "start_offset"];
+    const nonNormalizedParams = simpleTransformationParams.concat('overlay', 'underlay').filter(param => !normalizedParams.includes(param));
     normalizedParams.forEach((param) => {
       it(`should normalize value in ${param}`, () => {
         // c_scale needed to test h_ and w_ parameters that are ignored without crop mode

types/index.d.ts

@@ -508,6 +508,7 @@ declare module 'cloudinary' {
         proxy?: string;
         public_id?: string;
         quality_analysis?: boolean;
+        resource_type?: "image" | "video" | "raw" | "auto";
         responsive_breakpoints?: Record<any,any>;
         return_delete_token?: boolean
         timestamp?: number;
@@ -580,7 +581,7 @@ declare module 'cloudinary' {
         width: number;
         height: number;
         format: string;
-        resource_type: string;
+        resource_type?: "image" | "video" | "raw" | "auto";
         created_at: string;
         tags: Array<string>;
         pages: number;