Skip to content

Commit c2a8d76

Browse files
zhumin8zhumin8
committed
make sensitive key comparison case insensitive.
1 parent 15d3016 commit c2a8d76

File tree

1 file changed

+16
-12
lines changed

1 file changed

+16
-12
lines changed

oauth2_http/java/com/google/auth/oauth2/LoggingUtils.java

Lines changed: 16 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -42,24 +42,28 @@
4242
import java.security.NoSuchAlgorithmException;
4343
import java.util.Arrays;
4444
import java.util.HashMap;
45-
import java.util.HashSet;
4645
import java.util.Map;
4746
import java.util.Set;
47+
import java.util.TreeSet;
4848
import org.slf4j.Logger;
4949
import org.slf4j.MDC;
5050

5151
class LoggingUtils {
5252

5353
private static final Gson gson = new Gson();
54-
private static final Set<String> sensitiveKeys =
55-
new HashSet<>(
56-
Arrays.asList(
57-
"token",
58-
"assertion",
59-
"access_token",
60-
"client_secret",
61-
"refresh_token",
62-
"signedBlob"));
54+
private static final Set<String> SENSITIVE_KEYS = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
55+
56+
static {
57+
SENSITIVE_KEYS.addAll(
58+
Arrays.asList(
59+
"token",
60+
"assertion",
61+
"access_token",
62+
"client_secret",
63+
"refresh_token",
64+
"signedBlob",
65+
"authorization"));
66+
}
6367

6468
private LoggingUtils() {}
6569

@@ -107,7 +111,7 @@ static void logRequest(HttpRequest request, Logger logger, String message) {
107111
.getHeaders()
108112
.forEach(
109113
(key, val) -> {
110-
if ("authorization".equals(key)) {
114+
if (SENSITIVE_KEYS.contains(key)) {
111115
String hashedVal = calculateSHA256Hash(String.valueOf(val));
112116
headers.put(key, hashedVal);
113117
} else {
@@ -171,7 +175,7 @@ private static Map<String, String> parseGenericData(GenericData genericData) {
171175
Map<String, String> contextMap = new HashMap<>();
172176
genericData.forEach(
173177
(key, val) -> {
174-
if (sensitiveKeys.contains(key)) {
178+
if (SENSITIVE_KEYS.contains(key)) {
175179
String secretString = String.valueOf(val);
176180
String hashedVal = calculateSHA256Hash(secretString);
177181
contextMap.put(key, hashedVal);

0 commit comments

Comments
 (0)