summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--common/src/main/java/org/onap/so/logger/MaskLogStatements.java71
-rw-r--r--common/src/test/java/org/onap/so/logging/MaskLogStatementsTest.java90
-rw-r--r--common/src/test/resources/__files/logging/openstack-payload.json26
3 files changed, 187 insertions, 0 deletions
diff --git a/common/src/main/java/org/onap/so/logger/MaskLogStatements.java b/common/src/main/java/org/onap/so/logger/MaskLogStatements.java
new file mode 100644
index 0000000000..cadadcf9f3
--- /dev/null
+++ b/common/src/main/java/org/onap/so/logger/MaskLogStatements.java
@@ -0,0 +1,71 @@
+package org.onap.so.logger;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.List;
+import java.util.Optional;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+import ch.qos.logback.classic.PatternLayout;
+import ch.qos.logback.classic.spi.ILoggingEvent;
+
+public class MaskLogStatements extends PatternLayout {
+
+ private String patternsProperty;
+ private String maskChar = "*";
+ private Optional<Pattern> pattern = Optional.empty();
+ private static final Pattern authPattern =
+ Pattern.compile("Authorization(?:\\:|=)\\s?(?:\"|\\[)(?:Basic|Bearer) (.*?)(?:\"|\\])");
+ private static final Pattern openstackPattern = Pattern.compile("\"password\"\\s?:\\s?\"(.*?)\"");
+
+ public String getPatternsProperty() {
+ return patternsProperty;
+ }
+
+ public void setPatternsProperty(String patternsProperty) {
+ this.patternsProperty = patternsProperty;
+ if (this.patternsProperty != null) {
+ this.pattern = Optional.of(Pattern.compile(patternsProperty, Pattern.MULTILINE));
+ }
+ }
+
+ public String getMaskChar() {
+ return maskChar;
+ }
+
+ public void setMaskChar(String maskChar) {
+ this.maskChar = maskChar;
+ }
+
+
+ protected Collection<Pattern> getPatterns() {
+ return Arrays.asList(authPattern, openstackPattern);
+ }
+
+ @Override
+ public String doLayout(ILoggingEvent event) {
+
+ final StringBuilder message = new StringBuilder(super.doLayout(event));
+ List<Pattern> patterns = new ArrayList<>(getPatterns());
+ if (pattern.isPresent()) {
+ patterns.add(pattern.get());
+ }
+ patterns.forEach(p -> {
+ Matcher matcher = p.matcher(message);
+ while (matcher.find()) {
+ int group = 1;
+ while (group <= matcher.groupCount()) {
+ if (matcher.group(group) != null) {
+ for (int i = matcher.start(group); i < matcher.end(group); i++) {
+ message.setCharAt(i, maskChar.charAt(0));
+ }
+ }
+ group++;
+ }
+ }
+ });
+ return message.toString();
+ }
+
+}
diff --git a/common/src/test/java/org/onap/so/logging/MaskLogStatementsTest.java b/common/src/test/java/org/onap/so/logging/MaskLogStatementsTest.java
new file mode 100644
index 0000000000..ba5aeb522a
--- /dev/null
+++ b/common/src/test/java/org/onap/so/logging/MaskLogStatementsTest.java
@@ -0,0 +1,90 @@
+package org.onap.so.logging;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import org.junit.Test;
+import org.onap.so.logger.MaskLogStatements;
+import ch.qos.logback.classic.Level;
+import ch.qos.logback.classic.Logger;
+import ch.qos.logback.classic.LoggerContext;
+import ch.qos.logback.classic.spi.ILoggingEvent;
+import ch.qos.logback.classic.spi.LoggingEvent;
+
+public class MaskLogStatementsTest {
+
+ private LoggerContext lc = new LoggerContext();
+ private Logger logger = lc.getLogger(MaskLogStatementsTest.class);
+
+ @Test
+ public void verifyOpenStackPayload() throws IOException {
+ String payload =
+ new String(Files.readAllBytes(Paths.get("src/test/resources/__files/logging/openstack-payload.json")));
+
+ ILoggingEvent event = makeLoggingEvent(payload);
+
+ MaskLogStatements mask = new MaskLogStatements();
+
+ mask.setContext(lc);
+ mask.setPattern("%m");
+ mask.start();
+ String result = mask.doLayout(event);
+
+ assertTrue(result.matches("(?s).*?\"password\"\\s?:\\s?\"\\*+\".*"));
+
+ }
+
+ @Test
+ public void maskAuthHeaderTest() {
+ String msg = "Headers : [Accept:\"application/json\", Authorization:\"Basic dklfjeaklfjdkalf\","
+ + "Content-Type:\"application/json\", Content-Length:\"10\","
+ + "X-RequestID:\"db2a0462-69d0-499f-93ec-e2a064ef1f59\", X-TransactionID:\"db2a0462-69d0-499f-93ec-e2a064ef1f59\","
+ + "X-ECOMP-RequestID:\"db2a0462-69d0-499f-93ec-e2a064ef1f59\", X-ONAP-PartnerName:\"SO.APIH\","
+ + "X-InvocationID:\"885e4f99-6f24-4f17-ab1b-584b37715b49\"]";
+
+ String expected = "Headers : [Accept:\"application/json\", Authorization:\"Basic ****************\","
+ + "Content-Type:\"application/json\", Content-Length:\"10\","
+ + "X-RequestID:\"db2a0462-69d0-499f-93ec-e2a064ef1f59\", X-TransactionID:\"db2a0462-69d0-499f-93ec-e2a064ef1f59\","
+ + "X-ECOMP-RequestID:\"db2a0462-69d0-499f-93ec-e2a064ef1f59\", X-ONAP-PartnerName:\"SO.APIH\","
+ + "X-InvocationID:\"885e4f99-6f24-4f17-ab1b-584b37715b49\"]";
+ ILoggingEvent event = makeLoggingEvent(msg);
+
+ MaskLogStatements mask = new MaskLogStatements();
+
+ mask.setContext(lc);
+ mask.setPattern("%m");
+ mask.start();
+ String result = mask.doLayout(event);
+
+ assertEquals(expected, result);
+ }
+
+ @Test
+ public void maskAuthHeaderObjectStringTest() {
+ String msg = "Headers: {Accept=[text/plain, application/json, application/*+json, */*],"
+ + "Authorization=[Basic aaaaa],"
+ + "connection=[keep-alive], Content-Length=[217], content-type=[application/xml],"
+ + "host=[mso-bpmn-infra-svc:9200], user-agent=[Java/11.0.6]}";
+ String expected = "Headers: {Accept=[text/plain, application/json, application/*+json, */*],"
+ + "Authorization=[Basic -----],"
+ + "connection=[keep-alive], Content-Length=[217], content-type=[application/xml],"
+ + "host=[mso-bpmn-infra-svc:9200], user-agent=[Java/11.0.6]}";
+ ILoggingEvent event = makeLoggingEvent(msg);
+
+ MaskLogStatements mask = new MaskLogStatements();
+
+ mask.setContext(lc);
+ mask.setPattern("%m");
+ mask.setMaskChar("-");
+ mask.start();
+ String result = mask.doLayout(event);
+
+ assertEquals(expected, result);
+ }
+
+ private ILoggingEvent makeLoggingEvent(String message) {
+ return new LoggingEvent(MaskLogStatementsTest.class.getName(), logger, Level.INFO, message, null, null);
+ }
+}
diff --git a/common/src/test/resources/__files/logging/openstack-payload.json b/common/src/test/resources/__files/logging/openstack-payload.json
new file mode 100644
index 0000000000..ac4d1639dc
--- /dev/null
+++ b/common/src/test/resources/__files/logging/openstack-payload.json
@@ -0,0 +1,26 @@
+{
+ "auth": {
+ "identity": {
+ "password": {
+ "user": {
+ "name": "j0000",
+ "domain": {
+ "name": "name"
+ },
+ "password": "my-password-wow"
+ }
+ },
+ "methods": [
+ "password"
+ ]
+ },
+ "scope": {
+ "project": {
+ "id": "ad299b37da30413391e9c28138f0b0dd",
+ "domain": {
+ "name": "name"
+ }
+ }
+ }
+ }
+}