Module: Failbot::SensitiveDataScrubber
- Included in:
- Failbot
- Defined in:
- lib/failbot/sensitive_data_scrubber.rb
Constant Summary collapse
- FILTERED =
'****'.freeze
- BASIC_AUTH_REGEX =
/:\/\/(.+:.*)(?=@)/- MAX_DEPTH =
100
Instance Method Summary collapse
- #scrub(hash) ⇒ Object
- #scrub_request_params(query) ⇒ Object
- #scrub_url(url) ⇒ Object
- #scrub_urls(value, max_depth = MAX_DEPTH) ⇒ Object
-
#transform_values(hash) ⇒ Object
Took this from ruby 2.4+ because we do not want to rely on specific ruby versions.
Instance Method Details
#scrub(hash) ⇒ Object
7 8 9 10 11 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 7 def scrub(hash) transform_values(hash) do |value| scrub_urls(value) end end |
#scrub_request_params(query) ⇒ Object
54 55 56 57 58 59 60 61 62 63 64 65 66 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 54 def scrub_request_params(query) # We can do this with Rack query builder but we do not want to have a dependency on Rack params = Hash[query.split('&').map { |el| el.split('=') }] params.each do |attr, _| if attr.include?('token') || !!attr.match(/oauth_\w+/) # this is for Oauth 1.0 params[attr] = FILTERED end end params.map { |el| el.join('=') }.join('&') end |
#scrub_url(url) ⇒ Object
32 33 34 35 36 37 38 39 40 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 32 def scrub_url(url) uri = URI(url) uri.query = scrub_request_params(uri.query) if uri.query uri.to_s.gsub(BASIC_AUTH_REGEX, "://#{FILTERED}:#{FILTERED}") rescue url end |
#scrub_urls(value, max_depth = MAX_DEPTH) ⇒ Object
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 13 def scrub_urls(value, max_depth=MAX_DEPTH) return value if max_depth <= 0 case value when String scrub_url(value) when Array value.map do |element| scrub_urls(element, max_depth - 1) end when Hash transform_values(value) do |nested_value| scrub_urls(nested_value, max_depth - 1) end else value end end |
#transform_values(hash) ⇒ Object
Took this from ruby 2.4+ because we do not want to rely on specific ruby versions.
45 46 47 48 49 50 51 52 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 45 def transform_values(hash) return {} if hash.empty? result = Hash.new hash.each do |key, value| result[key] = yield(value) end result end |