Module: Skykick::Connection

Includes:

WrAPI::Connection

Included in:

API

Defined in:

lib/skykick/connection.rb

Overview

Note:

This module is designed to extend and customize the ‘WrAPI::Connection` functionalities.

The ‘Skykick::Connection` module is responsible for establishing an API connection. It includes authorization and header setup and ensures that sensitive information (e.g., access tokens, client secrets, etc.) is filtered from logs for security purposes.

Instance Method Summary

• #setup_headers(connection) ⇒ void

  Sets up API headers for the Skykick connection.

• #setup_logger_filtering(connection, logger) ⇒ void

  Configures a logger with filters to redact sensitive data from logs.

Instance Method Details

#setup_headers(connection) ⇒ void

This method returns an undefined value.

Sets up API headers for the Skykick connection. If ‘client_secret` is present, it adds the `Ocp-Apim-Subscription-Key` header.

Parameters:

• connection (Faraday::Connection) —

  The connection object used to configure headers.

# File 'lib/skykick/connection.rb', line 19

def setup_headers(connection)
  connection.headers['Ocp-Apim-Subscription-Key'] = client_secret if client_secret
end

#setup_logger_filtering(connection, logger) ⇒ void

This method returns an undefined value.

Configures a logger with filters to redact sensitive data from logs. This method sets up a logger that captures and logs request headers and bodies while filtering sensitive information such as passwords, access tokens, and authorization headers.

Parameters:

• connection (Faraday::Connection) —

  The connection object where the logger is applied.

• logger (Logger) —

  The logger instance that records request and response information.

# File 'lib/skykick/connection.rb', line 30

def setup_logger_filtering(connection, logger)
  connection.response :logger, logger, { headers: true, bodies: true } do |l|
    # Filter sensitive data from JSON content

    l.filter(/("password":")(.+?)(".*)/, '\1[REMOVED]\3')
    l.filter(/("accessToken":")(.+?)(".*)/, '\1[REMOVED]\3')

    # Filter sensitive data from request headers

    l.filter(/(client-secret:.)([^&]+)/, '\1[REMOVED]')
    l.filter(/(Authorization:.)([^&]+)/, '\1[REMOVED]')

    # Filter Skykick-specific sensitive header and token information

    l.filter(/(Ocp-Apim-Subscription-Key: ")(.+?)(")/, '\1[REMOVED]\3')
    l.filter(/("access_token":")(.+?)(".*)/, '\1[REMOVED]\3')
  end
end