Merge "Mask passwords in debug log on user password operations" into stable/juno

keystone/common/controller.py

@@ -25,6 +25,7 @@ from keystone import exception
 from keystone.i18n import _
 from keystone.models import token_model
 from keystone.openstack.common import log
+from keystone.openstack.common import strutils
 
 
 LOG = log.getLogger(__name__)
@@ -50,9 +51,12 @@ def v2_deprecated(f):
 
 
 def _build_policy_check_credentials(self, action, context, kwargs):
+    kwargs_str = ', '.join(['%s=%s' % (k, kwargs[k]) for k in kwargs])
+    kwargs_str = strutils.mask_password(kwargs_str)
+
     LOG.debug('RBAC: Authorizing %(action)s(%(kwargs)s)', {
         'action': action,
-        'kwargs': ', '.join(['%s=%s' % (k, kwargs[k]) for k in kwargs])})
+        'kwargs': kwargs_str})
 
     # see if auth context has already been created. If so use it.
     if ('environment' in context and

keystone/tests/test_v3_identity.py

@@ -1662,8 +1662,6 @@ class IdentityTestCase(test_v3.RestfulTestCase):
     def test_create_user_password_not_logged(self):
         # When a user is created, the password isn't logged at any level.
 
-        # FIXME(blk-u): This doesn't work as expected, see bug 1465922
-
         log_fix = self.useFixture(fixtures.FakeLogger(level=logging.DEBUG))
 
         ref = self.new_user_ref(domain_id=self.domain_id)
@@ -1671,15 +1669,12 @@ class IdentityTestCase(test_v3.RestfulTestCase):
             '/users',
             body={'user': ref})
 
-        # This should be assert*Not*In, see bug 1465922
+        self.assertNotIn(ref['password'], log_fix.output)
-        self.assertIn(ref['password'], log_fix.output)
 
     def test_update_password_not_logged(self):
         # When admin modifies user password, the password isn't logged at any
         # level.
 
-        # FIXME(blk-u): This doesn't work as expected, see bug 1465922
-
         log_fix = self.useFixture(fixtures.FakeLogger(level=logging.DEBUG))
 
         # bootstrap a user as admin
@@ -1694,9 +1689,7 @@ class IdentityTestCase(test_v3.RestfulTestCase):
                    expected_status=200)
 
         self.assertNotIn(password, log_fix.output)
-
+        self.assertNotIn(new_password, log_fix.output)
-        # This should be assert*Not*In, see bug 1465922
-        self.assertIn(new_password, log_fix.output)
 
 
 class IdentityInheritanceTestCase(test_v3.RestfulTestCase):
@@ -2346,8 +2339,6 @@ class UserSelfServiceChangingPasswordsTestCase(test_v3.RestfulTestCase):
         # When a user changes their password, the password isn't logged at any
         # level.
 
-        # FIXME(blk-u): This doesn't work as expected, see bug 1465922
-
         log_fix = self.useFixture(fixtures.FakeLogger(level=logging.DEBUG))
 
         # change password
@@ -2356,6 +2347,5 @@ class UserSelfServiceChangingPasswordsTestCase(test_v3.RestfulTestCase):
                              original_password=self.user_ref['password'],
                              expected_status=204)
 
-        # These should be assert*Not*In, see bug 1465922
+        self.assertNotIn(self.user_ref['password'], log_fix.output)
-        self.assertIn(self.user_ref['password'], log_fix.output)
+        self.assertNotIn(new_password, log_fix.output)
-        self.assertIn(new_password, log_fix.output)