Merge "Filter X-Auth-Token in catch_errors"

2016-12-07 10:03:29 +00:00 · 2016-12-07 10:03:29 +00:00 · 9891ec95da
parent 6feaa13610 634d45ed94
commit 9891ec95da
2 changed files with 5 additions and 0 deletions
--- a/oslo_middleware/catch_errors.py
+++ b/oslo_middleware/catch_errors.py
@ -37,6 +37,8 @@ class CatchErrors(base.ConfigurableMiddleware):
        try:
            response = req.get_response(self.application)
        except Exception:
+            if hasattr(req, 'environ') and 'HTTP_X_AUTH_TOKEN' in req.environ:
+                req.environ['HTTP_X_AUTH_TOKEN'] = '*****'
            LOG.exception(_LE('An error occurred during '
                              'processing the request: %s'), req)
            response = webob.exc.HTTPInternalServerError()
--- a/oslo_middleware/tests/test_catch_errors.py
+++ b/oslo_middleware/tests/test_catch_errors.py
@ -26,6 +26,7 @@ class CatchErrorsTest(test_base.BaseTestCase):
    def _test_has_request_id(self, application, expected_code=None):
        app = catch_errors.CatchErrors(application)
        req = webob.Request.blank('/test')
+        req.environ['HTTP_X_AUTH_TOKEN'] = 'hello=world'
        res = req.get_response(app)
        self.assertEqual(expected_code, res.status_int)

@ -45,3 +46,5 @@ class CatchErrorsTest(test_base.BaseTestCase):
            self._test_has_request_id(application,
                                      webob.exc.HTTPInternalServerError.code)
            self.assertEqual(1, log_exc.call_count)
+            req_log = log_exc.call_args[0][1]
+            self.assertIn('X-Auth-Token: *****', str(req_log))