Mark password/secret options as secret

Password, token, and secret options should be marked as secret=True so that when the value is logged the logger knows to obfuscate the value. Conflicts: keystoneauth1/extras/_saml2/_loading.py keystoneauth1/loading/_plugins/identity/v3.py - There was no saml2 plugin in keystoneauth1. - The OpenIDConnectPassword and OpenIDConnectAuthorizationCode plugins didn't exist. Change-Id: I4818c4cc04cc6a4e1e3cf09d5e0b7b4ffefbb892 Closes-Bug: 1534299 (cherry picked from commit fcd9538eaf)
2016-01-14 16:43:55 -06:00 · 2016-01-14 16:43:55 -06:00 · 877ddce291
parent 0d9fcb045b
commit 877ddce291
1 changed files with 3 additions and 2 deletions
--- a/keystoneauth1/loading/_plugins/identity/generic.py
+++ b/keystoneauth1/loading/_plugins/identity/generic.py
@ -47,7 +47,8 @@ class Token(GenericBaseLoader):
        options = super(Token, self).get_options()

        options.extend([
-            loading.Opt('token', help='Token to authenticate with'),
+            loading.Opt('token', secret=True,
+                        help='Token to authenticate with'),
        ])

        return options
@ -69,6 +70,6 @@ class Password(GenericBaseLoader):
                        deprecated=[loading.Opt('username')]),
            loading.Opt('user-domain-id', help="User's domain id"),
            loading.Opt('user-domain-name', help="User's domain name"),
-            loading.Opt('password', help="User's password"),
+            loading.Opt('password', secret=True, help="User's password"),
        ])
        return options