Skip to content

Commit

Permalink
Add authm header to obscured list
Browse files Browse the repository at this point in the history
  • Loading branch information
Kelly Davis committed Oct 15, 2018
1 parent 6e9756b commit cc90f69
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lib/server.js
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ function validateConfig (config) {
}

function getMiddlewareConfig (config, logger) {
const alwaysObscureHeaders = ['authorization', 'cookie']
const alwaysObscureHeaders = ['authorization', 'cookie', 'x-kuali-authm']

const middleConfig = {
headerName: 'X-Request-Id',
Expand Down
2 changes: 2 additions & 0 deletions test/middleware.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -79,13 +79,15 @@ describe('middleware', () => {
.set('obscure', 'test')
.set('exclude', 'test')
.set('Authorization', 'Bearer hey')
.set('X-Kuali-Authm', 'my authm')
.end((err, res) => {
if (err) throw err
expect(catcher.last.req.headers.obscure).toBeNull()
expect(catcher.last.req.headers.hasOwnProperty('exclude')).toEqual(
false
)
expect(catcher.last.req.headers.authorization).toBeNull()
expect(catcher.last.req.headers['x-kuali-authm']).toBeNull()
done()
})
})
Expand Down

0 comments on commit cc90f69

Please sign in to comment.