From cc90f690af8a3cada73bf4e936cda51f74a44b78 Mon Sep 17 00:00:00 2001 From: Kelly Davis Date: Mon, 15 Oct 2018 15:50:17 -0400 Subject: [PATCH] Add authm header to obscured list --- lib/server.js | 2 +- test/middleware.test.js | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/server.js b/lib/server.js index 942ff4f..72eb832 100644 --- a/lib/server.js +++ b/lib/server.js @@ -43,7 +43,7 @@ function validateConfig (config) { } function getMiddlewareConfig (config, logger) { - const alwaysObscureHeaders = ['authorization', 'cookie'] + const alwaysObscureHeaders = ['authorization', 'cookie', 'x-kuali-authm'] const middleConfig = { headerName: 'X-Request-Id', diff --git a/test/middleware.test.js b/test/middleware.test.js index 9f3b3f7..8c1dd77 100644 --- a/test/middleware.test.js +++ b/test/middleware.test.js @@ -79,6 +79,7 @@ describe('middleware', () => { .set('obscure', 'test') .set('exclude', 'test') .set('Authorization', 'Bearer hey') + .set('X-Kuali-Authm', 'my authm') .end((err, res) => { if (err) throw err expect(catcher.last.req.headers.obscure).toBeNull() @@ -86,6 +87,7 @@ describe('middleware', () => { false ) expect(catcher.last.req.headers.authorization).toBeNull() + expect(catcher.last.req.headers['x-kuali-authm']).toBeNull() done() }) })