Skip to content

Commit

Permalink
Merge pull request #334 from snyk/feat/log-masked-token
Browse files Browse the repository at this point in the history
feat: Log maskedToken on every server request
  • Loading branch information
hisenb3rg authored Jul 2, 2021
2 parents 8e5e1e0 + 0a7123a commit 6bbc7fd
Show file tree
Hide file tree
Showing 5 changed files with 24 additions and 4 deletions.
3 changes: 3 additions & 0 deletions lib/log.js
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,9 @@ function sanitiseHeaders(headers) {
if (hdrs.authorization) {
hdrs.authorization = '${AUTHORIZATION}';
}
if (hdrs['X-Broker-Token']) {
hdrs['X-Broker-Token'] = '${BROKER_TOKEN}';
};
return sanitiseObject(hdrs);
}

Expand Down
3 changes: 3 additions & 0 deletions lib/relay.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ const { replace, replaceUrlPartialChunk } = require('./replace-vars');
const tryJSONParse = require('./try-json-parse');
const logger = require('./log');
const version = require('./version');
const { maskToken } = require('./token');
const stream = require('stream');
const NodeCache = require('node-cache');

Expand Down Expand Up @@ -67,6 +68,7 @@ function requestHandler(filterRules) {
method: req.method,
headers: req.headers,
requestId: req.headers['snyk-request-id'] || uuid(),
maskedToken: req.maskedToken,
};

logger.debug(logContext, 'received request over HTTP connection');
Expand Down Expand Up @@ -192,6 +194,7 @@ function responseHandler(filterRules, config, io) {
headers,
requestId: headers['snyk-request-id'] || uuid(),
streamingID,
maskedToken: maskToken(brokerToken),
};

logger.debug(logContext, 'received request over websocket connection');
Expand Down
6 changes: 4 additions & 2 deletions lib/server/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ const logger = require('../log');
const socket = require('./socket');
const relay = require('../relay');
const version = require('../version');
const { maskToken } = require('../token');
const promBundle = require('express-prom-bundle');

module.exports = ({ config = {}, port = null, filters = {} }) => {
Expand Down Expand Up @@ -34,7 +35,7 @@ module.exports = ({ config = {}, port = null, filters = {} }) => {

app.get('/connection-status/:token', (req, res) => {
const token = req.params.token;
const maskedToken = token.slice(0, 4) + '-...-' + token.slice(-4);
const maskedToken = maskToken(token);

if (connections.has(token)) {
const clientsMetadata = connections.get(token).map((conn) => ({
Expand All @@ -51,7 +52,8 @@ module.exports = ({ config = {}, port = null, filters = {} }) => {
'/broker/:token/*',
(req, res, next) => {
const token = req.params.token;
const maskedToken = token.slice(0, 4) + '-...-' + token.slice(-4);
const maskedToken = maskToken(token);
req.maskedToken = maskedToken;

// check if we have this broker in the connections
if (!connections.has(token)) {
Expand Down
5 changes: 3 additions & 2 deletions lib/server/socket.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ const Primus = require('primus');
const Emitter = require('primus-emitter');
const logger = require('../log');
const relay = require('../relay');
const { maskToken } = require('../token');

module.exports = ({ server, filters, config }) => {
const io = new Primus(server, {
Expand All @@ -25,7 +26,7 @@ module.exports = ({ server, filters, config }) => {

const close = (closeReason = 'none') => {
if (token) {
const maskedToken = token.slice(0, 4) + '-...-' + token.slice(-4);
const maskedToken = maskToken(token);
const clientPool = connections
.get(token)
.filter((_) => _.socket !== socket);
Expand Down Expand Up @@ -67,7 +68,7 @@ module.exports = ({ server, filters, config }) => {
return;
}

const maskedToken = token.slice(0, 4) + '-...-' + token.slice(-4);
const maskedToken = maskToken(token);

logger.info(
{ maskedToken, metadata: clientData.metadata },
Expand Down
11 changes: 11 additions & 0 deletions lib/token.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
module.exports = {
maskToken,
};

function maskToken(token) {
if (!token || token === "") {
return "";
}

return token.slice(0, 4) + '-...-' + token.slice(-4);
}

0 comments on commit 6bbc7fd

Please sign in to comment.