redact http authorization header in debug log output

This commit is contained in:
Michael Eischer 2021-08-04 22:19:44 +02:00
parent 0c0e7b6957
commit 0936d864a4

View file

@ -76,6 +76,12 @@ func RoundTripper(upstream http.RoundTripper) http.RoundTripper {
}
func (tr loggingRoundTripper) RoundTrip(req *http.Request) (res *http.Response, err error) {
// save original auth and redact it
origAuth, hasAuth := req.Header["Authorization"]
if hasAuth {
req.Header["Authorization"] = []string{"**redacted**"}
}
trace, err := httputil.DumpRequestOut(req, false)
if err != nil {
Log("DumpRequestOut() error: %v\n", err)
@ -83,6 +89,11 @@ func (tr loggingRoundTripper) RoundTrip(req *http.Request) (res *http.Response,
Log("------------ HTTP REQUEST -----------\n%s", trace)
}
// restore auth
if hasAuth {
req.Header["Authorization"] = origAuth
}
res, err = tr.RoundTripper.RoundTrip(req)
if err != nil {
Log("RoundTrip() returned error: %v", err)