Merge pull request #139 from vijayabraj/master

SensitiveLogger for Java SDK

Author: kikmak42

pom.xml

@@ -9,7 +9,7 @@
     <groupId>net.authorize</groupId>
     <artifactId>anet-java-sdk</artifactId>
     <packaging>jar</packaging>
-    <version>1.9.7-SNAPSHOT</version>
+    <version>1.9.8-SNAPSHOT</version>
     <name>Authorize.Net Java SDK</name>
     <description>Authorize.Net SDK includes standard payments, recurring billing, and customer profiles.</description>
     <url>http://developer.authorize.net</url>
@@ -81,6 +81,11 @@
             <version>1.3</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+    		<groupId>com.google.code.gson</groupId>
+    		<artifactId>gson</artifactId>
+    		<version>2.3.1</version>
+		</dependency>    
     </dependencies>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -145,16 +150,23 @@
             </plugin>
         </plugins>
         <resources>
+            <resource>
+                <directory>resources</directory>
+                <filtering>true</filtering>
+                <includes>
+                    <include>**/AuthorizedNetSensitiveTagsConfig.json</include>
+                </includes>
+            </resource>
             <resource>
                 <directory>resources</directory>
                 <filtering>false</filtering>
                 <includes>
-                    <include>*</include>
+                    <include>**/*.*</include>
                 </includes>
                 <excludes>
                 	<exclude>log4j.properties</exclude>
                 </excludes>
-            </resource>
+            </resource>                   
         </resources>
     </build>
 </project>

resources/AuthorizedNetSensitiveTagsConfig.json

@@ -0,0 +1,49 @@
+{
+    "sensitiveTags": [
+        {
+            "tagName": "cardCode",
+            "pattern": "",
+            "replacement": "xxx",
+            "disableMask": false
+        },
+        {
+            "tagName": "cardNumber",
+            "pattern": "(\\p{N}+)(\\p{N}{4})",
+            "replacement": "xxxx-$2",
+            "disableMask": false
+        },
+        {
+            "tagName": "expirationDate",
+            "pattern": "",
+            "replacement": "xxx",
+            "disableMask": false
+        },
+        {
+            "tagName": "accountNumber",
+            "pattern": "(\\p{N}+)(\\p{N}{4})",
+            "replacement": "xxxx-$2",
+            "disableMask": false
+        },
+        {
+            "tagName": "nameOnAccount",
+            "pattern": "",
+            "replacement": "xxx",
+            "disableMask": false
+        },
+        {
+            "tagName": "transactionKey",
+            "pattern": "",
+            "replacement": "xxx",
+            "disableMask": false
+        }
+    ],
+    "sensitiveStringRegexes": [
+        "4\\p{N}{3}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+        "4\\p{N}{3}([\\ \\-]?)(?:\\p{N}{4}\\1){2}\\p{N}(?:\\p{N}{3})?",
+        "5[1-5]\\p{N}{2}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+        "6(?:011|22(?:1(?=[\\ \\-]?(?:2[6-9]|[3-9]))|[2-8]|9(?=[\\ \\-]?(?:[01]|2[0-5])))|4[4-9]\\p{N}|5\\p{N}\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+        "35(?:2[89]|[3-8]\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+        "3[47]\\p{N}\\p{N}([\\ \\-]?)\\p{N}{6}\\1\\p{N}{5}"
+    ]
+}
+

resources/project.properties

@@ -0,0 +1 @@
+project.basedir=${basedir}

src/main/java/net/authorize/util/Constants.java

@@ -35,5 +35,5 @@ public final class Constants {
 	public static final String HTTP_READ_TIME_OUT = "http.ReadTimeout";
 	public static final int HTTP_READ_TIME_OUT_DEFAULT_VALUE = 30000;
 
-	public static final String CLIENT_ID = "sdk-java-1.9.6";
+	public static final String CLIENT_ID = "sdk-java-1.9.7";
 }

src/main/java/net/authorize/util/HttpUtility.java

@@ -68,7 +68,6 @@ static HttpPost createPostRequest(Environment env, ANetApiRequest request) throw
 
 		if(null != request) {
 			  postUrl = new URI(env.getXmlBaseUrl() + "/xml/v1/request.api");
-			  logger.debug(String.format("MerchantInfo->LoginId/TransactionKey: '%s':'%s'", request.getMerchantAuthentication().getName(), request.getMerchantAuthentication().getTransactionKey() ));
 			  logger.debug(String.format("Posting request to Url: '%s'", postUrl));
 			  httpPost = new HttpPost(postUrl);
               httpPost.getParams().setBooleanParameter(CoreProtocolPNames.USE_EXPECT_CONTINUE, false);

src/main/java/net/authorize/util/SensitiveDataConfigType.java

@@ -0,0 +1,24 @@
+package net.authorize.util;
+
+public class SensitiveDataConfigType {
+	
+	public SensitiveTag[] sensitiveTags;
+	
+	public SensitiveTag[] getSensitiveTags() {
+		return sensitiveTags;
+	}
+
+	public void setSensitiveTags(SensitiveTag[] sensitiveTags) {
+		this.sensitiveTags = sensitiveTags;
+	}
+
+	public String[] getSensitiveStringRegexes() {
+		return sensitiveStringRegexes;
+	}
+
+	public void setSensitiveStringRegexes(String[] sensitiveStringRegexes) {
+		this.sensitiveStringRegexes = sensitiveStringRegexes;
+	}
+
+	public String[] sensitiveStringRegexes;
+}

src/main/java/net/authorize/util/SensitiveFilterLayout.java

@@ -0,0 +1,86 @@
+package net.authorize.util;
+
+import java.io.BufferedReader;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.UnsupportedEncodingException;
+import java.util.regex.Pattern;
+
+import org.apache.log4j.PatternLayout;
+import org.apache.log4j.spi.LoggingEvent;
+import org.apache.log4j.Logger;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+
+public class SensitiveFilterLayout extends PatternLayout{
+	
+	private static Pattern[] cardPatterns;
+	
+	private static Pattern[] tagPatterns;
+	private static String[] tagReplacements;
+	private static Gson gson;
+	
+	public SensitiveFilterLayout() throws UnsupportedEncodingException, FileNotFoundException, IOException {
+		GsonBuilder gsonBuilder = new GsonBuilder();
+		gsonBuilder.registerTypeAdapter(SensitiveDataConfigType.class, new SensitiveTagsDeserializer());
+		gson = gsonBuilder.create();
+			
+		InputStream in = getClass().getResourceAsStream("/AuthorizedNetSensitiveTagsConfig.json"); 
+		BufferedReader reader = new BufferedReader(new InputStreamReader(in));
+			SensitiveDataConfigType configType = gson.fromJson(reader, SensitiveDataConfigType.class);
+			cardPatterns = new Pattern[configType.sensitiveStringRegexes.length];
+
+	      for(int i = 0; i < configType.sensitiveStringRegexes.length; i++) {  
+		    	  cardPatterns[i] = Pattern.compile(configType.sensitiveStringRegexes[i]);
+		      }
+		      
+			int noOfSensitiveTags = configType.sensitiveTags.length;
+			tagPatterns     = new Pattern[noOfSensitiveTags];
+		    tagReplacements = new String[noOfSensitiveTags];
+     		      
+             for(int j=0; j<noOfSensitiveTags; j++) {
+		    	  String tagName     = configType.sensitiveTags[j].tagName;
+		    	  String pattern     = configType.sensitiveTags[j].pattern;
+		    	  String replacement = configType.sensitiveTags[j].replacement;
+		    	  
+		    	  if(pattern != null && !pattern.isEmpty())
+		    		  tagPatterns[j] = Pattern.compile("<"+tagName+">"+pattern+"</"+tagName+">");
+		    	  else
+		    		  tagPatterns[j] = Pattern.compile("<"+tagName+">"+".+"+"</"+tagName+">");
+		    	  tagReplacements[j] = "<"+tagName+">"+replacement+"</"+tagName+">";
+		      }
+             if(reader!=null)
+            	 reader.close();
+	}
+
+	@Override
+	public String format(LoggingEvent event) {
+		if(event.getMessage() instanceof String) {
+			String message = event.getRenderedMessage();
+			String maskXmlMessage = SensitiveFilterLayout.maskSensitiveXmlString(message);
+			String maskCardNumber = SensitiveFilterLayout.maskCreditCards(maskXmlMessage);
+			
+			Throwable throwable = event.getThrowableInformation() != null ? event.getThrowableInformation().getThrowable() : null;
+			LoggingEvent maskedEvent = new LoggingEvent(event.fqnOfCategoryClass, Logger.getLogger(event.getLoggerName()), event.timeStamp, event.getLevel(), maskCardNumber, throwable);			
+			return super.format(maskedEvent);
+		}		
+		return null;
+	}
+
+	public static String maskCreditCards(String str) {
+	    for (int i = 0; i < cardPatterns.length; i++) {
+	        str = cardPatterns[i].matcher(str).replaceAll("XXXX");
+	    }
+	    return str;
+	}
+	
+	public static String maskSensitiveXmlString(String str) {
+	    for (int i = 0; i < tagPatterns.length; i++) {
+	        str = tagPatterns[i].matcher(str).replaceAll(tagReplacements[i]);
+	    }
+	    return str;
+	}	
+}

src/main/java/net/authorize/util/SensitiveTag.java

@@ -0,0 +1,50 @@
+package net.authorize.util;
+
+public class SensitiveTag {
+	
+	public String tagName;
+	public String getTagName() {
+		return tagName;
+	}
+
+	public void setTagName(String tagName) {
+		this.tagName = tagName;
+	}
+
+	public String getPattern() {
+		return pattern;
+	}
+
+	public void setPattern(String pattern) {
+		this.pattern = pattern;
+	}
+
+	public String getReplacement() {
+		return replacement;
+	}
+
+	public void setReplacement(String replacement) {
+		this.replacement = replacement;
+	}
+
+	public boolean isDisableMask() {
+		return disableMask;
+	}
+
+	public void setDisableMask(boolean disableMask) {
+		this.disableMask = disableMask;
+	}
+
+	public String pattern;
+	public String replacement;
+	public boolean disableMask;
+	
+	public SensitiveTag(String tagName, String pattern, String replacement, boolean disableMask) {
+		
+		this.tagName = tagName;
+		this.pattern = pattern;
+		this.replacement = replacement;
+		this.disableMask = disableMask;
+	}
+}
+

src/main/java/net/authorize/util/SensitiveTagsDeserializer.java

@@ -0,0 +1,35 @@
+package net.authorize.util;
+
+import java.lang.reflect.Type;
+
+import com.google.gson.JsonArray;
+import com.google.gson.JsonDeserializationContext;
+import com.google.gson.JsonDeserializer;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParseException;
+
+public class SensitiveTagsDeserializer implements JsonDeserializer<SensitiveDataConfigType>{
+
+	public SensitiveDataConfigType deserialize(JsonElement arg0, Type arg1, JsonDeserializationContext arg2)
+			throws JsonParseException {
+		final JsonObject jsonObject = arg0.getAsJsonObject();
+
+		final JsonArray jsonSensitiveRegexesArray = jsonObject.get("sensitiveStringRegexes").getAsJsonArray();
+		
+		final String[] stringRegexes = new String[jsonSensitiveRegexesArray.size()];
+				
+		for (int j=0; j<stringRegexes.length; j++) {
+			final JsonElement jsonStringRegex = jsonSensitiveRegexesArray.get(j);
+			stringRegexes[j] = jsonStringRegex.getAsString();
+		}
+
+		SensitiveTag[] sensitiveTags = arg2.deserialize(jsonObject.get("sensitiveTags"), SensitiveTag[].class);
+		
+		final SensitiveDataConfigType configType = new SensitiveDataConfigType();
+		configType.setSensitiveTags(sensitiveTags);
+		configType.setSensitiveStringRegexes(stringRegexes);
+		
+		return configType;
+	}
+}