Make sure GitLabTestContextRequestOptions.LogHeaders() masks authent data (#523)

louis-z · web-flow · commit 7c3a521a4f5b · 2023-09-11T14:19:35.000-04:00
diff --git a/NGitLab.Tests/Docker/GitLabTestContextRequestOptions.cs b/NGitLab.Tests/Docker/GitLabTestContextRequestOptions.cs
@@ -199,13 +199,21 @@ private static void LogHeaders(StringBuilder sb, WebHeaderCollection headers)
 
                 foreach (var headerValue in headerValues)
                 {
+                    sb.Append(headerName).Append(": ");
                     if (string.Equals(headerName, "Private-Token", StringComparison.OrdinalIgnoreCase))
                     {
-                        sb.Append("Private-Token").Append(": ****** ").AppendLine();
+                        sb.AppendLine("******");
+                    }
+                    else if (string.Equals(headerName, "Authorization", StringComparison.OrdinalIgnoreCase))
+                    {
+                        const string BearerTokenPrefix = "Bearer ";
+                        if (headerValue.StartsWith(BearerTokenPrefix, StringComparison.Ordinal))
+                            sb.Append(BearerTokenPrefix);
+                        sb.AppendLine("******");
                     }
                     else
                     {
-                        sb.Append(headerName).Append(": ").Append(headerValue).AppendLine();
+                        sb.AppendLine(headerValue);
                     }
                 }
             }

Original file line number	Diff line number	Diff line change
`@@ -199,13 +199,21 @@ private static void LogHeaders(StringBuilder sb, WebHeaderCollection headers)`
`199`	`199`
`200`	`200`	`foreach (var headerValue in headerValues)`
`201`	`201`	`{`
	`202`	`+ sb.Append(headerName).Append(": ");`
`202`	`203`	`if (string.Equals(headerName, "Private-Token", StringComparison.OrdinalIgnoreCase))`
`203`	`204`	`{`
`204`		`- sb.Append("Private-Token").Append(": ****** ").AppendLine();`
	`205`	`+ sb.AppendLine("******");`
	`206`	`+ }`
	`207`	`+ else if (string.Equals(headerName, "Authorization", StringComparison.OrdinalIgnoreCase))`
	`208`	`+ {`
	`209`	`+ const string BearerTokenPrefix = "Bearer ";`
	`210`	`+ if (headerValue.StartsWith(BearerTokenPrefix, StringComparison.Ordinal))`
	`211`	`+ sb.Append(BearerTokenPrefix);`
	`212`	`+ sb.AppendLine("******");`
`205`	`213`	`}`
`206`	`214`	`else`
`207`	`215`	`{`
`208`		`- sb.Append(headerName).Append(": ").Append(headerValue).AppendLine();`
	`216`	`+ sb.AppendLine(headerValue);`
`209`	`217`	`}`
`210`	`218`	`}`
`211`	`219`	`}`