Merge pull request #20 from Scalingo/fix/STORY-1232/remove_password_p…

…rinting fix(printing): remove user info from service and host when printing them fix STORY-1232
Scalingo · Dec 12, 2024 · 91b9166 · 91b9166
2 parents 13d3002 + 8e116cf
commit 91b9166
Show file tree

Hide file tree

Showing 3 changed files with 51 additions and 21 deletions.
diff --git a/lib/etcd-discovery/host.rb b/lib/etcd-discovery/host.rb
@@ -25,16 +25,16 @@ def to_json
     end
 
     def to_uri(schemes = ["https", "http"])
-      a = attributes # Shorten name
-      schemes = [schemes] if !schemes.is_a?(Array)
-      scheme = schemes.find { |s|
-        !a["ports"][s].nil?
-      }
-      if a["user"].empty?
-        URI("#{scheme}://#{a["name"]}:#{a["ports"][scheme]}")
-      else
-        URI("#{scheme}://#{a["user"]}:#{a["password"]}@#{a["name"]}:#{a["ports"][scheme]}")
+      schemes = Array(schemes)
+
+      scheme = schemes.find { |s| attributes["ports"][s] }
+      raise "No valid scheme found" unless scheme
+
+      if attributes["user"].nil? || attributes["user"].empty?
+        return URI("#{scheme}://#{attributes["name"]}:#{attributes["ports"][scheme]}")
       end
+
+      URI("#{scheme}://#{attributes["user"]}:#{attributes["password"]}@#{attributes["name"]}:#{attributes["ports"][scheme]}")
     end
 
     def to_private_uri(schemes = ["https", "http"])
@@ -60,7 +60,12 @@ def set_credentials(user, password)
     end
 
     def to_s
-      to_uri.to_s
+      uri = to_uri
+      if uri.userinfo
+        user, _password = uri.userinfo.split(":", 2)
+        uri.userinfo = "#{user}:REDACTED"
+      end
+      uri.to_s
     end
   end
 end
diff --git a/lib/etcd-discovery/service.rb b/lib/etcd-discovery/service.rb
@@ -43,22 +43,27 @@ def one
     end
 
     def to_uri(schemes = ["https", "http"])
-      a = attributes
-      return one.to_uri(schemes) unless a["public"]
+      schemes = Array(schemes)
 
-      schemes = [schemes] if !schemes.is_a?(Array)
-      scheme = schemes.reject do |s|
-        a["ports"][s].nil?
-      end.first
-      if a["user"].nil? || a["user"] == ""
-        URI("#{scheme}://#{a["hostname"]}:#{a["ports"][scheme]}")
-      else
-        URI("#{scheme}://#{a["user"]}:#{a["password"]}@#{a["hostname"]}:#{a["ports"][scheme]}")
+      return one.to_uri(schemes) unless attributes["public"]
+
+      scheme = schemes.find { |s| attributes["ports"][s] }
+      raise "No valid scheme found" unless scheme
+
+      if attributes["user"].nil? || attributes["user"].empty?
+        return URI("#{scheme}://#{attributes["hostname"]}:#{attributes["ports"][scheme]}")
       end
+
+      URI("#{scheme}://#{attributes["user"]}:#{attributes["password"]}@#{attributes["hostname"]}:#{attributes["ports"][scheme]}")
     end
 
     def to_s
-      to_uri.to_s
+      uri = to_uri
+      if uri.userinfo
+        user, _password = uri.userinfo.split(":", 2)
+        uri.userinfo = "#{user}:REDACTED"
+      end
+      uri.to_s
     end
 
     def to_json

diff --git a/spec/etcd-discovery/service_spec.rb b/spec/etcd-discovery/service_spec.rb
@@ -113,11 +113,24 @@
       expect(service.to_uri.to_s).to eq "https://user:[email protected]:5000"
     end
 
+    it "should get the URI of one of the hosts with redacted password" do
+      mock_not_found("service01")
+      mock_hosts("service01", host, 1)
+      service = subject.get("service01")
+      expect(service.to_s).to eq "https://user:[email protected]:5000"
+    end
+
     it "should get the URI of the service if public" do
       mock_service_info("service01", info)
       service = subject.get("service01")
       expect(service.to_uri.to_s).to eq "https://user:[email protected]:5000"
     end
+
+    it "should get the URI of the service with redacted password" do
+      mock_service_info("service01", info)
+      service = subject.get("service01")
+      expect(service.to_s).to eq "https://user:[email protected]:5000"
+    end
   end
 
   # To get the private URI of a public service
@@ -128,5 +141,12 @@
       service = subject.get("service01")
       expect(service.one.to_uri.to_s).to eq "https://user:[email protected]:5000"
     end
+
+    it "should get the URI of the private host with redacted password" do
+      mock_service_info("service01", info)
+      mock_hosts("service01", host, 1)
+      service = subject.get("service01")
+      expect(service.one.to_s).to eq "https://user:[email protected]:5000"
+    end
   end
 end