Don't log auth tokens in debug mode (#5497)

Signed-off-by: Jason Parraga <[email protected]>
flyteorg · Jun 25, 2024 · f1e511d · f1e511d
1 parent 242303b
commit f1e511d
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/flyteadmin/auth/handlers.go b/flyteadmin/auth/handlers.go
@@ -260,9 +260,10 @@ func GetAuthenticationCustomMetadataInterceptor(authCtx interfaces.Authenticatio
 		if authCtx.Options().GrpcAuthorizationHeader != DefaultAuthorizationHeader {
 			md, ok := metadata.FromIncomingContext(ctx)
 			if ok {
-				existingHeader := md.Get(authCtx.Options().GrpcAuthorizationHeader)
+				grpcAuthzHeader := authCtx.Options().GrpcAuthorizationHeader
+				existingHeader := md.Get(grpcAuthzHeader)
 				if len(existingHeader) > 0 {
-					logger.Debugf(ctx, "Found existing metadata %s", existingHeader[0])
+					logger.Debugf(ctx, "Found existing metadata header %s", grpcAuthzHeader)
 					newAuthorizationMetadata := metadata.Pairs(DefaultAuthorizationHeader, existingHeader[0])
 					joinedMetadata := metadata.Join(md, newAuthorizationMetadata)
 					newCtx := metadata.NewIncomingContext(ctx, joinedMetadata)