From 85ec213db804cc41acd1b5f2e447bcdb8430f8e1 Mon Sep 17 00:00:00 2001
From: Jonas Platte <jplatte@matrix.org>
Date: Thu, 20 Oct 2022 10:38:45 +0200
Subject: [PATCH] fix(base): Don't leak access and refresh tokens in Debug
 output

---
 crates/matrix-sdk-base/src/client.rs  |  3 +--
 crates/matrix-sdk-base/src/session.rs | 21 +++++++++++++++++++--
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/crates/matrix-sdk-base/src/client.rs b/crates/matrix-sdk-base/src/client.rs
index 073b3e7328e..870af2675e5 100644
--- a/crates/matrix-sdk-base/src/client.rs
+++ b/crates/matrix-sdk-base/src/client.rs
@@ -96,9 +96,8 @@ impl fmt::Debug for BaseClient {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         f.debug_struct("Client")
             .field("session_meta", &self.store.session_meta())
-            .field("session_tokens", &self.store.session_tokens)
             .field("sync_token", &self.store.sync_token)
-            .finish()
+            .finish_non_exhaustive()
     }
 }
 
diff --git a/crates/matrix-sdk-base/src/session.rs b/crates/matrix-sdk-base/src/session.rs
index de3b30539fd..3f453a362fb 100644
--- a/crates/matrix-sdk-base/src/session.rs
+++ b/crates/matrix-sdk-base/src/session.rs
@@ -15,6 +15,8 @@
 
 //! User sessions.
 
+use std::fmt;
+
 use ruma::{api::client::session::refresh_token, OwnedDeviceId, OwnedUserId};
 use serde::{Deserialize, Serialize};
 
@@ -36,7 +38,7 @@ use serde::{Deserialize, Serialize};
 ///
 /// assert_eq!(session.device_id.as_str(), "MYDEVICEID");
 /// ```
-#[derive(Clone, Debug, Eq, Hash, PartialEq, Serialize, Deserialize)]
+#[derive(Clone, Eq, Hash, PartialEq, Serialize, Deserialize)]
 pub struct Session {
     /// The access token used for this session.
     pub access_token: String,
@@ -66,6 +68,15 @@ impl Session {
     }
 }
 
+impl fmt::Debug for Session {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.debug_struct("Session")
+            .field("user_id", &self.user_id)
+            .field("device_id", &self.device_id)
+            .finish_non_exhaustive()
+    }
+}
+
 impl From<ruma::api::client::session::login::v3::Response> for Session {
     fn from(response: ruma::api::client::session::login::v3::Response) -> Self {
         Self {
@@ -88,7 +99,7 @@ pub struct SessionMeta {
 
 /// The mutable parts of the session: the access token and optional refresh
 /// token.
-#[derive(Clone, Debug)]
+#[derive(Clone)]
 pub struct SessionTokens {
     /// The access token used for this session.
     pub access_token: String,
@@ -107,3 +118,9 @@ impl SessionTokens {
         }
     }
 }
+
+impl fmt::Debug for SessionTokens {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.debug_struct("SessionTokens").finish_non_exhaustive()
+    }
+}