JSONFormatter logs auth_token
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
oslo.context |
Fix Released
|
High
|
Unassigned | ||
oslo.log |
Invalid
|
High
|
Unassigned |
Bug Description
As reported here: https:/
It looks like we took steps to sanitize the token from the JSON output[0], but we missed a nested instance in the context auth_token_info. It sounds like we probably need to start stripping some of the context out in the JSONFormatter anyway because logging the full catalog in every message is unreasonable. Need to figure out if we just remove the catalog and auth_token or if we can do away with the whole auth_token_info field.
0: https:/
Changed in oslo.context: | |
status: | Invalid → Triaged |
We should also update oslo.context to strip the nested auth_token field from the dict it returns. Strictly speaking, the security side of this could be taken care of by that alone, but I still think we should make the change in oslo.log too as both a belt-and-suspenders thing and because of the semi-related catalog issue.