fix: log HTTP request for pacts retrieved by URL when requested with …

…verbose=true
pact-foundation · Jul 27, 2021 · 3288b81 · 3288b81
1 parent ec3a1ee
commit 3288b81
Show file tree

Hide file tree

Showing 3 changed files with 54 additions and 4 deletions.
diff --git a/lib/pact/consumer_contract/pact_file.rb b/lib/pact/consumer_contract/pact_file.rb
@@ -1,4 +1,6 @@
-require 'net/http'
+require "net/http"
+require "pact/configuration"
+require "pact/http/authorization_header_redactor"
 
 module Pact
   module PactFile
@@ -81,15 +83,15 @@ def get_remote(uri, options)
       request = Net::HTTP::Get.new(uri)
       request = prepare_auth(request, options) if options[:username] || options[:token]
 
-      http = prepare_request(uri)
+      http = prepare_request(uri, options)
       response = perform_http_request(http, request, options)
 
       if response.is_a?(Net::HTTPRedirection)
         uri = URI(response.header['location'])
         req = Net::HTTP::Get.new(uri)
         req = prepare_auth(req, options) if options[:username] || options[:token]
 
-        http = prepare_request(uri)
+        http = prepare_request(uri, options)
         response = perform_http_request(http, req, options)
       end
       response
@@ -101,11 +103,12 @@ def prepare_auth(request, options)
       request
     end
 
-    def prepare_request(uri)
+    def prepare_request(uri, options)
       http = Net::HTTP.new(uri.host, uri.port, :ENV)
       http.use_ssl = (uri.scheme == 'https')
       http.ca_file = ENV['SSL_CERT_FILE'] if ENV['SSL_CERT_FILE'] && ENV['SSL_CERT_FILE'] != ''
       http.ca_path = ENV['SSL_CERT_DIR'] if ENV['SSL_CERT_DIR'] && ENV['SSL_CERT_DIR'] != ''
+      http.set_debug_output(Pact::Http::AuthorizationHeaderRedactor.new(Pact.configuration.output_stream)) if options[:verbose]
       http
     end
 

diff --git a/lib/pact/http/authorization_header_redactor.rb b/lib/pact/http/authorization_header_redactor.rb
@@ -0,0 +1,32 @@
+require "delegate"
+
+module Pact
+  module Http
+    class AuthorizationHeaderRedactor < SimpleDelegator
+      def puts(*args)
+        __getobj__().puts(*redact_args(args))
+      end
+
+      def print(*args)
+        __getobj__().puts(*redact_args(args))
+      end
+
+      def <<(*args)
+        __getobj__().send(:<<, *redact_args(args))
+      end
+
+      private
+
+      attr_reader :redactions
+
+      def redact_args(args)
+        args.collect{ | s| redact(s) }
+      end
+
+      def redact(string)
+        return string unless string.is_a?(String)
+        string.gsub(/Authorization: .*\\r\\n/, "Authorization: [redacted]\\r\\n")
+      end
+    end
+  end
+end
diff --git a/spec/lib/pact/http/authorization_header_redactor_spec.rb b/spec/lib/pact/http/authorization_header_redactor_spec.rb
@@ -0,0 +1,15 @@
+require "pact/http/authorization_header_redactor"
+
+module Pact
+  module Http
+    describe AuthorizationHeaderRedactor do
+      let(:stream) { StringIO.new }
+      let(:stream_redactor) { AuthorizationHeaderRedactor.new(stream) }
+
+      it "redacts the authorizaton header" do
+        stream_redactor << "\\r\\nAuthorization: Bearer TOKEN\\r\\n"
+        expect(stream.string).to eq "\\r\\nAuthorization: [redacted]\\r\\n"
+      end
+    end
+  end
+end