feat(QAB-188): encode http auth headers by configuration (#108)

Co-authored-by: Ricardo García Fernández <[email protected]>

README.md

@@ -19,12 +19,13 @@ The library has a default configuration. However, these settings can be changed
 
 | Environment Variable | Default | Description |
 | -------------------- | ------- | ----------- |
-| SUITE | golium | Suite name (for logging purposes) | 
+| SUITE | golium | Suite name (for logging purposes) |
 | ENVIRONMENT | local | Name of the environment. Golium reads the environment configuration from the file `${DIR_ENVIRONMENTS}/${ENVIRONMENT}.yml`. This configuration is mandatory. An optional configuration file to separate sensitive data can be placed at `${DIR_ENVIRONMENTS}/${ENVIRONMENT}-private.yml`. Configuration is available to steps with the function `GetEnvironment()`. |
 | DIR_SCHEMAS | ./schemas | Directory where the JSON schemas are available. These JSON schemas are used by some steps to validate some output (e.g. the body of the HTTP response). |
 | DIR_ENVIRONMENTS | ./environments | Directory where the configuration for each environment is available. Each environment must have a yml file in this directory. |
 | LOG_DIRECTORY | ./logs | Directory where logs are written. There may be multiple log files. Currently, there is one for tracing the execution of the steps and scenarios (golium.log) and another one to save the HTTP requests and HTTP responses (http.log). |
 | LOG_LEVEL | INFO | Log level. Possible values are defined by [logrus](https://github.com/sirupsen/logrus) library. |
+| LOG_ENCODE | false | Encode sensible values when configured. Each encoder has its pre-defined sensible values  |
 
 ## Example
 
@@ -68,7 +69,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 
-	http://www.apache.org/licenses/LICENSE-2.0
+ http://www.apache.org/licenses/LICENSE-2.0
 
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,

cfg/config.go

@@ -33,4 +33,5 @@ type DirConfig struct {
 type LogConfig struct {
 	Directory string `yaml:"directory" envconfig:"LOG_DIRECTORY"`
 	Level     string `yaml:"level" envconfig:"LOG_LEVEL"`
+	Encode    bool   `yaml:"encode" envconfig:"LOG_ENCODE"`
 }

cfg/default.go

@@ -27,5 +27,6 @@ var DefaultConfig = Config{
 	Log: LogConfig{
 		Directory: "./logs",
 		Level:     "INFO",
+		Encode:    false,
 	},
 }

logger.go

@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"os"
 	"path"
+	"strings"
 
 	"github.com/sirupsen/logrus"
 )
@@ -29,6 +30,7 @@ const (
 // Logger logs in a configurable file.
 type Logger struct {
 	*logrus.Logger
+	Encode bool
 }
 
 // LoggerFactory returns a Logger instance.
@@ -78,5 +80,13 @@ func builder(file os.File) *Logger {
 			Hooks:     make(logrus.LevelHooks),
 			Level:     level,
 		},
+		GetConfig().Log.Encode,
 	}
 }
+
+func (l Logger) Obfuscate(plain string) string {
+	if !l.Encode {
+		return plain
+	}
+	return strings.Repeat("*", len(plain))
+}

steps/http/logger.go

@@ -24,6 +24,11 @@ import (
 
 var httpLog *Logger
 
+var AuthHeaders = map[string]string{
+	"X-API-KEY":     "apikey",
+	"Authorization": "jwt",
+}
+
 // Logger logs in a configurable file.
 type Logger struct {
 	Log *golium.Logger
@@ -74,6 +79,9 @@ func getHeaders(headers map[string][]string) string {
 	var fmtHeaders []string
 	for key, values := range headers {
 		for _, value := range values {
+			if _, ok := AuthHeaders[key]; ok {
+				value = httpLog.Log.Obfuscate(value)
+			}
 			fmtHeaders = append(fmtHeaders, fmt.Sprintf("%s: %s", key, value))
 		}
 	}