mirror of
https://github.com/element-hq/synapse.git
synced 2024-11-30 08:59:56 +03:00
Create SynapseRequest that overrides __repr__ to not print access_token
This commit is contained in:
parent
44c9102e7a
commit
b5209c5744
2 changed files with 46 additions and 17 deletions
|
@ -63,6 +63,7 @@ import synapse
|
|||
|
||||
import logging
|
||||
import os
|
||||
import re
|
||||
import resource
|
||||
import subprocess
|
||||
|
||||
|
@ -433,9 +434,34 @@ class SynapseService(service.Service):
|
|||
return self._port.stopListening()
|
||||
|
||||
|
||||
class XForwardedForRequest(Request):
|
||||
def __init__(self, *args, **kw):
|
||||
class SynapseRequest(Request):
|
||||
def __init__(self, site_tag, *args, **kw):
|
||||
Request.__init__(self, *args, **kw)
|
||||
self.site_tag = site_tag
|
||||
self.authenticated_entity = None
|
||||
|
||||
def __repr__(self):
|
||||
# We overwrite this so that we don't log ``access_token``
|
||||
return '<%s at 0x%x method=%s uri=%s clientproto=%s site=%s>' % (
|
||||
self.__class__.__name__,
|
||||
id(self),
|
||||
self.method,
|
||||
self.get_redacted_uri(),
|
||||
self.clientproto,
|
||||
self.site_tag,
|
||||
)
|
||||
|
||||
def get_redacted_uri(self):
|
||||
return re.sub(
|
||||
r'(\?.*access_token=)[^&]*(.*)$',
|
||||
r'\1<redacted>\2',
|
||||
self.uri
|
||||
)
|
||||
|
||||
|
||||
class XForwardedForRequest(SynapseRequest):
|
||||
def __init__(self, *args, **kw):
|
||||
SynapseRequest.__init__(self, *args, **kw)
|
||||
|
||||
"""
|
||||
Add a layer on top of another request that only uses the value of an
|
||||
|
@ -451,8 +477,16 @@ class XForwardedForRequest(Request):
|
|||
b"x-forwarded-for", [b"-"])[0].split(b",")[0].strip()
|
||||
|
||||
|
||||
def XForwardedFactory(*args, **kwargs):
|
||||
return XForwardedForRequest(*args, **kwargs)
|
||||
class SynapseRequestFactory(object):
|
||||
def __init__(self, site_tag, x_forwarded_for):
|
||||
self.site_tag = site_tag
|
||||
self.x_forwarded_for = x_forwarded_for
|
||||
|
||||
def __call__(self, *args, **kwargs):
|
||||
if self.x_forwarded_for:
|
||||
return XForwardedForRequest(self.site_tag, *args, **kwargs)
|
||||
else:
|
||||
return SynapseRequest(self.site_tag, *args, **kwargs)
|
||||
|
||||
|
||||
class SynapseSite(Site):
|
||||
|
@ -462,8 +496,11 @@ class SynapseSite(Site):
|
|||
"""
|
||||
def __init__(self, logger_name, config, resource, *args, **kwargs):
|
||||
Site.__init__(self, resource, *args, **kwargs)
|
||||
if config.get("x_forwarded", False):
|
||||
self.requestFactory = XForwardedFactory
|
||||
|
||||
proxied = config.get("x_forwarded", False)
|
||||
self.requestFactory = SynapseRequestFactory(None, proxied)
|
||||
|
||||
if proxied:
|
||||
self._log_formatter = proxiedLogFormatter
|
||||
else:
|
||||
self._log_formatter = combinedLogFormatter
|
||||
|
|
|
@ -32,7 +32,6 @@ from twisted.web.util import redirectTo
|
|||
|
||||
import collections
|
||||
import logging
|
||||
import re
|
||||
import urllib
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
@ -83,18 +82,11 @@ def request_handler(request_handler):
|
|||
code = None
|
||||
start = self.clock.time_msec()
|
||||
try:
|
||||
request_uri = request.uri
|
||||
|
||||
# Don't log access_tokens
|
||||
request_uri = re.sub(
|
||||
r'(\?.*access_token=)[^&]*(.*)$',
|
||||
r'\1<redacted>\2',
|
||||
request_uri
|
||||
)
|
||||
|
||||
logger.info(
|
||||
"%s - Received request: %s %s",
|
||||
request.getClientIP(), request.method, request_uri
|
||||
request.getClientIP(),
|
||||
request.method,
|
||||
request.get_redacted_uri()
|
||||
)
|
||||
d = request_handler(self, request)
|
||||
with PreserveLoggingContext():
|
||||
|
|
Loading…
Reference in a new issue