4 * Scrub credential from POST login body data.
6 * @param {Boolean} sanitize
9 function sanitizePostCredential(data
, sanitize
= true) {
18 const credentialLength
= data
?.ctx
?.parsedBody
?.[k
]?.length
; // eslint-disable-line security/detect-object-injection
19 const kUnclean
= !!credentialLength
;
21 if (kUnclean
&& sanitize
) {
22 data
.ctx
.parsedBody
[k
] = '*'.repeat(credentialLength
); // eslint-disable-line security/detect-object-injection
31 * Scrub sensitive data from context.
32 * @param {Object} data
33 * @param {Boolean} sanitize
36 function sanitizeContext(data
, sanitize
= true) {
44 const secretLength
= data
?.ctx
?.[k
]?.length
; // eslint-disable-line security/detect-object-injection
45 const kUnclean
= !! secretLength
;
47 if (kUnclean
&& sanitize
) {
48 data
.ctx
[k
] = '*'.repeat(secretLength
); // eslint-disable-line security/detect-object-injection
52 // shorten mystery boxes
57 const mysteryLength
= data
?.ctx
?.[k
]?.length
; // eslint-disable-line security/detect-object-injection
58 const mUnclean
= !! mysteryLength
;
60 if (mUnclean
&& sanitize
) {
61 data
.ctx
[k
] = `[scrubbed ${mysteryLength} bytes]`; // eslint-disable-line security/detect-object-injection
65 const cookieLength
= data
?.ctx
?.cookie
?.squeepSession
?.length
;
69 data
.ctx
.cookie
.squeepSession
= `[scrubbed ${cookieLength} bytes]`;
78 * Reduce logged data about scopes from profilesScopes.
79 * For all referenced scopes, only include profiles list.
80 * Remove scopes without profile references from scopeIndex.
81 * @param {Object} data
82 * @param {Boolean} sanitize
84 function reduceScopeVerbosity(data
, sanitize
= true) {
88 scopesEntries: ctxScopesEntries
,
89 profilesEntries: ctxProfilesEntries
,
90 needsSanitize: ctxNeedsSanitize
,
91 } = _scopesFrom(data
?.ctx
?.profilesScopes
);
94 scopesEntries: sessionScopesEntries
,
95 profilesEntries: sessionProfilesEntries
,
96 needsSanitize: sessionNeedsSanitize
,
97 } = _scopesFrom(data
?.ctx
?.session
);
99 if (ctxNeedsSanitize
|| sessionNeedsSanitize
) {
102 if (unclean
&& sanitize
) {
103 if (ctxNeedsSanitize
) {
104 Object
.assign(data
.ctx
.profilesScopes
, _sanitizeProfilesScopes(ctxScopesEntries
, ctxProfilesEntries
));
106 if (sessionNeedsSanitize
) {
107 Object
.assign(data
.ctx
.session
, _sanitizeProfilesScopes(sessionScopesEntries
, sessionProfilesEntries
));
116 * Return any scope entries on an object, and whether sanitization is needed.
117 * @param {Object=} obj
120 const _scopesFrom
= (obj
) => {
121 const scopesEntries
= Object
.entries(obj
?.scopeIndex
|| {});
122 const profilesEntries
= Object
.entries(obj
?.profileScopes
|| {});
123 const needsSanitize
= scopesEntries
.length
|| profilesEntries
.length
;
133 * @typedef {[String, Object]} ScopeEntry
136 * Return new list of entries with scrubbed scopeDetails.
137 * @param {ScopeEntry[]} entries
138 * @returns {ScopeEntry[]}
140 const _scopeEntriesScrubber
= (entries
) => entries
.map(([scopeName
, scopeDetails
]) => ([scopeName
, { profiles: scopeDetails
.profiles
}]));
144 * Create a new profilesScopes type object with scrubbed scope details.
145 * @param {ScopeEntry[]} scopesEntries
146 * @param {ScopeEntry[]} profilesEntries
149 const _sanitizeProfilesScopes
= (scopesEntries
, profilesEntries
) => {
150 const referencedScopesEntries
= scopesEntries
.filter(([_scopeName
, scopeDetails
]) => scopeDetails
?.profiles
?.length
); // eslint-disable-line no-unused-vars
151 const scrubbedScopesEntries
= _scopeEntriesScrubber(referencedScopesEntries
);
153 const scrubbedProfilesEntries
= profilesEntries
.map(([profileName
, profileScopes
]) => {
154 const profileScopeEntries
= Object
.entries(profileScopes
);
155 const scrubbedProfileScopeEntries
= _scopeEntriesScrubber(profileScopeEntries
);
156 const scrubbedProfileScopes
= Object
.fromEntries(scrubbedProfileScopeEntries
);
157 return [profileName
, scrubbedProfileScopes
];
161 scopeIndex: Object
.fromEntries(scrubbedScopesEntries
),
162 profileScopes: Object
.fromEntries(scrubbedProfilesEntries
),
167 sanitizePostCredential
,
169 reduceScopeVerbosity
,