4 * Scrub credential from POST login body data.
5 * @param {object} data data
6 * @param {boolean} sanitize do sanitize
7 * @returns {boolean} did/would sanitize
9 function sanitizePostCredential(data
, sanitize
= true) {
18 const credentialLength
= data
?.ctx
?.parsedBody
?.[k
]?.length
; // eslint-disable-line security/detect-object-injection
19 const kUnclean
= !!credentialLength
;
21 if (kUnclean
&& sanitize
) {
22 data
.ctx
.parsedBody
[k
] = '*'.repeat(credentialLength
); // eslint-disable-line security/detect-object-injection
31 * Scrub sensitive data from context.
32 * @param {object} data data
33 * @param {boolean} sanitize do sanitize
34 * @returns {boolean} did/would sanitize
36 function sanitizeContext(data
, sanitize
= true) {
44 const secretLength
= data
?.ctx
?.[k
]?.length
; // eslint-disable-line security/detect-object-injection
45 const kUnclean
= !! secretLength
;
47 if (kUnclean
&& sanitize
) {
48 data
.ctx
[k
] = '*'.repeat(secretLength
); // eslint-disable-line security/detect-object-injection
52 // shorten mystery boxes
57 const mysteryLength
= data
?.ctx
?.[k
]?.length
; // eslint-disable-line security/detect-object-injection
58 const mUnclean
= !! mysteryLength
;
60 if (mUnclean
&& sanitize
) {
61 data
.ctx
[k
] = `[scrubbed ${mysteryLength} bytes]`; // eslint-disable-line security/detect-object-injection
65 const cookieLength
= data
?.ctx
?.cookie
?.squeepSession
?.length
;
69 data
.ctx
.cookie
.squeepSession
= `[scrubbed ${cookieLength} bytes]`;
78 * Reduce logged data about scopes from profilesScopes.
79 * For all referenced scopes, only include profiles list.
80 * Remove scopes without profile references from scopeIndex.
81 * @param {object} data data
82 * @param {boolean} sanitize do sanitize
83 * @returns {boolean} did/would sanitize
85 function reduceScopeVerbosity(data
, sanitize
= true) {
89 scopesEntries: ctxScopesEntries
,
90 profilesEntries: ctxProfilesEntries
,
91 needsSanitize: ctxNeedsSanitize
,
92 } = _scopesFrom(data
?.ctx
?.profilesScopes
);
95 scopesEntries: sessionScopesEntries
,
96 profilesEntries: sessionProfilesEntries
,
97 needsSanitize: sessionNeedsSanitize
,
98 } = _scopesFrom(data
?.ctx
?.session
);
100 if (ctxNeedsSanitize
|| sessionNeedsSanitize
) {
103 if (unclean
&& sanitize
) {
104 if (ctxNeedsSanitize
) {
105 Object
.assign(data
.ctx
.profilesScopes
, _sanitizeProfilesScopes(ctxScopesEntries
, ctxProfilesEntries
));
107 if (sessionNeedsSanitize
) {
108 Object
.assign(data
.ctx
.session
, _sanitizeProfilesScopes(sessionScopesEntries
, sessionProfilesEntries
));
117 * Return any scope entries on an object, and whether sanitization is needed.
118 * @param {object=} obj obj
119 * @returns {object} obj
121 const _scopesFrom
= (obj
) => {
122 const scopesEntries
= Object
.entries(obj
?.scopeIndex
|| {});
123 const profilesEntries
= Object
.entries(obj
?.profileScopes
|| {});
124 const needsSanitize
= scopesEntries
.length
|| profilesEntries
.length
;
134 * @typedef {[string, object]} ScopeEntry
137 * Return new list of entries with scrubbed scopeDetails.
138 * @param {ScopeEntry[]} entries entries
139 * @returns {ScopeEntry[]} entries
141 const _scopeEntriesScrubber
= (entries
) => entries
.map(([scopeName
, scopeDetails
]) => ([scopeName
, { profiles: scopeDetails
.profiles
}]));
145 * Create a new profilesScopes type object with scrubbed scope details.
146 * @param {ScopeEntry[]} scopesEntries entries
147 * @param {ScopeEntry[]} profilesEntries entries
148 * @returns {object} profilesScopes
150 const _sanitizeProfilesScopes
= (scopesEntries
, profilesEntries
) => {
151 const referencedScopesEntries
= scopesEntries
.filter(([_scopeName
, scopeDetails
]) => scopeDetails
?.profiles
?.length
); // eslint-disable-line no-unused-vars
152 const scrubbedScopesEntries
= _scopeEntriesScrubber(referencedScopesEntries
);
154 const scrubbedProfilesEntries
= profilesEntries
.map(([profileName
, profileScopes
]) => {
155 const profileScopeEntries
= Object
.entries(profileScopes
);
156 const scrubbedProfileScopeEntries
= _scopeEntriesScrubber(profileScopeEntries
);
157 const scrubbedProfileScopes
= Object
.fromEntries(scrubbedProfileScopeEntries
);
158 return [profileName
, scrubbedProfileScopes
];
162 scopeIndex: Object
.fromEntries(scrubbedScopesEntries
),
163 profileScopes: Object
.fromEntries(scrubbedProfilesEntries
),
168 sanitizePostCredential
,
170 reduceScopeVerbosity
,