Show More
@@ -23,6 +23,7 b' Authentication modules' | |||||
23 | """ |
|
23 | """ | |
24 |
|
24 | |||
25 | import colander |
|
25 | import colander | |
|
26 | import copy | |||
26 | import logging |
|
27 | import logging | |
27 | import time |
|
28 | import time | |
28 | import traceback |
|
29 | import traceback | |
@@ -109,6 +110,10 b' class RhodeCodeAuthPluginBase(object):' | |||||
109 | colander.List: 'list', |
|
110 | colander.List: 'list', | |
110 | } |
|
111 | } | |
111 |
|
112 | |||
|
113 | # list of keys in settings that are unsafe to be logged, should be passwords | |||
|
114 | # or other crucial credentials | |||
|
115 | _settings_unsafe_keys = [] | |||
|
116 | ||||
112 | def __init__(self, plugin_id): |
|
117 | def __init__(self, plugin_id): | |
113 | self._plugin_id = plugin_id |
|
118 | self._plugin_id = plugin_id | |
114 |
|
119 | |||
@@ -199,13 +204,23 b' class RhodeCodeAuthPluginBase(object):' | |||||
199 | settings[node.name] = self.get_setting_by_name(node.name) |
|
204 | settings[node.name] = self.get_setting_by_name(node.name) | |
200 | return settings |
|
205 | return settings | |
201 |
|
206 | |||
|
207 | def log_safe_settings(self, settings): | |||
|
208 | """ | |||
|
209 | returns a log safe representation of settings, without any secrets | |||
|
210 | """ | |||
|
211 | settings_copy = copy.deepcopy(settings) | |||
|
212 | for k in self._settings_unsafe_keys: | |||
|
213 | if k in settings_copy: | |||
|
214 | del settings_copy[k] | |||
|
215 | return settings_copy | |||
|
216 | ||||
202 | @property |
|
217 | @property | |
203 | def validators(self): |
|
218 | def validators(self): | |
204 | """ |
|
219 | """ | |
205 | Exposes RhodeCode validators modules |
|
220 | Exposes RhodeCode validators modules | |
206 | """ |
|
221 | """ | |
207 | # this is a hack to overcome issues with pylons threadlocals and |
|
222 | # this is a hack to overcome issues with pylons threadlocals and | |
208 |
# translator object _() not be |
|
223 | # translator object _() not being registered properly. | |
209 | class LazyCaller(object): |
|
224 | class LazyCaller(object): | |
210 | def __init__(self, name): |
|
225 | def __init__(self, name): | |
211 | self.validator_name = name |
|
226 | self.validator_name = name | |
@@ -557,7 +572,8 b' def authenticate(username, password, env' | |||||
557 |
|
572 | |||
558 | # load plugin settings from RhodeCode database |
|
573 | # load plugin settings from RhodeCode database | |
559 | plugin_settings = plugin.get_settings() |
|
574 | plugin_settings = plugin.get_settings() | |
560 | log.debug('Plugin settings:%s', plugin_settings) |
|
575 | plugin_sanitized_settings = plugin.log_safe_settings(plugin_settings) | |
|
576 | log.debug('Plugin settings:%s', plugin_sanitized_settings) | |||
561 |
|
577 | |||
562 | log.debug('Trying authentication using ** %s **', plugin.get_id()) |
|
578 | log.debug('Trying authentication using ** %s **', plugin.get_id()) | |
563 | # use plugin's method of user extraction. |
|
579 | # use plugin's method of user extraction. |
General Comments 0
You need to be logged in to leave comments.
Login now