From 4719ec0bf0a10b96ed120b62f279c6af42dab20c Mon Sep 17 00:00:00 2001 From: Lukas Vojt Date: Thu, 15 Aug 2024 12:32:47 +0200 Subject: [PATCH] feat(verbose_logging): exclude auth and headers from logging they can contain secrets or objects that are not serializable --- request_session/request_session.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/request_session/request_session.py b/request_session/request_session.py index 691d9a3..84c0af0 100644 --- a/request_session/request_session.py +++ b/request_session/request_session.py @@ -3,6 +3,7 @@ import re import time from collections import namedtuple +from copy import deepcopy from typing import List # pylint: disable=unused-import from typing import Any, Callable, Dict, Optional, Tuple, Union @@ -41,6 +42,9 @@ class RequestSession(object): server error. Defaults to 0. :param bool verbose_logging: (optional) If true, add request's parameters to event being logged. Defaults to ``False``. + :param tuple request_param_logging_blacklist: (optional) + Request params keys that won't be logged with verbose_logging. + e.g. auth or header keys might contain secrets. Defaults to ``("auth", "headers")``. :param str request_category: (optional) Name of the event. ``request_category`` has to passed to the object or as an argument when calling some HTTP method. :param bool raise_for_status: (optional) Raise an exception in case of an error. @@ -73,6 +77,7 @@ def __init__( verify=True, # type: Union[bool, str] max_retries=0, # type: int verbose_logging=False, # type: bool + request_param_logging_blacklist=None, # type: Optional[Tuple[str]] headers=None, # type: Optional[Dict] request_category=None, # type: Optional[str] raise_for_status=True, # type: bool @@ -102,6 +107,7 @@ def __init__( self.verify = verify self.max_retries = max_retries self.verbose_logging = verbose_logging + self.request_param_logging_blacklist = request_param_logging_blacklist or ("auth", "headers") self.headers = headers self.request_category = request_category self.raise_for_status = raise_for_status @@ -471,7 +477,11 @@ def _log_with_params( """ extra_params = ( { - "request_params": json.dumps(request_params), + "request_params": { + k: v + for k, v in deepcopy(request_params).items() + if k not in self.request_param_logging_blacklist + }, "response_text": self.get_response_text(response), } if self.verbose_logging