killbill-uncached
Changes
profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/ObfuscatorConverter.java 22(+15 -7)
profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/PatternObfuscator.java 23(+16 -7)
Details
diff --git a/profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/ObfuscatorConverter.java b/profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/ObfuscatorConverter.java
index 6e522d6..a45d67e 100644
--- a/profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/ObfuscatorConverter.java
+++ b/profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/ObfuscatorConverter.java
@@ -17,14 +17,16 @@
package org.killbill.billing.server.log.obfuscators;
+import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collection;
import ch.qos.logback.classic.pattern.ClassicConverter;
import ch.qos.logback.classic.spi.ILoggingEvent;
-import com.google.common.collect.ImmutableList;
/**
- * ObfuscatorConverter attempts to mask sensitive data in the log files.
+ * ObfuscatorConverter attempts to mask sensitive data in the log files. Extra parameters can be passed to the
+ * converter and the underlying obsfucators by adding arguments behind maskedMsg like the example shown below.
* <p/>
* To use, define a new conversion word in your Logback configuration, e.g.:
* <pre>
@@ -33,7 +35,7 @@ import com.google.common.collect.ImmutableList;
* converterClass="org.killbill.billing.server.log.obfuscators.ObfuscatorConverter" />
* <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
* <encoder>
- * <pattern>%date [%thread] - %maskedMsg%n</pattern>
+ * <pattern>%date [%thread] - %maskedMsg{param1, param2, ...}%n</pattern>
* </encoder>
* </appender>
* <root level="DEBUG">
@@ -44,10 +46,16 @@ import com.google.common.collect.ImmutableList;
*/
public class ObfuscatorConverter extends ClassicConverter {
- private final Collection<Obfuscator> obfuscators = ImmutableList.<Obfuscator>of(new ConfigMagicObfuscator(),
- new LoggingFilterObfuscator(),
- new PatternObfuscator(),
- new LuhnMaskingObfuscator());
+ private final Collection<Obfuscator> obfuscators = new ArrayList<Obfuscator>();
+
+ @Override
+ public void start() {
+ obfuscators.addAll(Arrays.asList(new ConfigMagicObfuscator(),
+ new LoggingFilterObfuscator(),
+ new PatternObfuscator(getOptionList()),
+ new LuhnMaskingObfuscator()));
+ super.start();
+ }
@Override
public String convert(final ILoggingEvent event) {
diff --git a/profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/PatternObfuscator.java b/profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/PatternObfuscator.java
index a850c5b..df4887a 100644
--- a/profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/PatternObfuscator.java
+++ b/profiles/killbill/src/main/java/org/killbill/billing/server/log/obfuscators/PatternObfuscator.java
@@ -17,6 +17,7 @@
package org.killbill.billing.server.log.obfuscators;
+import java.util.ArrayList;
import java.util.Collection;
import java.util.LinkedList;
import java.util.regex.Pattern;
@@ -27,7 +28,7 @@ import com.google.common.collect.ImmutableList;
public class PatternObfuscator extends Obfuscator {
// Hide by default sensitive bank, PCI and PII data. For PANs, see LuhnMaskingObfuscator
- private static final String[] DEFAULT_SENSITIVE_KEYS = {
+ private static final Collection<String> DEFAULT_SENSITIVE_KEYS = ImmutableList.of(
"accountnumber",
"authenticationdata",
"bankaccountnumber",
@@ -49,19 +50,27 @@ public class PatternObfuscator extends Obfuscator {
"name",
"number",
"password",
- "xid"
- };
+ "xid");
private final Collection<Pattern> patterns = new LinkedList<Pattern>();
public PatternObfuscator() {
- this(ImmutableList.<Pattern>of());
+ this(ImmutableList.<Pattern>of(), ImmutableList.<String>of());
}
- public PatternObfuscator(final Collection<Pattern> extraPatterns) {
+ public PatternObfuscator(final Collection<String> extraKeywords) {
+ this(ImmutableList.<Pattern>of(), extraKeywords);
+ }
+
+ public PatternObfuscator(final Collection<Pattern> extraPatterns, final Collection<String> extraKeywords) {
super();
+ Collection<String> keywords = new ArrayList<String>();
+ keywords.addAll(DEFAULT_SENSITIVE_KEYS);
+ if (extraKeywords != null) {
+ keywords.addAll(extraKeywords);
+ }
- for (final String sensitiveKey : DEFAULT_SENSITIVE_KEYS) {
+ for (final String sensitiveKey : keywords) {
this.patterns.add(buildJSONPattern(sensitiveKey));
this.patterns.add(buildXMLPattern(sensitiveKey));
this.patterns.add(buildMultiValuesXMLPattern(sensitiveKey));
@@ -81,7 +90,7 @@ public class PatternObfuscator extends Obfuscator {
}
private Pattern buildXMLPattern(final String key) {
- return Pattern.compile(key + ">([^<\\n]+)</[^<>]*" + key + ">", DEFAULT_PATTERN_FLAGS);
+ return Pattern.compile(key + "(?:\\s+.*?)?>([^<\\n]+)</[^<>]*" + key + ">", DEFAULT_PATTERN_FLAGS);
}
private Pattern buildMultiValuesXMLPattern(final String key) {
diff --git a/profiles/killbill/src/test/java/org/killbill/billing/server/log/obfuscators/TestObfuscatorConverter.java b/profiles/killbill/src/test/java/org/killbill/billing/server/log/obfuscators/TestObfuscatorConverter.java
index 4d54512..ba4aa74 100644
--- a/profiles/killbill/src/test/java/org/killbill/billing/server/log/obfuscators/TestObfuscatorConverter.java
+++ b/profiles/killbill/src/test/java/org/killbill/billing/server/log/obfuscators/TestObfuscatorConverter.java
@@ -17,12 +17,15 @@
package org.killbill.billing.server.log.obfuscators;
+import java.util.List;
+
import org.killbill.billing.server.log.ServerTestSuiteNoDB;
import org.mockito.Mockito;
import org.testng.Assert;
import org.testng.annotations.Test;
import ch.qos.logback.classic.spi.ILoggingEvent;
+import com.google.common.collect.ImmutableList;
public class TestObfuscatorConverter extends ServerTestSuiteNoDB {
@@ -60,11 +63,52 @@ public class TestObfuscatorConverter extends ServerTestSuiteNoDB {
"</gateway>");
}
+ @Test(groups = "fast")
+ public void testLogSensitiveDataWithExtraKeywords() throws Exception {
+ verifyWithExtendedPatternObfuscator("Starting purchase call: \n" +
+ "<gateway>\n" +
+ "<card>4111111111111111</card>\n" +
+ "<address1>790 test blvd</address1>\n" +
+ "<bankAccountNumber>482391823</bankAccountNumber>\n" +
+ "<password>supersecret</password>\n" +
+ "</gateway>",
+ "Starting purchase call: \n" +
+ "<gateway>\n" +
+ "<card>411111******1111</card>\n" +
+ "<address1>*************</address1>\n" +
+ "<bankAccountNumber>*********</bankAccountNumber>\n" +
+ "<password>***********</password>\n" +
+ "</gateway>");
+ }
+
private void verify(final String input, final String output) {
final ILoggingEvent event = Mockito.mock(ILoggingEvent.class);
Mockito.when(event.getFormattedMessage()).thenReturn(input);
+ converter.start();
final String obfuscated = converter.convert(event);
Assert.assertEquals(obfuscated, output, obfuscated);
}
+
+ private void verifyWithExtendedPatternObfuscator(final String input, final String output) {
+ final ExtendedObfuscatorConverter extendedConverter = new ExtendedObfuscatorConverter();
+ final ILoggingEvent event = Mockito.mock(ILoggingEvent.class);
+ Mockito.when(event.getFormattedMessage()).thenReturn(input);
+
+ extendedConverter.start();
+ final String obfuscated = extendedConverter.convert(event);
+ Assert.assertEquals(obfuscated, output, obfuscated);
+ }
+
+ class ExtendedObfuscatorConverter extends ObfuscatorConverter {
+ @Override
+ public void start() {
+ super.start();
+ }
+
+ @Override
+ public List<String> getOptionList() {
+ return ImmutableList.of("address1");
+ }
+ }
}
diff --git a/profiles/killbill/src/test/java/org/killbill/billing/server/log/obfuscators/TestPatternObfuscator.java b/profiles/killbill/src/test/java/org/killbill/billing/server/log/obfuscators/TestPatternObfuscator.java
index 934b81e..ecc3cf3 100644
--- a/profiles/killbill/src/test/java/org/killbill/billing/server/log/obfuscators/TestPatternObfuscator.java
+++ b/profiles/killbill/src/test/java/org/killbill/billing/server/log/obfuscators/TestPatternObfuscator.java
@@ -59,6 +59,29 @@ public class TestPatternObfuscator extends ServerTestSuiteNoDB {
}
@Test(groups = "fast")
+ public void testXmlWithAttributesOnTheKey() throws Exception {
+ verify("<PayerInfo xsi:type=\"ebl:PayerInfoType\">\n" +
+ "<accountnumber xsi:type=\"ebl:EmailAddressType\">michaelhk@gmail.com</accountnumber>\n" +
+ "<PayerID xsi:type=\"ebl:UserIDType\">ZZS5TS7FD7MRA</PayerID>\n" +
+ "<PayerStatus xsi:type=\"ebl:PayPalUserStatusCodeType\">verified</PayerStatus>\n" +
+ "<PayerName xsi:type=\"ebl:PersonNameType\">\n" +
+ "<Salutation xmlns=\"urn:ebay:apis:eBLBaseComponents\"></Salutation>\n" +
+ "<ccFirstName xmlns=\"urn:ebay:apis:eBLBaseComponents\">Michael</ccFirstName>\n" +
+ "<MiddleName xmlns=\"urn:ebay:apis:eBLBaseComponents\"></MiddleName>\n" +
+ "<ccLastName xmlns=\"urn:ebay:apis:eBLBaseComponents\">Henrick</ccLastName>",
+
+ "<PayerInfo xsi:type=\"ebl:PayerInfoType\">\n" +
+ "<accountnumber xsi:type=\"ebl:EmailAddressType\">*******************</accountnumber>\n" +
+ "<PayerID xsi:type=\"ebl:UserIDType\">ZZS5TS7FD7MRA</PayerID>\n" +
+ "<PayerStatus xsi:type=\"ebl:PayPalUserStatusCodeType\">verified</PayerStatus>\n" +
+ "<PayerName xsi:type=\"ebl:PersonNameType\">\n" +
+ "<Salutation xmlns=\"urn:ebay:apis:eBLBaseComponents\"></Salutation>\n" +
+ "<ccFirstName xmlns=\"urn:ebay:apis:eBLBaseComponents\">*******</ccFirstName>\n" +
+ "<MiddleName xmlns=\"urn:ebay:apis:eBLBaseComponents\"></MiddleName>\n" +
+ "<ccLastName xmlns=\"urn:ebay:apis:eBLBaseComponents\">*******</ccLastName>");
+ }
+
+ @Test(groups = "fast")
public void testCyberSource() throws Exception {
verify("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
"<s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\">\n" +