@@ -13,18 +13,25 @@ import (
1313 "strconv"
1414 "strings"
1515
16- "github.com/snyk/cli/cliv2/internal/cliv2"
17- "github.com/snyk/cli/cliv2/internal/utils"
1816 "github.com/snyk/error-catalog-golang-public/snyk_errors"
1917 "github.com/snyk/go-application-framework/pkg/auth"
2018 "github.com/snyk/go-application-framework/pkg/configuration"
2119 "github.com/snyk/go-application-framework/pkg/local_workflows/config_utils"
2220
21+ "github.com/snyk/cli/cliv2/internal/cliv2"
22+ "github.com/snyk/cli/cliv2/internal/utils"
23+
2324 localworkflows "github.com/snyk/go-application-framework/pkg/local_workflows"
2425 "github.com/snyk/go-application-framework/pkg/networking"
2526 "github.com/snyk/go-application-framework/pkg/networking/fips"
2627)
2728
29+ func redactAuthorizationTokens (token string ) string {
30+ temp := sha256 .Sum256 ([]byte (token ))
31+ tokenShaSum := fmt .Sprintf ("%s***%s" , hex .EncodeToString (temp [0 :4 ]), hex .EncodeToString (temp [12 :16 ]))
32+ return tokenShaSum
33+ }
34+
2835func logHeaderAuthorizationInfo (
2936 config configuration.Configuration ,
3037 networkAccess networking.NetworkAccess ,
@@ -47,18 +54,16 @@ func logHeaderAuthorizationInfo(
4754 if len (splitHeader ) == 2 {
4855 tokenType := splitHeader [0 ]
4956 token := splitHeader [1 ]
50- temp := sha256 .Sum256 ([]byte (token ))
51- tokenShaSum = hex .EncodeToString (temp [0 :16 ]) + "[...]"
57+ tokenShaSum = redactAuthorizationTokens (token )
5258 tokenDetails = fmt .Sprintf (" (type=%s)" , tokenType )
5359 }
5460
5561 if config .GetBool (configuration .FF_OAUTH_AUTH_FLOW_ENABLED ) {
5662 oauthEnabled = "Enabled"
5763 token , err := auth .GetOAuthToken (config )
5864 if token != nil && err == nil {
65+ tokenShaSum = redactAuthorizationTokens (token .AccessToken )
5966 tokenDetails = fmt .Sprintf (" (type=oauth; expiry=%v)" , token .Expiry .UTC ())
60- temp := sha256 .Sum256 ([]byte (token .AccessToken ))
61- tokenShaSum = hex .EncodeToString (temp [0 :16 ]) + "[...]"
6267 }
6368 }
6469
0 commit comments