From a97fb5df2f6fb1d27754f0235b0f23f556a2d170 Mon Sep 17 00:00:00 2001
From: Collin Duncan <3679940+cgduncan7@users.noreply.github.com>
Date: Sun, 27 Nov 2022 16:09:30 +0100
Subject: [PATCH] Obfuscating password from logs

---
 src/common/logger.ts         |  8 ++++++++
 src/common/scheduler.ts      |  1 -
 tests/common/logger.test.ts  | 25 +++++++++++++++++++++++++
 tests/common/request.test.ts |  1 -
 4 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/src/common/logger.ts b/src/common/logger.ts
index 6f8bf61..ecaa662 100644
--- a/src/common/logger.ts
+++ b/src/common/logger.ts
@@ -75,6 +75,14 @@ export class LoggerInstance {
       message,
     ]
     if (details) {
+      if (typeof details === 'object') {
+        const toObfuscate = ['password']
+        toObfuscate.forEach((key) => {
+          if ((details as Record<string, unknown>)[key]) {
+            (details as Record<string, unknown>)[key] = '***'
+          }
+        })
+      }
       params.push(details)
       fmtString += ' - %O'
     }
diff --git a/src/common/scheduler.ts b/src/common/scheduler.ts
index f792644..5989b4e 100644
--- a/src/common/scheduler.ts
+++ b/src/common/scheduler.ts
@@ -21,7 +21,6 @@ export const work = async (
 ): Promise<SchedulerResult> => {
   Logger.instantiate('scheduler', v4(), LogLevel.DEBUG)
 
-  // TODO: obfuscate payload
   Logger.debug('Handling reservation', { payload })
   let reservation: Reservation
   try {
diff --git a/tests/common/logger.test.ts b/tests/common/logger.test.ts
index 502fce1..10a849a 100644
--- a/tests/common/logger.test.ts
+++ b/tests/common/logger.test.ts
@@ -1,6 +1,10 @@
 import { Logger, LogLevel } from '../../src/common/logger'
 
 describe('Logger', () => {
+  beforeEach(() => {
+    jest.resetAllMocks()
+  })
+
   test('should create a single instance of LoggerInstance', () => {
     const a = Logger.instantiate('tag', 'abc', LogLevel.DEBUG)
     const b = Logger.getInstance()
@@ -56,4 +60,25 @@ describe('Logger', () => {
 
     expect(consoleLogSpy).not.toHaveBeenCalled()
   })
+
+  test('should obfuscate password from message', () => {
+    const consoleLogSpy = jest.fn()
+    const consoleErrorSpy = jest.fn()
+    jest.spyOn(console, 'log').mockImplementation(consoleLogSpy)
+    jest.spyOn(console, 'error').mockImplementation(consoleErrorSpy)
+
+    Logger.instantiate('tag', 'abc', LogLevel.DEBUG)
+    Logger.info('first', { password: 'test' })
+
+    expect(consoleLogSpy).toHaveBeenCalledTimes(1)
+    expect(consoleLogSpy).toHaveBeenNthCalledWith(
+      1,
+      '<%s> [%s] %s: %s - %O',
+      'tag',
+      'abc',
+      'INFO',
+      'first',
+      { password: '***'},
+    )
+  })
 })
diff --git a/tests/common/request.test.ts b/tests/common/request.test.ts
index e556c2a..c838a79 100644
--- a/tests/common/request.test.ts
+++ b/tests/common/request.test.ts
@@ -3,7 +3,6 @@ import dayjs from 'dayjs'
 import {
   validateJSONRequest,
   ValidationError,
-  ValidationErrorCode,
 } from '../../src/common/request'
 
 describe('request', () => {