github/sprockets-postgres
1
0
Fork 0
mirror of https://github.com/sprockets/sprockets-postgres.git synced 2024-09-21 10:10:57 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #4 from bkorty/obscure-password

Browse source 
Obscure password
This commit is contained in:
Gavin M. Roy 2020-09-01 14:47:35 -04:00 committed by GitHub
commit 69b806f9b3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 34 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
VERSION
View file

@ -1 +1 @@
1.4.0 1.4.1

20
sprockets_postgres.py
View file

@ -444,7 +444,9 @@ class ApplicationMixin:
if self._postgres_pool: if self._postgres_pool:
self._postgres_pool.close() self._postgres_pool.close()
LOGGER.debug('Connecting to %s', url) safe_url = self._obscure_url_password(url)
LOGGER.debug('Connecting to %s', safe_url)
try: try:
self._postgres_pool = await pool.Pool.from_pool_fill( self._postgres_pool = await pool.Pool.from_pool_fill(
url, url,
@ -475,13 +477,25 @@ class ApplicationMixin:
DEFAULT_POSTGRES_CONNECTION_TTL))) DEFAULT_POSTGRES_CONNECTION_TTL)))
except (psycopg2.OperationalError, except (psycopg2.OperationalError,
psycopg2.Error) as error: # pragma: nocover psycopg2.Error) as error: # pragma: nocover
LOGGER.warning('Error connecting to PostgreSQL on startup: %s', LOGGER.warning(
error) 'Error connecting to PostgreSQL on startup with %s: %s',
safe_url, error)
return False return False
self._postgres_connected.set() self._postgres_connected.set()
LOGGER.debug('Connected to Postgres') LOGGER.debug('Connected to Postgres')
return True return True
@staticmethod
def _obscure_url_password(url):
"""Generate log safe url with password obscured."""
parsed = parse.urlparse(url)
if parsed.password:
netloc = '{}:*****@{}:{}'.format(parsed.username,
parsed.hostname,
parsed.port)
url = parse.urlunparse(parsed._replace(netloc=netloc))
return url
async def _postgres_on_start(self, async def _postgres_on_start(self,
_app: web.Application, _app: web.Application,
loop: ioloop.IOLoop): loop: ioloop.IOLoop):

16
tests.py
View file

@ -579,6 +579,22 @@ class MissingURLTestCase(unittest.TestCase):
obj.stop.assert_called_once() obj.stop.assert_called_once()
class ObscurePasswordUrlTestCase(unittest.TestCase):
def test_passwords_obscured(self):
for url, expected in {
'postgresql://server:5432/database':
'postgresql://server:5432/database',
'postgresql://username:password@server:5432/database':
'postgresql://username:*****@server:5432/database',
'postgresql://username@server/database':
'postgresql://username@server/database'
}.items():
result = \
sprockets_postgres.ApplicationMixin._obscure_url_password(url)
self.assertEqual(result, expected)
SRV = collections.namedtuple( SRV = collections.namedtuple(
'SRV', ['host', 'port', 'priority', 'weight', 'ttl']) 'SRV', ['host', 'port', 'priority', 'weight', 'ttl'])