Obscure password in debug logs.

Obscure password in the postgres connection DSN when logging in debug mode. Will also not print the DSN with obscured password when failing to connect at start up.
2024-11-13 03:00:19 +00:00 · 2020-09-01 10:55:06 -04:00 · 2020-09-01 10:55:06 -04:00 · 893308e340
commit 893308e340
parent ce6e2ecee7
2 changed files with 33 additions and 3 deletions
--- a/sprockets_postgres.py
+++ b/sprockets_postgres.py
@ -444,7 +444,9 @@ class ApplicationMixin:
        if self._postgres_pool:
            self._postgres_pool.close()

-        LOGGER.debug('Connecting to %s', url)
+        safe_url = self._obscure_url_password(url)
+        LOGGER.debug('Connecting to %s', safe_url)
+
        try:
            self._postgres_pool = await pool.Pool.from_pool_fill(
                url,
@ -475,13 +477,25 @@ class ApplicationMixin:
                        DEFAULT_POSTGRES_CONNECTION_TTL)))
        except (psycopg2.OperationalError,
                psycopg2.Error) as error:  # pragma: nocover
-            LOGGER.warning('Error connecting to PostgreSQL on startup: %s',
-                           error)
+            LOGGER.warning(
+                'Error connecting to PostgreSQL on startup with %s: %s',
+                safe_url, error)
            return False
        self._postgres_connected.set()
        LOGGER.debug('Connected to Postgres')
        return True

+    @staticmethod
+    def _obscure_url_password(url):
+        """Generate log safe url with password obscured."""
+        parsed = parse.urlparse(url)
+        if parsed.password:
+            netloc = '{}:*****@{}:{}'.format(parsed.username,
+                                             parsed.hostname,
+                                             parsed.port)
+            url = parse.urlunparse(parsed._replace(netloc=netloc))
+        return url
+
    async def _postgres_on_start(self,
                                 _app: web.Application,
                                 loop: ioloop.IOLoop):
--- a/tests.py
+++ b/tests.py
@ -579,6 +579,22 @@ class MissingURLTestCase(unittest.TestCase):
        obj.stop.assert_called_once()


+class ObscurePasswordUrlTestCase(unittest.TestCase):
+
+    def test_passwords_obscured(self):
+        for url, expected in {
+            'postgresql://server:5432/database':
+                'postgresql://server:5432/database',
+            'postgresql://username:password@server:5432/database':
+                'postgresql://username:*****@server:5432/database',
+            'postgresql://username@server/database':
+                'postgresql://username@server/database'
+        }.items():
+            result = \
+                sprockets_postgres.ApplicationMixin._obscure_url_password(url)
+            self.assertEqual(result, expected)
+
+
 SRV = collections.namedtuple(
    'SRV', ['host', 'port', 'priority', 'weight', 'ttl'])