You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@usergrid.apache.org by senthilkumar-kj <gi...@git.apache.org> on 2015/04/22 20:40:49 UTC

[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...

GitHub user senthilkumar-kj opened a pull request:

    https://github.com/apache/incubator-usergrid/pull/237

    [USERGRID-572] - ignore sensitive params from QP in response params

    Added a set of params to be ignored in response. Following params will be ignored. 
    
    client_id, client_secret, password, username, access_token, client_credentials, fb_access_token,
    fq_access_token, ping_access_token, token
    
    Please let me know if this is okay, I'll make the change on master as well and send another PR.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/senthilkumar-kj/incubator-usergrid usergrid_572

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-usergrid/pull/237.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #237
    
----
commit 072e2d4f9dd15c1f859ee110b3997f6e8d79c256
Author: Senthil Kumar K <se...@gmail.com>
Date:   2015-04-22T18:38:38Z

    [USERGRID-572] - ignore sensitive params from QP in response params

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...

Posted by tnine <gi...@git.apache.org>.

Github user tnine commented on the pull request:

    https://github.com/apache/incubator-usergrid/pull/237#issuecomment-96728756
  
    This change looks good.  Have we tested the /management/token endpoint still works, and this doesn't filter the response of the token?
    



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...

Posted by GERey <gi...@git.apache.org>.

Github user GERey commented on the pull request:

    https://github.com/apache/incubator-usergrid/pull/237#issuecomment-130464629
  
    Merged! Thanks! 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...

Posted by senthilkumar-kj <gi...@git.apache.org>.

Github user senthilkumar-kj commented on the pull request:

    https://github.com/apache/incubator-usergrid/pull/237#issuecomment-96836395
  
    hi @tnine, thanks. Yes, below is the sample response from my local for /management/token from this branch.
    `{"access_token":"YWMt7PWgyu0pEeSTdqWreOhXCQAAAU0g-RjMu6uxqhC27NA6QeT7uymKY9mtDws","expires_in":604800,"passwordChanged":1430169926300,"user":{"htmldisplayEmailAddress":"Super User &lt;<a href=\"mailto:sk@apigee.com\">sk@apigee.com</a>&gt;","confirmed":true,"uuid":"ebafc20a-ed23-11e4-a91e-3dce26486f4a","adminUser":false,"name":"Super User","displayEmailAddress":"Super User <sk...@apigee.com>","organizations":{"test-organization":{"name":"test-organization","uuid":"e950272a-ed23-11e4-ab55-b305ff94a978","properties":{},"users":{"test":{"applicationId":"b6768a08-b5d5-11e3-a495-11ddb1de66c8","username":"test","name":"Test User","email":"sk+test@apigee.com","activated":true,"confirmed":true,"disabled":false,"properties":{},"uuid":"e93ced4a-ed23-11e4-83f2-994281ced39c","adminUser":false,"displayEmailAddress":"Test User <sk...@apigee.com>","htmldisplayEmailAddress":"Test User &lt;<a href=\"mailto:sk+test@apigee.com\">sk+test@apigee.com</a>&gt;"}},"applications":{"test-organization/test-a
 pp":"eb8f41b5-ed23-11e4-80a5-ea7efd0d88e1"}}},"disabled":false,"applicationId":"b6768a08-b5d5-11e3-a495-11ddb1de66c8","email":"sk@apigee.com","properties":{},"username":"superuser","activated":true}}
    `
    The change affects only the apis which sends back the QPs in response with params json element.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/incubator-usergrid/pull/237


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---