You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Adam Clarke <cl...@gmail.com> on 2012/06/26 20:50:00 UTC
Review Request: Additional OAuth2 Logging Filters
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5592/
-----------------------------------------------------------
Review request for shindig, Stanton Sievers and Brian Lillie.
Description
-------
Adds additional filters for client_secret and refresh_token, which could be considered passwords and shouldn't be logged.
This addresses bug SHINDIG-1813.
https://issues.apache.org/jira/browse/SHINDIG-1813
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java 1354123
Diff: https://reviews.apache.org/r/5592/diff/
Testing
-------
all units pass
Thanks,
Adam Clarke
Re: Review Request: Additional OAuth2 Logging Filters
Posted by Dan Dumont <dd...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5592/#review8624
-----------------------------------------------------------
Ship it!
Ship It!
- Dan Dumont
On June 26, 2012, 6:50 p.m., Adam Clarke wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/5592/
> -----------------------------------------------------------
>
> (Updated June 26, 2012, 6:50 p.m.)
>
>
> Review request for shindig, Stanton Sievers and Brian Lillie.
>
>
> Description
> -------
>
> Adds additional filters for client_secret and refresh_token, which could be considered passwords and shouldn't be logged.
>
>
> This addresses bug SHINDIG-1813.
> https://issues.apache.org/jira/browse/SHINDIG-1813
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java 1354123
>
> Diff: https://reviews.apache.org/r/5592/diff/
>
>
> Testing
> -------
>
> all units pass
>
>
> Thanks,
>
> Adam Clarke
>
>
Re: Review Request: Additional OAuth2 Logging Filters
Posted by Brian Lillie <br...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5592/#review8632
-----------------------------------------------------------
We are already converting the message parameters from the original object to a String here .. wondering whether we should be converting from null to an empty string, when ordinarily I believe null would changed to be "null"
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java
<https://reviews.apache.org/r/5592/#comment18267>
Seems like this could be removed, and filterSecrets used where filteredMsg is called. filteredParam uses filterSecrets directly, but filteredParams does the extra indirect to filteredMsg
- Brian Lillie
On June 26, 2012, 6:50 p.m., Adam Clarke wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/5592/
> -----------------------------------------------------------
>
> (Updated June 26, 2012, 6:50 p.m.)
>
>
> Review request for shindig, Stanton Sievers and Brian Lillie.
>
>
> Description
> -------
>
> Adds additional filters for client_secret and refresh_token, which could be considered passwords and shouldn't be logged.
>
>
> This addresses bug SHINDIG-1813.
> https://issues.apache.org/jira/browse/SHINDIG-1813
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java 1354123
>
> Diff: https://reviews.apache.org/r/5592/diff/
>
>
> Testing
> -------
>
> all units pass
>
>
> Thanks,
>
> Adam Clarke
>
>
Re: Review Request: Additional OAuth2 Logging Filters
Posted by Stanton Sievers <si...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5592/#review8657
-----------------------------------------------------------
Adam, I'm seeing some test failures when I applied and built this patch. Can you check them out?
Failed tests:
testFilterSecrets_2(org.apache.shindig.gadgets.oauth2.logger.FilteredLoggerTest): expected:<> but was:<null>
testFilterSecrets_5(org.apache.shindig.gadgets.oauth2.logger.FilteredLoggerTest): expected:<[]REMOVED> but was:<[Authorization:]REMOVED>
- Stanton Sievers
On June 27, 2012, 12:02 p.m., Adam Clarke wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/5592/
> -----------------------------------------------------------
>
> (Updated June 27, 2012, 12:02 p.m.)
>
>
> Review request for shindig, Stanton Sievers and Brian Lillie.
>
>
> Description
> -------
>
> Adds additional filters for client_secret and refresh_token, which could be considered passwords and shouldn't be logged.
>
>
> This addresses bug SHINDIG-1813.
> https://issues.apache.org/jira/browse/SHINDIG-1813
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java 1354123
>
> Diff: https://reviews.apache.org/r/5592/diff/
>
>
> Testing
> -------
>
> all units pass
>
>
> Thanks,
>
> Adam Clarke
>
>
Re: Review Request: Additional OAuth2 Logging Filters
Posted by Stanton Sievers <si...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5592/#review8752
-----------------------------------------------------------
Ship it!
Committed revision 1355472. Please close this review.
- Stanton Sievers
On June 29, 2012, 1:12 p.m., Adam Clarke wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/5592/
> -----------------------------------------------------------
>
> (Updated June 29, 2012, 1:12 p.m.)
>
>
> Review request for shindig, Stanton Sievers and Brian Lillie.
>
>
> Description
> -------
>
> Adds additional filters for client_secret and refresh_token, which could be considered passwords and shouldn't be logged.
>
>
> This addresses bug SHINDIG-1813.
> https://issues.apache.org/jira/browse/SHINDIG-1813
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java 1355349
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLoggerTest.java 1355349
>
> Diff: https://reviews.apache.org/r/5592/diff/
>
>
> Testing
> -------
>
> all units pass
>
>
> Thanks,
>
> Adam Clarke
>
>
Re: Review Request: Additional OAuth2 Logging Filters
Posted by Adam Clarke <cl...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5592/
-----------------------------------------------------------
(Updated June 29, 2012, 1:12 p.m.)
Review request for shindig, Stanton Sievers and Brian Lillie.
Changes
-------
Fixes test cases.
Description
-------
Adds additional filters for client_secret and refresh_token, which could be considered passwords and shouldn't be logged.
This addresses bug SHINDIG-1813.
https://issues.apache.org/jira/browse/SHINDIG-1813
Diffs (updated)
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java 1355349
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLoggerTest.java 1355349
Diff: https://reviews.apache.org/r/5592/diff/
Testing
-------
all units pass
Thanks,
Adam Clarke
Re: Review Request: Additional OAuth2 Logging Filters
Posted by Brian Lillie <br...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5592/#review8654
-----------------------------------------------------------
Ship it!
LGTM
- Brian Lillie
On June 27, 2012, 12:02 p.m., Adam Clarke wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/5592/
> -----------------------------------------------------------
>
> (Updated June 27, 2012, 12:02 p.m.)
>
>
> Review request for shindig, Stanton Sievers and Brian Lillie.
>
>
> Description
> -------
>
> Adds additional filters for client_secret and refresh_token, which could be considered passwords and shouldn't be logged.
>
>
> This addresses bug SHINDIG-1813.
> https://issues.apache.org/jira/browse/SHINDIG-1813
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java 1354123
>
> Diff: https://reviews.apache.org/r/5592/diff/
>
>
> Testing
> -------
>
> all units pass
>
>
> Thanks,
>
> Adam Clarke
>
>
Re: Review Request: Additional OAuth2 Logging Filters
Posted by Adam Clarke <cl...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5592/
-----------------------------------------------------------
(Updated June 27, 2012, 12:02 p.m.)
Review request for shindig, Stanton Sievers and Brian Lillie.
Changes
-------
Addresses Brian's comment.
Description
-------
Adds additional filters for client_secret and refresh_token, which could be considered passwords and shouldn't be logged.
This addresses bug SHINDIG-1813.
https://issues.apache.org/jira/browse/SHINDIG-1813
Diffs (updated)
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/logger/FilteredLogger.java 1354123
Diff: https://reviews.apache.org/r/5592/diff/
Testing
-------
all units pass
Thanks,
Adam Clarke