This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
commit 3ed7872556e4981a5ec1f3e0924418569c779aae
Author: Marcus Christie <machris...@apache.org>
AuthorDate: Mon May 11 11:22:24 2020 -0400
AIRAVATA-3331 Mask sensitive login variables out of error emails
---
django_airavata/apps/auth/backends.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/django_airavata/apps/auth/backends.py
b/django_airavata/apps/auth/backends.py
index fc495c4..ba6d1b9 100644
--- a/django_airavata/apps/auth/backends.py
+++ b/django_airavata/apps/auth/backends.py
@@ -17,7 +17,11 @@ logger = logging.getLogger(__name__)
class KeycloakBackend(object):
"""Django authentication backend for Keycloak."""
- @sensitive_variables('password')
+ # mask all local variables from error emails since they contain the user's
+ # password and/or client_secret. Note, we could selectively just hide
+ # variables that are sensitive, but this decorator doesn't apply explicitly
+ # listed variable masking to library function calls
+ @sensitive_variables()
def authenticate(self,
request=None,
username=None,
