roded created JCLOUDS-1562:
------------------------------
Summary: AuthorizationApi.authorizeClientSecret errors can expose
sensitive credentials via exceptions
Key: JCLOUDS-1562
URL: https://issues.apache.org/jira/browse/JCLOUDS-1562
Project: jclouds
Issue Type: Bug
Affects Versions: 2.2.0
Reporter: roded
When an exception occurs during the AuthorizationApi.authorizeClientSecret
call, the resulting exception contains both the client ID and the client
secret. These should be considered to contain sensitive information which
should not be printable to the log.
The exception looks something like this:
I'm currently running this using a fork of JClouds which includes a local
azureoauth2 module. However, I believe the same will result for any users of
the apis.oauth module.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
