From ddf39c267be817f3baf85c44b9c84a29f0245ae7 Mon Sep 17 00:00:00 2001 From: tombuildsstuff Date: Mon, 22 Oct 2018 08:46:04 -0700 Subject: [PATCH] Ensuring the Authorization header isn't present in the logs --- azurerm/config.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/azurerm/config.go b/azurerm/config.go index 420af3f3bd7f..db7a8fedb2f1 100644 --- a/azurerm/config.go +++ b/azurerm/config.go @@ -331,6 +331,13 @@ func (c *ArmClient) configureClient(client *autorest.Client, auth autorest.Autho func withRequestLogging() autorest.SendDecorator { return func(s autorest.Sender) autorest.Sender { return autorest.SenderFunc(func(r *http.Request) (*http.Response, error) { + // strip the authorization header prior to printing + authHeaderName := "Authorization" + auth := r.Header.Get(authHeaderName) + if auth != "" { + r.Header.Del(authHeaderName) + } + // dump request to wire format if dump, err := httputil.DumpRequestOut(r, true); err == nil { log.Printf("[DEBUG] AzureRM Request: \n%s\n", dump) @@ -339,6 +346,11 @@ func withRequestLogging() autorest.SendDecorator { log.Printf("[DEBUG] AzureRM Request: %s to %s\n", r.Method, r.URL) } + // add the auth header back + if auth != "" { + r.Header.Add(authHeaderName, auth) + } + resp, err := s.Do(r) if resp != nil { // dump response to wire format