Skip to content

Commit 0fb60e4

Browse files
Colin-bColin-b
committed
Do not leak tokens in debug logs
1 parent e184b7f commit 0fb60e4

File tree

2 files changed

+3
-2
lines changed

2 files changed

+3
-2
lines changed

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
2020
### Fixed
2121
- Type information is now provided following [PEP 561](https://www.python.org/dev/peps/pep-0561/).
2222
- Remove deprecation warnings due to usage of `utcnow` and `utcfromtimestamp`.
23+
- Tokens cache `DEBUG` logs will not display tokens anymore.
2324

2425
### Removed
2526
- Removing support for Python `3.7`.

requests_auth/_oauth2/tokens.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,7 @@ def _add_token(
9797
self.tokens[key] = token, expiry, refresh_token
9898
self._save_tokens()
9999
logger.debug(
100-
f'Inserting token expiring on {datetime.datetime.fromtimestamp(expiry, datetime.timezone.utc)} with "{key}" key: {token}'
100+
f'Inserting token expiring on {datetime.datetime.fromtimestamp(expiry, datetime.timezone.utc)} with "{key}" key.'
101101
)
102102

103103
def get_token(
@@ -184,7 +184,7 @@ def get_token(
184184
return bearer
185185

186186
logger.debug(
187-
f"User was not authenticated: key {key} cannot be found in {self.tokens}."
187+
f"User was not authenticated: key {key} cannot be found in {list(self.tokens)}."
188188
)
189189
raise AuthenticationFailed()
190190

0 commit comments

Comments
 (0)