lighthouse/common/sensitive_url/src/lib.rs

use serde::{de, Deserialize, Deserializer, Serialize, Serializer};
use std::fmt;
use url::Url;

#[derive(Debug)]
pub enum SensitiveError {
    InvalidUrl(String),
    ParseError(url::ParseError),
    RedactError(String),
}

// Wrapper around Url which provides a custom `Display` implementation to protect user secrets.
#[derive(Clone, PartialEq)]
pub struct SensitiveUrl {
    pub full: Url,
    pub redacted: String,
}

impl fmt::Display for SensitiveUrl {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        self.redacted.fmt(f)
    }
}

impl fmt::Debug for SensitiveUrl {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        self.redacted.fmt(f)
    }
}

impl AsRef<str> for SensitiveUrl {
    fn as_ref(&self) -> &str {
        self.redacted.as_str()
    }
}

impl Serialize for SensitiveUrl {
    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
    where
        S: Serializer,
    {
        serializer.serialize_str(&self.full.to_string())
    }
}

impl<'de> Deserialize<'de> for SensitiveUrl {
    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
    where
        D: Deserializer<'de>,
    {
        let s: String = Deserialize::deserialize(deserializer)?;
        SensitiveUrl::parse(&s)
            .map_err(|e| de::Error::custom(format!("Failed to deserialize sensitive URL {:?}", e)))
    }
}

impl SensitiveUrl {
    pub fn parse(url: &str) -> Result<Self, SensitiveError> {
        let surl = Url::parse(url).map_err(SensitiveError::ParseError)?;
        SensitiveUrl::new(surl)
    }

    fn new(full: Url) -> Result<Self, SensitiveError> {
        let mut redacted = full.clone();
        redacted
            .path_segments_mut()
            .map_err(|_| SensitiveError::InvalidUrl("URL cannot be a base.".to_string()))?
            .clear();
        redacted.set_query(None);

        if redacted.has_authority() {
            redacted.set_username("").map_err(|_| {
                SensitiveError::RedactError("Unable to redact username.".to_string())
            })?;
            redacted.set_password(None).map_err(|_| {
                SensitiveError::RedactError("Unable to redact password.".to_string())
            })?;
        }

        Ok(Self {
            full,
            redacted: redacted.to_string(),
        })
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn redact_remote_url() {
        let full = "https://project:secret@example.com/example?somequery";
        let surl = SensitiveUrl::parse(full).unwrap();
        assert_eq!(surl.to_string(), "https://example.com/");
        assert_eq!(surl.full.to_string(), full);
    }
    #[test]
    fn redact_localhost_url() {
        let full = "http://localhost:5052/";
        let surl = SensitiveUrl::parse(full).unwrap();
        assert_eq!(surl.to_string(), "http://localhost:5052/");
        assert_eq!(surl.full.to_string(), full);
    }
}
Add `SensitiveUrl` to redact user secrets from endpoints (#2326) ## Issue Addressed #2276 ## Proposed Changes Add the `SensitiveUrl` struct which wraps `Url` and implements custom `Display` and `Debug` traits to redact user secrets from being logged in eth1 endpoints, beacon node endpoints and metrics. ## Additional Info This also includes a small rewrite of the eth1 crate to make requests using `Url` instead of `&str`. Some error messages have also been changed to remove `Url` data. 2021-05-04 01:59:51 +00:00			`use serde::{de, Deserialize, Deserializer, Serialize, Serializer};`
			`use std::fmt;`
			`use url::Url;`

			`#[derive(Debug)]`
			`pub enum SensitiveError {`
			`InvalidUrl(String),`
			`ParseError(url::ParseError),`
			`RedactError(String),`
			`}`

			// Wrapper around Url which provides a custom `Display` implementation to protect user secrets.
Enforce Optimistic Sync Conditions & CLI Tests (v2) (#3050) ## Description This PR adds a single, trivial commit (f5d2b27d78349d5a675a2615eba42cc9ae708094) atop #2986 to resolve a tests compile error. The original author (@ethDreamer) is AFK so I'm getting this one merged :relaxed: Please see #2986 for more information about the other, significant changes in this PR. Co-authored-by: Mark Mackey <mark@sigmaprime.io> Co-authored-by: ethDreamer <37123614+ethDreamer@users.noreply.github.com> 2022-03-01 22:56:47 +00:00			`#[derive(Clone, PartialEq)]`
Add `SensitiveUrl` to redact user secrets from endpoints (#2326) ## Issue Addressed #2276 ## Proposed Changes Add the `SensitiveUrl` struct which wraps `Url` and implements custom `Display` and `Debug` traits to redact user secrets from being logged in eth1 endpoints, beacon node endpoints and metrics. ## Additional Info This also includes a small rewrite of the eth1 crate to make requests using `Url` instead of `&str`. Some error messages have also been changed to remove `Url` data. 2021-05-04 01:59:51 +00:00			`pub struct SensitiveUrl {`
			`pub full: Url,`
			`pub redacted: String,`
			`}`

			`impl fmt::Display for SensitiveUrl {`
			`fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {`
			`self.redacted.fmt(f)`
			`}`
			`}`

			`impl fmt::Debug for SensitiveUrl {`
			`fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {`
			`self.redacted.fmt(f)`
			`}`
			`}`

			`impl AsRef<str> for SensitiveUrl {`
			`fn as_ref(&self) -> &str {`
			`self.redacted.as_str()`
			`}`
			`}`

			`impl Serialize for SensitiveUrl {`
			`fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>`
			`where`
			`S: Serializer,`
			`{`
			`serializer.serialize_str(&self.full.to_string())`
			`}`
			`}`

			`impl<'de> Deserialize<'de> for SensitiveUrl {`
			`fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>`
			`where`
			`D: Deserializer<'de>,`
			`{`
			`let s: String = Deserialize::deserialize(deserializer)?;`
			`SensitiveUrl::parse(&s)`
			`.map_err(\|e\| de::Error::custom(format!("Failed to deserialize sensitive URL {:?}", e)))`
			`}`
			`}`

			`impl SensitiveUrl {`
			`pub fn parse(url: &str) -> Result<Self, SensitiveError> {`
			`let surl = Url::parse(url).map_err(SensitiveError::ParseError)?;`
			`SensitiveUrl::new(surl)`
			`}`

			`fn new(full: Url) -> Result<Self, SensitiveError> {`
			`let mut redacted = full.clone();`
			`redacted`
			`.path_segments_mut()`
			`.map_err(\|_\| SensitiveError::InvalidUrl("URL cannot be a base.".to_string()))?`
			`.clear();`
			`redacted.set_query(None);`

			`if redacted.has_authority() {`
			`redacted.set_username("").map_err(\|_\| {`
			`SensitiveError::RedactError("Unable to redact username.".to_string())`
			`})?;`
			`redacted.set_password(None).map_err(\|_\| {`
			`SensitiveError::RedactError("Unable to redact password.".to_string())`
			`})?;`
			`}`

			`Ok(Self {`
			`full,`
			`redacted: redacted.to_string(),`
			`})`
			`}`
			`}`

			`#[cfg(test)]`
			`mod tests {`
			`use super::*;`

			`#[test]`
			`fn redact_remote_url() {`
			`let full = "https://project:secret@example.com/example?somequery";`
			`let surl = SensitiveUrl::parse(full).unwrap();`
			`assert_eq!(surl.to_string(), "https://example.com/");`
			`assert_eq!(surl.full.to_string(), full);`
			`}`
			`#[test]`
			`fn redact_localhost_url() {`
			`let full = "http://localhost:5052/";`
			`let surl = SensitiveUrl::parse(full).unwrap();`
			`assert_eq!(surl.to_string(), "http://localhost:5052/");`
			`assert_eq!(surl.full.to_string(), full);`
			`}`
			`}`