Update how tokens are redacted

Using SHA-1 to match how Nova and Swift redact their tokens. Was discussed in the below thread: http://lists.openstack.org/pipermail/openstack-dev/2014-September/045802.html Here's what nova went with: https://review.openstack.org/#/c/99511/ swift seem to be following suit: https://review.openstack.org/#/c/99632/ Change-Id: I3045d6d9d2a13770f4022dbbd474b34eb1032f6e Closes-bug: 1329301
2014-09-15 16:17:18 -06:00
parent 4a5903bce7
commit f980fc5492
2 changed files with 15 additions and 6 deletions
@@ -36,6 +36,7 @@ if not hasattr(parse, 'parse_qsl'):
    parse.parse_qsl = cgi.parse_qsl

 from glanceclient.common import https
+from glanceclient.common.utils import safe_header
 from glanceclient import exc
 from glanceclient.openstack.common import importutils
 from glanceclient.openstack.common import network_utils
@@ -95,9 +96,7 @@ class HTTPClient(object):
        headers.update(self.session.headers)

        for (key, value) in six.iteritems(headers):
-            if key.lower() == 'x-auth-token':
-                value = '*' * 3
-            header = '-H \'%s: %s\'' % (key, value)
+            header = '-H \'%s: %s\'' % safe_header(key, value)
            curl.append(header)

        if not self.session.verify:
@@ -123,9 +122,7 @@ class HTTPClient(object):
        status = (resp.raw.version / 10.0, resp.status_code, resp.reason)
        dump = ['\nHTTP/%.1f %s %s' % status]
        headers = resp.headers.items()
-        if 'X-Auth-Token' in resp.headers:
-            headers['X-Auth-Token'] = '*' * 3
-        dump.extend(['%s: %s' % (k, v) for k, v in headers])
+        dump.extend(['%s: %s' % safe_header(k, v) for k, v in headers])
        dump.append('')
        if body:
            body = strutils.safe_decode(body)