Closed bj00rn closed 3 months ago
Hi Bjron,
can you specify which topic? We have data masking in place already so it's a matter of extending the rules if we missed something
On Wed, 15 May 2024 at 15:55, Björn Dalfors @.***> wrote:
Seems that password in clear text and tokens are sent via mqtt. It it possible to mask/redact this information?
— Reply to this email directly, view it on GitHub https://github.com/SAIC-iSmart-API/saic-python-mqtt-gateway/issues/243, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAIT3RST6OYZPPTVVEEVXW3ZCNSMTAVCNFSM6AAAAABHYHJGQ2VHI2DSMVQWIX3LMV43ASLTON2WKOZSGI4TQMBRGE3TCNA . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Hi Bjron, can you specify which topic? We have data masking in place already so it's a matter of extending the rules if we missed something … On Wed, 15 May 2024 at 15:55, Björn Dalfors @.> wrote: Seems that password in clear text and tokens are sent via mqtt. It it possible to mask/redact this information? — Reply to this email directly, view it on GitHub <#243>, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAIT3RST6OYZPPTVVEEVXW3ZCNSMTAVCNFSM6AAAAABHYHJGQ2VHI2DSMVQWIX3LMV43ASLTON2WKOZSGI4TQMBRGE3TCNA . You are receiving this because you are subscribed to this thread.Message ID: @.>
topics:
saic/501_513/json/request
saic/501_513/json/response
request
{
"applicationData": {
"password": "<REDACTED>"
},
"body": {
"applicationID": "501",
"eventCreationTime": 1706864825,
"messageID": 1,
"applicationDataLength": null,
"applicationDataProtocolVersion": 513,
"uid": "<REDACTED>",
"eventID": 0,
"testFlag": 2,
"iccID": "<REDACTED>",
"simInfo": "<REDACTED>",
"messageCounter": {
"uplinkCounter": 1,
"downlinkCounter": 0
}
},
"header": {
"protocolVersion": 17,
"dispatcherMessageLength": null
}
}
response
{
"applicationData": {
"userName": "<REDACTED>",
"token": "<REDACTED>",
"refreshToken": "<REDACTED>",
"tokenExpiration": {
"seconds": 1709456825
},
"vinList": [
{
"vin": "<REDACTED>",
"series": "ZS EV S",
"brandName": "b'MG'",
"modelName": "b'ZS EV'",
"isAcivate": false,
"isCurrentVehicle": 1,
"modelYear": "2021",
"colorName": "YORK WHITE",
"bindTime": {
"seconds": 1658929091
}
}
],
"languageType": "english"
},
"body": {
"applicationID": "501",
"eventCreationTime": 1706864825,
"messageID": 2,
"applicationDataLength": 878,
"applicationDataProtocolVersion": 513,
"uid": "<REDACTED>",
"token": "<REDACTED>",
"eventID": 0,
"applicationDataEncoding": "perUnaligned",
"testFlag": 2,
"result": 0,
"iccID": "<REDACTED>",
"simInfo": "<REDACTED>",
"messageCounter": {
"uplinkCounter": 1,
"downlinkCounter": 1
}
},
"header": {
"protocolVersion": 17,
"dispatcherMessageLength": 129,
"dispatcherBodyEncoding": 0,
"securityContext": 0
}
}
Those are legacy topics not published anymore (unless you're using the legacy version).
You can delete them
Those are legacy topics not published anymore (unless you're using the legacy version).
You can delete them
Ah, I see now that the messages are retained
, that's why they are still there, dates are from february
Seems that password in clear text and tokens are sent via mqtt. It it possible to mask/redact this information?