search

camunda-community-hub / camunda-external-task-client-python3

Camunda 7 External Task Client in Python
Apache License 2.0
73 stars 54 forks source link

Remove Basic Auth Password from logging #71

Closed klogges5 closed 2 years ago

klogges5 commented 2 years ago

We are using the basic auth feature and it is very useful, but we see a problem in using it, because its write on startup the whole config with password in log. Could you please replace the password with XXX or remove the password from logging?

As Is:

2022-02-11 16:09:29,979 - INFO - Connect to http://localhost:8080/engine-rest to topic: docc606 2022-02-11 16:09:33,394 - INFO - [WORKER_ID:docc606] Created External Task client with config: {'maxTasks': 1, 'lockDuration': 10000, 'asyncResponseTimeout': 60000, 'retries': 3, 'retryTimeout': 5000, 'httpTimeoutMillis': 30000, 'timeoutDeltaMillis': 5000, 'includeExtensionProperties': True, 'auth_basic': {'username': 'demo', 'password': 'demo'}, 'sleepSeconds': 30} 2022-02-11 16:09:33,394 - INFO - [WORKER_ID:docc606] Created new External Task Worker with config: {'auth_basic': {'username': 'demo', 'password': 'demo'}, 'maxTasks': 1, 'lockDuration': 10000, 'asyncResponseTimeout': 60000, 'retries': 3, 'retryTimeout': 5000, 'sleepSeconds': 30}

Should be:

2022-02-11 16:09:29,979 - INFO - Connect to http://localhost:8080/engine-rest to topic: docc606 2022-02-11 16:09:33,394 - INFO - [WORKER_ID:docc606] Created External Task client with config: {'maxTasks': 1, 'lockDuration': 10000, 'asyncResponseTimeout': 60000, 'retries': 3, 'retryTimeout': 5000, 'httpTimeoutMillis': 30000, 'timeoutDeltaMillis': 5000, 'includeExtensionProperties': True, 'auth_basic': {'username': 'demo', 'password': 'XXX'}, 'sleepSeconds': 30} 2022-02-11 16:09:33,394 - INFO - [WORKER_ID:docc606] Created new External Task Worker with config: {'auth_basic': {'username': 'demo', 'password': 'XXX'}, 'maxTasks': 1, 'lockDuration': 10000, 'asyncResponseTimeout': 60000, 'retries': 3, 'retryTimeout': 5000, 'sleepSeconds': 30}

celanthe commented 2 years ago

Hi @yogeshrnaik! I just wanted to alert you to this particular issue, as it's related to security best practices. If you have any questions regarding security best practices in the Camunda Community Hub, please visit: https://github.com/camunda-community-hub/community/blob/main/SECURITY.md

If you have any questions, please let me know. I am happy to help!

klogges5 commented 2 years ago

Patch was merged in master. @yogeshrnaik Could you please build a new release on pypi.org

yogeshrnaik commented 2 years ago

@klogges5 @celanthe Released 4.2.0 https://pypi.org/manage/project/camunda-external-task-client-python3/release/4.2.0/

celanthe commented 2 years ago

@klogges5, would you be so kind as to please sign the CLA linked in #72 referenced above? Thank you so much! :)