Please use the 👍 reaction to show that you are interested into the same feature.
Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
Subscribe to receive notifications on status change and new comments.
Is your feature request related to a problem? Please describe.
The OC\Log\ExceptionSerializer class provides a mechanism to redact sensitive values from the log with the SENSITIVE_VALUE_PLACEHOLDER constant. However, some apps and integrations use secret values that should also not be written to the log. For example, the JWT of the OnlyOffice app and the certificates of the SSO & SAML Authentication (user_saml) app should never be written to the log and should be redacted.
Describe the solution you'd like
There should be a way to add custom values to the ExceptionSerializer or OC\Log classes in order to have them filtered out of the stack trace and error log.
Describe alternatives you've considered
I managed to write an app that registers a custom error logger class to the server which overrides and replaces the default logger. However, if errors occur before all apps are loaded, my custom logger will not be available.
Additional context
There are a number of considerations to be made to provide this functionality:
It cannot be provided using an app. As previously mentioned, any errors that occur before all apps have loaded will not be filtered if the solution is app-based.
App developers could submit PRs to the ExceptionSerializer class to support any sensitive values used by their apps. However, hard-coding these values isn't a great solution. It would be better to somehow allow adding custom values.
Many sensitive values are dynamic and only accessible via a function. For example, if an authentication app is using OCP\Authentication\IProvideUserSecretBackend, the value is different for every user, and getCurrentUserSecret() must be used to get the value. Registering these types of values with the ExceptionSerializer would be difficult.
I wouldn't mind tackling this project, but given these sorts of challenges, I wanted to have a discussion to see if anyone had suggestions on how best to proceed.
joshtrichards
commented
2 months ago
How to use GitHub
Is your feature request related to a problem? Please describe. The
OC\Log\ExceptionSerializerclass provides a mechanism to redact sensitive values from the log with theSENSITIVE_VALUE_PLACEHOLDERconstant. However, some apps and integrations use secret values that should also not be written to the log. For example, the JWT of the OnlyOffice app and the certificates of the SSO & SAML Authentication (user_saml) app should never be written to the log and should be redacted.Describe the solution you'd like There should be a way to add custom values to the
ExceptionSerializerorOC\Logclasses in order to have them filtered out of the stack trace and error log.Describe alternatives you've considered I managed to write an app that registers a custom error logger class to the server which overrides and replaces the default logger. However, if errors occur before all apps are loaded, my custom logger will not be available.
Additional context There are a number of considerations to be made to provide this functionality:
ExceptionSerializerclass to support any sensitive values used by their apps. However, hard-coding these values isn't a great solution. It would be better to somehow allow adding custom values.OCP\Authentication\IProvideUserSecretBackend, the value is different for every user, andgetCurrentUserSecret()must be used to get the value. Registering these types of values with theExceptionSerializerwould be difficult.I wouldn't mind tackling this project, but given these sorts of challenges, I wanted to have a discussion to see if anyone had suggestions on how best to proceed.