Merge pull request #52 from CMSgov/fix-redaction-of-default-keys-w-ca…

…pital-letters QPPA-7951 make redaction keys case insensitive
CMSgov · Jul 25, 2023 · b8a03e3 · b8a03e3
2 parents c7bd8ef + 2f4a9bb
commit b8a03e3
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 8 deletions.
diff --git a/src/index.ts b/src/index.ts
@@ -7,6 +7,7 @@ import fs = require('fs');
 import filenames = require('./filenames');
 import { Scrubber } from './scrubber';
 import { Options } from './options';
+import { Request } from './request';
 
 function defaultLogDirByEnvironment(options: Options) {
     switch (options.environment) {
@@ -145,7 +146,7 @@ const noneLogger = {
 
 // A morgan-equivalent logger used for format='none' that suppresses
 // all output
-const noneAccessLogger = function (req, res, next) {};
+const noneAccessLogger = function (...args: unknown[]) {};
 
 class SharedLogger {
     accessLogger = undefined;
@@ -250,7 +251,7 @@ class SharedLogger {
         //
         options.accessLog = options.accessLog || {};
         if (accessLogEnabled(options)) {
-            morgan.token('url', (req) => {
+            morgan.token('url', (req: Request) => {
                 const url = req['pathname'] ?? req['baseUrl'];
                 if (!req['query'] || Object.keys(req['query']).length === 0) {
                     return url;

diff --git a/src/request.ts b/src/request.ts
@@ -0,0 +1,6 @@
+import http = require('http');
+
+export interface Request extends http.IncomingMessage {
+    baseUrl: string;
+    query: string;
+}
diff --git a/src/scrubber.ts b/src/scrubber.ts
@@ -36,7 +36,7 @@ export class Scrubber {
         this.blacklist = [
             ...new Set([
                 ...redactKeys.map((key) => key.toLowerCase()),
-                ...defaultRedactKeys,
+                ...defaultRedactKeys.map((key) => key.toLowerCase()),
             ]),
         ];
         this.regexesBlacklist = regexesBlacklist ?? [];

diff --git a/test/index.ts b/test/index.ts
@@ -117,12 +117,14 @@ describe('sharedLogger', function () {
             };
             const spy = sandbox.spy(process.stdout, 'write');
             sharedLogger.configure(options);
-            sharedLogger.logger.info('should be prettyPrint');
+            sharedLogger.logger.info('should be prettyPrint', {
+                meta: { a: 'b' },
+            });
 
-            assert.equal(
-                spy.getCall(0).lastArg,
-                "{ message: 'should be prettyPrint', level: 'info', label: 'test' }\n",
-            );
+            const expectedVal =
+                "{\n  meta: { a: 'b' },\n  level: 'info',\n  message: 'should be prettyPrint',\n  label: 'test'\n}\n";
+
+            assert.equal(spy.getCall(0).lastArg, expectedVal);
         });
 
         it('should set format to logstash', () => {

diff --git a/test/scrubber.ts b/test/scrubber.ts
@@ -147,4 +147,14 @@ describe('scrubber', function () {
         assert.nestedInclude(input, { 'users[1].password': 'Password321' });
         assert.nestedInclude(input, { 'users[1].firstname': 'Jeff' });
     });
+
+    it('should redact default keys with capitalized letters', function () {
+        const scrubbedData = scrubber.scrub({
+            taxpayerIdentificationNumber: '00012345',
+        });
+
+        assert.include(scrubbedData, {
+            taxpayerIdentificationNumber: '[REDACTED]',
+        });
+    });
 });