Avoid logging email, even masked

Fix code scanning alert: Exposure of private information Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
gaepdit · Jan 9, 2025 · 1ba0cdb · 1ba0cdb
1 parent e4b54e8
commit 1ba0cdb
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 38 deletions.
diff --git a/src/WebApp/Pages/Account/ExternalLogin.cshtml.cs b/src/WebApp/Pages/Account/ExternalLogin.cshtml.cs
@@ -8,7 +8,6 @@
 using MyApp.AppServices.Staff.Dto;
 using MyApp.Domain.Identity;
 using MyApp.WebApp.Models;
-using MyApp.WebApp.Platform.Logging;
 using MyApp.WebApp.Platform.PageModelHelpers;
 using MyApp.WebApp.Platform.Settings;
 
@@ -94,19 +93,19 @@ public async Task<IActionResult> OnGetCallbackAsync(string? returnUrl = null, st
 
         if (!userEmail.IsValidEmailDomain())
         {
-            logger.LogWarning("User {UserName} with invalid email domain attempted signin", userEmail.MaskEmail());
+            logger.LogWarning("User with invalid email domain {Domain} attempted signin", userEmail.Split('@')[1]);
             return RedirectToPage("./Unavailable");
         }
 
-        logger.LogInformation("User {UserName} in tenant {TenantID} successfully authenticated", userEmail.MaskEmail(),
-            userTenant);
+        logger.LogInformation("User with object ID {ObjectId} in tenant {TenantID} successfully authenticated",
+            externalLoginInfo.Principal.GetObjectId(), userTenant);
 
         // Determine if a user account already exists with the Object ID.
         // If not, then determine if a user account already exists with the given username.
         var user = AppSettings.DevSettings.UseInMemoryData
             ? await userManager.FindByNameAsync(userEmail)
-            : await userManager.Users.SingleOrDefaultAsync(u =>
-                  u.ObjectIdentifier == externalLoginInfo.Principal.GetObjectId()) ??
+            : await userManager.Users.SingleOrDefaultAsync(au =>
+                  au.ObjectIdentifier == externalLoginInfo.Principal.GetObjectId()) ??
               await userManager.FindByNameAsync(userEmail);
 
         // If the user does not have a local account yet, then create one and sign in.
@@ -116,7 +115,7 @@ public async Task<IActionResult> OnGetCallbackAsync(string? returnUrl = null, st
         // If user has been marked as inactive, don't sign in.
         if (!user.Active)
         {
-            logger.LogWarning("Inactive user {Email} attempted signin", userEmail.MaskEmail());
+            logger.LogWarning("Inactive user with object ID {ObjectId} attempted signin", user.ObjectIdentifier);
             return RedirectToPage("./Unavailable");
         }
 
@@ -165,25 +164,24 @@ private async Task<IActionResult> CreateUserAndSignInAsync(ExternalLoginInfo inf
         var createUserResult = await userManager.CreateAsync(user);
         if (!createUserResult.Succeeded)
         {
-            logger.LogWarning("Failed to create new user {UserName}", user.Email.MaskEmail());
+            logger.LogWarning("Failed to create new user with object ID {ObjectId}", user.ObjectIdentifier);
             return await FailedLoginAsync(createUserResult, user);
         }
 
-        logger.LogInformation("Created new user {Email} with object ID {ObjectId}",
-            user.Email.MaskEmail(), user.ObjectIdentifier);
+        logger.LogInformation("Created new user with object ID {ObjectId}", user.ObjectIdentifier);
 
         // Add new user to application Roles if seeded in app settings or local admin user setting is enabled.
         var seedAdminUsers = configuration.GetSection("SeedAdminUsers").Get<string[]>();
         if (AppSettings.DevSettings.LocalUserIsStaff)
         {
-            logger.LogInformation("Seeding staff role for new user {Email}", user.Email.MaskEmail());
+            logger.LogInformation("Seeding staff role for new user with object ID {ObjectId}", user.ObjectIdentifier);
             await userManager.AddToRoleAsync(user, RoleName.Staff);
         }
 
         if (AppSettings.DevSettings.LocalUserIsAdmin ||
             (seedAdminUsers != null && seedAdminUsers.Contains(user.Email, StringComparer.InvariantCultureIgnoreCase)))
         {
-            logger.LogInformation("Seeding all roles for new user {Email}", user.Email.MaskEmail());
+            logger.LogInformation("Seeding all roles for new user with object ID {ObjectId}", user.ObjectIdentifier);
             foreach (var role in AppRole.AllRoles) await userManager.AddToRoleAsync(user, role.Key);
         }
 
@@ -196,8 +194,8 @@ private async Task<IActionResult> CreateUserAndSignInAsync(ExternalLoginInfo inf
     // Update local store with from external provider. 
     private async Task<IActionResult> RefreshUserInfoAndSignInAsync(ApplicationUser user, ExternalLoginInfo info)
     {
-        logger.LogInformation("Existing user {Email} logged in with {LoginProvider} provider",
-            user.Email.MaskEmail(), info.LoginProvider);
+        logger.LogInformation("Existing user with object ID {ObjectId} logged in with {LoginProvider} provider",
+            user.ObjectIdentifier, info.LoginProvider);
 
         var previousValues = new ApplicationUser
         {
@@ -232,17 +230,17 @@ private async Task<IActionResult> AddLoginProviderAndSignInAsync(
 
         if (!addLoginResult.Succeeded)
         {
-            logger.LogWarning("Failed to add login provider {LoginProvider} for user {Email}",
-                info.LoginProvider, user.Email.MaskEmail());
+            logger.LogWarning("Failed to add login provider {LoginProvider} for user with object ID {ObjectId}",
+                info.LoginProvider, user.ObjectIdentifier);
             return await FailedLoginAsync(addLoginResult, user);
         }
 
         user.ObjectIdentifier ??= info.Principal.GetObjectId();
         user.MostRecentLogin = DateTimeOffset.Now;
         await userManager.UpdateAsync(user);
 
-        logger.LogInformation("Login provider {LoginProvider} added for user {Email} with object ID {ObjectId}",
-            info.LoginProvider, user.Email.MaskEmail(), user.ObjectIdentifier);
+        logger.LogInformation("Login provider {LoginProvider} added for user with object ID {ObjectId}",
+            info.LoginProvider, user.ObjectIdentifier);
 
         // Include the access token in the properties.
         var props = new AuthenticationProperties();

diff --git a/src/WebApp/Platform/Logging/Redaction.cs b/src/WebApp/Platform/Logging/Redaction.cs