Google Cloud API credentials logged in full on http/401 response #1001

ptashek · 2024-03-12T01:05:40Z

Thank you for this integration. Does the job perfectly, and setting up with my own API credentials was a breeze.

Going through logs I've noticed the integration logs the full user provided client_id and client_secret if Google responds with a http/401. This likely doesn't pose a security risk as such as the credentials are wrong, but I'd say it's safer to assume worst-case scenario and redact those details before logging the error.

03-10 11:21:02 ERROR Error serving GET http://<redacted>/manualauth?client_id=<this_is_logged>&client_secret=<this_is_logged>

03-10 11:21:02 ERROR 
  addon/backup/ui/uiserver.py:801 (error_middleware)
  addon/backup/ui/uiserver.py:278 (manualauth)
  addon/backup/drive/authcodequery.py:42 (requestCredentials)
  
backup.exceptions.exceptions.GoogleCredGenerateError: Google responded with error status HTTP 401.  Please verify your credentials are set up correctly.

The text was updated successfully, but these errors were encountered:

sabeechen · 2024-03-31T15:54:13Z

Thanks for pointing that out, I'll sanitize it in the next version

sabeechen self-assigned this Mar 31, 2024

sabeechen added the Do this next This is the next thing I'm going to do label Mar 31, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Google Cloud API credentials logged in full on http/401 response #1001

Google Cloud API credentials logged in full on http/401 response #1001

ptashek commented Mar 12, 2024

sabeechen commented Mar 31, 2024

Google Cloud API credentials logged in full on http/401 response #1001

Google Cloud API credentials logged in full on http/401 response #1001

Comments

ptashek commented Mar 12, 2024

sabeechen commented Mar 31, 2024