Skip to content

Add Authorization Bearer token pattern#124

Merged
GrantBirki merged 4 commits into
mainfrom
rewinfrey/add-pattern-for-bearer-tokens
May 26, 2025
Merged

Add Authorization Bearer token pattern#124
GrantBirki merged 4 commits into
mainfrom
rewinfrey/add-pattern-for-bearer-tokens

Conversation

@rewinfrey
Copy link
Copy Markdown
Contributor

@rewinfrey rewinfrey commented May 20, 2025

Pulled out from https://github.com/github/blackbird-mw/pull/3756.

This adds a regex pattern for redacting Authorization: Bearer <token>.

Copilot AI review requested due to automatic review settings May 20, 2025 22:43
@rewinfrey rewinfrey requested a review from GrantBirki as a code owner May 20, 2025 22:43
Copilot AI reviewed May 20, 2025
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Introduces support for redacting Authorization: Bearer <token> headers in the logging middleware.

  • Adds a case-insensitive regex to lib/patterns/default.rb to match and redact bearer tokens.
  • Expands spec/lib/redacting_logger_spec.rb with a test case ensuring the new header is redacted.

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
lib/patterns/default.rb Adds a regex pattern for case-insensitive Authorization: Bearer token redaction
spec/lib/redacting_logger_spec.rb Adds a test case to verify redaction of the bearer header
Comments suppressed due to low confidence (1)

spec/lib/redacting_logger_spec.rb:166

  • It may be useful to add a test case for a lowercase authorization: bearer header to ensure the pattern's case-insensitivity is correctly applied.
message: '-H  "Authorization: Bearer ab123456789a1abcd1~_.-+456ABCDE=" -H "Content-Type: application/json"',

Comment thread lib/patterns/default.rb
@rewinfrey rewinfrey requested a review from look May 22, 2025 16:49
look
look previously approved these changes May 22, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@look look left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for upstreaming this @rewinfrey.

GrantBirki
GrantBirki previously approved these changes May 26, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@GrantBirki GrantBirki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rewinfrey thank you very much for upstreaming these changes and helping to improve this gem! 🙇 ❤️

@GrantBirki GrantBirki merged commit f23471a into main May 26, 2025
11 checks passed
@GrantBirki GrantBirki deleted the rewinfrey/add-pattern-for-bearer-tokens branch May 26, 2025 05:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@look look look left review comments

+1 more reviewer

@GrantBirki GrantBirki GrantBirki approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rewinfrey @look @GrantBirki