From 3f3b53e730678b7b319049c88b42973240436b97 Mon Sep 17 00:00:00 2001
From: Christophe Loiseau <christophe.loiseau@sovity.de>
Date: Fri, 31 May 2024 12:15:20 +0200
Subject: [PATCH] Don't log sensitive information from requests

---
 .../connector/core/base/EdcHttpClientImplTest.java | 14 +++++++++++---
 gradle/libs.versions.toml                          |  2 +-
 .../eclipse/edc/spi/http/FallbackFactories.java    |  4 ++--
 3 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/core/common/connector-core/src/test/java/org/eclipse/edc/connector/core/base/EdcHttpClientImplTest.java b/core/common/connector-core/src/test/java/org/eclipse/edc/connector/core/base/EdcHttpClientImplTest.java
index 11f9802be26..555d7a3776d 100644
--- a/core/common/connector-core/src/test/java/org/eclipse/edc/connector/core/base/EdcHttpClientImplTest.java
+++ b/core/common/connector-core/src/test/java/org/eclipse/edc/connector/core/base/EdcHttpClientImplTest.java
@@ -106,7 +106,8 @@ void execute_fallback_shouldFailAfterAttemptsExpired_whenResponseFails() {
         var result = client.execute(request, handleResponse());
 
         assertThat(result).matches(Result::failed).extracting(Result::getFailureMessages).asList()
-                .first().asString().matches(it -> it.startsWith("unexpected end of stream on"));
+                .first().asString()
+                .matches(it -> it.startsWith("unexpected end of stream on"));
     }
 
     @Test
@@ -115,6 +116,7 @@ void execute_fallback_shouldRetryIfStatusIsNot2xxOr4xx() {
 
         var request = new Request.Builder()
                 .url("http://localhost:" + port)
+                .header("Authorization", "Sensitive data")
                 .build();
 
         server.when(request(), unlimited()).respond(new HttpResponse().withStatusCode(500));
@@ -122,7 +124,10 @@ void execute_fallback_shouldRetryIfStatusIsNot2xxOr4xx() {
         var result = client.execute(request, List.of(retryWhenStatusNot2xxOr4xx()), handleResponse());
 
         assertThat(result).matches(Result::failed).extracting(Result::getFailureMessages).asList()
-                .first().asString().matches(it -> it.startsWith("Server response to"));
+                .first().asString()
+                .matches(it -> it.startsWith("Server response to"))
+                .matches("")
+                .doesNotMatch(".*Sensitive data.*");
         server.verify(request(), exactly(2));
     }
 
@@ -132,13 +137,16 @@ void execute_fallback_shouldRetryIfStatusIsNotAsExpected() {
 
         var request = new Request.Builder()
                 .url("http://localhost:" + port)
+                .header("Authorization", "Sensitive data")
                 .build();
         server.when(request(), unlimited()).respond(new HttpResponse().withStatusCode(200));
 
         var result = client.execute(request, List.of(retryWhenStatusIsNot(204)), handleResponse());
 
         assertThat(result).matches(Result::failed).extracting(Result::getFailureMessages).asList()
-                .first().asString().matches(it -> it.startsWith("Server response to"));
+                .first().asString()
+                .matches(it -> it.startsWith("Server response to"))
+                .doesNotMatch(".*Sensitive data.*");
         server.verify(request(), exactly(2));
     }
 
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 49851496da0..55ac78f711d 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -4,7 +4,7 @@ format.version = "1.1"
 [versions]
 apacheCommonsPool2 = "2.11.1"
 iron-vc = "0.8.1"
-assertj = "3.24.2"
+assertj = "3.26.0"
 atomikos = "6.0.0"
 awaitility = "4.2.0"
 bouncyCastle-jdk18on = "1.76"
diff --git a/spi/common/http-spi/src/main/java/org/eclipse/edc/spi/http/FallbackFactories.java b/spi/common/http-spi/src/main/java/org/eclipse/edc/spi/http/FallbackFactories.java
index 82723b65e0f..3a51e3d4c7f 100644
--- a/spi/common/http-spi/src/main/java/org/eclipse/edc/spi/http/FallbackFactories.java
+++ b/spi/common/http-spi/src/main/java/org/eclipse/edc/spi/http/FallbackFactories.java
@@ -38,7 +38,7 @@ static FallbackFactory retryWhenStatusNot2xxOr4xx() {
                 if (response == null) {
                     return new EdcHttpClientException(event.getLastException().getMessage());
                 } else {
-                    return new EdcHttpClientException(format("Server response to %s was not successful but was %s: %s", request, response.code(), response.body().string()));
+                    return new EdcHttpClientException(format("Server response to [%s, %s] was not successful but was %s: %s", request.method(), request.url(), response.code(), response.body().string()));
                 }
             };
             return Fallback.builderOfException(exceptionSupplier)
@@ -59,7 +59,7 @@ static FallbackFactory retryWhenStatusIsNot(int status) {
                 if (response == null) {
                     return new EdcHttpClientException(event.getLastException().getMessage());
                 } else {
-                    return new EdcHttpClientException(format("Server response to %s was not %s but was %s: %s", request, status, response.code(), response.body().string()));
+                    return new EdcHttpClientException(format("Server response to [%s, %s] was not %s but was %s: %s", request.method(), request.url(), status, response.code(), response.body().string()));
                 }
             };
             return Fallback.builderOfException(exceptionSupplier)