Merge pull request #3 from TheDragonCode/1.x

Andrey Helldar · web-flow · commit c91c5d640cb6 · 2022-03-21T00:28:51.000+03:00
Added the ability to disable the hiding of secret keys
diff --git a/config/http-logger.php b/config/http-logger.php
@@ -1,17 +1,21 @@
 <?php
 
 return [
-    'enabled' => env('LOG_HTTP_ENABLED', true),
+    'enabled' => env('HTTP_LOG_ENABLED', true),
 
     'connection' => env('DB_CONNECTION'),
 
     'table' => 'http_logs',
 
     'hide' => [
-        'authorization',
-        'token',
-        'access_token',
-        'password',
-        'password_confirmation',
+        'enabled' => env('HTTP_LOG_HIDE_ENABLED', true),
+
+        'keys' => [
+            'authorization',
+            'token',
+            'access_token',
+            'password',
+            'password_confirmation',
+        ],
     ],
 ];
diff --git a/src/Casts/Hide.php b/src/Casts/Hide.php
@@ -19,9 +19,11 @@ public function get($model, string $key, $value, array $attributes): array
 
     public function set($model, string $key, $value, array $attributes): string
     {
-        $value = $this->process((array) $value);
+        if ($this->enabled()) {
+            $value = $this->process((array) $value);
+        }
 
-        return json_encode($value);
+        return json_encode((array) $value, JSON_NUMERIC_CHECK);
     }
 
     protected function process(array $values): array
@@ -54,8 +56,13 @@ protected function hide(mixed $value): string
         return str_pad('', $length, $this->mask);
     }
 
+    protected function enabled(): bool
+    {
+        return (bool) config('http-logger.hide.enabled', true);
+    }
+
     protected function hides(): array
     {
-        return config('http-logger.hide', []);
+        return config('http-logger.hide.keys', []);
     }
 }
diff --git a/tests/HideTest.php b/tests/HideTest.php
@@ -8,7 +8,7 @@
 
 class HideTest extends TestCase
 {
-    public function testLogging(): void
+    public function testEnabled(): void
     {
         $method = 'POST';
         $name   = 'api.pages.create';
@@ -70,4 +70,69 @@ public function testLogging(): void
             'content-type'    => ['application/x-www-form-urlencoded'],
         ], $log->headers);
     }
+
+    public function testDisabled(): void
+    {
+        config(['http-logger.hide.enabled' => false]);
+
+        $method = 'POST';
+        $name   = 'api.pages.create';
+        $path   = 'api/pages';
+
+        $uri = $path . '?' . http_build_query([
+                'foo'          => 'Foo',
+                'token'        => 123,
+                'access_token' => 456,
+            ]);
+
+        $this->assertDatabaseLogsCount(0);
+
+        $response = $this->post($uri, [
+            'bar' => 'Bar',
+
+            'password'              => 'q123456',
+            'password_confirmation' => 'q123456',
+        ], [
+            'Authorization' => 'Bearer QwErTy',
+        ]);
+
+        $response->assertNoContent();
+
+        $this->assertDatabaseLogsCount(1);
+        $this->assertDatabaseHasRecord($method, $name, $path);
+
+        $log = HttpLog::where(compact('method', 'name'))->first();
+
+        $this->assertSame($method, $log->method);
+        $this->assertSame($name, $log->name);
+        $this->assertSame($path, $log->path);
+
+        $this->assertSame('http', $log->scheme);
+        $this->assertSame('localhost', $log->host);
+        $this->assertSame(80, $log->port);
+        $this->assertSame('127.0.0.1', $log->ip);
+
+        $this->assertSame([
+            'foo'          => 'Foo',
+            'token'        => 123,
+            'access_token' => 456,
+        ], $log->query);
+
+        $this->assertSame([
+            'bar' => 'Bar',
+
+            'password'              => 'q123456',
+            'password_confirmation' => 'q123456',
+        ], $log->payload);
+
+        $this->assertSame([
+            'host'            => ['localhost'],
+            'user-agent'      => ['Symfony'],
+            'accept'          => ['text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'],
+            'accept-language' => ['en-us,en;q=0.5'],
+            'accept-charset'  => ['ISO-8859-1,utf-8;q=0.7,*;q=0.7'],
+            'authorization'   => ['Bearer QwErTy'],
+            'content-type'    => ['application/x-www-form-urlencoded'],
+        ], $log->headers);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -19,9 +19,11 @@ public function get($model, string $key, $value, array $attributes): array`
`19`	`19`
`20`	`20`	`public function set($model, string $key, $value, array $attributes): string`
`21`	`21`	`{`
`22`		`- $value = $this->process((array) $value);`
	`22`	`+ if ($this->enabled()) {`
	`23`	`+ $value = $this->process((array) $value);`
	`24`	`+ }`
`23`	`25`
`24`		`- return json_encode($value);`
	`26`	`+ return json_encode((array) $value, JSON_NUMERIC_CHECK);`
`25`	`27`	`}`
`26`	`28`
`27`	`29`	`protected function process(array $values): array`
`@@ -54,8 +56,13 @@ protected function hide(mixed $value): string`
`54`	`56`	`return str_pad('', $length, $this->mask);`
`55`	`57`	`}`
`56`	`58`
	`59`	`+ protected function enabled(): bool`
	`60`	`+ {`
	`61`	`+ return (bool) config('http-logger.hide.enabled', true);`
	`62`	`+ }`
	`63`	`+`
`57`	`64`	`protected function hides(): array`
`58`	`65`	`{`
`59`		`- return config('http-logger.hide', []);`
	`66`	`+ return config('http-logger.hide.keys', []);`
`60`	`67`	`}`
`61`	`68`	`}`