Security: don't log subclient token.

2016-04-12 16:05:37 +02:00 · 2016-04-12 16:05:37 +02:00 · bd8e0e56a4
commit bd8e0e56a4
parent aeee165ad8
2 changed files with 2 additions and 1 deletions
--- a/pillar/application/modules/blender_id.py
+++ b/pillar/application/modules/blender_id.py
@ -62,7 +62,7 @@ def validate_subclient_token(user_id, scst):
    client_id = current_app.config['BLENDER_ID_CLIENT_ID']
    subclient_id = current_app.config['BLENDER_ID_SUBCLIENT_ID']

-    log.debug('Validating subclient token %s for Blender ID user %s', scst, user_id)
+    log.debug('Validating subclient token for Blender ID user %s', user_id)
    payload = {'client_id': client_id,
               'subclient_id': subclient_id,
               'user_id': user_id,
--- a/tests/test_blender_id_subclient.py
+++ b/tests/test_blender_id_subclient.py
@ -42,6 +42,7 @@ class BlenderIdSubclientTest(AbstractPillarTest):

        user_info = json.loads(resp.data)  # {'status': 'success', 'subclient_user_id': '...'}
        self.assertEqual('success', user_info['status'])
+
        # Check that the user was correctly updated
        with self.app.test_request_context():
            users = self.app.data.driver.db['users']