From bd8e0e56a49864a69f5aec2b184f238e378da6e4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= <sybren@stuvel.eu>
Date: Tue, 12 Apr 2016 16:05:37 +0200
Subject: [PATCH] Security: don't log subclient token.

---
 pillar/application/modules/blender_id.py | 2 +-
 tests/test_blender_id_subclient.py       | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/pillar/application/modules/blender_id.py b/pillar/application/modules/blender_id.py
index 102b162b..8e4dfbc5 100644
--- a/pillar/application/modules/blender_id.py
+++ b/pillar/application/modules/blender_id.py
@@ -62,7 +62,7 @@ def validate_subclient_token(user_id, scst):
     client_id = current_app.config['BLENDER_ID_CLIENT_ID']
     subclient_id = current_app.config['BLENDER_ID_SUBCLIENT_ID']
 
-    log.debug('Validating subclient token %s for Blender ID user %s', scst, user_id)
+    log.debug('Validating subclient token for Blender ID user %s', user_id)
     payload = {'client_id': client_id,
                'subclient_id': subclient_id,
                'user_id': user_id,
diff --git a/tests/test_blender_id_subclient.py b/tests/test_blender_id_subclient.py
index 7e252364..98aa400e 100644
--- a/tests/test_blender_id_subclient.py
+++ b/tests/test_blender_id_subclient.py
@@ -42,6 +42,7 @@ class BlenderIdSubclientTest(AbstractPillarTest):
 
         user_info = json.loads(resp.data)  # {'status': 'success', 'subclient_user_id': '...'}
         self.assertEqual('success', user_info['status'])
+
         # Check that the user was correctly updated
         with self.app.test_request_context():
             users = self.app.data.driver.db['users']