Source code

001package com.box.sdk;
002
003import com.eclipsesource.json.JsonObject;
004import java.util.Arrays;
005import java.util.HashSet;
006import java.util.Set;
007import okhttp3.Headers;
008import org.jetbrains.annotations.NotNull;
009
010/** Class used to sanitize sensitive data from payload. */
011public final class BoxSensitiveDataSanitizer {
012  private static final Set<String> SENSITIVE_KEYS =
013      new HashSet<>(
014          Arrays.asList(
015              "authorization",
016              "access_token",
017              "refresh_token",
018              "subject_token",
019              "token",
020              "client_id",
021              "client_secret",
022              "code",
023              "shared_link",
024              "download_url",
025              "jwt_private_key",
026              "jwt_private_key_passphrase",
027              "password"));
028
029  private BoxSensitiveDataSanitizer() {}
030
031  /**
032   * Add key that should be sanitized
033   *
034   * @param key key to be sanitized
035   */
036  public static void addKeyToSanitize(String key) {
037    SENSITIVE_KEYS.add(key);
038  }
039
040  @NotNull
041  static Headers sanitizeHeaders(Headers originalHeaders) {
042    Headers.Builder sanitizedHeadersBuilder = originalHeaders.newBuilder();
043
044    for (String originalHeaderName : originalHeaders.names()) {
045      if (isSensitiveKey(originalHeaderName)) {
046        sanitizedHeadersBuilder.set(originalHeaderName, "[REDACTED]");
047      } else {
048        String headerValue = originalHeaders.get(originalHeaderName);
049        if (headerValue != null) {
050          sanitizedHeadersBuilder.set(originalHeaderName, headerValue);
051        }
052      }
053    }
054
055    return sanitizedHeadersBuilder.build();
056  }
057
058  /**
059   * Sanitize the json body. Only for the first level of the json.
060   *
061   * @param originalBody the original json body
062   * @return the sanitized json body
063   */
064  @NotNull
065  static JsonObject sanitizeJsonBody(JsonObject originalBody) {
066    JsonObject sanitizedBody = new JsonObject();
067
068    for (String key : originalBody.names()) {
069      if (isSensitiveKey(key)) {
070        sanitizedBody.set(key, "[REDACATED]");
071      } else {
072        sanitizedBody.set(key, originalBody.get(key));
073      }
074    }
075    return sanitizedBody;
076  }
077
078  private static boolean isSensitiveKey(@NotNull String key) {
079    return SENSITIVE_KEYS.contains(key.toLowerCase(java.util.Locale.ROOT));
080  }
081}