Merge pull request #1837 from cleung2010/obfuscate-acl-token

Obfuscate token for lookupACL error
This commit is contained in:
Ryan Uber 2016-07-05 13:56:49 -07:00 committed by GitHub
commit 104e1a5cf6
1 changed files with 8 additions and 1 deletions

View File

@ -180,7 +180,14 @@ func (c *aclCache) lookupACL(id, authDC string) (acl.ACL, error) {
if strings.Contains(err.Error(), aclNotFound) {
return nil, errors.New(aclNotFound)
} else {
c.logger.Printf("[ERR] consul.acl: Failed to get policy for '%s': %v", id, err)
s := id
// Print last 3 chars of the token if long enough, otherwise completly hide it
if len(s) > 3 {
s = fmt.Sprintf("token ending in '%s'", s[len(s)-3:])
} else {
s = redactedToken
}
c.logger.Printf("[ERR] consul.acl: Failed to get policy for %s: %v", s, err)
}
// Unable to refresh, apply the down policy