RubyGems - authlete - Versions diffs - 1.39.0 → 1.40.0 - Mend

authlete 1.39.0 → 1.40.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ad3294911fdac07bffbcfba52de0394b6c9c54238aa5de3ad04aa527f80fb917
-  data.tar.gz: 52176abfc6daf0fea4516e0da863df86f32a56b392cbf46f2af7d973af8d09a8
+  metadata.gz: 74a860b721b7613f2db6d38a29c773099a775a6a2db4cad9aee401acfc5c3720
+  data.tar.gz: a9f1de04dc44a566132358b9f90c5c72db7e8e05891c9bb8b48f32c5394c47a2
 SHA512:
-  metadata.gz: 29e9942e712d2886dd590b47d5eed7581b3b998eae80a2c333c5c5aa5757e53d9c72eab6ef46f8cbd87e4823de32d9619fc8ee514cb03fb6351f8d61d8270f5d
-  data.tar.gz: e67b9f685e1d4da518846dcac25fb5bfeea283efbc97e1a3b07f7059e6971f66f8fe7cb6ac62940d49882f7da148af5594a25fa61154569597fcd7eea8a48428
+  metadata.gz: 0cdcaef0259445a1ba5067fbc5fd7e3f97cbf8f1ee01c5b7b346ce379e3cbe11447be47893e5b7d39cebd0feacc8d108df2fe7aede2cff8410de3831b8300bd6
+  data.tar.gz: 19d66a165c4d2cebdc19dcc35f2c8dcf72f964b5a5a5bd15fdf195106290d495e728608bd69658cb4e4820c9b87243c1fe56b95aa8d10cdb5e6b06d087baf06d

data/README.md CHANGED Viewed

@@ -6,6 +6,44 @@ authlete-ruby-gem
 Ruby library for [Authlete Web APIs](https://docs.authlete.com/).
+# REST Client Logging Configuration
+The library provides control over `rest-client` logging behavior through `Authlete::LoggingLevel`:
+- `DEFAULT` - Respects the logger set in `RestClient.log` (default behavior)
+- `SENSITIVE` - Logs all information but redacts sensitive data (tokens, credentials)
+- `NONE` - Disables all logging, useful for handling sensitive PII data
+Example configuration:
+```ruby
+# Default behavior (uses RestClient.log as is)
+config = {
+  host: 'https://api.authlete.com',
+  service_api_key: 'YOUR_KEY',
+  service_api_secret: 'YOUR_SECRET',
+  rest_client_logging_level: Authlete::LoggingLevel::DEFAULT
+}
+# Redact sensitive data
+config = {
+  host: 'https://api.authlete.com',
+  service_api_key: 'YOUR_KEY',
+  service_api_secret: 'YOUR_SECRET',
+  rest_client_logging_level: Authlete::LoggingLevel::SENSITIVE
+}
+# Disable all RestClient logging
+config = {
+  host: 'https://api.authlete.com',
+  service_api_key: 'YOUR_KEY',
+  service_api_secret: 'YOUR_SECRET',
+  rest_client_logging_level: Authlete::LoggingLevel::NONE
+}
+api_client = Authlete::Api.new(config)
+```
 # License
 Apache License, Version 2.0

data/lib/authlete/api.rb CHANGED Viewed

@@ -40,6 +40,23 @@ module Authlete
       @service_api_key          = config[:service_api_key]
       @service_api_secret       = config[:service_api_secret]
       @extra_headers            = nil
+      configure_logging(config[:rest_client_logging_level])
+    end
+    private
+    def configure_logging(level)
+      return unless RestClient.log
+      case level
+      when LoggingLevel::SENSITIVE
+        RestClient.log = Authlete::SensitiveLogger.new(RestClient.log)
+      when LoggingLevel::NONE
+        RestClient.log = Authlete::NullLogger.new
+      when LoggingLevel::DEFAULT, nil
+        # Keep original logger (default behavior)
+      end
     end
     def call_api(method, path, content_type, payload, user, password)

data/lib/authlete/logging.rb ADDED Viewed

@@ -0,0 +1,94 @@
+module Authlete
+  module LoggingLevel
+    DEFAULT = :default           # Original logging behavior
+    SENSITIVE = :sensitive # Redact sensitive data
+    NONE = :none          # No logging
+  end
+  class NullLogger
+    def <<(msg)
+      # NOOP
+    end
+  end
+  class SensitiveLogger
+    SENSITIVE_FIELDS = [
+      # OAuth/OIDC related
+      'client_secret',
+      'access_token',
+      'refresh_token',
+      'authorization_code',
+      'id_token',
+      'code',
+      # Device flow
+      'user_code',
+      'client_notification_token',
+      # Authlete Credentials
+      'service_api_key',
+      'service_api_secret',
+      'service_owner_api_key',
+      'service_owner_api_secret',
+      'sns_credentials',
+      'developer_sns_credentials',
+      'ticket',
+      'subject',
+      # Authentication & Authorization
+      'password',
+      'token',
+      'authorization',
+      'client_certificate',
+      'client_certificate_path',
+      # JWT/Crypto/Certificate related
+      'jwks',
+      'federation_jwks',
+      'client_secret_expires_at',
+      'trusted_root_certificates',
+      'encryption_key_id',
+      'signature_key_id',
+      'access_token_signature_key_id',
+      'refresh_token_signature_key_id',
+      'id_token_signature_key_id'
+    ].freeze
+    SENSITIVE_PATTERNS = SENSITIVE_FIELDS.flat_map do |field|
+      [
+        # JSON format
+        /("#{field}"\s*:\s*)"[^"]*"/,
+        # URL-encoded format
+        /#{field}=([^&\s]+)/
+      ]
+    end.freeze
+    REDACTION_MARK = '***** REDACTED *****'
+    def initialize(original_logger)
+      @original_logger = original_logger
+    end
+    def <<(msg)
+      redacted_msg = redact_sensitive_data(msg)
+      @original_logger << redacted_msg
+    end
+    private
+    def redact_sensitive_data(msg)
+      return msg unless msg.is_a?(String)
+      redacted = msg.dup
+      SENSITIVE_PATTERNS.each do |pattern|
+        if pattern.to_s.include?('"')
+          # JSON format
+          redacted.gsub!(pattern, "\\1#{REDACTION_MARK.inspect}")
+        else
+          # URL-encoded format
+          redacted.gsub!(pattern) { "#{$~[0].split('=')[0]}=#{REDACTION_MARK}" }
+        end
+      end
+      redacted
+    end
+  end
+end

data/lib/authlete/version.rb CHANGED Viewed

@@ -16,5 +16,5 @@
 module Authlete
-  VERSION = "1.39.0"
+  VERSION = "1.40.0"
 end

data/lib/authlete.rb CHANGED Viewed

@@ -24,6 +24,9 @@ module Authlete
   autoload :Exception, 'authlete/exception'
   autoload :ParamInitializer, 'authlete/model/param-initializer'
   autoload :Utility, 'authlete/utility'
+  autoload :LoggingLevel, 'authlete/logging'
+  autoload :NullLogger, 'authlete/logging'
+  autoload :SensitiveLogger, 'authlete/logging'
   module Model
     autoload :Base, 'authlete/model/base'

metadata CHANGED Viewed

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: authlete
 version: !ruby/object:Gem::Version
-  version: 1.39.0
+  version: 1.40.0
 platform: ruby
 authors:
 - Takahiko Kawasaki
 - Hideki Ikeda
 - Seth Wright
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-07 00:00:00.000000000 Z
+date: 2025-02-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -72,6 +72,7 @@ files:
 - lib/authlete/api.rb
 - lib/authlete/authentication-server.rb
 - lib/authlete/exception.rb
+- lib/authlete/logging.rb
 - lib/authlete/model/base.rb
 - lib/authlete/model/client-extension.rb
 - lib/authlete/model/client.rb
@@ -168,7 +169,7 @@ homepage: https://www.authlete.com/
 licenses:
 - Apache License, Version 2.0
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -183,8 +184,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3.1
-signing_key:
+rubygems_version: 3.4.10
+signing_key:
 specification_version: 4
 summary: A library for Authlete Web APIs
 test_files: []