summary refs log tree commit diff
diff options
context:
space:
mode:
authorErik Johnston <erik@matrix.org>2015-06-15 16:36:49 +0100
committerErik Johnston <erik@matrix.org>2015-06-15 16:37:04 +0100
commitb5209c57441d9e7bace28a03774d2605a6572514 (patch)
treec7117faa2ec723c0713b4f9caf7f0ef87bdf241c
parentMerge branch 'erikj/listeners_config' into erikj/sanitize_logging (diff)
downloadsynapse-b5209c57441d9e7bace28a03774d2605a6572514.tar.xz
Create SynapseRequest that overrides __repr__ to not print access_token
Diffstat (limited to '')
-rwxr-xr-xsynapse/app/homeserver.py49
-rw-r--r--synapse/http/server.py14
2 files changed, 46 insertions, 17 deletions
diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py
index 95e9122d3e..7c1ad6bc13 100755
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@@ -63,6 +63,7 @@ import synapse
 
 import logging
 import os
+import re
 import resource
 import subprocess
 
@@ -433,9 +434,34 @@ class SynapseService(service.Service):
         return self._port.stopListening()
 
 
-class XForwardedForRequest(Request):
-    def __init__(self, *args, **kw):
+class SynapseRequest(Request):
+    def __init__(self, site_tag, *args, **kw):
         Request.__init__(self, *args, **kw)
+        self.site_tag = site_tag
+        self.authenticated_entity = None
+
+    def __repr__(self):
+        # We overwrite this so that we don't log ``access_token``
+        return '<%s at 0x%x method=%s uri=%s clientproto=%s site=%s>' % (
+            self.__class__.__name__,
+            id(self),
+            self.method,
+            self.get_redacted_uri(),
+            self.clientproto,
+            self.site_tag,
+        )
+
+    def get_redacted_uri(self):
+        return re.sub(
+            r'(\?.*access_token=)[^&]*(.*)$',
+            r'\1<redacted>\2',
+            self.uri
+        )
+
+
+class XForwardedForRequest(SynapseRequest):
+    def __init__(self, *args, **kw):
+        SynapseRequest.__init__(self, *args, **kw)
 
     """
     Add a layer on top of another request that only uses the value of an
@@ -451,8 +477,16 @@ class XForwardedForRequest(Request):
             b"x-forwarded-for", [b"-"])[0].split(b",")[0].strip()
 
 
-def XForwardedFactory(*args, **kwargs):
-    return XForwardedForRequest(*args, **kwargs)
+class SynapseRequestFactory(object):
+    def __init__(self, site_tag, x_forwarded_for):
+        self.site_tag = site_tag
+        self.x_forwarded_for = x_forwarded_for
+
+    def __call__(self, *args, **kwargs):
+        if self.x_forwarded_for:
+            return XForwardedForRequest(self.site_tag, *args, **kwargs)
+        else:
+            return SynapseRequest(self.site_tag, *args, **kwargs)
 
 
 class SynapseSite(Site):
@@ -462,8 +496,11 @@ class SynapseSite(Site):
     """
     def __init__(self, logger_name, config, resource, *args, **kwargs):
         Site.__init__(self, resource, *args, **kwargs)
-        if config.get("x_forwarded", False):
-            self.requestFactory = XForwardedFactory
+
+        proxied = config.get("x_forwarded", False)
+        self.requestFactory = SynapseRequestFactory(None, proxied)
+
+        if proxied:
             self._log_formatter = proxiedLogFormatter
         else:
             self._log_formatter = combinedLogFormatter
diff --git a/synapse/http/server.py b/synapse/http/server.py
index e6e8a59f6c..7f8b9dbb29 100644
--- a/synapse/http/server.py
+++ b/synapse/http/server.py
@@ -32,7 +32,6 @@ from twisted.web.util import redirectTo
 
 import collections
 import logging
-import re
 import urllib
 
 logger = logging.getLogger(__name__)
@@ -83,18 +82,11 @@ def request_handler(request_handler):
             code = None
             start = self.clock.time_msec()
             try:
-                request_uri = request.uri
-
-                # Don't log access_tokens
-                request_uri = re.sub(
-                    r'(\?.*access_token=)[^&]*(.*)$',
-                    r'\1<redacted>\2',
-                    request_uri
-                )
-
                 logger.info(
                     "%s - Received request: %s %s",
-                    request.getClientIP(), request.method, request_uri
+                    request.getClientIP(),
+                    request.method,
+                    request.get_redacted_uri()
                 )
                 d = request_handler(self, request)
                 with PreserveLoggingContext():