Hide JWT in the logs

In case of 'debug' logging level, the raw requests from clients were
printed to stdout and file. Hide sensitive information in the
logging print.

Task-number: QLS-934
Pick-to: 3.1
Change-Id: Ibda32f718b27f84ad12304c52ff712bb5845660e
Reviewed-by: Iikka Eklund <iikka.eklund@qt.io>

1 files changed, 25 insertions, 1 deletions

diff --git a/src/libs/qlicenseservice/licenser.cpp b/src/libs/qlicenseservice/licenser.cpp
index af96de3..a3f702c 100644
--- a/src/libs/qlicenseservice/licenser.cpp
+++ b/src/libs/qlicenseservice/licenser.cpp
@@ -25,6 +25,29 @@ using namespace QLicenseCore;
 
 namespace QLicenseService {
 
+static std::string replaceOptionValue(const std::string &request, const std::string &option)
+{
+    std::string replaced = request;
+
+    const size_t pos = request.find(option);
+    if (pos != std::string::npos) {
+        // Find the start of the value
+        const size_t valueStart = request.find(' ', pos);
+        if (valueStart != std::string::npos) {
+            // Find the end of the value
+            size_t valueEnd = request.find(' ', valueStart + 1);
+            if (valueEnd == std::string::npos)
+                valueEnd = request.length();
+
+            // Replace the value with asterisks
+            replaced.replace(valueStart + 1, valueEnd - valueStart - 1, "*****");
+        }
+    }
+
+    return replaced;
+}
+
+
 Licenser::Licenser(DaemonRunMode runMode, uint16_t tcpPort, const std::string &workDir)
     : m_runMode(runMode)
     , m_state(DaemonState::Starting)
@@ -211,7 +234,8 @@ int Licenser::onTcpReadyRead(uint16_t socketId)
         return 0;
     }
 
-    logDebug("Got a request: %s", input.c_str());
+    if (Logger::getInstance()->logLevel() >= LogLevel::LOGLEVEL_DEBUG)
+        logDebug("Got a request: %s", replaceOptionValue(input, "-jwt").c_str());
 
     // Parse very basic info from input
     RequestInfo request = preParseInput(response, socketId, input);