Skip to content

Commit 463dcbc

Browse files
TimHessbart-vmware
TimHess
and
bart-vmware
committed
Placeholder resolution should only be logged at trace-level
--------- Co-authored-by: Bart Koelman <104792814+bart-vmware@users.noreply.github.com>
1 parent 6cfee5c commit 463dcbc

2 files changed

Lines changed: 29 additions & 1 deletion

File tree

src/Configuration/src/Placeholder/PropertyPlaceHolderHelper.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -202,7 +202,7 @@ private static string Substring(StringBuilder builder, int start, int end)
202202
return builder.ToString()[start..end];
203203
}
204204

205-
[LoggerMessage(Level = LogLevel.Debug, Message = "Resolved placeholder '{Placeholder}' to '{Value}'.")]
205+
[LoggerMessage(Level = LogLevel.Trace, Message = "Resolved placeholder '{Placeholder}' to '{Value}'.")]
206206
private partial void LogPlaceholderResolved(string placeholder, string value);
207207

208208
private readonly struct PlaceholderExpression(string key, string? defaultValue) : IEquatable<PlaceholderExpression>

src/Configuration/test/Encryption.Test/DecryptionConfigurationTest.cs

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,34 @@ public void Can_resolve_placeholder_to_decrypted_value()
8585
configuration["result"].Should().Be("start-SECRET-end");
8686
}
8787

88+
[Fact]
89+
public void Decrypted_values_in_placeholder_resolution_are_only_logged_at_trace_level()
90+
{
91+
var decryptor = new ToUpperCaseDecryptor();
92+
using var capturingProvider = new CapturingLoggerProvider();
93+
using var loggerFactory = new LoggerFactory([capturingProvider]);
94+
95+
var appSettings = new Dictionary<string, string?>
96+
{
97+
["secret"] = "{cipher}classified",
98+
["greeting"] = "hello-${secret}-world"
99+
};
100+
101+
var builder = new ConfigurationBuilder();
102+
builder.AddInMemoryCollection(appSettings);
103+
builder.AddDecryption(decryptor, loggerFactory);
104+
builder.AddPlaceholderResolver(loggerFactory);
105+
IConfiguration configuration = builder.Build();
106+
107+
_ = configuration["greeting"];
108+
109+
IList<string> logLines = capturingProvider.GetAll();
110+
string[] sensitiveLines = [.. logLines.Where(message => message.Contains("CLASSIFIED", StringComparison.Ordinal))];
111+
112+
sensitiveLines.Should().NotBeEmpty();
113+
sensitiveLines.Should().AllSatisfy(message => message.Should().StartWith("TRCE"));
114+
}
115+
88116
public void Dispose()
89117
{
90118
_loggerFactory.Dispose();

0 commit comments

Comments
 (0)