Swagger-codegen: password in toString in generated model

Created on 20 Apr 2016  路  9Comments  路  Source: swagger-api/swagger-codegen

When using format "password", e.g.

  credentials:
    type: object
    properties:
      username:
        type: string
      password:
        type: string
        format: password
    required:
    - username
    - password

the field "password" is contained in the toString method of the generated model class.

In my opinion, that's a security issue (you don't want client passwords appearing in log files etc.)

Would it make sense to change the corresponding line in toString to:

sb.append(" password: ").append("<protected>").append("\n");

whenever the format "password" is used?

General help wanted
Source
picture BernhardBln
👍2

Most helpful comment

Added a pull request with support of "x-obfuscated:[true|false]" for Java:
https://github.com/swagger-api/swagger-codegen/pull/7060

CC: @wing328 @jeff9finger @smiklosovic @BernhardBln

picture SergeyLyakhov on 26 Nov 2017
🎉3

All 9 comments

Agree with you that password should be not captured in the log file.

Technically it's possible by introducing a new boolean flag isPassword that can be used in the template.

wing328 picture wing328 on 21 Apr 2016

But why do you need this extra flag? You already have the "password" format, as shown in my example above. IMHO, that should be enough to exclude the password.

Otherwise you end up always setting up both:

password:
        type: string
        format: password
        isPasswort: true

But I don't think that is necessary.

BernhardBln picture BernhardBln on 21 Apr 2016

that's not what i mean. in the mustache template, there's no access to format and mustache is a logic-less template so there's no way to set condition.

have a look at https://github.com/swagger-api/swagger-codegen/wiki/Mustache-Template-Variables and you will know what i mean

wing328 picture wing328 on 21 Apr 2016

Oh, I see. Alright :)

BernhardBln picture BernhardBln on 21 Apr 2016

I've flagged the request as "Need community contribution" to see if anyone from the community has cycle to implement that.

wing328 picture wing328 on 21 Apr 2016

@wing328

Hey, is there any workaround?

Can I make a plugin which will do my own toString method? How that would be done?

smiklosovic picture smiklosovic on 27 Apr 2017

@wing328
It is not a good solution to use "isPassword" as the name of attribute. A more common name should be used there. E.g. someone may need to avoid an output for card number, or other sensitive information.
I would propose to use the vendor extension name, e.g. x-obfuscated or x-confidential-data :

cardNumber:
    type: string
    x-obfuscated: true

This fix will require to change the templates part only. I'm ready to contribute it for Java.
CC: @jeff9finger

SergeyLyakhov picture SergeyLyakhov on 2 Nov 2017
👍1

@SergeyLyakhov very good suggestion. Using vendor extension is definitely one way to hide password or other sensitive information in the output.

wing328 picture wing328 on 20 Nov 2017

Added a pull request with support of "x-obfuscated:[true|false]" for Java:
https://github.com/swagger-api/swagger-codegen/pull/7060

CC: @wing328 @jeff9finger @smiklosovic @BernhardBln

SergeyLyakhov picture SergeyLyakhov on 26 Nov 2017
🎉3
Was this page helpful?
0 / 5 - 0 ratings

Related issues

edwinevans picture edwinevans  路  3Comments
dylan-colaco picture dylan-colaco  路  3Comments
tdhancii picture tdhancii  路  3Comments
katilius picture katilius  路  3Comments
GeeWee picture GeeWee  路  3Comments