From 205c86f54cdbabf49b414b0c7e1f6e7f7364e4c8 Mon Sep 17 00:00:00 2001
From: nlejeune <nlejeune@flashreport.io>
Date: Wed, 17 Jun 2015 15:44:23 +0200
Subject: [PATCH 1/2] Better sanitizer default for sensitive keys

Add the CloudFoundry vcap_services key, as well as a regular expression
to sanitize any key containing the word 'credentials'.

Fixes gh-3248
Closes gh-3266
---
 .../boot/actuate/endpoint/Sanitizer.java      |  2 +-
 .../endpoint/EnvironmentEndpointTests.java    | 26 +++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
index 4b8d665413e..dfab05b9462 100644
--- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
+++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
@@ -34,7 +34,7 @@ class Sanitizer {
 	private Pattern[] keysToSanitize;
 
 	public Sanitizer() {
-		setKeysToSanitize(new String[] { "password", "secret", "key" });
+		setKeysToSanitize(new String[] { "password", "secret", "key", "vcap_services", ".*credentials.*" });
 	}
 
 	/**
diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/EnvironmentEndpointTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/EnvironmentEndpointTests.java
index cf5d31c00e1..0b28d2677dc 100644
--- a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/EnvironmentEndpointTests.java
+++ b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/EnvironmentEndpointTests.java
@@ -68,12 +68,38 @@ public class EnvironmentEndpointTests extends AbstractEndpointTests<EnvironmentE
 	public void testKeySanitization() throws Exception {
 		System.setProperty("dbPassword", "123456");
 		System.setProperty("apiKey", "123456");
+		System.setProperty("mySecret", "123456");
+		System.setProperty("vcap_services", "123456");
 		EnvironmentEndpoint report = getEndpointBean();
 		Map<String, Object> env = report.invoke();
 		assertEquals("******",
 				((Map<String, Object>) env.get("systemProperties")).get("dbPassword"));
 		assertEquals("******",
 				((Map<String, Object>) env.get("systemProperties")).get("apiKey"));
+		assertEquals("******",
+				((Map<String, Object>) env.get("systemProperties")).get("mySecret"));
+		assertEquals("******",
+				((Map<String, Object>) env.get("systemProperties")).get("vcap_services"));
+	}
+
+	@SuppressWarnings("unchecked")
+	@Test
+	public void testKeySanitizationCredentialsPattern() throws Exception {
+		System.setProperty("vcap.services.amqp-free.credentials.uri", "123456");
+		System.setProperty("credentials.http_api_uri", "123456");
+		System.setProperty("vcap.services.cleardb-free.credentials", "123456");
+		System.setProperty("vcap.mycredentials.uri", "123456");
+		EnvironmentEndpoint report = getEndpointBean();
+		Map<String, Object> env = report.invoke();
+		assertEquals("******",
+				((Map<String, Object>) env.get("systemProperties")).get("vcap.services.amqp-free.credentials.uri"));
+		assertEquals("******",
+				((Map<String, Object>) env.get("systemProperties")).get("credentials.http_api_uri"));
+		assertEquals("******",
+				((Map<String, Object>) env.get("systemProperties")).get("vcap.services.cleardb-free.credentials"));
+		assertEquals("******",
+				((Map<String, Object>) env.get("systemProperties")).get("vcap.mycredentials.uri"));
+
 	}
 
 	@SuppressWarnings("unchecked")

From fd5d6ef3031781397a5dde5e7a346df5941cd927 Mon Sep 17 00:00:00 2001
From: Stephane Nicoll <snicoll@pivotal.io>
Date: Thu, 18 Jun 2015 08:52:47 +0200
Subject: [PATCH 2/2] Polish

---
 .../boot/actuate/endpoint/Sanitizer.java      |  5 +++--
 .../endpoint/EnvironmentEndpointTests.java    | 21 ++++++++++++-------
 .../appendix-application-properties.adoc      |  4 ++--
 3 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
index dfab05b9462..cace841edfe 100644
--- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
+++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2014 the original author or authors.
+ * Copyright 2012-2015 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@ import org.springframework.util.Assert;
  * @author Christian Dupuis
  * @author Toshiaki Maki
  * @author Phillip Webb
+ * @author Nicolas Lejeune
  */
 class Sanitizer {
 
@@ -34,7 +35,7 @@ class Sanitizer {
 	private Pattern[] keysToSanitize;
 
 	public Sanitizer() {
-		setKeysToSanitize(new String[] { "password", "secret", "key", "vcap_services", ".*credentials.*" });
+		setKeysToSanitize("password", "secret", "key", ".*credentials.*", "vcap_services");
 	}
 
 	/**
diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/EnvironmentEndpointTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/EnvironmentEndpointTests.java
index 0b28d2677dc..79cf13d14d6 100644
--- a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/EnvironmentEndpointTests.java
+++ b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/EnvironmentEndpointTests.java
@@ -37,6 +37,8 @@ import static org.junit.Assert.assertThat;
  *
  * @author Phillip Webb
  * @author Christian Dupuis
+ * @author Nicolas Lejeune
+ * @author Stephane Nicoll
  */
 public class EnvironmentEndpointTests extends AbstractEndpointTests<EnvironmentEndpoint> {
 
@@ -69,7 +71,8 @@ public class EnvironmentEndpointTests extends AbstractEndpointTests<EnvironmentE
 		System.setProperty("dbPassword", "123456");
 		System.setProperty("apiKey", "123456");
 		System.setProperty("mySecret", "123456");
-		System.setProperty("vcap_services", "123456");
+		System.setProperty("myCredentials", "123456");
+		System.setProperty("VCAP_SERVICES", "123456");
 		EnvironmentEndpoint report = getEndpointBean();
 		Map<String, Object> env = report.invoke();
 		assertEquals("******",
@@ -79,26 +82,28 @@ public class EnvironmentEndpointTests extends AbstractEndpointTests<EnvironmentE
 		assertEquals("******",
 				((Map<String, Object>) env.get("systemProperties")).get("mySecret"));
 		assertEquals("******",
-				((Map<String, Object>) env.get("systemProperties")).get("vcap_services"));
+				((Map<String, Object>) env.get("systemProperties")).get("myCredentials"));
+		assertEquals("******",
+				((Map<String, Object>) env.get("systemProperties")).get("VCAP_SERVICES"));
 	}
 
 	@SuppressWarnings("unchecked")
 	@Test
 	public void testKeySanitizationCredentialsPattern() throws Exception {
-		System.setProperty("vcap.services.amqp-free.credentials.uri", "123456");
+		System.setProperty("my.services.amqp-free.credentials.uri", "123456");
 		System.setProperty("credentials.http_api_uri", "123456");
-		System.setProperty("vcap.services.cleardb-free.credentials", "123456");
-		System.setProperty("vcap.mycredentials.uri", "123456");
+		System.setProperty("my.services.cleardb-free.credentials", "123456");
+		System.setProperty("foo.mycredentials.uri", "123456");
 		EnvironmentEndpoint report = getEndpointBean();
 		Map<String, Object> env = report.invoke();
 		assertEquals("******",
-				((Map<String, Object>) env.get("systemProperties")).get("vcap.services.amqp-free.credentials.uri"));
+				((Map<String, Object>) env.get("systemProperties")).get("my.services.amqp-free.credentials.uri"));
 		assertEquals("******",
 				((Map<String, Object>) env.get("systemProperties")).get("credentials.http_api_uri"));
 		assertEquals("******",
-				((Map<String, Object>) env.get("systemProperties")).get("vcap.services.cleardb-free.credentials"));
+				((Map<String, Object>) env.get("systemProperties")).get("my.services.cleardb-free.credentials"));
 		assertEquals("******",
-				((Map<String, Object>) env.get("systemProperties")).get("vcap.mycredentials.uri"));
+				((Map<String, Object>) env.get("systemProperties")).get("foo.mycredentials.uri"));
 
 	}
 
diff --git a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
index d13ec780a20..20222975158 100644
--- a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
+++ b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
@@ -607,7 +607,7 @@ content into your application; rather pick only the properties that you need.
 	endpoints.configprops.id=configprops
 	endpoints.configprops.sensitive=true
 	endpoints.configprops.enabled=true
-	endpoints.configprops.keys-to-sanitize=password,secret,key # suffix or regex
+	endpoints.configprops.keys-to-sanitize=password,secret,key,.*credentials.*,vcap_services # suffix or regex
 	endpoints.dump.id=dump
 	endpoints.dump.sensitive=true
 	endpoints.dump.enabled=true
@@ -615,7 +615,7 @@ content into your application; rather pick only the properties that you need.
 	endpoints.env.id=env
 	endpoints.env.sensitive=true
 	endpoints.env.enabled=true
-	endpoints.env.keys-to-sanitize=password,secret,key # suffix or regex
+	endpoints.env.keys-to-sanitize=password,secret,key,.*credentials.*,vcap_services # suffix or regex
 	endpoints.health.id=health
 	endpoints.health.sensitive=true
 	endpoints.health.enabled=true