From 9b9929e69d3df2a8b16de6d8cde98f20741c337a Mon Sep 17 00:00:00 2001 From: "Scott E. Graves" Date: Thu, 20 Mar 2025 08:05:00 -0500 Subject: [PATCH] remove passwords from api calls --- .../librepertory/include/types/repertory.hpp | 5 +++ .../librepertory/src/rpc/server/server.cpp | 4 +- .../librepertory/src/types/repertory.cpp | 42 +++++++++++++++++++ repertory/repertory/src/ui/handlers.cpp | 3 ++ 4 files changed, 53 insertions(+), 1 deletion(-) diff --git a/repertory/librepertory/include/types/repertory.hpp b/repertory/librepertory/include/types/repertory.hpp index 0aee6f93..434fc6f0 100644 --- a/repertory/librepertory/include/types/repertory.hpp +++ b/repertory/librepertory/include/types/repertory.hpp @@ -314,6 +314,11 @@ provider_type_from_string(std::string_view type, [[nodiscard]] auto provider_type_to_string(provider_type type) -> std::string; +void clean_json_config(provider_type prov, nlohmann::json &data); + +[[nodiscard]] auto clean_json_value(std::string_view name, + std::string_view data) -> std::string; + #if defined(_WIN32) struct open_file_data final { PVOID directory_buffer{nullptr}; diff --git a/repertory/librepertory/src/rpc/server/server.cpp b/repertory/librepertory/src/rpc/server/server.cpp index b6a67d72..deeb2aca 100644 --- a/repertory/librepertory/src/rpc/server/server.cpp +++ b/repertory/librepertory/src/rpc/server/server.cpp @@ -39,6 +39,7 @@ server::server(app_config &config) : config_(config) {} void server::handle_get_config(const httplib::Request & /*req*/, httplib::Response &res) { auto data = config_.get_json(); + clean_json_config(data); res.set_content(data.dump(), "application/json"); res.status = http_error_codes::ok; } @@ -46,7 +47,8 @@ void server::handle_get_config(const httplib::Request & /*req*/, void server::handle_get_config_value_by_name(const httplib::Request &req, httplib::Response &res) { auto name = req.get_param_value("name"); - auto data = json({{"value", config_.get_value_by_name(name)}}); + auto data = json( + {{"value", clean_json_value(name, config_.get_value_by_name(name))}}); res.set_content(data.dump(), "application/json"); res.status = http_error_codes::ok; } diff --git a/repertory/librepertory/src/types/repertory.cpp b/repertory/librepertory/src/types/repertory.cpp index 6f342cd7..c528cef0 100644 --- a/repertory/librepertory/src/types/repertory.cpp +++ b/repertory/librepertory/src/types/repertory.cpp @@ -26,6 +26,48 @@ #include "utils/string.hpp" namespace repertory { +void clean_json_config(provider_type prov, nlohmann::json &data) { + data[JSON_API_PASSWORD] = ""; + + switch (prov) { + case provider_type::encrypt: + data[JSON_ENCRYPT_CONFIG][JSON_ENCRYPTION_TOKEN] = ""; + data[JSON_REMOTE_MOUNT][JSON_ENCRYPTION_TOKEN] = ""; + break; + + case provider_type::remote: + data[JSON_REMOTE_CONFIG][JSON_ENCRYPTION_TOKEN] = ""; + break; + + case provider_type::s3: + data[JSON_REMOTE_MOUNT][JSON_ENCRYPTION_TOKEN] = ""; + data[JSON_S3_CONFIG][JSON_ENCRYPTION_TOKEN] = ""; + data[JSON_S3_CONFIG][JSON_SECRET_KEY] = ""; + break; + + case provider_type::sia: + data[JSON_REMOTE_MOUNT][JSON_ENCRYPTION_TOKEN] = ""; + data[JSON_HOST_CONFIG][JSON_API_PASSWORD] = ""; + break; + } +} + +auto clean_json_value(std::string_view name, std::string_view data) + -> std::string { + if (name == + fmt::format("{}.{}", JSON_ENCRYPT_CONFIG, JSON_ENCRYPTION_TOKEN) || + name == fmt::format("{}.{}", JSON_HOST_CONFIG, JSON_API_PASSWORD) || + name == fmt::format("{}.{}", JSON_REMOTE_CONFIG, JSON_ENCRYPTION_TOKEN) || + name == fmt::format("{}.{}", JSON_REMOTE_MOUNT, JSON_ENCRYPTION_TOKEN) || + name == fmt::format("{}.{}", JSON_S3_CONFIG, JSON_ENCRYPTION_TOKEN) || + name == fmt::format("{}.{}", JSON_S3_CONFIG, JSON_SECRET_KEY) || + name == JSON_API_PASSWORD) { + return ""; + } + + return std::string{data}; +} + auto database_type_from_string(std::string type, database_type default_type) -> database_type { type = utils::string::to_lower(utils::string::trim(type)); diff --git a/repertory/repertory/src/ui/handlers.cpp b/repertory/repertory/src/ui/handlers.cpp index 9a0ab4c0..e6a6f91d 100644 --- a/repertory/repertory/src/ui/handlers.cpp +++ b/repertory/repertory/src/ui/handlers.cpp @@ -218,6 +218,8 @@ void handlers::handle_get_mount(auto &&req, auto &&res) const { lines.erase(lines.begin()); auto result = nlohmann::json::parse(utils::string::join(lines, '\n')); + clean_json_config(prov, result); + res.set_content(result.dump(), "application/json"); res.status = http_error_codes::ok; } @@ -320,6 +322,7 @@ void handlers::handle_get_mount_status(auto &&req, auto &&res) const { void handlers::handle_get_settings(auto &&res) const { auto settings = config_->to_json(); + settings.erase(JSON_API_PASSWORD); settings.erase(JSON_MOUNT_LOCATIONS); res.set_content(settings.dump(), "application/json"); res.status = http_error_codes::ok;