Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] Redacting modifies the body before it hits the resolver #1876

Open
4 tasks done
rohaldb opened this issue Mar 12, 2024 · 1 comment
Open
4 tasks done

[BUG] Redacting modifies the body before it hits the resolver #1876

rohaldb opened this issue Mar 12, 2024 · 1 comment
Assignees
Labels
bug Something isn't working

Comments

@rohaldb
Copy link

rohaldb commented Mar 12, 2024

What is the current behavior?

We are using graphql and as a result, we want to log the body of our request. For auth-related endpoints, we then redact passwod fields. We are seeing that in dockerised environments, the redact method is modifying our original body before it hits the resolver. So by the time we get the graphql parameters in the resolver, the password field has the value "[redacted]".

Per the pino http docs, we use this code snipped to give pino access to the body:

serializers: {
    req(req) {
      req.body = req.raw.body;
      return req;
    },
  },

If we instead deep copy the object, instead of assigning the variable directly (i.e req.body = structuredClone(req.raw.body)), the field is no longer redacted. This seems to be in direct opposition to the pinohttp docs, which says:

Logging of requests' bodies is disabled by default since it can cause security risks such as having private user information (password, other GDPR-protected data, etc.) logged (and persisted in most setups). However if enabled, sensitive information can be redacted as per redaction documentation.

I am unsure if this is a specific bug in the documentation, or a bug in the code, but this was working for us for over a year and suddenlyu stopped working without any package changes or anything like that.

For example, our resolver has this mutation similar to this, and input.password has the value "[redacted]"

  @Mutation(() => ClientTokensPermissionsResponse)
  login(
    @Args({ name: 'input', type: () => LoginInput }) input: LoginInput,
  ): Promise<ClientTokensPermissions> {
    return this.authService.login(input);
  }

What is the expected behavior?
Redacted fields shoud not be redacted when following

Please provide minimal example repo, not code snippet. Without example repo this issue will be closed.

We only experienced this issuue when running in a docker container with this base image node:18.17.0-alpine3.18, not on our local machines which run outside of docker. Given this brought down our entire system for several days, I am unable to dedicate time to building a fully working dockerised repo. But i have created this repo which shows the logger and serializer examples on a new nestjs project.

I appreciate this is difficult for debuggers to try reproduce the issue, but i thought better to raise the issue without a reproducible example than to not raise it all.

Please mention other relevant information such as Node.js version and Operating System.
node version 18.17.0

Another piece of information that is relevant to this is that the first invocation of the login endpoint does not include the redacted string, but subsequent invocations does have it redacted

@rohaldb rohaldb added the bug Something isn't working label Mar 12, 2024
@iamolegga
Copy link
Owner

@rohaldb very interesting case, did you find the solution? Did you check if it works in new environments with updated versions?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants