sources/oauth: prevent potentially confidential data from being logged

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 11:05:18 +02:00 · 2021-09-07 11:05:18 +02:00 · 3c6aac5435
parent eeb755ab7d
commit 3c6aac5435
3 changed files with 0 additions and 3 deletions
--- a/authentik/sources/oauth/clients/base.py
+++ b/authentik/sources/oauth/clients/base.py
@ -43,7 +43,6 @@ class BaseOAuthClient:
            profile_url = self.source.profile_url
        try:
            response = self.do_request("get", profile_url, token=token)
-            LOGGER.debug(response.text)
            response.raise_for_status()
        except RequestException as exc:
            LOGGER.warning("Unable to fetch user profile", exc=exc)
--- a/authentik/sources/oauth/clients/oauth2.py
+++ b/authentik/sources/oauth/clients/oauth2.py
@ -65,7 +65,6 @@ class OAuth2Client(BaseOAuthClient):
                data=args,
                headers=self._default_headers,
            )
-            LOGGER.debug(response.text)
            response.raise_for_status()
        except RequestException as exc:
            LOGGER.warning("Unable to fetch access token", exc=exc)
--- a/authentik/sources/oauth/types/azure_ad.py
+++ b/authentik/sources/oauth/types/azure_ad.py
@ -36,7 +36,6 @@ class AzureADClient(OAuth2Client):
                profile_url,
                headers={"Authorization": f"{token['token_type']} {token['access_token']}"},
            )
-            LOGGER.debug(response.text)
            response.raise_for_status()
        except RequestException as exc:
            LOGGER.warning("Unable to fetch user profile", exc=exc)