sources/oauth: prevent potentially confidential data from being logged

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/sources/oauth/clients/base.py

@@ -43,7 +43,6 @@ class BaseOAuthClient:
             profile_url = self.source.profile_url
         try:
             response = self.do_request("get", profile_url, token=token)
-            LOGGER.debug(response.text)
             response.raise_for_status()
         except RequestException as exc:
             LOGGER.warning("Unable to fetch user profile", exc=exc)

authentik/sources/oauth/clients/oauth2.py

@@ -65,7 +65,6 @@ class OAuth2Client(BaseOAuthClient):
                 data=args,
                 headers=self._default_headers,
             )
-            LOGGER.debug(response.text)
             response.raise_for_status()
         except RequestException as exc:
             LOGGER.warning("Unable to fetch access token", exc=exc)

authentik/sources/oauth/types/azure_ad.py

@@ -36,7 +36,6 @@ class AzureADClient(OAuth2Client):
                 profile_url,
                 headers={"Authorization": f"{token['token_type']} {token['access_token']}"},
             )
-            LOGGER.debug(response.text)
             response.raise_for_status()
         except RequestException as exc:
             LOGGER.warning("Unable to fetch user profile", exc=exc)