Add access_token to log mask + throw error if non boolean string is p…

…assed for sonarr v4 config (#115)
shayaantx · Dec 20, 2023 · b1d66bc · b1d66bc
1 parent cd31512
commit b1d66bc
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -172,7 +172,7 @@ botdarr:
 | SONARR_DEFAULT_PROFILE | The sonarr quality profile (should be already configured in sonarr) | yes - if you use sonarr |
 | SONARR_PATH | Where your sonarr shows should go (if you add/update them) | yes - if you use sonarr |
 | SONARR_URL_BASE | Only populate this if you use a custom sonarr url base (which is configurable in Sonarr->Settings->General->URL Base) don't include prefix/suffix slashes | no |
-| SONARR_V4 | Whether you are using sonarr v4 or not | no | no |
+| SONARR_V4 | Whether you are using sonarr v4 or not (true/false) | no | false |
 
 #### Lidarr
 | Environment Variable | Description | Required | Default | 

diff --git a/src/main/java/com/botdarr/Config.java b/src/main/java/com/botdarr/Config.java
@@ -122,6 +122,11 @@ public static boolean isSonarrEnabled() {
 
   public static boolean isSonarrV4Enabled() {
     String isSonarrV4 = Config.getProperty(Config.Constants.SONARR_V4);
+    if (!Strings.isEmpty(isSonarrV4) &&
+            !(isSonarrV4.equalsIgnoreCase("true") ||
+             isSonarrV4.equalsIgnoreCase("false"))) {
+      throw new RuntimeException("Sonarr V4 flag is not set to true/false");
+    }
     return !Strings.isEmpty(isSonarrV4) && Boolean.parseBoolean(isSonarrV4);
   }
 

diff --git a/src/main/java/com/botdarr/utilities/Log4jSensitiveDataPattern.java b/src/main/java/com/botdarr/utilities/Log4jSensitiveDataPattern.java
@@ -11,7 +11,7 @@
 @Plugin(name="LogMaskingConverter", category = "Converter")
 @ConverterKeys({"scrubbedMsg"})
 public class Log4jSensitiveDataPattern extends LogEventPatternConverter {
-    private static final Pattern API_KEY_PATTERN = Pattern.compile("apiKey=([0-9a-zA-z]+)");
+    private static final Pattern SECRET_PATTERN = Pattern.compile("(apiKey|access_token)=([0-9a-zA-z]+)");
 
     protected Log4jSensitiveDataPattern(String name, String style) {
         super(name, style);
@@ -26,9 +26,9 @@ public void format(LogEvent event, StringBuilder toAppendTo) {
         String maskedMessage = message;
         try {
             StringBuffer modifiedBuffer = new StringBuffer();
-            Matcher matcher = API_KEY_PATTERN.matcher(message);
+            Matcher matcher = SECRET_PATTERN.matcher(message);
             while(matcher.find()) {
-                matcher.appendReplacement(modifiedBuffer, "apiKey=****");
+                matcher.appendReplacement(modifiedBuffer, "****");
             }
             if (modifiedBuffer.length() > 0) {
                 maskedMessage = modifiedBuffer.toString();

diff --git a/src/main/resources/version.txt b/src/main/resources/version.txt
@@ -1 +1 @@
-5.6.11
+5.6.12