Merge "Don't log sensitive auth data"0.10.1

2 files changed, 25 insertions, 0 deletions

diff --git a/keystoneclient/tests/auth/test_identity_v2.py b/keystoneclient/tests/auth/test_identity_v2.py
index a264edd..0beea83 100644
--- a/keystoneclient/tests/auth/test_identity_v2.py
+++ b/keystoneclient/tests/auth/test_identity_v2.py
@@ -11,6 +11,7 @@
 # under the License.
 
 import copy
+import uuid
 
 import httpretty
 from six.moves import urllib
@@ -255,3 +256,14 @@ class V2IdentityPlugin(utils.TestCase):
         self.assertEqual('token1', s.get_token())
         a.invalidate()
         self.assertEqual('token2', s.get_token())
+
+    @httpretty.activate
+    def test_doesnt_log_password(self):
+        self.stub_auth(json=self.TEST_RESPONSE_DICT)
+        password = uuid.uuid4().hex
+
+        a = v2.Password(self.TEST_URL, username=self.TEST_USER,
+                        password=password)
+        s = session.Session(auth=a)
+        self.assertEqual(self.TEST_TOKEN, s.get_token())
+        self.assertNotIn(password, self.logger.output)
diff --git a/keystoneclient/tests/auth/test_identity_v3.py b/keystoneclient/tests/auth/test_identity_v3.py
index d44c8e7..a147a31 100644
--- a/keystoneclient/tests/auth/test_identity_v3.py
+++ b/keystoneclient/tests/auth/test_identity_v3.py
@@ -11,6 +11,7 @@
 # under the License.
 
 import copy
+import uuid
 
 import httpretty
 from six.moves import urllib
@@ -408,3 +409,15 @@ class V3IdentityPlugin(utils.TestCase):
         self.assertEqual('token1', s.get_token())
         a.invalidate()
         self.assertEqual('token2', s.get_token())
+
+    @httpretty.activate
+    def test_doesnt_log_password(self):
+        self.stub_auth(json=self.TEST_RESPONSE_DICT)
+
+        password = uuid.uuid4().hex
+        a = v3.Password(self.TEST_URL, username=self.TEST_USER,
+                        password=password)
+        s = session.Session(a)
+        self.assertEqual(self.TEST_TOKEN, s.get_token())
+
+        self.assertNotIn(password, self.logger.output)