001package com.box.sdk; 002 003import com.eclipsesource.json.JsonObject; 004import java.util.Arrays; 005import java.util.HashSet; 006import java.util.Set; 007import okhttp3.Headers; 008import org.jetbrains.annotations.NotNull; 009 010/** 011 * Class used to sanitize sensitive data from payload. 012 */ 013public final class BoxSensitiveDataSanitizer { 014 private static final Set<String> SENSITIVE_KEYS = new HashSet<>(Arrays.asList("authorization", "access_token", 015 "refresh_token", "subject_token", "token", "client_id", "client_secret", "code", "shared_link", "download_url", 016 "jwt_private_key", "jwt_private_key_passphrase", "password")); 017 018 private BoxSensitiveDataSanitizer() { 019 } 020 021 /** 022 * Add key that should be sanitized 023 * 024 * @param key key to be sanitized 025 */ 026 public static void addKeyToSanitize(String key) { 027 SENSITIVE_KEYS.add(key); 028 } 029 030 @NotNull 031 static Headers sanitizeHeaders(Headers originalHeaders) { 032 Headers.Builder sanitizedHeadersBuilder = originalHeaders.newBuilder(); 033 034 for (String originalHeaderName : originalHeaders.names()) { 035 if (isSensitiveKey(originalHeaderName)) { 036 sanitizedHeadersBuilder.set(originalHeaderName, "[REDACTED]"); 037 } else { 038 String headerValue = originalHeaders.get(originalHeaderName); 039 if (headerValue != null) { 040 sanitizedHeadersBuilder.set(originalHeaderName, headerValue); 041 } 042 } 043 } 044 045 return sanitizedHeadersBuilder.build(); 046 } 047 048 /** 049 * Sanitize the json body. Only for the first level of the json. 050 * 051 * @param originalBody the original json body 052 * @return the sanitized json body 053 */ 054 @NotNull 055 static JsonObject sanitizeJsonBody(JsonObject originalBody) { 056 JsonObject sanitizedBody = new JsonObject(); 057 058 for (String key : originalBody.names()) { 059 if (isSensitiveKey(key)) { 060 sanitizedBody.set(key, "[REDACATED]"); 061 } else { 062 sanitizedBody.set(key, originalBody.get(key)); 063 } 064 } 065 return sanitizedBody; 066 } 067 068 private static boolean isSensitiveKey(@NotNull String key) { 069 return SENSITIVE_KEYS.contains(key.toLowerCase(java.util.Locale.ROOT)); 070 } 071}