001package com.box.sdk; 002 003import java.util.Arrays; 004import java.util.HashSet; 005import java.util.Set; 006import okhttp3.Headers; 007import org.jetbrains.annotations.NotNull; 008 009/** 010 * Class used to sanitize sensitive data from payload. 011 */ 012public final class BoxSensitiveDataSanitizer { 013 private static final Set<String> SENSITIVE_KEYS = new HashSet<>(Arrays.asList("authorization", "access_token", 014 "refresh_token", "subject_token", "token", "client_id", "client_secret", "code", "shared_link", "download_url", 015 "jwt_private_key", "jwt_private_key_passphrase", "password")); 016 017 private BoxSensitiveDataSanitizer() { 018 } 019 020 /** 021 * Add key that should be sanitized 022 * 023 * @param key key to be sanitized 024 */ 025 public static void addKeyToSanitize(String key) { 026 SENSITIVE_KEYS.add(key); 027 } 028 029 @NotNull 030 static Headers sanitizeHeaders(Headers originalHeaders) { 031 Headers.Builder sanitizedHeadersBuilder = originalHeaders.newBuilder(); 032 033 for (String originalHeaderName : originalHeaders.names()) { 034 if (isSensitiveKey(originalHeaderName)) { 035 sanitizedHeadersBuilder.set(originalHeaderName, "[REDACTED]"); 036 } else { 037 String headerValue = originalHeaders.get(originalHeaderName); 038 if (headerValue != null) { 039 sanitizedHeadersBuilder.set(originalHeaderName, headerValue); 040 } 041 } 042 } 043 044 return sanitizedHeadersBuilder.build(); 045 } 046 047 private static boolean isSensitiveKey(@NotNull String key) { 048 return SENSITIVE_KEYS.contains(key.toLowerCase()); 049 } 050}