Do not include metadata in toString() to prevent password leaks

fixes #789

Do not include metadata in toString() to prevent password leaks
7e1062b7 · Johannes Edmeier · 96498dad · 7e1062b7 · 7e1062b7
Commit 7e1062b7 authored Jun 18, 2018 by Johannes Edmeier
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 1 deletion

Application.java ...decentric/boot/admin/client/registration/Application.java +1 -0

ApplicationTest.java ...ntric/boot/admin/client/registration/ApplicationTest.java +7 -1

No files found.
--- a/spring-boot-admin-client/src/main/java/de/codecentric/boot/admin/client/registration/Application.java
+++ b/spring-boot-admin-client/src/main/java/de/codecentric/boot/admin/client/registration/Application.java
@@ -27,6 +27,7 @@ import org.springframework.util.Assert;
 * @author Johannes Edmeier
 */
 @lombok.Data
+@lombok.ToString(exclude = "metadata")
 public class Application {
    private final String name;
    private final String managementUrl;

--- a/spring-boot-admin-client/src/test/java/de/codecentric/boot/admin/client/registration/ApplicationTest.java
+++ b/spring-boot-admin-client/src/test/java/de/codecentric/boot/admin/client/registration/ApplicationTest.java
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -70,4 +70,10 @@ public class ApplicationTest {
        assertThat(a1).isNotEqualTo(a3);
        assertThat(a2).isNotEqualTo(a3);
    }
+
+    @Test
+    public void should_not_return_sensitive_data_in_toString() {
+        Application application = Application.create("app").healthUrl("HEALTH").metadata("password", "geheim").build();
+        assertThat(application.toString()).doesNotContain("geheim");
+    }
 }