lib-api: provide a way to hide certain inputs in error-message output

RESOLVED FIXED

Status

RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: dustin, Assigned: dustin)

Tracking

Details

This would be helpful for the secrets API, but also for tc-login, which takes things like persona assertions as input.  Echoing that to the screen isn't fatal, but it's not great.

I think this could be a simple obscureErrorResponse method that takes the error response and returns a modified version of it.  This should be done before whatever logic stringifies that error message a few times (surely you've noticed that TC error messages have 2-3 copies of the actual error content, each successively more JSON-quoted).
Now, to upgrade the secrets API to use this.
I can confirm that the secrets are now omitted.

Happily, with other changes to tc-lib-api, the error message is a lot shorter now, too, and doesn't include the payload.  The payload is still in the error response, though.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.