[cxf-fediz] branch master updated: FEDIZ-234 - Escape logging output in LoginHintHomeRealmDiscovery

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[cxf-fediz] branch master updated: FEDIZ-234 - Escape logging output in LoginHintHomeRealmDiscovery

coheigea
Administrator
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git


The following commit(s) were added to refs/heads/master by this push:
     new c9def81  FEDIZ-234 - Escape logging output in LoginHintHomeRealmDiscovery
c9def81 is described below

commit c9def81751208ba09b04c9bb9c80e368aada6faf
Author: Colm O hEigeartaigh <[hidden email]>
AuthorDate: Tue Dec 4 14:28:05 2018 +0000

    FEDIZ-234 - Escape logging output in LoginHintHomeRealmDiscovery
---
 pom.xml                                                            | 1 +
 services/oidc/pom.xml                                              | 5 +++++
 .../service/oidc/handler/hrd/LoginHintHomeRealmDiscovery.java      | 7 ++++---
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index 8a19ee0..c559fe0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -41,6 +41,7 @@
         <bval.version>1.1.2</bval.version>
         <commons.lang.version>3.5</commons.lang.version>
         <commons.logging.version>1.2</commons.logging.version>
+        <commons.text.version>1.6</commons.text.version>
         <commons.validator.version>1.6</commons.validator.version>
         <cxf.version>3.2.7</cxf.version>
         <cxf.build-utils.version>3.4.0</cxf.build-utils.version>
diff --git a/services/oidc/pom.xml b/services/oidc/pom.xml
index 6bb8c93..6c5681a 100644
--- a/services/oidc/pom.xml
+++ b/services/oidc/pom.xml
@@ -82,6 +82,11 @@
             <artifactId>commons-lang3</artifactId>
             <version>${commons.lang.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-text</artifactId>
+            <version>${commons.text.version}</version>
+        </dependency>
         <!--
         <dependency>
             <groupId>org.apache.geronimo.specs</groupId>
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/handler/hrd/LoginHintHomeRealmDiscovery.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/handler/hrd/LoginHintHomeRealmDiscovery.java
index 52363f4..f9b7942 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/handler/hrd/LoginHintHomeRealmDiscovery.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/handler/hrd/LoginHintHomeRealmDiscovery.java
@@ -24,6 +24,7 @@ import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 
+import org.apache.commons.text.StringEscapeUtils;
 import org.apache.cxf.fediz.core.spi.HomeRealmCallback;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -49,10 +50,10 @@ public class LoginHintHomeRealmDiscovery implements CallbackHandler {
                 } else {
                     String[] homeRealm = loginHint.split("@");
                     if (homeRealm.length == 2) {
-                        LOG.debug("Home realm '{}' found in request", homeRealm[1]);
+                        LOG.debug("Home realm '{}' found in request", StringEscapeUtils.escapeHtml4(homeRealm[1]));
                         callback.setHomeRealm(homeRealm[1]);
                     } else {
-                        LOG.warn("login_hint is not an email address: {}", loginHint);
+                        LOG.warn("login_hint is not an email address: {}", StringEscapeUtils.escapeHtml4(loginHint));
                     }
                 }
             } else {
@@ -61,4 +62,4 @@ public class LoginHintHomeRealmDiscovery implements CallbackHandler {
         }
     }
 
-}
\ No newline at end of file
+}