Spaces:

qa1145
/

astrbbbb

Paused

App Files Files Community

astrbbbb / astrbot /core /utils /error_redaction.py

qa1145

Upload 1245 files

8ede856 verified about 2 months ago

raw

history blame contribute delete

2.51 kB

	import re

	_SECRET_KEYS = (
	r"(?:api_?key\|access_?token\|auth_?token\|refresh_?token\|session_?id\|secret\|password)"
	)

	_JSON_FIELD_PATTERN = re.compile(
	rf"(?i)(?P<prefix>(?P<kq>['\"]){_SECRET_KEYS}(?P=kq)\s:\s)(?P<vq>['\"])(?P<value>[^'\"]+)(?P=vq)"
	)
	_AUTH_JSON_FIELD_PATTERN = re.compile(
	r"(?i)(?P<prefix>(?P<kq>['\"])authorization(?P=kq)\s:\s)(?P<vq>['\"])bearer\s+[^'\"]+(?P=vq)"
	)
	_QUERY_FIELD_PATTERN = re.compile(
	rf"(?i)(?P<prefix>{_SECRET_KEYS}\s=\s)(?P<value>[^&'\" ]+)"
	)
	_QUERY_PARAM_PATTERN = re.compile(
	r"(?i)(?P<prefix>[?&](?:api_?key\|key\|access_?token\|auth_?token)=)(?P<value>[^&'\" ]+)"
	)
	_AUTH_HEADER_PATTERN = re.compile(
	r"(?i)(?P<prefix>\bauthorization\s:\sbearer\s+)(?P<token>[A-Za-z0-9._\-]+)"
	)
	_BEARER_PATTERN = re.compile(r"(?i)(?P<prefix>\bbearer\s+)(?P<token>[A-Za-z0-9._\-]+)")
	_SK_PATTERN = re.compile(r"\bsk-[A-Za-z0-9]{16,}\b")


	def _redact_json_field(match: re.Match[str]) -> str:
	quote = match.group("vq")
	return f"{match.group('prefix')}{quote}[REDACTED]{quote}"


	def _redact_auth_json_field(match: re.Match[str]) -> str:
	quote = match.group("vq")
	return f"{match.group('prefix')}{quote}Bearer [REDACTED]{quote}"


	def _redact_prefixed_value(match: re.Match[str]) -> str:
	return f"{match.group('prefix')}[REDACTED]"


	def _redact_bearer_token(match: re.Match[str]) -> str:
	return f"{match.group('prefix')}[REDACTED]"


	def _redact_json_like(text: str) -> str:
	text = _JSON_FIELD_PATTERN.sub(_redact_json_field, text)
	return _AUTH_JSON_FIELD_PATTERN.sub(_redact_auth_json_field, text)


	def _redact_query_like(text: str) -> str:
	text = _QUERY_FIELD_PATTERN.sub(_redact_prefixed_value, text)
	return _QUERY_PARAM_PATTERN.sub(_redact_prefixed_value, text)


	def _redact_tokens(text: str) -> str:
	text = _AUTH_HEADER_PATTERN.sub(_redact_bearer_token, text)
	text = _BEARER_PATTERN.sub(_redact_bearer_token, text)
	return _SK_PATTERN.sub("[REDACTED]", text)


	def redact_sensitive_text(text: str) -> str:
	text = _redact_json_like(text)
	text = _redact_query_like(text)
	text = _redact_tokens(text)
	return text


	def safe_error(
	prefix: str,
	error: Exception \| BaseException \| str,
	*,
	redact: bool = True,
	) -> str:
	try:
	text = str(error)
	except Exception:
	try:
	text = repr(error)
	except Exception:
	text = "<unprintable error>"
	if redact:
	text = redact_sensitive_text(text)
	return prefix + text