Redact sensitive info from debug logs (#1069)

Redacts sensitive data when debug logging device responses such as mac, location and usernames
2025-12-27 07:00:24 +00:00 · 2024-07-17 18:57:09 +01:00
parent c19389f236
commit c4f015a2fb
11 changed files with 300 additions and 39 deletions
--- a/kasa/iotprotocol.py
+++ b/kasa/iotprotocol.py
@@ -4,6 +4,8 @@ from __future__ import annotations

 import asyncio
 import logging
+from pprint import pformat as pf
+from typing import Any, Callable

 from .deviceconfig import DeviceConfig
 from .exceptions import (
@@ -14,11 +16,26 @@ from .exceptions import (
    _RetryableError,
 )
 from .json import dumps as json_dumps
-from .protocol import BaseProtocol, BaseTransport
+from .protocol import BaseProtocol, BaseTransport, mask_mac, redact_data
 from .xortransport import XorEncryption, XorTransport

 _LOGGER = logging.getLogger(__name__)

+REDACTORS: dict[str, Callable[[Any], Any] | None] = {
+    "latitude": lambda x: 0,
+    "longitude": lambda x: 0,
+    "latitude_i": lambda x: 0,
+    "longitude_i": lambda x: 0,
+    "deviceId": lambda x: "REDACTED_" + x[9::],
+    "id": lambda x: "REDACTED_" + x[9::],
+    "alias": lambda x: "#MASKED_NAME#" if x else "",
+    "mac": mask_mac,
+    "mic_mac": mask_mac,
+    "ssid": lambda x: "#MASKED_SSID#" if x else "",
+    "oemId": lambda x: "REDACTED_" + x[9::],
+    "username": lambda _: "user@example.com",  # cnCloud
+}
+

 class IotProtocol(BaseProtocol):
    """Class for the legacy TPLink IOT KASA Protocol."""
@@ -34,6 +51,7 @@ class IotProtocol(BaseProtocol):
        super().__init__(transport=transport)

        self._query_lock = asyncio.Lock()
+        self._redact_data = True

    async def query(self, request: str | dict, retry_count: int = 3) -> dict:
        """Query the device retrying for retry_count on failure."""
@@ -85,7 +103,24 @@ class IotProtocol(BaseProtocol):
        raise KasaException("Query reached somehow to unreachable")

    async def _execute_query(self, request: str, retry_count: int) -> dict:
-        return await self._transport.send(request)
+        debug_enabled = _LOGGER.isEnabledFor(logging.DEBUG)
+
+        if debug_enabled:
+            _LOGGER.debug(
+                "%s >> %s",
+                self._host,
+                request,
+            )
+        resp = await self._transport.send(request)
+
+        if debug_enabled:
+            data = redact_data(resp, REDACTORS) if self._redact_data else resp
+            _LOGGER.debug(
+                "%s << %s",
+                self._host,
+                pf(data),
+            )
+        return resp

    async def close(self) -> None:
        """Close the underlying transport."""