Redact sensitive info from debug logs (#1069)

Redacts sensitive data when debug logging device responses such as mac, location and usernames
2025-12-20 19:50:15 +00:00 · 2024-07-17 18:57:09 +01:00
parent c19389f236
commit c4f015a2fb
11 changed files with 300 additions and 39 deletions
--- a/kasa/tests/test_protocol.py
+++ b/kasa/tests/test_protocol.py
@@ -8,9 +8,12 @@ import os
 import pkgutil
 import struct
 import sys
+from typing import cast

 import pytest

+from kasa.iot import IotDevice
+
 from ..aestransport import AesTransport
 from ..credentials import Credentials
 from ..device import Device
@@ -21,8 +24,12 @@ from ..klaptransport import KlapTransport, KlapTransportV2
 from ..protocol import (
    BaseProtocol,
    BaseTransport,
+    mask_mac,
+    redact_data,
 )
 from ..xortransport import XorEncryption, XorTransport
+from .conftest import device_iot
+from .fakeprotocol_iot import FakeIotTransport


@pytest.mark.parametrize(
@@ -676,3 +683,63 @@ def test_deprecated_protocol():
        host = "127.0.0.1"
        proto = TPLinkSmartHomeProtocol(host=host)
        assert proto.config.host == host
+
+
+@device_iot
+async def test_iot_queries_redaction(dev: IotDevice, caplog: pytest.LogCaptureFixture):
+    """Test query sensitive info redaction."""
+    device_id = "123456789ABCDEF"
+    cast(FakeIotTransport, dev.protocol._transport).proto["system"]["get_sysinfo"][
+        "deviceId"
+    ] = device_id
+
+    # Info no message logging
+    caplog.set_level(logging.INFO)
+    await dev.update()
+    assert device_id not in caplog.text
+
+    caplog.set_level(logging.DEBUG, logger="kasa")
+    # The fake iot protocol also logs so disable it
+    test_logger = logging.getLogger("kasa.tests.fakeprotocol_iot")
+    test_logger.setLevel(logging.INFO)
+
+    # Debug no redaction
+    caplog.clear()
+    cast(IotProtocol, dev.protocol)._redact_data = False
+    await dev.update()
+    assert device_id in caplog.text
+
+    # Debug redaction
+    caplog.clear()
+    cast(IotProtocol, dev.protocol)._redact_data = True
+    await dev.update()
+    assert device_id not in caplog.text
+    assert "REDACTED_" + device_id[9::] in caplog.text
+
+
+async def test_redact_data():
+    """Test redact data function."""
+    data = {
+        "device_id": "123456789ABCDEF",
+        "owner": "0987654",
+        "mac": "12:34:56:78:90:AB",
+        "ip": "192.168.1",
+        "no_val": None,
+    }
+    excpected_data = {
+        "device_id": "REDACTED_ABCDEF",
+        "owner": "**REDACTED**",
+        "mac": "12:34:56:00:00:00",
+        "ip": "**REDACTEX**",
+        "no_val": None,
+    }
+    REDACTORS = {
+        "device_id": lambda x: "REDACTED_" + x[9::],
+        "owner": None,
+        "mac": mask_mac,
+        "ip": lambda x: "127.0.0." + x.split(".")[3],
+    }
+
+    redacted_data = redact_data(data, REDACTORS)
+
+    assert redacted_data == excpected_data