diff --git a/src/API/AbstractAPIClient.php b/src/API/AbstractAPIClient.php index 32cc1eb..42bbe6c 100644 --- a/src/API/AbstractAPIClient.php +++ b/src/API/AbstractAPIClient.php @@ -69,7 +69,7 @@ public function callAPI(Request $request) 'type' => 'request', 'method' => $request->getMethod(), 'path' => $request->getUrl(), - 'headers' => $this->sanitizeHeaders($request)->getHeaders(), + 'headers' => $request->getHeaders(), 'params' => $request->getParameters(), 'body' => $request->getBody(), ), true); $this->logAPICall($this->getAPIClientName(), array('type' => 'response', 'code' => $e->getCode(), 'body' => $errorMessage, 'stacktrace' => $e->getTraceAsString()), true); @@ -78,18 +78,6 @@ public function callAPI(Request $request) } } - /** - * @param Request $request - * @return Request - */ - public function sanitizeHeaders(Request $request) - { - $request->removeHeader('Authorization'); - $request->removeHeader('X-Auth-Email'); - $request->removeHeader('X-Auth-Key'); - return $request; - } - /** * @param Request $request * @param [Array] $response @@ -155,11 +143,23 @@ public function getErrorMessage($error) */ public function logAPICall($apiName, $message, $isError) { + $sensitiveHeaderKeys = array( + 'Authorization', + 'X-Auth-Email', + 'X-Auth-Key' + ); + $logLevel = 'error'; if ($isError === false) { $logLevel = 'debug'; } if (!is_string($message)) { + foreach ($sensitiveHeaderKeys as $value) { + if (!empty($message['headers'][$value])) { + $message['headers'][$value] = 'REDACTED'; + } + } + $message = print_r($message, true); } $this->logger->$logLevel('['.$apiName.'] '.$message);