scrub

package module

v1.0.0 Latest Latest Go to latest Published: May 2, 2022 License: MIT Imports: 3 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ssrathi/go-scrub

Links

Open Source Insights

README ¶

go-scrub

A scrubbing utility in Golang to hide sensitive fields from a struct prior to logging.

Since the scrubbing utility function needs to work on any Golang struct where its fields and members are known only at runtime, we can leverage "reflect", a powerful package from the Golang standard library, to scrub sensitive fields at any level of a deeply nested structure recursively.

Blog post

Blog post with a detailed explanation: https://www.nutanix.dev/2022/04/22/golang-the-art-of-reflection/

Installation

go install github.com/ssrathi/go-scrub@latest

Usage

  import "github.com/ssrathi/go-scrub"

  // Have a struct with some sensitive fields.
  type testScrub struct {
    Username string
    Password string
    Codes    []string
  }

  // Create a struct with some sensitive data.
  T := testScrub{
     Username: "administrator",
     Password: "my_secret_passphrase",
     Codes:    []string{"pass1", "pass2", "pass3"},
  }

  // Create a set of field names to scrub (default is 'password').
  fieldsToScrub := map[string]bool{
    "password": true,
    "codes": true,
  }

  // Call the util API to get a JSON formatted string with scrubbed field values.
  out := scrub.Scrub(&T, fieldsToScrub)

  // Log the scrubbed string without worrying about prying eyes!
  log.Println(out)
  OUTPUT: {"Username":"administrator","Password":"********","Codes":["********","********","********"]}

Contributing

Contributions are most welcome! Please create a new issue and link your PR to it.

Documentation ¶

Overview ¶

Package scrub implements a scrubbing utility to hide sensitive fields from a struct.

This utility can be used to purge sensitive fields from a deeply nested struct at any level. This is useful for scenarios such as logging structures which may contain user passwords, secret keys, passphrases, etc.

Notes & Caveates

Only exported fields of a struct can be scrubbed (fields starting with a capital letter). Reflect package cannot modify unexported (private) fields. Also, The input struct must be passed by its address, otherwise the values of its fields cannot be changed.

Example

T := testScrub{
   Username: "administrator",
   Password: "my_secret_passphrase",
   Codes:    []string{"pass1", "pass2", "pass3"},
}

fieldsToScrub := map[string]bool{"password": true, "codes": true}

out := Scrub(&T, fieldsToScrub)
log.Println(out)
OUTPUT: {username:administrator Password:******** Codes:[******** ******** ********]}

Index ¶

Variables
func Scrub(input interface{}, fieldsToScrub map[string]bool) string

Constants ¶

This section is empty.

Variables ¶

View Source

var DefaultToScrub = map[string]bool{
	"password": true,
}

DefaultToScrub contains default field names to scrub. NOTE: these fields should be all lowercase. Comparison is case insensitive.

Functions ¶

func Scrub ¶

func Scrub(input interface{}, fieldsToScrub map[string]bool) string

Scrub scrubs all the specified string fields in the 'input' struct at any level recursively and returns a JSON-formatted string of the scrubbed struct.

Types ¶

This section is empty.

Source Files ¶

View all Source files

scrub.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL