Uploaded image for project: 'Python Driver'
  1. Python Driver
  2. PYTHON-4197

Should make use of SecretStr for any Token or Password fields

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Unknown Unknown
    • farmgen-2024.next
    • Affects Version/s: None
    • Component/s: None
    • None
    • Python Drivers
    • Not Needed
    • Hide

      1. What would you like to communicate to the user about this feature?
      2. Would you like the user to see examples of the syntax and/or executable code and its output?
      3. Which versions of the driver/connector does this apply to?

      Show
      1. What would you like to communicate to the user about this feature? 2. Would you like the user to see examples of the syntax and/or executable code and its output? 3. Which versions of the driver/connector does this apply to?

      Context

      To avoid logging tokens or passwords accidentally pydantic provides a nice SecretStr model as a way to reduce these issues.

      Can change instances like:

      class Token(BaseModel):
    access_token: str
    refresh_token: Optional[str] = None
    token_type: str

       
      to

      from pydantic import SecretStr
class Token(BaseModel):
    access_token: SecretStr
    refresh_token: Optional[SecretStr] = None
    token_type: str

      Definition of done

      What must be done to consider the task complete?

      str is replaced with SecretStr throughout the code.

      Pitfalls

      What should the implementer watch out for? What are the risks?

            Assignee:
            jib.adegunloye@mongodb.com Jib Adegunloye
            Reporter:
            jib.adegunloye@mongodb.com Jib Adegunloye
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: