Skip to content

Impelement secrets detection for Az modules #412

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Feb 28, 2024
Merged

Impelement secrets detection for Az modules #412

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
1da0c28
Impelement secrets detection for Az modules
vidai-msft Feb 15, 2024
261107b
Move some implementation from common to Az.Accounts and revise/rename…
vidai-msft Feb 20, 2024
1a83f8a
Rename telemetry property name
vidai-msft Feb 20, 2024
a9098c0
Make DefaultProviderResolver public due to reference needed in Az.Acc…
vidai-msft Feb 20, 2024
2891031
Add IgnoredProperties in ISanitizerService to filter out special prop…
vidai-msft Feb 23, 2024
92d8b38
Return null for AzurePSSanitizer when AzureSession is not properly in…
vidai-msft Feb 23, 2024
85a5378
Skip indexed properties in the object traverse
vidai-msft Feb 26, 2024
af3419c
Update sanitizer and move providers out to Az.Accounts
vidai-msft Feb 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add IgnoredProperties in ISanitizerService to filter out special prop… 
…erties that may cause performance concern like lazy load properties.
  • Loading branch information
@vidai-msft
vidai-msft committed Feb 23, 2024
commit 28910314d53a1d781ff58f3a74c0a949cd67d7ec
15 changes: 14 additions & 1 deletion src/Common/Sanitizer/DefaultProviderResolver.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
using System;
using System.Collections;
using System.Collections.Generic;
using System.Linq;
using System.Reflection;

namespace Microsoft.WindowsAzure.Commands.Common.Sanitizer
Expand Down Expand Up @@ -181,12 +182,24 @@ private bool IsOfTypeCustomObject(Type type)
return type != null && type != typeof(string) && type.IsClass && !type.FullName.StartsWith("System.");
}

private bool IsIgnoredProperty(string typeName, string propertyName)
{
bool ignored = true;

if (Service.IgnoredProperties.ContainsKey(typeName))
{
ignored = Service.IgnoredProperties[typeName].Contains(propertyName);
}

return ignored;
}

private SanitizerProvider CreateCustomObjectProvider(Type objType)
{
var objProvider = new SanitizerCustomObjectProvider(Service);
foreach (var property in objType.GetRuntimeProperties())
{
if (property.CanRead && !property.PropertyType.IsValueType && property.GetMethod != null && !property.GetMethod.IsStatic)
if (property.CanRead && !property.PropertyType.IsValueType && property.GetMethod != null && !property.GetMethod.IsStatic && !IsIgnoredProperty(objType.FullName, property.Name))
{
var sanitizerProperty = new SanitizerProperty(property);
objProvider.Properties.Add(sanitizerProperty);
Expand Down
4 changes: 4 additions & 0 deletions src/Common/Sanitizer/ISanitizerService.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,16 @@
// limitations under the License.
// ----------------------------------------------------------------------------------

using System.Collections.Generic;

namespace Microsoft.WindowsAzure.Commands.Common.Sanitizer
{
public interface ISanitizerService
{
string SanitizedValue { get; }

Dictionary<string, IEnumerable<string>> IgnoredProperties { get; }

bool TrySanitizeData(string data, out string sanitizedData);
}
}
2 changes: 1 addition & 1 deletion src/Common/Sanitizer/SanitizerCustomObjectProvider.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ public override void SanitizeValue(object sanitizingObject, Stack<object> saniti
{
prop.ParentProperty = property;

var propValue = prop.ValueProvider.GetValue(sanitizingObject);
var propValue = prop.GetValue(sanitizingObject);
if (propValue != null)
{
var provider = resolver.ResolveProvider(propValue.GetType());
Expand Down
11 changes: 7 additions & 4 deletions src/Common/Sanitizer/SanitizerProperty.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,17 +23,20 @@ public class SanitizerProperty

public Type PropertyType { get; private set; }

internal PropertyInfo ValueProvider { get; private set; }

//internal SanitizerProvider SanitizerProvider { get; private set; }
internal PropertyInfo ValueSupplier { get; private set; }

internal SanitizerProperty ParentProperty { get; set; }

public SanitizerProperty(PropertyInfo property)
{
PropertyName = property.Name;
PropertyType = property.PropertyType;
ValueProvider = property;
ValueSupplier = property;
}

public object GetValue(object instance)
{
return ValueSupplier.GetValue(instance);
}
}
}
2 changes: 1 addition & 1 deletion src/Common/Sanitizer/SanitizerStringProvider.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ public SanitizerStringProvider(ISanitizerService service) : base(service) { }

public override void SanitizeValue(object sanitizingObject, Stack<object> sanitizingStack, ISanitizerProviderResolver resolver, SanitizerProperty property, SanitizerTelemetry telemetry)
{
var propertyValue = property.ValueProvider.GetValue(sanitizingObject);
var propertyValue = property.GetValue(sanitizingObject);
if (propertyValue is string data)
{
if (Service.TrySanitizeData(data, out string sanitizedData))
Expand Down