security: enhance API key redaction with comprehensive testing and error handling

- Refactored redaction logic to use centralized helper function
- Added robust error handling in AccessLogFormatter
- Improved regex patterns for better OpenAI key detection
- Added comprehensive unit tests covering edge cases and error scenarios
- Enhanced input validation with descriptive error placeholders
This commit is contained in:
Shuai Lin
2025-07-21 10:40:24 +08:00
parent f3d9cb2b85
commit 9d4d6464bf
6 changed files with 216 additions and 27 deletions

View File

@@ -162,12 +162,15 @@ def redact_key_for_logging(key: str) -> str:
key: API key to redact
Returns:
str: Redacted key in format "first6...last6" or original if too short
str: Redacted key in format "first6...last6" or descriptive placeholder for edge cases
"""
if not key or len(key) <= 12:
return "***"
if not key:
return key
return f"{key[:6]}...{key[-6:]}"
if len(key) <= 12:
return f"{key[:3]}...{key[-3:]}"
else:
return f"{key[:6]}...{key[-6:]}"
def get_current_version(default_version: str = "0.0.0") -> str: