chore(vulnerability): Insertion of sensitive information into log files (#11088)

2025-12-18 13:38:23 +00:00 · 2024-08-03 18:32:43 +05:30 · 2024-08-03 18:32:43 +05:30 · aeef69cbaf
commit aeef69cbaf
parent c572d39bbf
3 changed files with 7 additions and 7 deletions
--- a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/auth/RevokeAccessTokenResolver.java
+++ b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/auth/RevokeAccessTokenResolver.java
@ -41,7 +41,7 @@ public class RevokeAccessTokenResolver implements DataFetcher<CompletableFuture<
          final QueryContext context = environment.getContext();
          final String tokenId = bindArgument(environment.getArgument("tokenId"), String.class);
-          log.info("User {} revoking access token {}", context.getActorUrn(), tokenId);
+          log.info("User {} revoking access token", context.getActorUrn());
          if (isAuthorizedToRevokeToken(context, tokenId)) {
            try {
--- a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/ingest/secret/DeleteSecretResolver.java
+++ b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/ingest/secret/DeleteSecretResolver.java
@ -23,16 +23,16 @@ public class DeleteSecretResolver implements DataFetcher<CompletableFuture<Strin
  public CompletableFuture<String> get(final DataFetchingEnvironment environment) throws Exception {
    final QueryContext context = environment.getContext();
    if (IngestionAuthUtils.canManageSecrets(context)) {
-      final String secretUrn = environment.getArgument("urn");
+      final String inputUrn = environment.getArgument("urn");
-      final Urn urn = Urn.createFromString(secretUrn);
+      final Urn urn = Urn.createFromString(inputUrn);
      return GraphQLConcurrencyUtils.supplyAsync(
          () -> {
            try {
              _entityClient.deleteEntity(context.getOperationContext(), urn);
-              return secretUrn;
+              return inputUrn;
            } catch (Exception e) {
              throw new RuntimeException(
-                  String.format("Failed to perform delete against secret with urn %s", secretUrn),
+                  String.format("Failed to perform delete against secret with urn %s", inputUrn),
                  e);
            }
          },
--- a/metadata-utils/src/main/java/com/linkedin/metadata/utils/SearchUtil.java
+++ b/metadata-utils/src/main/java/com/linkedin/metadata/utils/SearchUtil.java
@ -54,10 +54,10 @@ public class SearchUtil {
  public static FilterValue createFilterValue(String value, Long facetCount, Boolean isFilteredOn) {
    // TODO(indy): test this
-    String[] aggregationTokens = value.split(AGGREGATION_SEPARATOR_CHAR);
+    String[] aggregations = value.split(AGGREGATION_SEPARATOR_CHAR);
    FilterValue result =
        new FilterValue().setValue(value).setFacetCount(facetCount).setFiltered(isFilteredOn);
-    String lastValue = aggregationTokens[aggregationTokens.length - 1];
+    String lastValue = aggregations[aggregations.length - 1];
    if (lastValue.startsWith(URN_PREFIX)) {
      try {
        result.setEntity(Urn.createFromString(lastValue));