From 248a9765b36c32f8e45cc429209ac1b41d274bfc Mon Sep 17 00:00:00 2001
From: Damien Cuenot <11711525+dcuenot@users.noreply.github.com>
Date: Thu, 28 May 2020 23:21:59 +0200
Subject: [PATCH] Backport Sentivite headers to blocking implementation (#931)

---
 src/blocking/request.rs | 52 +++++++++++++++++++++++++++++++++++++----
 1 file changed, 48 insertions(+), 4 deletions(-)

diff --git a/src/blocking/request.rs b/src/blocking/request.rs
index 87d74a8..299e7e2 100644
--- a/src/blocking/request.rs
+++ b/src/blocking/request.rs
@@ -164,7 +164,18 @@ impl RequestBuilder {
     /// # Ok(())
     /// # }
     /// ```
-    pub fn header<K, V>(mut self, key: K, value: V) -> RequestBuilder
+    pub fn header<K, V>(self, key: K, value: V) -> RequestBuilder
+    where
+        HeaderName: TryFrom<K>,
+        HeaderValue: TryFrom<V>,
+        <HeaderName as TryFrom<K>>::Error: Into<http::Error>,
+        <HeaderValue as TryFrom<V>>::Error: Into<http::Error>,
+    {
+        self.header_sensitive(key, value, false)
+    }
+
+    /// Add a `Header` to this Request with ability to define if header_value is sensitive.
+    fn header_sensitive<K, V>(mut self, key: K, value: V, sensitive: bool) -> RequestBuilder
     where
         HeaderName: TryFrom<K>,
         HeaderValue: TryFrom<V>,
@@ -175,7 +186,8 @@ impl RequestBuilder {
         if let Ok(ref mut req) = self.request {
             match <HeaderName as TryFrom<K>>::try_from(key) {
                 Ok(key) => match <HeaderValue as TryFrom<V>>::try_from(value) {
-                    Ok(value) => {
+                    Ok(mut value) => {
+                        value.set_sensitive(sensitive);
                         req.headers_mut().append(key, value);
                     }
                     Err(e) => error = Some(crate::error::builder(e.into())),
@@ -242,7 +254,7 @@ impl RequestBuilder {
             None => format!("{}:", username),
         };
         let header_value = format!("Basic {}", encode(&auth));
-        self.header(crate::header::AUTHORIZATION, &*header_value)
+        self.header_sensitive(crate::header::AUTHORIZATION, &*header_value, true)
     }
 
     /// Enable HTTP bearer authentication.
@@ -261,7 +273,7 @@ impl RequestBuilder {
         T: fmt::Display,
     {
         let header_value = format!("Bearer {}", token);
-        self.header(crate::header::AUTHORIZATION, &*header_value)
+        self.header_sensitive(crate::header::AUTHORIZATION, &*header_value, true)
     }
 
     /// Set the request body.
@@ -965,4 +977,36 @@ mod tests {
         assert_eq!(req.method(), Method::GET);
         assert_eq!(req.url().as_str(), "http://localhost/");
     }
+
+    #[test]
+    fn test_basic_auth_sensitive_header() {
+        let client = Client::new();
+        let some_url = "https://localhost/";
+
+        let req = client
+            .get(some_url)
+            .basic_auth("Aladdin", Some("open sesame"))
+            .build()
+            .expect("request build");
+
+        assert_eq!(req.url().as_str(), "https://localhost/");
+        assert_eq!(req.headers()["authorization"], "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==");
+        assert_eq!(req.headers()["authorization"].is_sensitive(), true);
+    }
+
+    #[test]
+    fn test_bearer_auth_sensitive_header() {
+        let client = Client::new();
+        let some_url = "https://localhost/";
+
+        let req = client
+            .get(some_url)
+            .bearer_auth("Hold my bear")
+            .build()
+            .expect("request build");
+
+        assert_eq!(req.url().as_str(), "https://localhost/");
+        assert_eq!(req.headers()["authorization"], "Bearer Hold my bear");
+        assert_eq!(req.headers()["authorization"].is_sensitive(), true);
+    }
 }