-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathSanitizeCommand.php
More file actions
99 lines (78 loc) · 3.6 KB
/
SanitizeCommand.php
File metadata and controls
99 lines (78 loc) · 3.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
declare(strict_types=1);
namespace Deviantintegral\Har\Command;
use Deviantintegral\Har\HarSanitizer;
use Deviantintegral\Har\Serializer;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
/**
* Command to sanitize sensitive data from a HAR file.
*/
class SanitizeCommand extends Command
{
protected function configure(): void
{
$this->setName('har:sanitize')
->setDescription('Sanitize sensitive data from a HAR file')
->setHelp('Redact sensitive values like authorization headers, API keys, and passwords from HAR files.')
->addArgument('har', InputArgument::REQUIRED, 'The source HAR file to sanitize.')
->addArgument('output', InputArgument::OPTIONAL, 'The output file path. Defaults to stdout.')
->addOption('header', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Header name to redact (can be specified multiple times).')
->addOption('query-param', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Query parameter name to redact (can be specified multiple times).')
->addOption('body-field', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Body field name to redact (can be specified multiple times).')
->addOption('case-sensitive', null, InputOption::VALUE_NONE, 'Use case-sensitive matching for field names. Defaults to case-insensitive.');
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
$source = $input->getArgument('har');
if (!file_exists($source)) {
$io->error(\sprintf('File not found: %s', $source));
return Command::FAILURE;
}
if (is_dir($source)) {
$io->error(\sprintf('Path is a directory, not a file: %s', $source));
return Command::FAILURE;
}
$contents = file_get_contents($source);
if (false === $contents) {
$io->error(\sprintf('Unable to read file: %s', $source));
return Command::FAILURE;
}
$serializer = new Serializer();
$har = $serializer->deserializeHar($contents);
$sanitizer = new HarSanitizer();
if ($input->getOption('case-sensitive')) {
$sanitizer->setCaseSensitive(true);
}
$headers = $input->getOption('header');
if (!empty($headers)) {
$sanitizer->redactHeaders($headers);
}
$queryParams = $input->getOption('query-param');
if (!empty($queryParams)) {
$sanitizer->redactQueryParams($queryParams);
}
$bodyFields = $input->getOption('body-field');
if (!empty($bodyFields)) {
$sanitizer->redactBodyFields($bodyFields);
}
$sanitized = $sanitizer->sanitize($har);
$result = $serializer->serializeHar($sanitized);
$outputPath = $input->getArgument('output');
if (null !== $outputPath) {
if (false === file_put_contents($outputPath, $result)) {
$io->error(\sprintf('Unable to write to file: %s', $outputPath));
return Command::FAILURE;
}
$io->success(\sprintf('Sanitized HAR written to %s', $outputPath));
} else {
$output->write($result);
}
return Command::SUCCESS;
}
}