Merge pull request #684 from Scrumplex/logging-categories

Prevents private credentials from leaking in the logs of general users

libraries/katabasis/CMakeLists.txt

@@ -38,6 +38,15 @@ set( katabasis_PUBLIC
     include/katabasis/RequestParameter.h
 )
 
+ecm_qt_declare_logging_category(katabasis_PRIVATE
+    HEADER KatabasisLogging.h  # NOTE: this won't be in src/, but CMAKE_BINARY_DIR/src isn't included by default so this should be fine
+    IDENTIFIER katabasisCredentials
+    CATEGORY_NAME "katabasis.credentials"
+    DEFAULT_SEVERITY Warning
+    DESCRIPTION "Secrets and credentials from Katabasis"
+    EXPORT "Katabasis"
+)
+
 add_library( Katabasis STATIC ${katabasis_PRIVATE} ${katabasis_PUBLIC} )
 target_link_libraries(Katabasis Qt${QT_VERSION_MAJOR}::Core Qt${QT_VERSION_MAJOR}::Network)
 

libraries/katabasis/include/katabasis/DeviceFlow.h

@@ -1,5 +1,6 @@
 #pragma once
 
+#include <QLoggingCategory>
 #include <QNetworkAccessManager>
 #include <QNetworkRequest>
 #include <QNetworkReply>

libraries/katabasis/src/DeviceFlow.cpp

@@ -19,9 +19,11 @@
 #include "katabasis/PollServer.h"
 #include "katabasis/Globals.h"
 
+#include "KatabasisLogging.h"
 #include "JsonResponse.h"
 
 namespace {
+
 // ref: https://tools.ietf.org/html/rfc8628#section-3.2
 // Exception: Google sign-in uses "verification_url" instead of "*_uri" - we'll accept both.
 bool hasMandatoryDeviceAuthParams(const QVariantMap& params)
@@ -333,9 +335,7 @@ QString DeviceFlow::refreshToken() {
 }
 
 void DeviceFlow::setRefreshToken(const QString &v) {
-#ifndef NDEBUG
-    qDebug() << "DeviceFlow::setRefreshToken" << v << "...";
-#endif
+    qCDebug(katabasisCredentials) << "new refresh token:" << v;
     token_.refresh_token = v;
 }