refactor: change sensitive fields to SecretStr for enhanced security in ApiKey, LoginToken, Otp, and Session classes

Author: gabino

cuenca/resources/api_keys.py

@@ -2,7 +2,7 @@
 from typing import ClassVar, Optional, cast
 
 from cuenca_validations.types import ApiKeyQuery, ApiKeyUpdateRequest
-from pydantic import ConfigDict
+from pydantic import ConfigDict, SecretStr
 
 from ..http import Session, session as global_session
 from .base import Creatable, Queryable, Retrievable, Updateable
@@ -12,7 +12,7 @@ class ApiKey(Creatable, Queryable, Retrievable, Updateable):
     _resource: ClassVar = 'api_keys'
     _query_params: ClassVar = ApiKeyQuery
 
-    secret: str
+    secret: SecretStr
     deactivated_at: Optional[dt.datetime] = None
     user_id: Optional[str] = None
     model_config = ConfigDict(

cuenca/resources/login_tokens.py

@@ -1,13 +1,19 @@
 from typing import ClassVar, cast
 
-from pydantic import ConfigDict
+from pydantic import ConfigDict, SecretStr
 
 from ..http import Session, session as global_session
 from .base import Creatable
 
 
+# mypy: disable-error-code=override
 class LoginToken(Creatable):
     _resource: ClassVar = 'login_tokens'
+
+    # Override the `id` field to be a `SecretStr`
+    # To ensure sensitive data is not exposed in logs.
+    id: SecretStr  # type: ignore
+
     model_config = ConfigDict(
         json_schema_extra={'example': {'id': 'LTNEUInh69SuKXXmK95sROwQ'}}
     )

cuenca/resources/otps.py

@@ -1,14 +1,14 @@
 from typing import ClassVar, cast
 
-from pydantic import ConfigDict
+from pydantic import ConfigDict, SecretStr
 
 from ..http import Session, session as global_session
 from .base import Creatable
 
 
 class Otp(Creatable):
     _resource: ClassVar = 'otps'
-    secret: str
+    secret: SecretStr
     model_config = ConfigDict(
         json_schema_extra={
             'example': {

cuenca/resources/sessions.py

@@ -2,16 +2,19 @@
 from typing import ClassVar, Optional, cast
 
 from cuenca_validations.types import AnyUrlString, SessionRequest, SessionType
-from pydantic import ConfigDict
+from pydantic import ConfigDict, SecretStr
 
 from .. import http
 from .base import Creatable, Queryable, Retrievable
 
 
+# mypy: disable-error-code=override
 class Session(Creatable, Retrievable, Queryable):
     _resource: ClassVar = 'sessions'
 
-    id: str
+    # Override the `id` field to be a `SecretStr`
+    # To ensure sensitive data is not exposed in logs.
+    id: SecretStr = None  # type: ignore
     created_at: dt.datetime
     user_id: str
     platform_id: str

tests/resources/test_api_keys.py

@@ -18,7 +18,7 @@ def test_api_keys_retrieve():
     id_key = 'AKMPSxy2UeSKqU1J6spDNwqA'
     api_key: ApiKey = ApiKey.retrieve(id_key)
     assert api_key.id == id_key
-    assert api_key.secret == '********'
+    assert api_key.secret.get_secret_value() == '********'
 
 
 @pytest.mark.vcr

tests/resources/test_login_tokens.py

@@ -20,5 +20,5 @@ def test_login_token(session):
     UserLogin.create('222222', session=session)
     login_token = LoginToken.create(session=session)
     session.headers.pop('X-Cuenca-LoginId')
-    session.configure(login_token=login_token.id)
+    session.configure(login_token=login_token.id.get_secret_value())
     Transfer.count(session=session)

tests/resources/test_otps.py

@@ -25,4 +25,4 @@ def test_otps(session):
     session.configure(login_token=login_token.id)
     otp = Otp.create()
     assert otp
-    assert isinstance(otp.secret, str)
+    assert isinstance(otp.secret.get_secret_value(), str)

tests/resources/test_sessions.py

@@ -36,6 +36,8 @@ def test_session_create(curp_validation_request: dict, user_request: dict):
     assert user_session.failure_url == failure_url
 
     ephimeral_cuenca_session = cuenca.http.Session()
-    ephimeral_cuenca_session.configure(session_token=user_session.id)
+    ephimeral_cuenca_session.configure(
+        session_token=user_session.id.get_secret_value()
+    )
     user = User.update(user.id, email_address='manu@example.com')
     assert user.email_address == 'manu@example.com'