Enhance obfuscation rule to get dynamic replacement value.

[sandipkokitkar]

Summary

The current obfuscation rule configuration allows for static string replacement. While this method is useful, it poses challenges for problem investigation due to the static nature of the obfuscated value. For instance, consider a rule to obfuscate account numbers.
{
regex: //regex for account number,
replacement: 'account_number'
}

This rule will replace each account number with the same placeholder "account_number," making it impossible to differentiate between account numbers, especially since a user can have multiple accounts.

Desired Behavior

Replacement value should be dynamic, based on the value being obfuscated.

Possible Solution

Allow a function to be used as a replacement instead of a string only, in obfuscation rule. The obfuscateString in obfuscate.js will check if the replacement is a function, and if so, it will call the function with the input string. The value returned from the function will then be used as the replacement.

The replacement function can perform various operations, such as hashing the value or masking the initial characters only, depending on the specific requirements.

Additional context

[workato-integration]

https://new-relic.atlassian.net/browse/NR-290869

[metal-messiah]

FYI, This has now been elevated to our PM as a feature request

[cwli24]

This is actually almost naturally supported, given that we simply call String.prototype.replace on the rule matches, and that native method does support a replacement that is a function already. However, we've blocked this via type-checking in our code that enforced the replacement to be a string type. If we unblock ourselves, this should work.

[metal-messiah]

@cwli24 Since this is deemed feasible, I will add a ticket to the backlog to conduct this work. This issue will be closed as acceptable work and the ticket will be prioritized with our other obligations. Thanks for the feedback @sandipkokitkar