fix: fixed the issue where the data subscription configuration token was not working

[qevolg]

Description

fix: fixed the issue where the data subscription configuration token was not working

Issue(s)

• fix: https://project.feishu.cn/taosdata_td/defect/detail/6849364329

Checklist

Please check the items in the checklist if applicable.

• Is the user manual updated?
• Are the test cases passed and automated?
• Is there no significant decrease in test coverage?

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly improves the security and reliability of token handling and logging within the TMQ (Time-series Message Queue) client. It extends sensitive data masking capabilities to cover additional token types and refines how configuration objects are logged to prevent accidental exposure of credentials. The changes also ensure that connection tokens are consistently managed across different configuration sources. Furthermore, comprehensive integration tests have been introduced to validate these enhanced token-based authentication flows, ensuring the system behaves as expected under various conditions.

Highlights

• Enhanced Sensitive Data Masking: The SENSITIVE_FIELD_REGEX has been updated to include td.connect.token, ensuring this new token type is redacted in logs. The maskTmqConfigForLog function was refactored to use JSON.stringify with a custom replacer, providing more robust masking of sensitive configuration details, including URLs and various tokens, before logging.
• Improved Token Handling in TmqConfig: The TmqConfig class now consistently stores CONNECT_TOKEN and bearer_token within its otherConfigs map, whether the token is provided directly or extracted from a URL's search parameters. This ensures a unified approach to managing connection tokens.
• Refined WsConsumer Configuration and Logging: The WsConsumer now includes a descriptive prefix in its debug logs for configuration objects. The subscribe message payload has been adjusted to correctly serialize the otherConfigs map into a plain object and to remove a redundant bearer_token field, streamlining the communication process.
• Comprehensive TMQ Token Integration Tests: New and expanded integration tests have been added for TMQ consumer connections using tokens. These tests cover scenarios where tokens are provided directly in the configuration and when they are passed via URL query parameters, validating the improved token handling and ensuring robust authentication.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• nodejs/src/common/utils.ts
  • Extended SENSITIVE_FIELD_REGEX to redact td.connect.token.
  • Refactored maskTmqConfigForLog to use JSON.stringify for more comprehensive masking of sensitive fields like URLs and tokens.
• nodejs/src/tmq/config.ts
  • Ensured CONNECT_TOKEN and bearer_token are consistently stored in otherConfigs when parsed.
• nodejs/src/tmq/wsTmq.ts
  • Added a prefix to WsConsumer debug logs for clarity.
  • Adjusted subscribe message payload to correctly serialize otherConfigs and remove redundant bearer_token.
• nodejs/test/bulkPulling/tmq.test.ts
  • Updated TMQ token tests to use testUsername() for token creation.
  • Added new integration tests for TMQ consumer connections using tokens, including tokens passed via URL.
  • Removed obsolete user creation/deletion from test setup/teardown.

Activity

• No specific activity (comments, reviews, or progress updates) has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[Copilot]

Pull request overview

This PR improves TMQ token authentication support and log redaction for the Node.js WebSocket TMQ consumer, with updated enterprise tests to cover token-based connections.

Changes:

• Adjust TMQ config handling so connect tokens are propagated via otherConfigs and serialized correctly into TMQ subscribe requests.
• Improve debug logging for WsConsumer by emitting a masked, JSON-stringified TMQ config and expanding sensitive-field masking to include td.connect.token.
• Update TMQ integration tests to create/drop tokens per test and add coverage for token-in-config vs token-in-URL flows.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File	Description
nodejs/test/bulkPulling/tmq.test.ts	Refactors token tests to create/drop tokens and adds token-in-config/token-in-URL consumer scenarios.
nodejs/src/tmq/wsTmq.ts	Improves config logging and fixes otherConfigs serialization (Map → plain object) for subscribe payloads.
nodejs/src/tmq/config.ts	Ensures CONNECT_TOKEN (including URL bearer_token) is also stored in otherConfigs for downstream requests.
nodejs/src/common/utils.ts	Expands sensitive masking and changes TMQ config masking to return a JSON string with URL/token redaction.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[gemini-code-assist]

Code Review

This pull request enhances token handling and logging, particularly for TMQ configuration and consumers. The changes correctly propagate tokens from different sources and ensure they are masked in logs. My review includes suggestions to refactor the masking logic in utils.ts for better consistency and to reduce code duplication in the test files by extracting common logic into helper functions. These changes will improve the maintainability of the code.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.21%. Comparing base (61a17a1) to head (3cc8608).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #105      +/-   ##
==========================================
+ Coverage   80.16%   80.21%   +0.05%     
==========================================
  Files          30       30              
  Lines        2485     2482       -3     
  Branches      439      436       -3     
==========================================
- Hits         1992     1991       -1     
+ Misses        379      378       -1     
+ Partials      114      113       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[qevolg]

/gemini review

[gemini-code-assist]

Code Review

This pull request improves token handling and logging. While the changes to maskTmqConfigForLog aim to make logging of sensitive information safer and TmqConfig token handling more consistent, a critical vulnerability was identified: the masking logic for sensitive information is incomplete. Specifically, maskTmqConfigForLog misses the bearer_token field, and SENSITIVE_FIELD_REGEX misses the token field, which could lead to sensitive authentication credentials being logged in plain text. Additionally, an issue was found in the new tests related to inconsistent typing of configuration values, which could lead to incorrect behavior.

[Copilot]

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.