When using the button "Edit in Google Apps", the application is putting quite a lot of log entries with sensitive information, here is an example of the logs being produced :
GOOGLEAPPS: SCOPE config: drive avatar.
GOOGLEAPPS: APPNAME: xwiki
GOOGLEAPPS: CLIENTID: XXXXXXXXXXXX.apps.googleusercontent.com
GOOGLEAPPS: SCOPE: [https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile, https://www.googleapis.com/auth/drive]
GOOGLEAPPS: In authorize
GOOGLEAPPS: Trying to get credentials from authorization code: XXXXXXXXXXXX
GOOGLEAPPS: Token: [access_token:XXXXXXXXXXXX, expires_in:3598, id_token:XXXXXXXXXXXX, scope:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/drive openid https://www.googleapis.com/auth/userinfo.profile, token_type:Bearer]
GOOGLEAPPS: Failure to create refresh token
2020-05-18 11:41:07,345 [http://myServer/xwiki/bin/view/GoogleApps/OAuth?code=4/XXXXXXXXXXXX&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/drive%20openid&authuser=0&hd=xwiki.com&prompt=none] INFO nticationPersistenceStoreTools - text to encrypt : xwiki:XWiki.Admin
2020-05-18 11:41:07,350 [http://myServer/xwiki/bin/view/GoogleApps/OAuth?code=4/XXXXXXXXXXXX&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/drive%20openid&authuser=0&hd=xwiki.com&prompt=none] INFO nticationPersistenceStoreTools - encrypted text : XXXXXXXXXXXX
From this extract, most items may not be that sensitive, however, considering the amount of information in the logs, it would be great to have a review of what we log, and what we don't.
When using the button "Edit in Google Apps", the application is putting quite a lot of log entries with sensitive information, here is an example of the logs being produced :
From this extract, most items may not be that sensitive, however, considering the amount of information in the logs, it would be great to have a review of what we log, and what we don't.