diff options
| author | Rick Elrod <rick@elrod.me> | 2021-02-05 12:31:43 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-05 11:31:43 -0600 |
| commit | 582971731504fc69a402ed0e15701a44122ab5c5 (patch) | |
| tree | 13164e86e2a69be10c12bc5db2c4e826ae14fc1e | |
| parent | cc82d986c40328d4ae81298a9d287c95a6326bb0 (diff) | |
| download | ansible-582971731504fc69a402ed0e15701a44122ab5c5.tar.gz | |
no_log keycloak_client's registration_access_token (#73501)
Change:
- Address missing no_log change from #73489.
Tickets:
- Refs #73489
Signed-off-by: Rick Elrod <rick@elrod.me>
| -rw-r--r-- | changelogs/fragments/new-nolog-entries.yml | 1 | ||||
| -rw-r--r-- | lib/ansible/modules/identity/keycloak/keycloak_client.py | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/changelogs/fragments/new-nolog-entries.yml b/changelogs/fragments/new-nolog-entries.yml index df8bd1ff48..6246f39e8f 100644 --- a/changelogs/fragments/new-nolog-entries.yml +++ b/changelogs/fragments/new-nolog-entries.yml @@ -20,6 +20,7 @@ security_fixes: - iap_start_workflow - `token_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191). - ibm_sa_host - `iscsi_chap_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191). - keycloak_client - `auth_client_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191). + - keycloak_client - `registration_access_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191). - keycloak_clienttemplate - `auth_client_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191). - keycloak_group - `auth_client_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191). - librato_annotation - `api_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191). diff --git a/lib/ansible/modules/identity/keycloak/keycloak_client.py b/lib/ansible/modules/identity/keycloak/keycloak_client.py index fe6984dae9..7d88fb4a3e 100644 --- a/lib/ansible/modules/identity/keycloak/keycloak_client.py +++ b/lib/ansible/modules/identity/keycloak/keycloak_client.py @@ -680,7 +680,7 @@ def main(): enabled=dict(type='bool'), client_authenticator_type=dict(type='str', choices=['client-secret', 'client-jwt'], aliases=['clientAuthenticatorType']), secret=dict(type='str', no_log=True), - registration_access_token=dict(type='str', aliases=['registrationAccessToken']), + registration_access_token=dict(type='str', aliases=['registrationAccessToken'], no_log=True), default_roles=dict(type='list', aliases=['defaultRoles']), redirect_uris=dict(type='list', aliases=['redirectUris']), web_origins=dict(type='list', aliases=['webOrigins']), |