From 502c8e76e9ad11eec1470ad79d61a5e5da3d9ebc Mon Sep 17 00:00:00 2001
From: Amar Lankri <amar.lankri@algoan.com>
Date: Thu, 7 Dec 2023 09:52:14 +0100
Subject: [PATCH] refactor(logging): do not mask headers if masking is disabled

---
 .../logging-interceptor/src/logging.interceptor.ts  |  4 ++++
 .../test/logging.interceptor.test.ts                | 13 +++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/packages/logging-interceptor/src/logging.interceptor.ts b/packages/logging-interceptor/src/logging.interceptor.ts
index 729bdb48..b3df480b 100644
--- a/packages/logging-interceptor/src/logging.interceptor.ts
+++ b/packages/logging-interceptor/src/logging.interceptor.ts
@@ -271,6 +271,10 @@ export class LoggingInterceptor implements NestInterceptor {
    * @returns the masked headers
    */
   private maskHeaders(headers: IncomingHttpHeaders): Record<string, unknown> {
+    if (this.disableMasking || this.mask?.requestHeader === undefined) {
+      return headers;
+    }
+
     return Object.keys(headers).reduce<Record<string, unknown>>(
       (maskedHeaders: Record<string, unknown>, headerKey: string): Record<string, unknown> => {
         const headerValue = headers[headerKey];
diff --git a/packages/logging-interceptor/test/logging.interceptor.test.ts b/packages/logging-interceptor/test/logging.interceptor.test.ts
index cdc69131..7ec35dbb 100644
--- a/packages/logging-interceptor/test/logging.interceptor.test.ts
+++ b/packages/logging-interceptor/test/logging.interceptor.test.ts
@@ -1,3 +1,4 @@
+/* eslint-disable max-lines */
 import {
   BadRequestException,
   HttpStatus,
@@ -487,5 +488,17 @@ describe('Logging interceptor', () => {
 
       expect(logSpy.mock.calls[0][0].headers.authorization).toBe(placeholder);
     });
+
+    it('should not mask request headers if masking is disabled', async () => {
+      const interceptor = app.get(ApplicationConfig).getGlobalInterceptors()[0] as LoggingInterceptor;
+      interceptor.setMask({ requestHeader: { authorization: true } });
+      interceptor.setDisableMasking(true);
+      const logSpy: jest.SpyInstance = jest.spyOn(Logger.prototype, 'log');
+      const url: string = `/cats/ok`;
+
+      await request(app.getHttpServer()).get(url).set('authorization', 'Bearer JWT').expect(HttpStatus.OK);
+
+      expect(logSpy.mock.calls[0][0].headers.authorization).toBe('Bearer JWT');
+    });
   });
 });