Remove JDBC sensitive information output (#14857) (#14863)

CritasWang · web-flow · commit 34fcaff6b724 · 2025-02-17T18:28:17.000+08:00
diff --git a/.github/workflows/todos-check.yml b/.github/workflows/todos-check.yml
@@ -0,0 +1,54 @@
+name: Check TODOs and FIXMEs in Changed Files
+
+on:
+  pull_request:
+    branches:
+      - master
+      - 'dev/*'
+      - 'rel/*'
+      - "rc/*"
+      - 'force_ci/**'
+    paths-ignore:
+      - 'docs/**'
+      - 'site/**'
+  # allow manually run the action:
+  workflow_dispatch:
+
+jobs:
+  todo-check:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Check for TODOs and FIXMEs in changed files
+        run: |
+          # Fetch the target branch
+          git fetch origin $GITHUB_BASE_REF
+          
+          git switch -c check_branch
+          
+          # Get the diff of the changes
+          echo Get the diff of the changes
+          DIFF=$(git diff origin/$GITHUB_BASE_REF check_branch  -- . ':(exclude).github/workflows/todos-check.yml')
+          
+          if [ -z "$DIFF" ]; then
+            echo "No changes detected."
+            exit 0
+          fi
+          
+          
+          # Check the diff for TODOs
+          
+           # Check the diff for TODOs
+          echo Check the diff for TODOs
+          TODOsCOUNT=$(echo "$DIFF" | grep -E '^\+.*(TODO|FIXME)' | wc -l)
+          if [ "$TODOsCOUNT" -eq 0 ]; then
+            echo "No TODOs or FIXMEs found in changed content.";
+            exit 0
+          fi
+          
+          echo "TODO or FIXME found in the changes. Please resolve it before merging."
+          echo "$DIFF" | grep -E '^\+.*(TODO|FIXME)' | tee -a output.log
+          exit 1
diff --git a/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java b/iotdb-client/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBDataSourceFactory.java
@@ -45,16 +45,13 @@ public void setProperties(IoTDBDataSource ds, Properties prop) {
     String url = (String) properties.remove(DataSourceFactory.JDBC_URL);
     if (url != null) {
       ds.setUrl(url);
-      logger.info("URL set {}", url);
     }
 
     String user = (String) properties.remove(DataSourceFactory.JDBC_USER);
     ds.setUser(user);
-    logger.info("User set {}", user);
 
     String password = (String) properties.remove(DataSourceFactory.JDBC_PASSWORD);
     ds.setPassword(password);
-    logger.info("Password set {}", password);
 
     logger.info("Remaining properties {}", properties.size());
 
diff --git a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java
@@ -37,13 +37,13 @@ public void testUser() throws IllegalPathException {
     user.setPrivilegeList(Collections.singletonList(pathPrivilege));
     user.setPathPrivileges(new PartialPath("root.ln"), Collections.singleton(1));
     Assert.assertEquals(
-        "User{name='user', password='password', pathPrivilegeList=[root.ln : WRITE_DATA], sysPrivilegeSet=[], roleList=[], "
+        "User{name='user', pathPrivilegeList=[root.ln : WRITE_DATA], sysPrivilegeSet=[], roleList=[], "
             + "isOpenIdUser=false, useWaterMark=false}",
         user.toString());
     User user1 = new User("user1", "password1");
     user1.deserialize(user.serialize());
     Assert.assertEquals(
-        "User{name='user', password='password', pathPrivilegeList=[root.ln : WRITE_DATA], sysPrivilegeSet=[], roleList=[], "
+        "User{name='user', pathPrivilegeList=[root.ln : WRITE_DATA], sysPrivilegeSet=[], roleList=[], "
             + "isOpenIdUser=false, useWaterMark=false}",
         user1.toString());
     Assert.assertTrue(user1.equals(user));
diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/OpenIdAuthorizer.java
@@ -148,9 +148,7 @@ private static OIDCProviderMetadata fetchMetadata(String providerUrl)
   public boolean login(String token, String password) throws AuthException {
     if (password != null && !password.isEmpty()) {
       logger.error(
-          "JWT Login failed as a non-empty Password was given username (token): {}, password: {}",
-          token,
-          password);
+          "JWT Login failed as a non-empty Password was given username (token): {}", token);
       return false;
     }
     if (token == null || token.isEmpty()) {
@@ -162,7 +160,7 @@ public boolean login(String token, String password) throws AuthException {
     try {
       claims = validateToken(token);
     } catch (JwtException e) {
-      logger.error("Unable to login the user wit jwt {}", password, e);
+      logger.error("Unable to login the user with Username (token) {}", token, e);
       return false;
     }
     logger.debug("JWT was validated successfully!");
diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java
@@ -187,15 +187,17 @@ public void deserialize(ByteBuffer buffer) {
     roleList = SerializeUtils.deserializeStringList(buffer);
   }
 
+  /**
+   * TestOnly, get the string representation of the user.
+   *
+   * @return string representation of the user
+   */
   @Override
   public String toString() {
     return "User{"
         + "name='"
         + super.getName()
         + '\''
-        + ", password='"
-        + password
-        + '\''
         + ", pathPrivilegeList="
         + super.getPathPrivilegeList()
         + ", sysPrivilegeSet="
