Client-Side Sentry Filtering (#495)

* feat: Add StripTokens Co-authored-by: quinchs <> * add breadcrumb filter * add before transaction filter * simplify implementation + and actually make it work in this use case * fix regex to actually match tokens & simplify Co-authored-by: quinchs <[email protected]> * Update DisCatSharp/Utilities.cs Signed-off-by: Lala Sabathil <[email protected]> * chore: fix docs * revert: ex can be in senex since it's not read by sentry itself, rather if u manually call it might need more fixes --------- Signed-off-by: Lala Sabathil <[email protected]> Co-authored-by: quinchs <[email protected]> Co-authored-by: Lala Sabathil <[email protected]>
Aiko-IT-Systems · Jun 7, 2024 · 2d6825f · 2d6825f
1 parent 87164ee
commit 2d6825f
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 5 deletions.
diff --git a/DisCatSharp/Clients/BaseDiscordClient.cs b/DisCatSharp/Clients/BaseDiscordClient.cs
@@ -249,6 +249,23 @@ protected BaseDiscordClient(DiscordConfiguration config)
 				EnableScopeSync = true,
 				Debug = this.Configuration.SentryDebug
 			};
+
+			options.SetBeforeBreadcrumb(b
+				=> new Breadcrumb(Utilities.StripTokens(b.Message),
+					b.Type,
+					b.Data?.Select(x => new KeyValuePair<string, string>(x.Key, Utilities.StripTokens(x.Value)))
+					.ToDictionary(x => x.Key, x => x.Value),
+					b.Category,
+					b.Level));
+
+			options.SetBeforeSendTransaction(tr =>
+			{
+				if (tr.Request.Data is string str)
+					tr.Request.Data = Utilities.StripTokens(str);
+
+				return tr;
+			});
+
 			options.SetBeforeSend((e, _) =>
 			{
 				if (!this.Configuration.DisableExceptionFilter)

diff --git a/DisCatSharp/DiscordConfiguration.cs b/DisCatSharp/DiscordConfiguration.cs
@@ -239,10 +239,12 @@ public UdpClientFactoryDelegate UdpClientFactory
 	/// </summary>
 	public IServiceProvider ServiceProvider { internal get; init; } = new ServiceCollection().BuildServiceProvider(true);
 
+	// TODO: Add disclaimer and docs for sentry
 	/// <summary>
-	/// <para>Whether to report missing fields for discord object.</para>
+	/// <para>Whether to emable sentry.</para>
 	/// <para>This helps us to track missing data and library bugs better.</para>
 	/// <para>Defaults to <see langword="false"/>.</para>
+	/// <para><note type="note">TODO: Add disclaimer and docs.</note></para>
 	/// </summary>
 	public bool EnableSentry { internal get; set; } = false;
 

diff --git a/DisCatSharp/Net/Rest/RestClient.cs b/DisCatSharp/Net/Rest/RestClient.cs
@@ -563,8 +563,7 @@ private async Task ExecuteRequestAsync(BaseRestRequest request, RateLimitBucket?
 				case HttpStatusCode.BadRequest:
 				case HttpStatusCode.MethodNotAllowed:
 					ex = new BadRequestException(request, response);
-					// ex won't be added to avoid possible leaks
-					senex = new(ex.Message + "\nJson Response: " + ((ex as BadRequestException)?.JsonMessage ?? "null"));
+					senex = new(ex.Message + "\nJson Response: " + ((ex as BadRequestException)?.JsonMessage ?? "null"), ex);
 					break;
 
 				case HttpStatusCode.Unauthorized:
@@ -629,8 +628,7 @@ private async Task ExecuteRequestAsync(BaseRestRequest request, RateLimitBucket?
 				case HttpStatusCode.ServiceUnavailable:
 				case HttpStatusCode.GatewayTimeout:
 					ex = new ServerErrorException(request, response);
-					// ex won't be added to avoid possible leaks
-					senex = new(ex.Message + "\nJson Response: " + ((ex as ServerErrorException)!.JsonMessage ?? "null"));
+					senex = new(ex.Message + "\nJson Response: " + ((ex as ServerErrorException)!.JsonMessage ?? "null"), ex);
 					break;
 			}
 

diff --git a/DisCatSharp/Utilities.cs b/DisCatSharp/Utilities.cs
@@ -90,6 +90,24 @@ static Utilities()
 		VersionHeader = $"DiscordBot (https://github.com/Aiko-IT-Systems/DisCatSharp, v{vs})";
 	}
 
+
+
+	/// <summary>
+	///	Removes discord-based tokens from a given string.
+	/// </summary>
+	/// <param name="str">The string to remove the tokens from.</param>
+	/// <returns>A new string with the tokens replaced with <c>{KEY_TOKEN}</c></returns>
+	public static string? StripTokens(string? str)
+	{
+		if (string.IsNullOrWhiteSpace(str))
+			return str;
+
+		str = Regex.Replace(str, @"([a-zA-Z0-9]{68,})", "{WEBHOOK_OR_INTERACTION_TOKEN}"); // Any alphanumeric string this long is likely to be sensitive information anyways
+		str = Regex.Replace(str, @"(mfa\.[a-z0-9_-]{20,})|((?<botid>[a-z0-9_-]{23,28})\.(?<creation>[a-z0-9_-]{6,7})\.(?<enc>[a-z0-9_-]{27,}))", "{BOT_OR_USER_TOKEN}");
+
+		return str;
+	}
+
 	/// <summary>
 	/// Adds the specified parameter to the Query String.
 	/// </summary>