Snow 1846395 improve url data sanitization

index.d.ts

@@ -615,6 +615,14 @@ declare module 'snowflake-sdk' {
          */
         requestId?: string;
 
+        /**
+         * The request GUID is a unique identifier of an HTTP request issued to Snowflake.
+         * Unlike the requestId, it is regenerated even when the request is resend with the retry mechanism.
+         * If not specified, request GUIDs are attached to all requests to Snowflake for better traceability.
+         * In the majority of cases it should not be set or filled with false value.
+         */
+        excludeGuid?: string;
+
         /**
          * Use different rest endpoints based on whether the query id is available.
          */

lib/constants/sf_params.js

@@ -0,0 +1,8 @@
+exports.paramsNames = {
+  SF_REQUEST_GUID: 'request_guid',
+  SF_REQUEST_ID: 'requestId',
+  SF_TOKEN: 'token',
+  SF_WAREHOUSE_NAME: 'warehouse',
+  SF_DB_NAME: 'databaseName',
+  SF_SCHEMA_NAME: 'schemaName',
+};

lib/errors.js

@@ -342,7 +342,7 @@ exports.createOperationFailedError = function (
   return createError(errorTypes.OperationFailedError,
     {
       code: errorCode,
-      data: { ...data, queryId: null },
+      data: data,
       message: message,
       sqlState: sqlState
     });

lib/http/node.js

@@ -10,6 +10,7 @@ const HttpsProxyAgent = require('../agent/https_proxy_agent');
 const HttpAgent = require('http').Agent;
 const GlobalConfig = require('../../lib/global_config');
 const Logger = require('../logger');
+const RequestUtil = require('../http/request_util');
 
 /**
  * Returns the delay time calculated by exponential backoff with
@@ -107,19 +108,19 @@ function isBypassProxy(proxy, destination, agentId) {
  * @inheritDoc
  */
 NodeHttpClient.prototype.getAgent = function (parsedUrl, proxy, mock) {
-  Logger.getInstance().trace('Agent[url: %s] - getting an agent instance.', parsedUrl.href);
+  Logger.getInstance().trace('Agent[url: %s] - getting an agent instance.', RequestUtil.describeURL(parsedUrl.href));
   if (!proxy && GlobalConfig.isEnvProxyActive()) {
     const isHttps = parsedUrl.protocol === 'https:';
     proxy = ProxyUtil.getProxyFromEnv(isHttps);
     if (proxy) {
-      Logger.getInstance().debug('Agent[url: %s] - proxy info loaded from the environment variable. Proxy host: %s', parsedUrl.href, proxy.host);
+      Logger.getInstance().debug('Agent[url: %s] - proxy info loaded from the environment variable. Proxy host: %s', RequestUtil.describeURL(parsedUrl.href), proxy.host);
     }
   }
   return getProxyAgent(proxy, parsedUrl, parsedUrl.href, mock);
 };
 
 function getProxyAgent(proxyOptions, parsedUrl, destination, mock) {
-  Logger.getInstance().trace('Agent[url: %s] - getting a proxy agent instance.', parsedUrl.href);
+  Logger.getInstance().trace('Agent[url: %s] - getting a proxy agent instance.', RequestUtil.describeURL(parsedUrl.href));
   const agentOptions = {
     protocol: parsedUrl.protocol,
     hostname: parsedUrl.hostname,
@@ -129,7 +130,7 @@ function getProxyAgent(proxyOptions, parsedUrl, destination, mock) {
   if (mock) {
     const mockAgent = mock.agentClass(agentOptions);
     if (mockAgent.protocol === parsedUrl.protocol) {
-      Logger.getInstance().debug('Agent[url: %s] - the mock agent will be used.', parsedUrl.href);
+      Logger.getInstance().debug('Agent[url: %s] - the mock agent will be used.', RequestUtil.describeURL(parsedUrl.href));
       return mockAgent;
     }
   }

lib/http/request_util.js

@@ -1,26 +1,213 @@
+const LoggingUtil = require('../logger/logging_util');
+const sfParams = require('../constants/sf_params');
+
+// Initial whitelist for attributes - they will be described with values
+exports.DEFAULT_ATTRIBUTES_DESCRIBING_REQUEST_WITH_VALUES = [
+  'baseUrl',
+  'path',
+  sfParams.paramsNames.SF_REQUEST_ID,
+  sfParams.paramsNames.SF_REQUEST_GUID,
+  sfParams.paramsNames.SF_WAREHOUSE_NAME,
+  sfParams.paramsNames.SF_DB_NAME,
+  sfParams.paramsNames.SF_SCHEMA_NAME,
+];
+
+// Initial blacklist for attributes - described as present/not present only
+exports.DEFAULT_ATTRIBUTES_DESCRIBING_REQUEST_WITHOUT_VALUES = [
+  sfParams.paramsNames.SF_TOKEN
+];
+
+/**
+ * Describes a request based on its options.
+ * Should work with not-yet-parsed options as well (before calling prepareRequestOptions method).
+ *
+ * @param {Object} requestOptions - Object representing the request data with top-level keys.
+ * @param {Object} [options] - Options for describing attributes.
+ * @param {Array<string>} [options.additionalAttributesDescribedWithValues]
+ * @param {Array<string>} [options.overrideAttributesDescribedWithValues]
+ * @param {Array<string>} [options.additionalAttributesDescribedWithoutValues]
+ * @param {Array<string>} [options.overrideAttributesDescribedWithoutValues]
+ * @returns {string} A string representation of the request data.
+ */
+exports.describeRequestFromOptions = function (
+  requestOptions,
+  {
+    additionalAttributesDescribedWithValues = [],
+    overrideAttributesDescribedWithValues,
+    additionalAttributesDescribedWithoutValues = [],
+    overrideAttributesDescribedWithoutValues
+  } = {}
+) {
+  const describingAttributesWithValues = mergeAttributeLists(
+    exports.DEFAULT_ATTRIBUTES_DESCRIBING_REQUEST_WITH_VALUES,
+    overrideAttributesDescribedWithValues,
+    additionalAttributesDescribedWithValues
+  );
+
+  const describingAttributesWithoutValues = mergeAttributeLists(
+    exports.DEFAULT_ATTRIBUTES_DESCRIBING_REQUEST_WITHOUT_VALUES,
+    overrideAttributesDescribedWithoutValues,
+    additionalAttributesDescribedWithoutValues
+  );
+
+  const { method, url, params } = requestOptions || {};
+
+  return exports.describeRequestData(
+    { method, url, params },
+    describingAttributesWithValues,
+    describingAttributesWithoutValues
+  );
+};
+
+/**
+ * Creates a string that represents request data from a response.
+ * Helps to identify the request that was the source of the response.
+ *
+ * @param {Object} response - Axios response object.
+ * @param {Object} [options] - Options for describing attributes.
+ * @param {Array<string>} [options.additionalAttributesDescribedWithValues]
+ * @param {Array<string>} [options.overrideAttributesDescribedWithValues]
+ * @param {Array<string>} [options.additionalAttributesDescribedWithoutValues]
+ * @param {Array<string>} [options.overrideAttributesDescribedWithoutValues]
+ * @returns {string} A string representation of the request data.
+ */
+exports.describeRequestFromResponse = function (
+  response,
+  {
+    additionalAttributesDescribedWithValues = [],
+    overrideAttributesDescribedWithValues,
+    additionalAttributesDescribedWithoutValues = [],
+    overrideAttributesDescribedWithoutValues
+  } = {}
+) {
+  let methodUppercase;
+  let url;
+  let params;
+  const responseConfig = response.config;
+
+  const describingAttributesWithValues = mergeAttributeLists(
+    exports.DEFAULT_ATTRIBUTES_DESCRIBING_REQUEST_WITH_VALUES,
+    overrideAttributesDescribedWithValues,
+    additionalAttributesDescribedWithValues
+  );
+
+  const describingAttributesWithoutValues = mergeAttributeLists(
+    exports.DEFAULT_ATTRIBUTES_DESCRIBING_REQUEST_WITHOUT_VALUES,
+    overrideAttributesDescribedWithoutValues,
+    additionalAttributesDescribedWithoutValues
+  );
+
+  if (responseConfig) {
+    // Ensure consistent casing for methods to match request-response pairs in logs.
+    methodUppercase = responseConfig.method?.toUpperCase();
+    url = responseConfig.url;
+    params = responseConfig.params;
+  }
+
+  return exports.describeRequestData(
+    { method: methodUppercase, url, params },
+    describingAttributesWithValues,
+    describingAttributesWithoutValues
+  );
+};
+
+/**
+ * Constructs a string representation of request data.
+ *
+ * @param {Object} requestData - Object containing the method, url, and parameters.
+ * @param {string} requestData.method - HTTP method.
+ * @param {string} requestData.url - Request URL.
+ * @param {Object} [requestData.params] - Additional query parameters.
+ * @param {Array<string>} attributesWithValues - Attributes to describe with values.
+ * @param {Array<string>} attributesWithoutValues - Attributes to describe without values.
+ * @returns {string} A string describing the request data.
+ */
+exports.describeRequestData = function (
+  { method, url, params } = {},
+  attributesWithValues,
+  attributesWithoutValues
+) {
+  const requestObject = {
+    method,
+    ...exports.constructURLData(url, params),
+  };
+
+  return LoggingUtil.describeAttributes(
+    requestObject,
+    attributesWithValues,
+    attributesWithoutValues
+  );
+};
 
 /**
- * Should work with not yet parsed options as well (before calling prepareRequestOptions method).
+ * Constructs an object representing URL data including the base URL, path, and query parameters.
  *
- * @param requestOptions - object representing the request data with top-level keys
- * @returns {string}
+ * @param {string} url - The full URL.
+ * @param {Object} [params] - Additional query parameters.
+ * @returns {Object} Contains baseUrl, path, and merged query parameters.
  */
-exports.describeRequestFromOptions = function (requestOptions) {
-  return exports.describeRequestData({ method: requestOptions.method, url: requestOptions.url });
+exports.constructURLData = function (url, params = {}) {
+  if (!url) {
+    return { baseUrl: '', path: '', queryParams: {} };
+  }
+
+  const urlObj = new URL(url);
+  const queryParams = { ...params };
+
+  urlObj.searchParams.forEach((value, key) => {
+    queryParams[key] = value;
+  });
+
+  const baseUrl = `${urlObj.protocol}//${urlObj.hostname}${urlObj.port ? `:${urlObj.port}` : ''}`;
+
+  return {
+    baseUrl: baseUrl,
+    path: urlObj.pathname,
+    ...queryParams,
+  };
 };
 
 /**
- * Creates string that represents response data.
- * Should allow to identify request, which was the source for this response.
- * @param response - axios response object
- * @returns {string}
+ * @param {string} url - The URL to describe.
+ * @param {Object} [options] - Options for describing attributes.
+ * @param {Array<string>} [options.additionalAttributesDescribedWithValues]
+ * @param {Array<string>} [options.overrideAttributesDescribedWithValues]
+ * @param {Array<string>} [options.additionalAttributesDescribedWithoutValues]
+ * @param {Array<string>} [options.overrideAttributesDescribedWithoutValues]
+ * @returns {string} A string describing the URL.
  */
-exports.describeRequestFromResponse = function (response) {
-  // Uppercase is used to allow finding logs corresponding to the same request - response pair,
-  // by matching identical options' descriptions.
-  return exports.describeRequestData({ method: response.config?.method.toUpperCase(), url: response.config?.url });
+exports.describeURL = function (
+  url,
+  {
+    additionalAttributesDescribedWithValues = [],
+    overrideAttributesDescribedWithValues,
+    additionalAttributesDescribedWithoutValues = [],
+    overrideAttributesDescribedWithoutValues
+  } = {}
+) {
+  const describingAttributesWithValues = mergeAttributeLists(
+    exports.DEFAULT_ATTRIBUTES_DESCRIBING_REQUEST_WITH_VALUES,
+    overrideAttributesDescribedWithValues,
+    additionalAttributesDescribedWithValues
+  );
+
+  const describingAttributesWithoutValues = mergeAttributeLists(
+    exports.DEFAULT_ATTRIBUTES_DESCRIBING_REQUEST_WITHOUT_VALUES,
+    overrideAttributesDescribedWithoutValues,
+    additionalAttributesDescribedWithoutValues
+  );
+
+  const urlData = exports.constructURLData(url);
+
+  return LoggingUtil.describeAttributes(
+    urlData,
+    describingAttributesWithValues,
+    describingAttributesWithoutValues
+  );
 };
 
-exports.describeRequestData = function (requestData) {
-  return `[method: ${requestData.method}, url: ${requestData.url}]`;
-};
+// Helper function to merge attribute arrays.
+function mergeAttributeLists(defaultAttrs, overrideAttrs, additionalAttrs) {
+  const base = overrideAttrs || defaultAttrs;
+  return [...base, ...additionalAttrs];
+}

lib/logger/logging_util.js

@@ -1,8 +1,48 @@
 const Util = require('../util');
 
+const PROVIDED_TEXT = 'provided';
+const NOT_PROVIDED_TEXT = 'not provided';
+
 exports.describePresence = function (valueToDescribe) {
-  const VAR_PROVIDED_TEXT = 'provided';
-  const VAR_NOT_PROVIDED_TEXT = 'not provided';
+  return Util.isNotEmptyAsString(valueToDescribe) ? PROVIDED_TEXT : NOT_PROVIDED_TEXT;
+};
+
+/**
+ * @param {Object} sourceObject - The object holding attribute values.
+ * @param {Array<string>} attributesWithValues - Attributes to show with their values.
+ * @param {Array<string>} attributesWithoutValues - Attributes to show as present/not present.
+ * @returns {string} Comma-separated string describing the attributes.
+ */
+exports.attributesToString = function (
+  sourceObject = {},
+  attributesWithValues = [],
+  attributesWithoutValues = []
+) {
+  const withValues = attributesWithValues
+    .filter(attr => sourceObject[attr] !== undefined)
+    .map(attr => `${attr}=${String(sourceObject[attr])}`);
+
+  const withoutValues = attributesWithoutValues
+    .map(attr => `${attr} is ${exports.describePresence(sourceObject[attr])}`);
+
+  return [...withValues, ...withoutValues].join(', ');
+};
 
-  return Util.isNotEmptyAsString(valueToDescribe) ? VAR_PROVIDED_TEXT : VAR_NOT_PROVIDED_TEXT;
+/**
+ * @param {Object} sourceObject - The object holding attribute values.
+ * @param {Array<string>} attributesWithValues - Attributes to show with their values.
+ * @param {Array<string>} attributesWithoutValues - Attributes to show as present/not present.
+ * @returns {string} A bracketed string of described attributes.
+ */
+exports.describeAttributes = function (
+  sourceObject,
+  attributesWithValues,
+  attributesWithoutValues
+) {
+  const attributesDescription = exports.attributesToString(
+    sourceObject,
+    attributesWithValues,
+    attributesWithoutValues
+  );
+  return `[${attributesDescription}]`;
 };