core/safe_logging.py

"""Safe logging utilities to prevent sensitive data leakage.



This module provides utilities for safely logging exceptions without exposing

sensitive information like passwords, tokens, or PII in application logs.

"""
import logging
from typing import Optional


def log_exception_safe(

    logger: logging.Logger,

    message: str,

    exception: Exception,

    level: str = "error",

    include_type: bool = True

) -> None:
    """

    Safely log an exception without exposing sensitive data.

    

    Instead of logging the full exception message (which may contain sensitive data),

    this function logs only the exception type or a generic message.

    

    Args:

        logger: Logger instance to use

        message: Context message describing what failed

        exception: Exception object to log safely

        level: Log level (error, warning, info, debug)

        include_type: Whether to include exception type name in the log

        

    Example:

        >>> try:

        >>>     create_user("admin", "SecretPassword123!")

        >>> except Exception as e:

        >>>     log_exception_safe(logger, "User creation failed", e)

        >>> # Logs: "User creation failed: IntegrityError"

        >>> # Does NOT log: "User creation failed: UNIQUE constraint failed: password=SecretPassword123!"

    """
    if include_type:
        safe_message = f"{message}: {type(exception).__name__}"
    else:
        safe_message = message
    
    log_func = getattr(logger, level.lower())
    log_func(safe_message)


def get_safe_error_message(exception: Exception) -> str:
    """

    Get a safe error message from an exception.

    

    Returns only the exception type name, not the potentially sensitive message.

    

    Args:

        exception: Exception object

        

    Returns:

        String containing only the exception type name

        

    Example:

        >>> try:

        >>>     raise ValueError("password=secret123")

        >>> except Exception as e:

        >>>     safe_msg = get_safe_error_message(e)

        >>> # safe_msg = "ValueError"

    """
    return type(exception).__name__


def mask_identifier(identifier: str, prefix: str = "id") -> str:
    """

    Mask an identifier for safe logging.

    

    Completely masks the identifier to prevent any sensitive data leakage.

    This security measure ensures no part of the identifier (which may contain

    or be derived from sensitive information) is exposed in logs.

    The prefix parameter is used to identify the type of identifier in logs.

    Completely masks the identifier value to prevent any sensitive data exposure.

    Returns only the prefix with masked content, without revealing any characters

    from the actual identifier.

    

    Args:

        identifier: The identifier to mask (patient_id, username, etc.)

        prefix: Prefix to use for the masked value (e.g., 'pat', 'user', 'id')

        

    Returns:

        Masked identifier string in the format: prefix_****

        Masked identifier string in format: "{prefix}_****"

        

    Example:

        >>> mask_identifier("patient12345", "pat")

        'pat_****'

        >>> mask_identifier("admin", "user")

        'user_****'

        >>> mask_identifier("", "id")  # Even empty strings are masked consistently

        'id_****'

    """
    return f"{prefix}_****"


def safe_log_info(

    logger: logging.Logger,

    message: str,

    **identifiers

) -> None:
    """

    Safely log an info message with masked identifiers.

    

    Args:

        logger: Logger instance to use

        message: Message template with {placeholders}

        **identifiers: Key-value pairs of identifiers to mask

        

    Example:

        >>> safe_log_info(logger, "Processing patient {patient_id}", 

        ...               patient_id=("patient12345", "pat"))

        # Logs: "Processing patient pat_****"

    """
    masked_values = {}
    for key, value in identifiers.items():
        if isinstance(value, tuple):
            identifier, prefix = value
            masked_values[key] = mask_identifier(identifier, prefix)
        else:
            masked_values[key] = mask_identifier(value, key)
    
    logger.info(message.format(**masked_values))


def safe_log_warning(

    logger: logging.Logger,

    message: str,

    **identifiers

) -> None:
    """

    Safely log a warning message with masked identifiers.

    

    Args:

        logger: Logger instance to use

        message: Message template with {placeholders}

        **identifiers: Key-value pairs of identifiers to mask

        

    Example:

        >>> safe_log_warning(logger, "No data for patient {patient_id}", 

        ...                  patient_id=("67890", "pat"))

        # Logs: "No data for patient pat_****"

    """
    masked_values = {}
    for key, value in identifiers.items():
        if isinstance(value, tuple):
            identifier, prefix = value
            masked_values[key] = mask_identifier(identifier, prefix)
        else:
            masked_values[key] = mask_identifier(value, key)
    
    logger.warning(message.format(**masked_values))