From 572389aab7747b27604dde65124def91343c4413 Mon Sep 17 00:00:00 2001
From: Douglas Barone <douglasvbarone@gmail.com>
Date: Wed, 27 Oct 2021 12:41:22 -0400
Subject: [PATCH] Improved security on PA routines

---
 server/src/lib/paloalto.js     | 5 +++--
 server/src/resolvers/PAHost.js | 8 ++++----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/server/src/lib/paloalto.js b/server/src/lib/paloalto.js
index 4e1b524..fe49b0a 100644
--- a/server/src/lib/paloalto.js
+++ b/server/src/lib/paloalto.js
@@ -106,10 +106,11 @@ async function updateUserIdMappings() {
         tags: ['paloalto', 'user-id'],
         message: `Erro atualizando user-id mappings em ${
           pAHost.description || pAHost.cidr
-        }: ${e.message}`,
-        data: e
+        }: ${e.message}`
       })
 
+      console.log(e) // Do not add e to log DB for security reasons...
+
       return 'Não foi possível atualizar. Veja o log do servidor'
     } finally {
       const index = isWorking.indexOf(pAHost.id)
diff --git a/server/src/resolvers/PAHost.js b/server/src/resolvers/PAHost.js
index 6916847..5233111 100644
--- a/server/src/resolvers/PAHost.js
+++ b/server/src/resolvers/PAHost.js
@@ -4,10 +4,10 @@ import prisma from '../prisma'
 const PAHost = {
   key: parent => {
     const decryptedKey = decryptKey(parent.encryptedKey)
-    return `${decryptedKey.slice(0, 3)}*****${decryptedKey.slice(
-      decryptedKey.length - 4,
-      decryptedKey.length
-    )}`
+    return `***${decryptedKey.slice(5, 8)}***${decryptedKey.slice(
+      decryptedKey.length - 8,
+      decryptedKey.length - 5
+    )}***`
   },
   owner: parent => prisma.user.findUnique({ where: { id: parent.ownerId } })
 }