Fixes regression with sensitive data filter

src/ApplicationInsightsRequestLogging/Extensions/ServiceCollectionExtensions.cs

@@ -42,7 +42,7 @@ private static void AddBodyLogger(IServiceCollection services)
             services.AddScoped<IBodyReader, BodyReader>();
             services.AddScoped<ITelemetryWriter, TelemetryWriter>();
             services.AddSingleton<ITelemetryInitializer, ClientIpInitializer>();
-            services.AddTransient<ISensitiveDataFilter, SensitiveDataFilter>();
+            services.AddScoped<ISensitiveDataFilter, SensitiveDataFilter>();
         }
     }
 }

src/ApplicationInsightsRequestLogging/Filters/SensitiveDataFilter.cs

@@ -4,6 +4,7 @@
 using System.Text.Json;
 using System.Text.Json.Nodes;
 using System.Text.RegularExpressions;
+using Microsoft.Extensions.Options;
 
 namespace Azureblue.ApplicationInsights.RequestLogging
 {
@@ -14,16 +15,10 @@
         private readonly HashSet<string> _sensitiveDataPropertyKeys;
         private readonly IEnumerable<string> _regexesForSensitiveValues;
 
-
-        public SensitiveDataFilter(BodyLoggerOptions options) : this(options.PropertyNamesWithSensitiveData, options.SensitiveDataRegexes)
-        {
-
-        }
-
-        public SensitiveDataFilter(IEnumerable<string> sensitiveDataPropertyKeys, IEnumerable<string> regexesForSensitiveValues)
+        public SensitiveDataFilter(IOptions<BodyLoggerOptions> options)
         {
-            _sensitiveDataPropertyKeys = sensitiveDataPropertyKeys.Select(t => t.ToLowerInvariant()).ToHashSet();
-            _regexesForSensitiveValues = regexesForSensitiveValues;
+            _sensitiveDataPropertyKeys = options.Value.PropertyNamesWithSensitiveData.Select(t => t.ToLowerInvariant()).ToHashSet();
+            _regexesForSensitiveValues = options.Value.SensitiveDataRegexes;
         }
 
         public string RemoveSensitiveData(string textOrJson)
@@ -33,7 +28,8 @@
                 var json = JsonNode.Parse(textOrJson);
                 if (json == null) return string.Empty;
 
-                if (json is JsonValue jValue && TestIfContainsSensitiveData("", jValue.ToString(), _sensitiveDataPropertyKeys, _regexesForSensitiveValues))
+                if (json is JsonValue jValue &&
+                TestIfContainsSensitiveData("", jValue.ToString(), _sensitiveDataPropertyKeys, _regexesForSensitiveValues))
                 {
                     return SensitiveValueMask;
                 }
@@ -90,7 +86,7 @@
 
             foreach (var jNode in jArray.Where(v => v != null))
             {
                 RemoveIds(jNode);
             }
         }
 

test/ApplicationInsightsRequestLoggingTests/BodyLoggerMiddlewareTests.cs

@@ -15,6 +15,7 @@
 using Moq;
 using Microsoft.Extensions.DependencyInjection;
 using System.Collections.Generic;
+using Microsoft.Extensions.Options;
 
 namespace ApplicationInsightsRequestLoggingTests
 {
@@ -43,13 +44,13 @@ public async void BodyLoggerMiddleware_should_not_log_request_body_if_downstream
                         .UseTestServer()
                         .ConfigureServices(services =>
                         {
-                            services.AddTransient<IBodyReader, BodyReader>();
-                            services.AddTransient<ISensitiveDataFilter, SensitiveDataFilter>();
-                            services.AddSingleton(telemetryWriter.Object);
                             services.AddOptions<BodyLoggerOptions>().Configure(options =>
                             {
                                 options.EnableBodyLoggingOnExceptions = false;
                             });
+                            services.AddTransient<IBodyReader, BodyReader>();
+                            services.AddTransient<ISensitiveDataFilter, SensitiveDataFilter>();
+                            services.AddSingleton(telemetryWriter.Object);
                             services.AddTransient<BodyLoggerMiddleware>();
                         })
                         .Configure(app =>
@@ -87,13 +88,13 @@ public async void BodyLoggerMiddleware_should_log_request_body_if_downstream_exc
                         .UseTestServer()
                         .ConfigureServices(services =>
                         {
-                            services.AddTransient<IBodyReader, BodyReader>();
-                            services.AddTransient<ISensitiveDataFilter, SensitiveDataFilter>();
-                            services.AddSingleton(telemetryWriter.Object);
                             services.AddOptions<BodyLoggerOptions>().Configure(options =>
                             {
                                 options.EnableBodyLoggingOnExceptions = true;
                             });
+                            services.AddTransient<IBodyReader, BodyReader>();
+                            services.AddTransient<ISensitiveDataFilter, SensitiveDataFilter>();
+                            services.AddSingleton(telemetryWriter.Object);
                             services.AddTransient<BodyLoggerMiddleware>();
                         })
                         .Configure(app =>
@@ -254,11 +255,13 @@ public async void BodyLoggerMiddleware_should_redact_password()
                         .UseTestServer()
                         .ConfigureServices(services =>
                         {
-                            services.AddTransient<IBodyReader, BodyReader>();
-                            services.AddTransient<ISensitiveDataFilter>(provider =>
+                            services.AddOptions<BodyLoggerOptions>().Configure(options =>
                             {
-                                return new SensitiveDataFilter(new List<string>() { "password" }, new List<string>());
+                                options.PropertyNamesWithSensitiveData = new List<string> { "password" };
+                                options.SensitiveDataRegexes = new List<string>();
                             });
+                            services.AddTransient<IBodyReader, BodyReader>();
+                            services.AddTransient<ISensitiveDataFilter, SensitiveDataFilter>();
                             services.AddSingleton(telemetryWriter.Object);
                             services.AddTransient<BodyLoggerMiddleware>();
                         })

test/ApplicationInsightsRequestLoggingTests/SensitiveDataFilter/SensitiveDataFilterTests.cs

@@ -1,5 +1,6 @@
 using Azureblue.ApplicationInsights.RequestLogging;
 using FluentAssertions;
+using Microsoft.Extensions.Options;
 using System;
 using System.Collections.Generic;
 using System.Text.Json;
@@ -13,8 +14,14 @@ public class SensitiveDataFilterTests
         public void Should_mask_tokens_with_sensitive_data_from_json()
         {
             // Arrange
+            var bodyLoggerOptions = new BodyLoggerOptions
+            {
+                PropertyNamesWithSensitiveData = new List<string>() { "token" },
+                SensitiveDataRegexes = new List<string>()
+            };
+
             var jsonWithToken = JsonSerializer.Serialize(new { token = "some-super-secret-token" });
-            var filter = new SensitiveDataFilter(sensitiveDataPropertyKeys: new HashSet<string> { "token" }, regexesForSensitiveValues: Array.Empty<string>());
+            var filter = new SensitiveDataFilter(Options.Create(bodyLoggerOptions));
 
             // Act
             var result = filter.RemoveSensitiveData(jsonWithToken);
@@ -28,8 +35,14 @@ public void Should_mask_tokens_with_sensitive_data_from_json()
         public void Should_mask_tokens_with_sensitive_data_from_nested_object_json()
         {
             // Arrange
+            var bodyLoggerOptions = new BodyLoggerOptions
+            {
+                PropertyNamesWithSensitiveData = new List<string>() { "password" },
+                SensitiveDataRegexes = new List<string>()
+            };
+
             var jsonWithToken = JsonSerializer.Serialize(new { someObject = new { password = "some-super-secret-token" } });
-            var filter = new SensitiveDataFilter(sensitiveDataPropertyKeys: new HashSet<string> { "password" }, regexesForSensitiveValues: Array.Empty<string>());
+            var filter = new SensitiveDataFilter(Options.Create(bodyLoggerOptions));
 
             // Act
             var result = filter.RemoveSensitiveData(jsonWithToken);
@@ -43,8 +56,14 @@ public void Should_mask_tokens_with_sensitive_data_from_nested_object_json()
         public void Should_mask_tokens_with_sensitive_data_even_if_its_not_equal_match_json()
         {
             // Arrange
+            var bodyLoggerOptions = new BodyLoggerOptions
+            {
+                PropertyNamesWithSensitiveData = new List<string>() { "password" },
+                SensitiveDataRegexes = new List<string>()
+            };
+
             var jsonWithToken = JsonSerializer.Serialize(new { someObject = new { userPassword = "some-super-secret-token" } });
-            var filter = new SensitiveDataFilter(sensitiveDataPropertyKeys: new HashSet<string> { "password" }, regexesForSensitiveValues: Array.Empty<string>());
+            var filter = new SensitiveDataFilter(Options.Create(bodyLoggerOptions));
 
             // Act
             var result = filter.RemoveSensitiveData(jsonWithToken);
@@ -61,8 +80,14 @@ public void Should_mask_tokens_with_sensitive_data_even_if_its_not_equal_match_j
         public void Should_mask_values_based_on_regex()
         {
             // Arrange
+            var bodyLoggerOptions = new BodyLoggerOptions
+            {
+                PropertyNamesWithSensitiveData = new List<string>() { "password" },
+                SensitiveDataRegexes = new List<string> { CreditCardRegex }
+            };
+
             var jsonWithToken = JsonSerializer.Serialize(new { someObject = new { randomTokenName = SampleCreditCardNumber } });
-            var filter = new SensitiveDataFilter(sensitiveDataPropertyKeys: new HashSet<string> { "password" }, regexesForSensitiveValues: new List<string> { CreditCardRegex });
+            var filter = new SensitiveDataFilter(Options.Create(bodyLoggerOptions));
 
             // Act
             var result = filter.RemoveSensitiveData(jsonWithToken);
@@ -76,8 +101,14 @@ public void Should_mask_values_based_on_regex()
         public void SensitiveDataFilter_should_remove_creditcard_number_from_plain_text_if_configured()
         {
             // Arrange
+            var bodyLoggerOptions = new BodyLoggerOptions
+            {
+                PropertyNamesWithSensitiveData = new List<string>() { "token" },
+                SensitiveDataRegexes = new List<string> { CreditCardRegex }
+            };
+
             var plainTextWithToken = $"token: some-not-so-{SampleCreditCardNumber}secret-token-but-with-cc-inside";
-            var filter = new SensitiveDataFilter(sensitiveDataPropertyKeys: new HashSet<string> { "token" }, regexesForSensitiveValues: new List<string> { CreditCardRegex });
+            var filter = new SensitiveDataFilter(Options.Create(bodyLoggerOptions));
 
             // Act
             var result = filter.RemoveSensitiveData(plainTextWithToken);