Merge branch 'feat/sensitive-data-masker' into chore/all-my-stuffs

# Conflicts:
#	components.d.ts
#	package.json
#	pnpm-lock.yaml
#	src/tools/index.ts

Author: sharevb

package.json

@@ -112,6 +112,7 @@
     "curlconverter": "^4.10.1",
     "currency-codes-ts": "^3.0.0",
     "currency-exchanger-js": "^1.0.4",
+    "data-guardian": "^1.1.3",
     "date-fns": "^2.29.3",
     "dns-query": "^0.11.2",
     "decomposerize": "^1.4.1",
@@ -147,6 +148,7 @@
     "image-in-browser": "^3.2.0",
     "ip-bigint": "^8.2.0",
     "jq-wasm": "^0.0.9",
+    "ip-regex": "^5.0.0",
     "js-base64": "^3.7.6",
     "image-in-browser": "^3.1.0",
     "js-base64": "^3.7.7",

pnpm-lock.yaml

@@ -76,6 +76,7 @@ import { tool as markdownToHtml } from './markdown-to-html';
 import { tool as nginxFormatter } from './nginx-formatter';
 import { tool as potrace } from './potrace';
 import { tool as rmbNumbers } from './rmb-numbers';
+import { tool as sensitiveDataMasker } from './sensitive-data-masker';
 import { tool as pdfSignatureChecker } from './pdf-signature-checker';
 import { tool as numeronymGenerator } from './numeronym-generator';
 import { tool as macAddressGenerator } from './mac-address-generator';
@@ -375,6 +376,7 @@ export const toolsByCategory: ToolCategory[] = [
       icalGenerator,
       icalParser,
       icalMerger,
+      sensitiveDataMasker,
     ],
   },
   {

src/tools/index.ts

@@ -0,0 +1,12 @@
+import { ShieldLock } from '@vicons/tabler';
+import { defineTool } from '../tool';
+
+export const tool = defineTool({
+  name: 'Sensitive data masker',
+  path: '/sensitive-data-masker',
+  description: 'Clean sensitive data from textual content (ie logs)',
+  keywords: ['sensitive', 'data', 'masker', 'obfuscator', 'clean', 'log'],
+  component: () => import('./sensitive-data-masker.vue'),
+  icon: ShieldLock,
+  createdAt: new Date('2024-06-16'),
+});

src/tools/sensitive-data-masker/index.ts

@@ -0,0 +1,75 @@
+import { describe, expect, it } from 'vitest';
+import { maskSensitiveData } from './sensitive-data-masker.service';
+
+describe('sensitive-data-masker', () => {
+  describe('maskSensitiveData', () => {
+    const data = `{
+  email: '[email protected]',
+  creditCard: '1234 5678 9000 9876',
+  id: '3f8a43fd-6489-4ec7-bd55-7a1ba172d77b',
+  name: 'John',
+  surname: 'Doe',
+  phone: '+358 40 1234567',
+  url: 'truc.google.com',
+  ip4: '83.24.45.56',
+  ip6: '2001:db8:0:85a3:0:0:ac1f:8001',
+  mac: '3D:F2:C9:A6:B3:4F',
+  token: 'eyJhbGciOiJIUzI1NiJ9.ew0KICAic3ViIjogIjEyMzQ1Njc4OTAiLA0KICAibmFtZSI6ICJBbGV4IEtvemxvdiIsDQogICJpYXQiOiAxNTE2MjM5MDIyDQp9.PNKysYFTCenU5bekHCmwIxCUXoYG41H_xc3uN3ZF_b8',
+}`;
+
+    it('should maks sensitive data', () => {
+      expect(maskSensitiveData({
+        value: data,
+      })).toBe(`{
+  email: 'jo****************om',
+  creditCard: '12***************76',
+  id: '3f********************************7b',
+  name: 'John',
+  surname: 'Doe',
+  phone: '+3***********67',
+  url: 'tr***********om',
+  ip4: '83*******56',
+  ip6: '20*************************01',
+  mac: '3D*************4F',
+  token: 'ey*****************************************************************************************************************************************************************b8',
+}`);
+    });
+    it('should maks sensitive data (with custom regex)', () => {
+      expect(maskSensitiveData({
+        value: data,
+        customRegex: 'John\nDoe',
+      })).toBe(`{
+  email: 'jo****************om',
+  creditCard: '12***************76',
+  id: '3f********************************7b',
+  name: '****',
+  surname: '***',
+  phone: '+3***********67',
+  url: 'tr***********om',
+  ip4: '83*******56',
+  ip6: '20*************************01',
+  mac: '3D*************4F',
+  token: 'ey*****************************************************************************************************************************************************************b8',
+}`);
+    });
+
+    it('should maks sensitive data (with excluded matchers)', () => {
+      expect(maskSensitiveData({
+        value: data,
+        excludedMatchers: ['mac', 'ipv4'],
+      })).toBe(`{
+  email: 'jo****************om',
+  creditCard: '12***************76',
+  id: '3f********************************7b',
+  name: 'John',
+  surname: 'Doe',
+  phone: '+3***********67',
+  url: 'tr***********om',
+  ip4: '83.24.45.56',
+  ip6: '20*************************01',
+  mac: '3D:F2:C9:A6:B3:4F',
+  token: 'ey*****************************************************************************************************************************************************************b8',
+}`);
+    });
+  });
+});

src/tools/sensitive-data-masker/sensitive-data-masker.service.test.ts

@@ -0,0 +1,34 @@
+import { type SensitiveContentKey, maskString } from 'data-guardian';
+import ipRegex from 'ip-regex';
+
+const jwtRegex = /\b([a-zA-Z0-9_=]{5,})\.([a-zA-Z0-9_=]{5,})\.([a-zA-Z0-9_\-\+\/=]{5,})\b/g;
+const phoneRegex = /(?:(\+\d{1,4})[-.\s]?)(?:[(](\d{1,3})[)][-.\s]?)?(\d{1,4})[-.\s]?(\d{1,4})[-.\s]?(\d{1,9})\b/g;
+const macRegex = /\b([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})\b/g;
+const urlWithOrWithoutPrefixRegex = /\b(https?:\/\/)?(www\.)?[a-zA-Z0-9@:%._+~#=-]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_+.~#?&\/=]*)\b/g;
+
+export type MatcherNames = 'uuid' | 'creditCard' | 'ssn' | 'url' | 'ipv4' | 'email' | 'passwordInUri' | 'mac' | 'ipv6' | 'urlWithOrWithoutPrefix' | 'jwt' | 'phone';
+
+export function maskSensitiveData({
+  value,
+  customRegex = '',
+  excludedMatchers = [],
+}: {
+  value: string
+  customRegex?: string
+  excludedMatchers?: Array<MatcherNames>
+}) {
+  excludedMatchers = excludedMatchers || [];
+  const emptyRegex = /(?:)/g;
+  return maskString(value, null as never, {
+    customRegex: new RegExp((customRegex || '').split('\n').map(line => `(${line})`).join('|'), 'gi'),
+    macRegex: excludedMatchers.includes('mac') ? emptyRegex : macRegex,
+    ipv6Regex: excludedMatchers.includes('ipv6') ? emptyRegex : ipRegex.v6({ includeBoundaries: false }),
+    urlWithOrWithoutPrefixRegex: excludedMatchers.includes('urlWithOrWithoutPrefix') ? emptyRegex : urlWithOrWithoutPrefixRegex,
+    jwtRegex: excludedMatchers.includes('jwt') ? emptyRegex : jwtRegex,
+    phoneRegex: excludedMatchers.includes('phone') ? emptyRegex : phoneRegex,
+  }, {
+    excludeMatchers: [...excludedMatchers, ...[
+      'passwordMention', 'password', 'passwordSubstring',
+    ]] as SensitiveContentKey[],
+  });
+}

src/tools/sensitive-data-masker/sensitive-data-masker.service.ts

@@ -0,0 +1,64 @@
+<script setup lang="ts">
+import { type MatcherNames, maskSensitiveData } from './sensitive-data-masker.service';
+import { withDefaultOnError } from '@/utils/defaults';
+
+const defaultValue = `{
+  email: '[email protected]',
+  creditCard: '1234 5678 9000 9876',
+  id: '3f8a43fd-6489-4ec7-bd55-7a1ba172d77b',
+  name: 'John',
+  surname: 'Doe',
+  phone: '+358 40 1234567',
+  url: 'truc.google.com',
+  ip4: '83.24.45.56',
+  ip6: '2001:db8:0:85a3:0:0:ac1f:8001',
+  mac: '3D:F2:C9:A6:B3:4F',
+  token: 'eyJhbGciOiJIUzI1NiJ9.ew0KICAic3ViIjogIjEyMzQ1Njc4OTAiLA0KICAibmFtZSI6ICJBbGV4IEtvemxvdiIsDQogICJpYXQiOiAxNTE2MjM5MDIyDQp9.PNKysYFTCenU5bekHCmwIxCUXoYG41H_xc3uN3ZF_b8',
+}`;
+
+const customRegex = useStorage('sensitive-data:regex', '');
+const excludedMatchers = useStorage('sensitive-data:exclude', [] as string[]);
+const allMatchers = [
+  'uuid', 'creditCard', 'ssn', 'url', 'ipv4', 'email',
+  'passwordInUri', 'mac', 'ipv6', 'urlWithOrWithoutPrefix',
+  'jwt', 'phone'];
+
+function transformer(value: string) {
+  return withDefaultOnError(() => maskSensitiveData({
+    value,
+    customRegex: customRegex.value,
+    excludedMatchers: excludedMatchers.value as MatcherNames[],
+  }), '');
+}
+</script>
+
+<template>
+  <div style="max-width: 600px;">
+    <c-input-text
+      v-model:value="customRegex"
+      label="Your custom cleaning regex(es) (case insensitive):"
+      placeholder="Your custom cleaning regex(es)"
+      raw-text
+      multiline
+      rows="4"
+      mb-2
+    />
+
+    <n-select
+      v-model:value="excludedMatchers"
+      placeholder="No Fallback"
+      multiple
+      :fallback-option="false"
+      :options="allMatchers.map(v => ({ label: v, value: v }))"
+      mb-2
+    />
+
+    <format-transformer
+      input-label="Your log/textual data:"
+      :input-default="defaultValue"
+      input-placeholder="Paste your log/textual data here..."
+      output-label="Cleaned version:"
+      :transformer="transformer"
+    />
+  </div>
+</template>