From 98e668bb9ce7feb090f65fc61d92af433bc23094 Mon Sep 17 00:00:00 2001
From: Mark Duckworth <1124037+MarkDuckworth@users.noreply.github.com>
Date: Thu, 25 Jan 2024 09:46:12 -0700
Subject: [PATCH] fix: Fix redaction of credentials in Firestore settings
 (#1989)

* Revert "fix: Remove incorrect,unreachable and unused code (#1983)"

This reverts commit 133f4da892b453a4c4fd1324154eed907ad4663a.

* fix: Fix redaction of credentials in Firestore settings.
---
 dev/src/index.ts  |  7 +++++++
 dev/test/index.ts | 35 +++++++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+)

diff --git a/dev/src/index.ts b/dev/src/index.ts
index 3932b2137..82fd88abe 100644
--- a/dev/src/index.ts
+++ b/dev/src/index.ts
@@ -745,6 +745,13 @@ export class Firestore implements firestore.Firestore {
     }
 
     this._settings = settings;
+    this._settings.toJSON = function () {
+      const temp = Object.assign({}, this);
+      if (temp.credentials) {
+        temp.credentials = {private_key: '***', client_email: '***'};
+      }
+      return temp;
+    };
     this._serializer = new Serializer(this);
   }
 
diff --git a/dev/test/index.ts b/dev/test/index.ts
index 12df809ec..5e1713376 100644
--- a/dev/test/index.ts
+++ b/dev/test/index.ts
@@ -1372,3 +1372,38 @@ describe('getAll() method', () => {
     });
   });
 });
+
+describe('toJSON', () => {
+  it('Serializing Firestore settings redacts credentials', () => {
+    const firestore = new Firestore.Firestore({
+      projectId: 'myProjectId',
+      credentials: {client_email: 'foo@bar', private_key: 'asdf1234'},
+    });
+
+    const serializedSettings = JSON.stringify(firestore._settings);
+
+    // Instead of validating the serialized string for redacted credentials,
+    // parse the settings and check the credential values.
+    const parsedSettings = JSON.parse(serializedSettings);
+    expect(parsedSettings.credentials.client_email).to.equal('***');
+    expect(parsedSettings.credentials.private_key).to.equal('***');
+  });
+
+  it('Serializing Firestore instance', () => {
+    const firestore = new Firestore.Firestore({
+      projectId: 'myProjectId',
+      credentials: {client_email: 'foo@bar', private_key: 'asdf1234'},
+    });
+
+    const serializedFirestore = JSON.stringify(firestore);
+
+    // Instead of validating the serialized string,
+    // parse the JSON back to an object and check the properties.
+    const expectedParsedFirestore = {
+      projectId: 'myProjectId',
+    };
+
+    const parsedFirestore = JSON.parse(serializedFirestore);
+    expect(parsedFirestore).to.deep.equal(expectedParsedFirestore);
+  });
+});