Add using of Sanitized type in the logging

Abblix.Oidc.Server/Endpoints/Authorization/Validation/ClientValidator.cs

@@ -73,7 +73,7 @@ public ClientValidator(
         var clientInfo = await _clientInfoProvider.TryFindClientAsync(clientId.NotNull(nameof(clientId))).WithLicenseCheck();
         if (clientInfo == null)
         {
-            _logger.LogWarning("The client with id {ClientId} was not found", clientId);
+            _logger.LogWarning("The client with id {ClientId} was not found", new Sanitized(clientId));
             return context.InvalidRequest("The client is not authorized");
         }
 

Abblix.Oidc.Server/Endpoints/DynamicClientManagement/Validation/ClientIdValidator.cs

@@ -62,7 +62,7 @@ public ClientIdValidator(
             var clientInfo = await _clientInfoProvider.TryFindClientAsync(clientId).WithLicenseCheck();
             if (clientInfo != null)
             {
-                _logger.LogWarning("The client with id {ClientId} is already registered", clientId);
+                _logger.LogWarning("The client with id {ClientId} is already registered", new Sanitized(clientId));
                 return ErrorFactory.InvalidClientMetadata($"The client with id={clientId} is already registered");
             }
         }

Abblix.Oidc.Server/Endpoints/DynamicClientManagement/Validation/SubjectTypeValidator.cs

@@ -23,6 +23,7 @@
 using System.Net.Http.Json;
 using Abblix.Oidc.Server.Common.Constants;
 using Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Interfaces;
+using Abblix.Utils;
 using Microsoft.Extensions.Logging;
 using static Abblix.Oidc.Server.Model.ClientRegistrationRequest;
 
@@ -88,7 +89,7 @@ public SubjectTypeValidator(
                     catch (Exception ex)
                     {
                         _logger.LogWarning(ex, "Unable to receive content of {SectorIdentifierUri}",
-                            sectorIdentifierUri);
+                            new Sanitized(sectorIdentifierUri));
                         return ErrorFactory.InvalidClientMetadata(
                             $"Unable to receive content of {Parameters.SectorIdentifierUri}");
                     }
@@ -109,7 +110,7 @@ public SubjectTypeValidator(
                 if (missingUris.Length > 0)
                 {
                     _logger.LogWarning("The following URIs are present in the {SectorIdentifierUri}, but missing from the Redirect URIs: {@MissingUris}",
-                        sectorIdentifierUri,
+                        new Sanitized(sectorIdentifierUri),
                         missingUris);
 
                     return ErrorFactory.InvalidClientMetadata(

Abblix.Oidc.Server/Endpoints/EndSession/Validation/ClientValidator.cs

@@ -67,7 +67,7 @@ public ClientValidator(
         var clientInfo = await _clientInfoProvider.TryFindClientAsync(context.ClientId).WithLicenseCheck();
         if (clientInfo == null)
         {
-            _logger.LogWarning("The client with id {ClientId} was not found", context.ClientId);
+            _logger.LogWarning("The client with id {ClientId} was not found", new Sanitized(context.ClientId));
             return new EndSessionRequestValidationError(
                 ErrorCodes.UnauthorizedClient,
                 "The client is not authorized");

Abblix.Oidc.Server/Endpoints/EndSession/Validation/PostLogoutRedirectUrisValidator.cs

@@ -23,6 +23,7 @@
 using Abblix.Oidc.Server.Common.Constants;
 using Abblix.Oidc.Server.Endpoints.EndSession.Interfaces;
 using Abblix.Oidc.Server.Features.UriValidation;
+using Abblix.Utils;
 using Microsoft.Extensions.Logging;
 using static Abblix.Oidc.Server.Model.EndSessionRequest;
 
@@ -75,7 +76,7 @@ public PostLogoutRedirectUrisValidator(ILogger<PostLogoutRedirectUrisValidator>
             return null;
 
         _logger.LogWarning("The post-logout redirect URI {RedirectUri} is invalid for client with id {ClientId}",
-            redirectUri,
+            new Sanitized(redirectUri),
             context.ClientInfo.ClientId);
 
         return new EndSessionRequestValidationError(

Abblix.Utils/Sanitized.cs

@@ -34,72 +34,74 @@ public readonly record struct Sanitized
     /// Initializes a new instance of the <see cref="Sanitized"/> struct with the specified source string.
     /// </summary>
     /// <param name="source">The source string to be sanitized.</param>
-    public Sanitized(string? source)
+    public Sanitized(object? source)
     {
         _source = source;
     }
 
-    private readonly string? _source;
+    private readonly object? _source;
 
     /// <summary>
     /// Returns the sanitized string representation of the source string.
     /// </summary>
     /// <returns>A sanitized string with control characters removed and special characters escaped.</returns>
     public override string? ToString()
     {
-        if (string.IsNullOrEmpty(_source))
+        if (_source == null)
+            return null;
+
+        var source = _source.ToString();
+        if (string.IsNullOrEmpty(source))
         {
-            return _source;
+            return source;
         }
 
-        StringBuilder? resultBuilder = null;
-        var source = _source;
-
-        for (var i = 0; i < _source.Length; i++)
+        StringBuilder? builder = null;
+        for (var i = 0; i < source.Length; i++)
         {
-            var c = _source[i];
+            var c = source[i];
 
             switch (c)
             {
                 case '\n':
-                    ReplaceTo("\\n", ref resultBuilder, source, i);
+                    ReplaceTo("\\n", ref builder, source, i);
                     break;
                 case '\r':
-                    ReplaceTo("\\r", ref resultBuilder, source, i);
+                    ReplaceTo("\\r", ref builder, source, i);
                     break;
                 case '\t':
-                    ReplaceTo("\\t", ref resultBuilder, source, i);
+                    ReplaceTo("\\t", ref builder, source, i);
                     break;
                 case '\"':
-                    ReplaceTo("\\\"", ref resultBuilder, source, i);
+                    ReplaceTo("\\\"", ref builder, source, i);
                     break;
                 case '\'':
-                    ReplaceTo("\\'", ref resultBuilder, source, i);
+                    ReplaceTo("\\'", ref builder, source, i);
                     break;
                 case '\\':
-                    ReplaceTo(@"\\", ref resultBuilder, source, i);
+                    ReplaceTo(@"\\", ref builder, source, i);
                     break;
                 case ',':
-                    ReplaceTo("\\,", ref resultBuilder, source, i);
+                    ReplaceTo("\\,", ref builder, source, i);
                     break;
                 case ';':
-                    ReplaceTo("\\;", ref resultBuilder, source, i);
+                    ReplaceTo("\\;", ref builder, source, i);
                     break;
                 default:
                     if (0x00 <= c && c <= 0x1f || c == 0x7f)
-                        ReplaceTo(null, ref resultBuilder, source, i);
+                        ReplaceTo(null, ref builder, source, i);
                     else
-                        resultBuilder?.Append(c);
+                        builder?.Append(c);
                     break;
             }
         }
 
-        return resultBuilder != null ? resultBuilder.ToString() : _source;
+        return builder != null ? builder.ToString() : source;
     }
 
-    private void ReplaceTo(string? replacement, ref StringBuilder? resultBuilder, string source, int i)
+    private void ReplaceTo(string? replacement, ref StringBuilder? builder, string source, int i)
     {
-        resultBuilder ??= new StringBuilder(source, 0, i, source.Length + (replacement?.Length ?? 0) - 1);
-        resultBuilder.Append(replacement);
+        builder ??= new StringBuilder(source, 0, i, source.Length + (replacement?.Length ?? 0) - 1);
+        builder.Append(replacement);
     }
 }