From cb804577a93d77c2b2739ebc7cd1e5f58ca2ec21 Mon Sep 17 00:00:00 2001
From: Quentin McGaw <quentin.mcgaw@gmail.com>
Date: Sun, 2 Oct 2022 09:31:03 +0000
Subject: [PATCH] feat(httpproxy): log credentials sent on mismatch

---
 internal/httpproxy/auth.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/internal/httpproxy/auth.go b/internal/httpproxy/auth.go
index f2ebdc23..105dcdd8 100644
--- a/internal/httpproxy/auth.go
+++ b/internal/httpproxy/auth.go
@@ -2,6 +2,7 @@ package httpproxy
 
 import (
 	"encoding/base64"
+	"fmt"
 	"net/http"
 	"strings"
 )
@@ -32,7 +33,8 @@ func (h *handler) isAuthorized(responseWriter http.ResponseWriter, request *http
 		return false
 	}
 	if h.username != usernamePassword[0] || h.password != usernamePassword[1] {
-		h.logger.Info("Username or password mismatch from " + request.RemoteAddr)
+		h.logger.Info(fmt.Sprintf("Username (%q) or password (%q) mismatch from %s",
+			usernamePassword[0], usernamePassword[1], request.RemoteAddr))
 		h.logger.Debug("username provided \"" + usernamePassword[0] +
 			"\" and password provided \"" + usernamePassword[1] + "\"")
 		responseWriter.WriteHeader(http.StatusUnauthorized)