fix(logging): [PM-28877] Remove Config for PII Logging (#6885)

* fix(logging): [PM-28877] Remove Config for PII Logging - Removed all references to logging being set to true even in dev environment. * fix(logging): [PM-28877] Remove Config for PII Logging - Fixed up with a better understanding of the original ask. * fix(logging): [PM-28877] Remove Config for PII Logging - Removed all show pii.
2026-01-31 06:03:12 +08:00 · 2026-01-28 15:18:55 -05:00
parent bfefd27a38
commit f29fd4d9c2
6 changed files with 7 additions and 30 deletions
--- a/bitwarden_license/src/Sso/Startup.cs
+++ b/bitwarden_license/src/Sso/Startup.cs
@@ -8,7 +8,6 @@ using Bit.Core.Utilities;
 using Bit.SharedWeb.Utilities;
 using Bit.Sso.Utilities;
 using Duende.IdentityServer.Services;
-using Microsoft.IdentityModel.Logging;
 using Stripe;

 namespace Bit.Sso;
@@ -91,20 +90,15 @@ public class Startup

    public void Configure(
        IApplicationBuilder app,
-        IWebHostEnvironment env,
+        IWebHostEnvironment environment,
        IHostApplicationLifetime appLifetime,
        GlobalSettings globalSettings,
        ILogger<Startup> logger)
    {
-        if (env.IsDevelopment() || globalSettings.SelfHosted)
-        {
-            IdentityModelEventSource.ShowPII = true;
-        }
-
        // Add general security headers
        app.UseMiddleware<SecurityHeadersMiddleware>();

-        if (!env.IsDevelopment())
+        if (!environment.IsDevelopment())
        {
            var uri = new Uri(globalSettings.BaseServiceUri.Sso);
            app.Use(async (ctx, next) =>
@@ -120,7 +114,7 @@ public class Startup
            app.UseForwardedHeaders(globalSettings);
        }

-        if (env.IsDevelopment())
+        if (environment.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseCookiePolicy();
--- a/src/Api/Startup.cs
+++ b/src/Api/Startup.cs
@@ -14,7 +14,6 @@ using Bit.Api.Tools.Models.Request;
 using Bit.Api.Vault.Models.Request;
 using Bit.Core.Auth.Entities;
 using Bit.SharedWeb.Health;
-using Microsoft.IdentityModel.Logging;
 using Microsoft.OpenApi.Models;
 using Bit.SharedWeb.Utilities;
 using Microsoft.AspNetCore.Diagnostics.HealthChecks;
@@ -238,8 +237,6 @@ public class Startup
        GlobalSettings globalSettings,
        ILogger<Startup> logger)
    {
-        IdentityModelEventSource.ShowPII = true;
-
        // Add general security headers
        app.UseMiddleware<SecurityHeadersMiddleware>();

--- a/src/EventsProcessor/Startup.cs
+++ b/src/EventsProcessor/Startup.cs
@@ -1,7 +1,6 @@
 using System.Globalization;
 using Bit.Core.Utilities;
 using Bit.SharedWeb.Utilities;
-using Microsoft.IdentityModel.Logging;

 namespace Bit.EventsProcessor;

@@ -40,7 +39,6 @@ public class Startup

    public void Configure(IApplicationBuilder app)
    {
-        IdentityModelEventSource.ShowPII = true;
        // Add general security headers
        app.UseMiddleware<SecurityHeadersMiddleware>();
        app.UseRouting();
--- a/src/Identity/Startup.cs
+++ b/src/Identity/Startup.cs
@@ -14,7 +14,6 @@ using Bit.SharedWeb.Swagger;
 using Bit.SharedWeb.Utilities;
 using Duende.IdentityServer.Services;
 using Microsoft.Extensions.DependencyInjection.Extensions;
-using Microsoft.IdentityModel.Logging;
 using Microsoft.OpenApi.Models;

 namespace Bit.Identity;
@@ -170,16 +169,14 @@ public class Startup

    public void Configure(
        IApplicationBuilder app,
-        IWebHostEnvironment env,
+        IWebHostEnvironment environment,
        GlobalSettings globalSettings,
        ILogger<Startup> logger)
    {
-        IdentityModelEventSource.ShowPII = true;
-
        // Add general security headers
        app.UseMiddleware<SecurityHeadersMiddleware>();

-        if (!env.IsDevelopment())
+        if (!environment.IsDevelopment())
        {
            var uri = new Uri(globalSettings.BaseServiceUri.Identity);
            app.Use(async (ctx, next) =>
@@ -196,7 +193,7 @@ public class Startup
        }

        // Default Middleware
-        app.UseDefaultMiddleware(env, globalSettings);
+        app.UseDefaultMiddleware(environment, globalSettings);

        if (!globalSettings.SelfHosted)
        {
@@ -204,7 +201,7 @@ public class Startup
            app.UseMiddleware<CustomIpRateLimitMiddleware>();
        }

-        if (env.IsDevelopment())
+        if (environment.IsDevelopment())
        {
            app.UseSwagger();
            app.UseDeveloperExceptionPage();
--- a/src/Notifications/Startup.cs
+++ b/src/Notifications/Startup.cs
@@ -5,7 +5,6 @@ using Bit.Core.Utilities;
 using Bit.SharedWeb.Utilities;
 using Duende.IdentityModel;
 using Microsoft.AspNetCore.SignalR;
-using Microsoft.IdentityModel.Logging;

 namespace Bit.Notifications;

@@ -84,8 +83,6 @@ public class Startup
        IWebHostEnvironment env,
        GlobalSettings globalSettings)
    {
-        IdentityModelEventSource.ShowPII = true;
-
        // Add general security headers
        app.UseMiddleware<SecurityHeadersMiddleware>();

--- a/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs
+++ b/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs
@@ -472,11 +472,6 @@ public static class ServiceCollectionExtensions
                addAuthorization.Invoke(config);
            });
        }
-
-        if (environment.IsDevelopment())
-        {
-            Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
-        }
    }

    public static void AddCustomDataProtectionServices(
@@ -666,7 +661,6 @@ public static class ServiceCollectionExtensions
                    Constants.BrowserExtensions.OperaId
                 };
            }
-
        });
    }