Private/Write-IOLog.ps1
|
function Write-IOLog { [CmdletBinding()] param( [Parameter(Mandatory)] [string]$Message, [ValidateSet('Info', 'Warning', 'Error', 'Verbose', 'Debug')] [string]$Level = 'Info', [string]$Component = 'IdentityOps' ) # Sanitize message — strip anything that looks like a secret/token $sanitized = $Message -replace '(?i)(secret|password|token|key|credential|client_secret|access_token|refresh_token|api_key)\s*[:=]\s*\S+', '$1=***REDACTED***' # Redact Bearer tokens $sanitized = $sanitized -replace '(?i)Bearer\s+[A-Za-z0-9\-._~+/]+=*', 'Bearer ***REDACTED***' # Redact JWT-like patterns (eyJ...) $sanitized = $sanitized -replace 'eyJ[A-Za-z0-9\-_]+\.eyJ[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+', '***JWT_REDACTED***' $timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss' switch ($Level) { 'Info' { Write-Host " [$timestamp] $sanitized" -ForegroundColor Gray } 'Warning' { Write-Warning $sanitized } 'Error' { Write-Error $sanitized } 'Verbose' { Write-Verbose "[$timestamp] [$Component] $sanitized" } 'Debug' { Write-Debug "[$timestamp] [$Component] $sanitized" } } } |