Redis PubSub Support

[coolwednesday]

Pull Request Template

Description:

• Closes Redis Pub Sub Support #2347

Checklist:

• I have formatted my code using goimport and golangci-lint.
• All new code is covered by unit tests.
• This PR does not decrease the overall code coverage.
• I have reviewed the code comments and documentation for clarity.

Thank you for your contribution!

To fix the problem, we should prevent sensitive information such as credentials from being logged in plaintext. Specifically, before logging the Redis address (r.cfg.Addr), we should sanitize it to remove any embedded credentials if they exist, or log only the host/port portion if that's all that's needed for troubleshooting.

• In pkg/gofr/datasource/pubsub/redis/redis.go, modify the log statements that include r.cfg.Addr so that if Addr contains credentials (recognized by the presence of an @ and possibly a user:pass syntax before the host), those are omitted or replaced with a placeholder. This can be achieved by writing a small helper function that parses the address and removes obfuscated credentials if present.
• Replace the instances of r.cfg.Addr in logging calls (Debugf, Errorf, Logf etc.) with calls to this helper sanitizing function.
• Add the helper function in the same file (redis.go), as it needs to be accessible where logging occurs.

To fix the issue:

• Do not log sensitive configuration values directly, particularly connection strings that may embed credentials.
• Specifically, update the log messages in pkg/gofr/datasource/pubsub/redis/redis.go within the Connect() method to omit r.cfg.Addr when logging errors or connection events. Optionally, if you want to indicate which Redis host is being connected, log only the host/port part after sanitizing the string to remove credentials. However, for safety and generality, it is best to omit or mask the address completely.
• Edit any logging statements (lines 122, 147, 161, 166) using r.cfg.Addr to either remove the address, replace it with a non-sensitive identifier (like "Redis"), or show only the host/port (without credentials) through a helper method that removes any user info from the connection string.

To implement this:

• Edit Connect() in pkg/gofr/datasource/pubsub/redis/redis.go, replacing log statements that reference r.cfg.Addr to not print it, or to use a sanitized/obfuscated form.
• Optionally: If desired, add a helper function (within this file/region) that extracts host and port from a Redis URI (removing any credentials), and use that for logging, though its necessity is debatable.

---

The best fix is to remove logging of the full address string in log messages and diagnostic errors, both in success and failure cases. Instead, only log non-sensitive details: for example, host and port (if it's certain they're not secret), or replace the address by a generic indication like "[REDACTED]" or "[address hidden]". This fix should apply to all places in pkg/gofr/datasource/pubsub/redis/redis.go where r.cfg.Addr is logged—in error, info, and debug messages. Specifically, lines in Connect() like 122, 147, 161, and 166 should be updated. It is best to avoid logging the address unless certain it cannot contain credentials, but since the taint flow is unclear and credentials can flow into the address, we must treat it as sensitive.

No new methods or imports are needed—replace usages with redacted text or rephrase messages. If there are places where only parts (e.g., host, port) are logged and are confirmed non-sensitive, you may safely log those, but since host/port may also be sensitive in some setups, it is safer to redact completely.

To safely fix the issue, avoid logging any potentially sensitive information such as host addresses or URIs that may contain embedded credentials. Instead, log only non-sensitive information or redact the sensitive parts before including them in logs.

Specific fix:

• Edit only the logging call on line 166 (and by extension any other similar log calls if found) in pkg/gofr/datasource/pubsub/redis/redis.go.
• Remove the actual address from being logged, or replace it with a redacted/placeholder string (e.g., [REDACTED] or log only the host/port after verifying no credentials are present).
• No new imports or method definitions are needed for simply redacting or omitting the address.

---

To safely address the vulnerability, we should ensure that any logging of connection addresses (r.cfg.Addr) omits any embedded credentials. The best way to do this is to sanitize the address before logging it. In practice, Redis connection addresses may be either bare host:port, or a URL containing potential credentials (e.g., redis://user:password@host:port/db). To fix, we should parse the address: if it's a URL, redact the password/user portion before logging; if it's host:port, log directly.

Where to change:
In pkg/gofr/datasource/pubsub/redis/redis.go, at the point of logging (lines like r.logger.Logf("reconnected to Redis at '%s'", r.cfg.Addr) and similar lines like debug/errors), always replace direct use of r.cfg.Addr with a sanitized form (e.g. a helper function such as redactRedisAddr(r.cfg.Addr)).

How to fix:

• Add a helper (e.g., redactRedisAddr) in the file to parse addresses, redact password/user if present, and return a safe string for logging.
• Replace all logging statements that reference r.cfg.Addr directly with calls using the helper.

What's required:
A new helper function in the file. No new external dependencies are needed, just use Go's standard net/url package to parse and redact credentials in URLs.