From cf5f1ac05025a3ad41355ca61000f20743c15f95 Mon Sep 17 00:00:00 2001
From: kiyo-e <kiyo-e@users.noreply.github.com>
Date: Sun, 8 Jun 2025 21:50:39 +0900
Subject: [PATCH] fix: add function to mask Bearer token in headers for
 improved security

---
 package.json |  2 +-
 src/index.ts | 12 +++++++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 487cb6a..f74b315 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@kiyo-e/claude-code-proxy",
-  "version": "0.1.2",
+  "version": "0.1.4",
   "type": "module",
   "repository": {
     "type": "git",
diff --git a/src/index.ts b/src/index.ts
index 549a120..0e86b1e 100755
--- a/src/index.ts
+++ b/src/index.ts
@@ -50,6 +50,10 @@ app.post('/v1/messages', async (c) => {
       console.log(...args)
     }
 
+    function maskBearer(value: string): string {
+      return value.replace(/Bearer\s+(\S+)/g, 'Bearer ********')
+    }
+
     const payload = await c.req.json()
 
     // Helper to normalize a message's content
@@ -195,7 +199,13 @@ app.post('/v1/messages', async (c) => {
     }
 
     debug('Using base URL:', baseUrl)
-    debug('Headers:', headers)
+    const maskedHeaders = Object.fromEntries(
+      Object.entries(headers).map(([key, value]) => [
+        key,
+        key.toLowerCase() === 'authorization' ? maskBearer(value) : value
+      ])
+    )
+    debug('Headers:', maskedHeaders)
     debug(`URL: ${baseUrl}/chat/completions`)
 
     const openaiResponse = await fetch(`${baseUrl}/chat/completions`, {