From 81a486dcb0dc113fd2b8214fb9313b1f4093ee9e Mon Sep 17 00:00:00 2001
From: rakeshkky <rakesh.emmadi21c@gmail.com>
Date: Mon, 12 Nov 2018 19:51:25 +0530
Subject: [PATCH 1/3] remove x-hasura-access-key header from logs, fix #1016

---
 server/src-lib/Hasura/RQL/Types/Permission.hs | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/server/src-lib/Hasura/RQL/Types/Permission.hs b/server/src-lib/Hasura/RQL/Types/Permission.hs
index e002bfdb48eff..c7b0ddc7c279a 100644
--- a/server/src-lib/Hasura/RQL/Types/Permission.hs
+++ b/server/src-lib/Hasura/RQL/Types/Permission.hs
@@ -28,6 +28,7 @@ module Hasura.RQL.Types.Permission
        ) where
 
 import           Hasura.Prelude
+import           Hasura.Server.Utils        (accessKeyHeader, userRoleHeader)
 import           Hasura.SQL.Types
 
 import qualified Database.PG.Query          as Q
@@ -68,7 +69,7 @@ isUserVar = T.isPrefixOf "x-hasura-" . T.toLower
 
 roleFromVars :: UserVars -> Maybe RoleName
 roleFromVars =
-  fmap RoleName . getVarVal userRoleVar
+  fmap RoleName . getVarVal userRoleHeader
 
 getVarVal :: Text -> UserVars -> Maybe Text
 getVarVal k =
@@ -85,9 +86,6 @@ mkUserVars l =
   | (k, v) <- l, isUserVar k
   ]
 
-userRoleVar :: Text
-userRoleVar = "x-hasura-role"
-
 data UserInfo
   = UserInfo
   { userRole :: !RoleName
@@ -96,7 +94,8 @@ data UserInfo
 
 mkUserInfo :: RoleName -> UserVars -> UserInfo
 mkUserInfo rn (UserVars v) =
-  UserInfo rn $ UserVars $ Map.insert userRoleVar (getRoleTxt rn) v
+  UserInfo rn $ UserVars $ Map.insert userRoleHeader (getRoleTxt rn) $
+  Map.delete accessKeyHeader v
 
 instance Hashable UserInfo
 

From 8f86636f6ac4237cfd77ca0e5b872010bf5ec022 Mon Sep 17 00:00:00 2001
From: Vamshi Surabhi <0x777@users.noreply.github.com>
Date: Tue, 13 Nov 2018 11:54:52 +0530
Subject: [PATCH 2/3] remove deleting the access-key header logic in jwt

---
 server/src-lib/Hasura/Server/Auth/JWT.hs | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/server/src-lib/Hasura/Server/Auth/JWT.hs b/server/src-lib/Hasura/Server/Auth/JWT.hs
index c7f391451d835..0860f97ea0d46 100644
--- a/server/src-lib/Hasura/Server/Auth/JWT.hs
+++ b/server/src-lib/Hasura/Server/Auth/JWT.hs
@@ -218,9 +218,6 @@ processAuthZHeader jwtCtx headers authzHeader = do
   -- transform the map of text:aeson-value -> text:text
   metadata <- decodeJSON $ A.Object finalClaims
 
-  -- delete the x-hasura-access-key from this map, and insert x-hasura-role
-  let hasuraMd = Map.delete accessKeyHeader metadata
-
   return $ mkUserInfo role $ mkUserVars $ Map.toList hasuraMd
 
   where

From 668ae96c2107f11c7ddc3d83320d0a13d5b61761 Mon Sep 17 00:00:00 2001
From: Vamshi Surabhi <0x777@users.noreply.github.com>
Date: Tue, 13 Nov 2018 13:30:33 +0530
Subject: [PATCH 3/3] fix the compilation issues introduced with prev commit

---
 server/src-lib/Hasura/Server/Auth/JWT.hs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src-lib/Hasura/Server/Auth/JWT.hs b/server/src-lib/Hasura/Server/Auth/JWT.hs
index 0860f97ea0d46..a7f466fbfbe27 100644
--- a/server/src-lib/Hasura/Server/Auth/JWT.hs
+++ b/server/src-lib/Hasura/Server/Auth/JWT.hs
@@ -218,7 +218,7 @@ processAuthZHeader jwtCtx headers authzHeader = do
   -- transform the map of text:aeson-value -> text:text
   metadata <- decodeJSON $ A.Object finalClaims
 
-  return $ mkUserInfo role $ mkUserVars $ Map.toList hasuraMd
+  return $ mkUserInfo role $ mkUserVars $ Map.toList metadata
 
   where
     parseAuthzHeader = do