Add SensitiveUrl to redact user secrets from endpoints (#2326)

## Issue Addressed

#2276 

## Proposed Changes

Add the `SensitiveUrl` struct which wraps `Url` and implements custom `Display` and `Debug` traits to redact user secrets from being logged in eth1 endpoints, beacon node endpoints and metrics.

## Additional Info

This also includes a small rewrite of the eth1 crate to make requests using `Url` instead of `&str`. 
Some error messages have also been changed to remove `Url` data.

common/eth2/src/lib.rs

@@ -19,6 +19,7 @@ use futures_util::StreamExt;
 pub use reqwest;
 use reqwest::{IntoUrl, Response};
 pub use reqwest::{StatusCode, Url};
+use sensitive_url::SensitiveUrl;
 use serde::{de::DeserializeOwned, Serialize};
 use ssz::Decode;
 use std::convert::TryFrom;
@@ -36,7 +37,7 @@ pub enum Error {
     /// The server returned an error message where the body was unable to be parsed.
     StatusCode(StatusCode),
     /// The supplied URL is badly formatted. It should look something like `http://127.0.0.1:5052`.
-    InvalidUrl(Url),
+    InvalidUrl(SensitiveUrl),
     /// The supplied validator client secret is invalid.
     InvalidSecret(String),
     /// The server returned a response with an invalid signature. It may be an impostor.
@@ -81,7 +82,7 @@ impl fmt::Display for Error {
 #[derive(Clone)]
 pub struct BeaconNodeHttpClient {
     client: reqwest::Client,
-    server: Url,
+    server: SensitiveUrl,
 }
 
 impl fmt::Display for BeaconNodeHttpClient {
@@ -92,25 +93,25 @@ impl fmt::Display for BeaconNodeHttpClient {
 
 impl AsRef<str> for BeaconNodeHttpClient {
     fn as_ref(&self) -> &str {
-        self.server.as_str()
+        self.server.as_ref()
     }
 }
 
 impl BeaconNodeHttpClient {
-    pub fn new(server: Url) -> Self {
+    pub fn new(server: SensitiveUrl) -> Self {
         Self {
             client: reqwest::Client::new(),
             server,
         }
     }
 
-    pub fn from_components(server: Url, client: reqwest::Client) -> Self {
+    pub fn from_components(server: SensitiveUrl, client: reqwest::Client) -> Self {
         Self { client, server }
     }
 
     /// Return the path with the standard `/eth1/v1` prefix applied.
     fn eth_path(&self) -> Result<Url, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?

common/eth2/src/lighthouse.rs

@@ -214,7 +214,7 @@ impl BeaconNodeHttpClient {
 
     /// `GET lighthouse/health`
     pub async fn get_lighthouse_health(&self) -> Result<GenericResponse<Health>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -226,7 +226,7 @@ impl BeaconNodeHttpClient {
 
     /// `GET lighthouse/syncing`
     pub async fn get_lighthouse_syncing(&self) -> Result<GenericResponse<SyncState>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -246,7 +246,7 @@ impl BeaconNodeHttpClient {
 
     /// `GET lighthouse/proto_array`
     pub async fn get_lighthouse_proto_array(&self) -> Result<GenericResponse<ProtoArray>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -261,7 +261,7 @@ impl BeaconNodeHttpClient {
         &self,
         epoch: Epoch,
     ) -> Result<GenericResponse<GlobalValidatorInclusionData>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -279,7 +279,7 @@ impl BeaconNodeHttpClient {
         epoch: Epoch,
         validator_id: ValidatorId,
     ) -> Result<GenericResponse<Option<ValidatorInclusionData>>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -295,7 +295,7 @@ impl BeaconNodeHttpClient {
     pub async fn get_lighthouse_eth1_syncing(
         &self,
     ) -> Result<GenericResponse<Eth1SyncStatusData>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -310,7 +310,7 @@ impl BeaconNodeHttpClient {
     pub async fn get_lighthouse_eth1_block_cache(
         &self,
     ) -> Result<GenericResponse<Vec<Eth1Block>>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -325,7 +325,7 @@ impl BeaconNodeHttpClient {
     pub async fn get_lighthouse_eth1_deposit_cache(
         &self,
     ) -> Result<GenericResponse<Vec<DepositLog>>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -341,7 +341,7 @@ impl BeaconNodeHttpClient {
         &self,
         state_id: &StateId,
     ) -> Result<Option<BeaconState<E>>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -359,7 +359,7 @@ impl BeaconNodeHttpClient {
 
     /// `GET lighthouse/staking`
     pub async fn get_lighthouse_staking(&self) -> Result<bool, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?

common/eth2/src/lighthouse_vc/http_client.rs

@@ -8,6 +8,7 @@ use reqwest::{
 };
 use ring::digest::{digest, SHA256};
 use secp256k1::{Message, PublicKey, Signature};
+use sensitive_url::SensitiveUrl;
 use serde::{de::DeserializeOwned, Serialize};
 
 pub use reqwest;
@@ -18,7 +19,7 @@ pub use reqwest::{Response, StatusCode, Url};
 #[derive(Clone)]
 pub struct ValidatorClientHttpClient {
     client: reqwest::Client,
-    server: Url,
+    server: SensitiveUrl,
     secret: ZeroizeString,
     server_pubkey: PublicKey,
 }
@@ -53,7 +54,7 @@ pub fn parse_pubkey(secret: &str) -> Result<PublicKey, Error> {
 }
 
 impl ValidatorClientHttpClient {
-    pub fn new(server: Url, secret: String) -> Result<Self, Error> {
+    pub fn new(server: SensitiveUrl, secret: String) -> Result<Self, Error> {
         Ok(Self {
             client: reqwest::Client::new(),
             server,
@@ -63,7 +64,7 @@ impl ValidatorClientHttpClient {
     }
 
     pub fn from_components(
-        server: Url,
+        server: SensitiveUrl,
         client: reqwest::Client,
         secret: String,
     ) -> Result<Self, Error> {
@@ -187,7 +188,7 @@ impl ValidatorClientHttpClient {
 
     /// `GET lighthouse/version`
     pub async fn get_lighthouse_version(&self) -> Result<GenericResponse<VersionData>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -199,7 +200,7 @@ impl ValidatorClientHttpClient {
 
     /// `GET lighthouse/health`
     pub async fn get_lighthouse_health(&self) -> Result<GenericResponse<Health>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -211,7 +212,7 @@ impl ValidatorClientHttpClient {
 
     /// `GET lighthouse/spec`
     pub async fn get_lighthouse_spec(&self) -> Result<GenericResponse<YamlConfig>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -225,7 +226,7 @@ impl ValidatorClientHttpClient {
     pub async fn get_lighthouse_validators(
         &self,
     ) -> Result<GenericResponse<Vec<ValidatorData>>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -240,7 +241,7 @@ impl ValidatorClientHttpClient {
         &self,
         validator_pubkey: &PublicKeyBytes,
     ) -> Result<Option<GenericResponse<ValidatorData>>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -256,7 +257,7 @@ impl ValidatorClientHttpClient {
         &self,
         validators: Vec<ValidatorRequest>,
     ) -> Result<GenericResponse<PostValidatorsResponseData>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -271,7 +272,7 @@ impl ValidatorClientHttpClient {
         &self,
         request: &CreateValidatorsMnemonicRequest,
     ) -> Result<GenericResponse<Vec<CreatedValidator>>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -287,7 +288,7 @@ impl ValidatorClientHttpClient {
         &self,
         request: &KeystoreValidatorsPostRequest,
     ) -> Result<GenericResponse<ValidatorData>, Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?
@@ -304,7 +305,7 @@ impl ValidatorClientHttpClient {
         voting_pubkey: &PublicKeyBytes,
         enabled: bool,
     ) -> Result<(), Error> {
-        let mut path = self.server.clone();
+        let mut path = self.server.full.clone();
 
         path.path_segments_mut()
             .map_err(|()| Error::InvalidUrl(self.server.clone()))?