besaid.zone / core
forked from tangled.org/core
Monorepo for Tangled
fork atom
core / spindle / models / secret_mask_test.go
at sl/spindle-rewrite 3.1 kB view raw
1package models 2 3import ( 4 "encoding/base64" 5 "testing" 6) 7 8func TestSecretMask_BasicMasking(t *testing.T) { 9 mask := NewSecretMask([]string{"mysecret123"}) 10 11 input := "The password is mysecret123 in this log" 12 expected := "The password is *** in this log" 13 14 result := mask.Mask(input) 15 if result != expected { 16 t.Errorf("expected %q, got %q", expected, result) 17 } 18} 19 20func TestSecretMask_Base64Encoded(t *testing.T) { 21 secret := "mysecret123" 22 mask := NewSecretMask([]string{secret}) 23 24 b64 := base64.StdEncoding.EncodeToString([]byte(secret)) 25 input := "Encoded: " + b64 26 expected := "Encoded: ***" 27 28 result := mask.Mask(input) 29 if result != expected { 30 t.Errorf("expected %q, got %q", expected, result) 31 } 32} 33 34func TestSecretMask_Base64NoPadding(t *testing.T) { 35 // "test" encodes to "dGVzdA==" with padding 36 secret := "test" 37 mask := NewSecretMask([]string{secret}) 38 39 b64NoPad := "dGVzdA" // base64 without padding 40 input := "Token: " + b64NoPad 41 expected := "Token: ***" 42 43 result := mask.Mask(input) 44 if result != expected { 45 t.Errorf("expected %q, got %q", expected, result) 46 } 47} 48 49func TestSecretMask_MultipleSecrets(t *testing.T) { 50 mask := NewSecretMask([]string{"password1", "apikey123"}) 51 52 input := "Using password1 and apikey123 for auth" 53 expected := "Using *** and *** for auth" 54 55 result := mask.Mask(input) 56 if result != expected { 57 t.Errorf("expected %q, got %q", expected, result) 58 } 59} 60 61func TestSecretMask_MultipleOccurrences(t *testing.T) { 62 mask := NewSecretMask([]string{"secret"}) 63 64 input := "secret appears twice: secret" 65 expected := "*** appears twice: ***" 66 67 result := mask.Mask(input) 68 if result != expected { 69 t.Errorf("expected %q, got %q", expected, result) 70 } 71} 72 73func TestSecretMask_ShortValues(t *testing.T) { 74 mask := NewSecretMask([]string{"abc", "xy", ""}) 75 76 if mask == nil { 77 t.Fatal("expected non-nil mask") 78 } 79 80 input := "abc xy test" 81 expected := "*** *** test" 82 result := mask.Mask(input) 83 if result != expected { 84 t.Errorf("expected %q, got %q", expected, result) 85 } 86} 87 88func TestSecretMask_NilMask(t *testing.T) { 89 var mask *SecretMask 90 91 input := "some input text" 92 result := mask.Mask(input) 93 if result != input { 94 t.Errorf("expected %q, got %q", input, result) 95 } 96} 97 98func TestSecretMask_EmptyInput(t *testing.T) { 99 mask := NewSecretMask([]string{"secret"}) 100 101 result := mask.Mask("") 102 if result != "" { 103 t.Errorf("expected empty string, got %q", result) 104 } 105} 106 107func TestSecretMask_NoMatch(t *testing.T) { 108 mask := NewSecretMask([]string{"secretvalue"}) 109 110 input := "nothing to mask here" 111 result := mask.Mask(input) 112 if result != input { 113 t.Errorf("expected %q, got %q", input, result) 114 } 115} 116 117func TestSecretMask_EmptySecretsList(t *testing.T) { 118 mask := NewSecretMask([]string{}) 119 120 if mask != nil { 121 t.Error("expected nil mask for empty secrets list") 122 } 123} 124 125func TestSecretMask_EmptySecretsFiltered(t *testing.T) { 126 mask := NewSecretMask([]string{"ab", "validpassword", "", "xyz"}) 127 128 input := "Using validpassword here" 129 expected := "Using *** here" 130 131 result := mask.Mask(input) 132 if result != expected { 133 t.Errorf("expected %q, got %q", expected, result) 134 } 135}