forked from cloudfoundry/lager
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathjson_redacter_test.go
80 lines (65 loc) · 2.33 KB
/
json_redacter_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package lager_test
import (
"code.cloudfoundry.org/lager"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
var _ = Describe("JSON Redacter", func() {
var (
resp []byte
err error
jsonRedacter *lager.JSONRedacter
)
BeforeEach(func() {
jsonRedacter, err = lager.NewJSONRedacter(nil, []string{`amazonkey`, `AKIA[A-Z0-9]{16}`})
Expect(err).NotTo(HaveOccurred())
})
Context("when called with normal (non-secret) json", func() {
BeforeEach(func() {
resp = jsonRedacter.Redact([]byte(`{"foo":"bar"}`))
})
It("should return the same text", func() {
Expect(resp).To(Equal([]byte(`{"foo":"bar"}`)))
})
})
Context("when called with secrets inside the json", func() {
BeforeEach(func() {
resp = jsonRedacter.Redact([]byte(`{"foo":"fooval","password":"secret!","something":"AKIA1234567890123456"}`))
})
It("should redact the secrets", func() {
Expect(resp).To(Equal([]byte(`{"foo":"fooval","password":"*REDACTED*","something":"*REDACTED*"}`)))
})
})
Context("when a password flag is specified", func() {
BeforeEach(func() {
resp = jsonRedacter.Redact([]byte(`{"abcPwd":"abcd","password":"secret!","userpass":"fooval"}`))
})
It("should redact the secrets", func() {
Expect(resp).To(Equal([]byte(`{"abcPwd":"*REDACTED*","password":"*REDACTED*","userpass":"*REDACTED*"}`)))
})
})
Context("when called with an array of objects with a secret", func() {
BeforeEach(func() {
resp = jsonRedacter.Redact([]byte(`[{"foo":"fooval","password":"secret!","something":"amazonkey"}]`))
})
It("should redact the secrets", func() {
Expect(resp).To(Equal([]byte(`[{"foo":"fooval","password":"*REDACTED*","something":"*REDACTED*"}]`)))
})
})
Context("when called with a private key inside an array of strings", func() {
BeforeEach(func() {
resp = jsonRedacter.Redact([]byte(`["foo", "secret!", "amazonkey"]`))
})
It("should redact the amazonkey", func() {
Expect(resp).To(Equal([]byte(`["foo","secret!","*REDACTED*"]`)))
})
})
Context("when called with a private key inside a nested object", func() {
BeforeEach(func() {
resp = jsonRedacter.Redact([]byte(`{"foo":"fooval", "secret_stuff": {"password": "secret!"}}`))
})
It("should redact the amazonkey", func() {
Expect(resp).To(Equal([]byte(`{"foo":"fooval","secret_stuff":{"password":"*REDACTED*"}}`)))
})
})
})