(t *testing.T)
| 418 | } |
| 419 | |
| 420 | func TestSearchTokensMasksKeyInResponse(t *testing.T) { |
| 421 | db := setupTokenControllerTestDB(t) |
| 422 | token := seedToken(t, db, 1, "searchable-token", "ijkl1234mnop5678") |
| 423 | |
| 424 | ctx, recorder := newAuthenticatedContext(t, http.MethodGet, "/api/token/search?keyword=searchable-token&p=1&size=10", nil, 1) |
| 425 | SearchTokens(ctx) |
| 426 | |
| 427 | response := decodeAPIResponse(t, recorder) |
| 428 | if !response.Success { |
| 429 | t.Fatalf("expected success response, got message: %s", response.Message) |
| 430 | } |
| 431 | |
| 432 | var page tokenPageResponse |
| 433 | if err := common.Unmarshal(response.Data, &page); err != nil { |
| 434 | t.Fatalf("failed to decode search response: %v", err) |
| 435 | } |
| 436 | if len(page.Items) != 1 { |
| 437 | t.Fatalf("expected exactly one search result, got %d", len(page.Items)) |
| 438 | } |
| 439 | if page.Items[0].Key != token.GetMaskedKey() { |
| 440 | t.Fatalf("expected masked search key %q, got %q", token.GetMaskedKey(), page.Items[0].Key) |
| 441 | } |
| 442 | if strings.Contains(recorder.Body.String(), token.Key) { |
| 443 | t.Fatalf("search response leaked raw token key: %s", recorder.Body.String()) |
| 444 | } |
| 445 | } |
| 446 | |
| 447 | func TestGetTokenMasksKeyInResponse(t *testing.T) { |
| 448 | db := setupTokenControllerTestDB(t) |
nothing calls this directly
no test coverage detected