TestConfigHandlerRedaction validates that configHandler redacts sensitive values, still resulting in a valid JSON document.
(t *testing.T)
| 461 | // TestConfigHandlerRedaction validates that configHandler redacts sensitive |
| 462 | // values, still resulting in a valid JSON document. |
| 463 | func TestConfigHandlerRedaction(t *testing.T) { |
| 464 | config := serverinit.ExportNewConfigFromObj(jsonconfig.Obj{ |
| 465 | "auth": "secret", |
| 466 | "aws_secret_access_key": "secret", |
| 467 | "password": "secret", |
| 468 | "client_secret": "secret", |
| 469 | }) |
| 470 | |
| 471 | rr := httptest.NewRecorder() |
| 472 | serverinit.ConfigHandler(config).ServeHTTP(rr, nil) |
| 473 | got := make(map[string]string) |
| 474 | if err := json.Unmarshal(rr.Body.Bytes(), &got); err != nil { |
| 475 | t.Fatalf("Failed to unmarshal configHandler response: %v", err) |
| 476 | } |
| 477 | want := map[string]string{ |
| 478 | "auth": "REDACTED", |
| 479 | "aws_secret_access_key": "REDACTED", |
| 480 | "password": "REDACTED", |
| 481 | "client_secret": "REDACTED", |
| 482 | } |
| 483 | |
| 484 | compareConfigurations(t, "configHandlerRedaction", got, want) |
| 485 | } |
| 486 | |
| 487 | // TestConfigHandlerRemoveKnownKeys validates that configHandler removes |
| 488 | // "_knownkeys" keys properly, still resulting in a valid JSON document. |
nothing calls this directly
no test coverage detected