Skip to content

Commit

Permalink
add test
Browse files Browse the repository at this point in the history
  • Loading branch information
thisisnithin committed Nov 28, 2023
1 parent b28dcaa commit a7aebba
Show file tree
Hide file tree
Showing 4 changed files with 117 additions and 2 deletions.
21 changes: 21 additions & 0 deletions v2/pkg/engine/datasource/httpclient/httpclient_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"bytes"
"compress/gzip"
"context"
"github.com/tidwall/sjson"
"io"
"net/http"
"net/http/httptest"
Expand Down Expand Up @@ -195,4 +196,24 @@ func TestHttpClientDo(t *testing.T) {
input = SetInputURL(input, []byte(server.URL))
t.Run("net", runTest(background, input, `ok`))
})

t.Run("redact sensitive headers", func(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_, err := httputil.DumpRequest(r, true)
assert.NoError(t, err)
w.Header().Set("Authorization", "test")
_, err = w.Write([]byte(`{"extensions": {"trace": {}}"}`))
assert.NoError(t, err)
}))
defer server.Close()
var input []byte
input = SetInputMethod(input, []byte("GET"))
input = SetInputURL(input, []byte(server.URL))
input, err := sjson.SetBytes(input, TRACE, true)
assert.NoError(t, err)
out := &bytes.Buffer{}
err = Do(http.DefaultClient, context.Background(), input, out)
assert.NoError(t, err)
assert.Contains(t, out.String(), `"Authorization":["****"]`)
})
}
3 changes: 2 additions & 1 deletion v2/pkg/engine/datasource/httpclient/nethttpclient.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"golang.org/x/exp/slices"
"io"
"net/http"
"strings"
"time"

"github.com/buger/jsonparser"
Expand Down Expand Up @@ -180,7 +181,7 @@ var headersToRedact = []string{
func redactHeaders(headers http.Header) http.Header {
redactedHeaders := make(http.Header)
for key, values := range headers {
if slices.Contains(headersToRedact, key) {
if slices.Contains(headersToRedact, strings.ToLower(key)) {
redactedHeaders[key] = []string{"****"}
} else {
redactedHeaders[key] = values
Expand Down
2 changes: 1 addition & 1 deletion v2/pkg/engine/resolve/loader.go
Original file line number Diff line number Diff line change
Expand Up @@ -740,7 +740,7 @@ func redactHeaders(rawJSON json.RawMessage) (json.RawMessage, error) {
if headers, ok := obj["header"]; ok {
if headerMap, isMap := headers.(map[string]interface{}); isMap {
for key, values := range headerMap {
if slices.Contains(sensitiveHeaders, key) {
if slices.Contains(sensitiveHeaders, strings.ToLower(key)) {
headerMap[key] = []string{"****"}
} else {
headerMap[key] = values
Expand Down
93 changes: 93 additions & 0 deletions v2/pkg/engine/resolve/loader_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package resolve
import (
"bytes"
"context"
"encoding/json"
"testing"

"github.com/golang/mock/gomock"
Expand Down Expand Up @@ -592,6 +593,98 @@ func BenchmarkV2Loader_LoadGraphQLResponseData(b *testing.B) {
}
}

func TestLoader_RedactHeaders(t *testing.T) {
ctrl := gomock.NewController(t)
defer ctrl.Finish()

productsService := mockedDS(t, ctrl,
`{"method":"POST","url":"http://products","header":{"Authorization":["$$4$$"]},"body":{"query":"query{topProducts{name __typename upc}}"},"__trace__":true}`,
`{"topProducts":[{"name":"Table","__typename":"Product","upc":"1"},{"name":"Couch","__typename":"Product","upc":"2"},{"name":"Chair","__typename":"Product","upc":"3"}]}`)

response := &GraphQLResponse{
Data: &Object{
Fetch: &SingleFetch{
InputTemplate: InputTemplate{
Segments: []TemplateSegment{
{
Data: []byte(`{"method":"POST","url":"http://products","header":{"Authorization":["$$4$$"]},"body":{"query":"query{topProducts{name __typename upc}}"}}`),
SegmentType: StaticSegmentType,
},
},
},
FetchConfiguration: FetchConfiguration{
DataSource: productsService,
PostProcessing: PostProcessingConfiguration{
SelectResponseDataPath: []string{"data"},
},
},
},
Fields: []*Field{
{
Name: []byte("topProducts"),
Value: &Array{
Path: []string{"topProducts"},
Item: &Object{
Fields: []*Field{
{
Name: []byte("name"),
Value: &String{
Path: []string{"name"},
},
},
{
Name: []byte("__typename"),
Value: &String{
Path: []string{"__typename"},
},
},
{
Name: []byte("upc"),
Value: &String{
Path: []string{"upc"},
},
},
},
},
},
},
},
},
}

ctx := &Context{
ctx: context.Background(),
}
resolvable := &Resolvable{
storage: &astjson.JSON{},
requestTraceOptions: RequestTraceOptions{Enable: true},
}
loader := &Loader{}

err := resolvable.Init(ctx, nil, ast.OperationTypeQuery)

assert.NoError(t, err)
err = loader.LoadGraphQLResponseData(ctx, response, resolvable)

Check failure on line 667 in v2/pkg/engine/resolve/loader_test.go

View workflow job for this annotation

GitHub Actions / Linters

ineffectual assignment to err (ineffassign)

var input struct {
Header map[string][]string
}

fetch := response.Data.Fetch
switch f := fetch.(type) {
case *SingleFetch:
{
_ = json.Unmarshal(f.Trace.Input, &input)
authHeader := input.Header["Authorization"]
assert.Equal(t, authHeader, []string{"****"})
}
default:
{
t.Errorf("Incorrect fetch type")
}
}
}

var (
DefaultPostProcessingConfiguration = PostProcessingConfiguration{
SelectResponseDataPath: []string{"data"},
Expand Down

0 comments on commit a7aebba

Please sign in to comment.