Merge pull request #2 from Treblle/feature/manage-more-complex-auth

chris-treblle · web-flow · commit efe56a8dba6a · 2023-08-30T14:32:05.000+01:00
ehancing checks around auth headers
diff --git a/src/Masking/FieldMasker.php b/src/Masking/FieldMasker.php
@@ -50,9 +50,15 @@ public function mask(array $data): array
                             string: $value,
                         );
 
-                        $parts[1] = $this->star(
-                            string: $parts[1],
-                        );
+                        if (count($parts) >= 2) {
+                            for ($i = 1; $i < count($parts); $i++) {
+                                $parts[$i] = $this->star(
+                                    string: $parts[$i]
+                                );
+                            }
+                        } else {
+                            $parts[0] = $this->star($parts[0]);
+                        }
 
                         $value = implode(' ', $parts);
                     } else {
diff --git a/tests/Masking/FieldMaskerTest.php b/tests/Masking/FieldMaskerTest.php
@@ -55,3 +55,116 @@
         'foo' => 'bar',
     ]);
 });
+
+it('can handle a single Authorization entry', function () {
+    $masker = new FieldMasker(
+        fields: ['password', 'api_key', 'cc'],
+    );
+
+    expect($masker->mask(
+        data: [
+            'form' => [
+                'password' => 'password',
+                'api_key' => 'test',
+            ],
+            'Authorization' => '123123123123123',
+            'X-API-KEY' => '1234-1234-4321',
+            'cc' => '1234-1234-1234-1234',
+            'foo' => 'bar',
+        ],
+    ))->toBeArray()->toEqual([
+        'form' => [
+            'password' => '********',
+            'api_key' => '****',
+        ],
+        'Authorization' => '***************',
+        'X-API-KEY' => '**************',
+        'cc' => '*******************',
+        'foo' => 'bar',
+    ]);
+});
+
+it('can handle a two Authorization entries', function () {
+    $masker = new FieldMasker(
+        fields: ['password', 'api_key', 'cc'],
+    );
+
+    expect($masker->mask(
+        data: [
+            'form' => [
+                'password' => 'password',
+                'api_key' => 'test',
+            ],
+            'Authorization' => 'Bearer 123123123123123',
+            'X-API-KEY' => '1234-1234-4321',
+            'cc' => '1234-1234-1234-1234',
+            'foo' => 'bar',
+        ],
+    ))->toBeArray()->toEqual([
+        'form' => [
+            'password' => '********',
+            'api_key' => '****',
+        ],
+        'Authorization' => 'Bearer ***************',
+        'X-API-KEY' => '**************',
+        'cc' => '*******************',
+        'foo' => 'bar',
+    ]);
+});
+
+
+it('can handle a multiple Authorization entries', function () {
+    $masker = new FieldMasker(
+        fields: ['password', 'api_key', 'cc'],
+    );
+
+    expect($masker->mask(
+        data: [
+            'form' => [
+                'password' => 'password',
+                'api_key' => 'test',
+            ],
+            'Authorization' => 'Bearer 123123123123123 123',
+            'X-API-KEY' => '1234-1234-4321',
+            'cc' => '1234-1234-1234-1234',
+            'foo' => 'bar',
+        ],
+    ))->toBeArray()->toEqual([
+        'form' => [
+            'password' => '********',
+            'api_key' => '****',
+        ],
+        'Authorization' => 'Bearer *************** ***',
+        'X-API-KEY' => '**************',
+        'cc' => '*******************',
+        'foo' => 'bar',
+    ]);
+});
+
+it('can handle a malformed Authorization entry', function () {
+    $masker = new FieldMasker(
+        fields: ['password', 'api_key', 'cc'],
+    );
+
+    expect($masker->mask(
+        data: [
+            'form' => [
+                'password' => 'password',
+                'api_key' => 'test',
+            ],
+            'Authorization' => 'Alien',
+            'X-API-KEY' => '1234-1234-4321',
+            'cc' => '1234-1234-1234-1234',
+            'foo' => 'bar',
+        ],
+    ))->toBeArray()->toEqual([
+        'form' => [
+            'password' => '********',
+            'api_key' => '****',
+        ],
+        'Authorization' => '*****',
+        'X-API-KEY' => '**************',
+        'cc' => '*******************',
+        'foo' => 'bar',
+    ]);
+});
