Issue #6: implement api key hashing and verification

2026-04-26 16:40:36 -04:00
parent 4094e64ee0
commit 696be17139
17 changed files with 524 additions and 0 deletions
@@ -13,6 +13,15 @@ public sealed class GatewayLogRedactorTests
        Assert.DoesNotContain("super-secret", redacted);
    }

+    [Fact]
+    public void RedactApiKey_RemovesSecretContainingUnderscores()
+    {
+        string? redacted = GatewayLogRedactor.RedactApiKey("Bearer mxgw_operator01_super_secret_value");
+
+        Assert.Equal("Bearer mxgw_operator01_[redacted]", redacted);
+        Assert.DoesNotContain("super_secret_value", redacted);
+    }
+
    [Theory]
    [InlineData("AuthenticateUser")]
    [InlineData("WriteSecured")]