39 lines
1.2 KiB
C#
39 lines
1.2 KiB
C#
namespace ScadaLink.NotificationService.Tests;
|
|
|
|
/// <summary>
|
|
/// NS-009: Tests for scrubbing SMTP credential secrets out of log/result text.
|
|
/// </summary>
|
|
public class CredentialRedactorTests
|
|
{
|
|
[Fact]
|
|
public void Scrub_BasicAuthPassword_IsMasked()
|
|
{
|
|
var text = "535 5.7.8 Authentication failed for user 'svc' with password 'Hunter2pw!'";
|
|
var result = CredentialRedactor.Scrub(text, "svc:Hunter2pw!");
|
|
|
|
Assert.DoesNotContain("Hunter2pw!", result);
|
|
Assert.DoesNotContain("svc:Hunter2pw!", result);
|
|
}
|
|
|
|
[Fact]
|
|
public void Scrub_OAuth2ClientSecret_IsMasked()
|
|
{
|
|
var text = "Token request failed: client_secret=Sup3rSecretValue rejected by tenant";
|
|
var result = CredentialRedactor.Scrub(text, "tenant-guid:client-guid:Sup3rSecretValue");
|
|
|
|
Assert.DoesNotContain("Sup3rSecretValue", result);
|
|
}
|
|
|
|
[Fact]
|
|
public void Scrub_NullCredentials_ReturnsTextUnchanged()
|
|
{
|
|
Assert.Equal("plain text", CredentialRedactor.Scrub("plain text", null));
|
|
}
|
|
|
|
[Fact]
|
|
public void Scrub_NullText_ReturnsEmpty()
|
|
{
|
|
Assert.Equal(string.Empty, CredentialRedactor.Scrub(null, "user:pass"));
|
|
}
|
|
}
|