Skip to content

Commit 6eb6d1e

Browse files
n7studiosn7studios
committed
Fix debug tests in OAuth
1 parent 01814a1 commit 6eb6d1e

File tree

1 file changed

+25
-8
lines changed

1 file changed

+25
-8
lines changed

tests/ConvertKitAPIOAuthTest.php

Lines changed: 25 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,6 @@ public function testDebugEnabled()
5757
accessToken: $_ENV['CONVERTKIT_OAUTH_ACCESS_TOKEN'],
5858
debug: true
5959
);
60-
6160
$result = $api->get_account();
6261

6362
// Confirm that the log includes expected data.
@@ -114,26 +113,44 @@ public function testDebugCredentialsAndEmailsAreMasked()
114113
debug: true
115114
);
116115

117-
// Create log entries with API Key and Email Address, as if an API method
116+
// Create log entries with Client ID, Client Secret, Access Token and Email Address, as if an API method
118117
// were to log this sensitive data.
119-
$this->callPrivateMethod($api, 'create_log', ['API Key: ' . $_ENV['CONVERTKIT_API_KEY']]);
118+
$this->callPrivateMethod($api, 'create_log', ['Client ID: ' . $_ENV['CONVERTKIT_OAUTH_CLIENT_ID']]);
119+
$this->callPrivateMethod($api, 'create_log', ['Client Secret: ' . $_ENV['CONVERTKIT_OAUTH_CLIENT_SECRET']]);
120+
$this->callPrivateMethod($api, 'create_log', ['Access Token: ' . $_ENV['CONVERTKIT_OAUTH_ACCESS_TOKEN']]);
120121
$this->callPrivateMethod($api, 'create_log', ['Email: ' . $_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL']]);
121122

122-
// Confirm that the log includes the masked API Key and Email Address.
123+
// Confirm that the log includes the masked Client ID, Secret, Access Token and Email Address.
124+
$this->assertStringContainsString(
125+
str_repeat(
126+
'*',
127+
(strlen($_ENV['CONVERTKIT_OAUTH_CLIENT_ID']) - 4)
128+
) . substr($_ENV['CONVERTKIT_OAUTH_CLIENT_ID'], -4),
129+
$this->getLogFileContents()
130+
);
131+
$this->assertStringContainsString(
132+
str_repeat(
133+
'*',
134+
(strlen($_ENV['CONVERTKIT_OAUTH_CLIENT_SECRET']) - 4)
135+
) . substr($_ENV['CONVERTKIT_OAUTH_CLIENT_SECRET'], -4),
136+
$this->getLogFileContents()
137+
);
123138
$this->assertStringContainsString(
124139
str_repeat(
125140
'*',
126-
(strlen($_ENV['CONVERTKIT_API_KEY']) - 4)
127-
) . substr($_ENV['CONVERTKIT_API_KEY'], -4),
141+
(strlen($_ENV['CONVERTKIT_OAUTH_ACCESS_TOKEN']) - 4)
142+
) . substr($_ENV['CONVERTKIT_OAUTH_ACCESS_TOKEN'], -4),
128143
$this->getLogFileContents()
129144
);
130145
$this->assertStringContainsString(
131146
'o****@n********.c**',
132147
$this->getLogFileContents()
133148
);
134149

135-
// Confirm that the log does not include the unmasked API Key or Email Address.
136-
$this->assertStringNotContainsString($_ENV['CONVERTKIT_API_KEY'], $this->getLogFileContents());
150+
// Confirm that the log does not include the unmasked Client ID, Secret, Access Token or Email Address.
151+
$this->assertStringNotContainsString($_ENV['CONVERTKIT_OAUTH_CLIENT_ID'], $this->getLogFileContents());
152+
$this->assertStringNotContainsString($_ENV['CONVERTKIT_OAUTH_CLIENT_SECRET'], $this->getLogFileContents());
153+
$this->assertStringNotContainsString($_ENV['CONVERTKIT_OAUTH_ACCESS_TOKEN'], $this->getLogFileContents());
137154
$this->assertStringNotContainsString($_ENV['CONVERTKIT_API_SUBSCRIBER_EMAIL'], $this->getLogFileContents());
138155
}
139156

0 commit comments

Comments
 (0)