Skip to content

Commit

Permalink
clean up for increased coverage
Browse files Browse the repository at this point in the history
  • Loading branch information
pcmxgti committed Oct 17, 2023
1 parent 25a7f5a commit e511906
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 26 deletions.
21 changes: 0 additions & 21 deletions tests/unit/test_okta.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,27 +7,6 @@
import requests_mock


@pytest.fixture
def sample_json_response():
"""Return a response from okta server."""
from okta_response_simulation import empty_dict
from okta_response_simulation import error_dict
from okta_response_simulation import no_auth_methods
from okta_response_simulation import no_mfa
from okta_response_simulation import no_mfa_no_session_token
from okta_response_simulation import with_mfa

okta_fixture_data = {
"okta_response_no_auth_methods": no_auth_methods,
"okta_response_empty": empty_dict,
"okta_response_error": error_dict,
"okta_response_no_mfa": no_mfa,
"okta_response_no_mfa_no_session_token": no_mfa_no_session_token,
"okta_response_mfa": with_mfa,
}
return okta_fixture_data


@pytest.fixture
def sample_headers():
"""Return a headers."""
Expand Down
12 changes: 7 additions & 5 deletions tests/unit/test_user.py
Original file line number Diff line number Diff line change
Expand Up @@ -312,18 +312,20 @@ def test_logger_mask(caplog):

from tokendito import user

secret_dict = {"secret_key": "secret_val"}
logger = logging.getLogger(__name__)
logger.addFilter(user.MaskLoggerSecret())
user.add_sensitive_value_to_be_masked("supersecret")
user.add_sensitive_value_to_be_masked("another secret", "sessionToken")
user.add_sensitive_value_to_be_masked(secret_dict["secret_key"])
with caplog.at_level(logging.DEBUG):
logger.debug("This should be displayed, but not: supersecret")
logger.debug("another secret")
assert (
"supersecret" not in caplog.text
and "another secret" not in caplog.text
and "This should be displayed" in caplog.text
)
logger.debug(secret_dict)

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information High test

This expression logs
sensitive data (secret)
as clear text.
assert "supersecret" not in caplog.text
assert "another secret" not in caplog.text
assert "secret_val" not in caplog.text
assert "This should be displayed" in caplog.text


def test_display_selected_role():
Expand Down

0 comments on commit e511906

Please sign in to comment.