audit 로그 개선. kratos 코드발급 링크로 전송까지 진행 완료 #104

2026-01-29 01:20:19 +09:00
parent ff17259117
commit b88de7ec91
46 changed files with 2843 additions and 585 deletions
--- a/backend/internal/utils/masking_test.go
+++ b/backend/internal/utils/masking_test.go
@@ -0,0 +1,59 @@
+package utils
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestMaskSensitiveJSON(t *testing.T) {
+	tests := []struct {
+		name     string
+		input    string
+		expected string // We'll check containment or specific structure
+	}{
+		{
+			name:     "Flat object with password",
+			input:    `{"username": "user", "password": "secret123"}`,
+			expected: `{"password":"*****","username":"user"}`,
+		},
+		{
+			name:     "Nested object with token",
+			input:    `{"data": {"token": "abc-def", "id": 123}}`,
+			expected: `{"data":{"id":123,"token":"*****"}}`,
+		},
+		{
+			name:     "Case insensitive key",
+			input:    `{"NewPassword": "changed"}`,
+			expected: `{"NewPassword":"*****"}`,
+		},
+		{
+			name:     "Array of objects",
+			input:    `[{"secret": "s1"}, {"secret": "s2"}]`,
+			expected: `[{"secret":"*****"},{"secret":"*****"}]`,
+		},
+		{
+			name:     "Invalid JSON",
+			input:    `not-json`,
+			expected: `not-json`,
+		},
+		{
+			name:     "Empty JSON",
+			input:    ``,
+			expected: ``,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := MaskSensitiveJSON([]byte(tt.input))
+			// Since JSON map order is undefined, exact string match might fail if keys are reordered.
+			// Ideally we should unmarshal and compare maps, or use assert.JSONEq
+			if tt.name == "Invalid JSON" || tt.name == "Empty JSON" {
+				assert.Equal(t, tt.expected, string(result))
+			} else {
+				assert.JSONEq(t, tt.expected, string(result))
+			}
+		})
+	}
+}