From ca08437967e5ecbd41ae74de38cede0de1e6047c Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Thu, 28 Mar 2024 11:10:39 +0100
Subject: fix(logger): Make the handling of SensitiveParameters consistent

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 tests/lib/Log/ExceptionSerializerTest.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'tests/lib/Log/ExceptionSerializerTest.php')

diff --git a/tests/lib/Log/ExceptionSerializerTest.php b/tests/lib/Log/ExceptionSerializerTest.php
index 209214a6832..6637c401ab1 100644
--- a/tests/lib/Log/ExceptionSerializerTest.php
+++ b/tests/lib/Log/ExceptionSerializerTest.php
@@ -52,6 +52,14 @@ class ExceptionSerializerTest extends TestCase {
 		throw new \Exception('expected custom auth exception');
 	}
 
+	private function usingSensitiveParameterAttribute(
+		string $login,
+		#[\SensitiveParameter]
+		string $parole,
+	): void {
+		throw new \Exception('SensitiveParameter attribute');
+	}
+
 	/**
 	 * this test ensures that the serializer does not overwrite referenced
 	 * variables. It is crafted after a scenario we experienced: the DAV server
@@ -81,4 +89,15 @@ class ExceptionSerializerTest extends TestCase {
 			$this->assertFalse(isset($serializedData['Trace'][0]['args'][1]));
 		}
 	}
+
+	public function testSensitiveParameterAttribute(): void {
+		try {
+			$this->usingSensitiveParameterAttribute('u57474', 'Secret');
+		} catch (\Exception $e) {
+			$serializedData = $this->serializer->serializeException($e);
+			$this->assertSame('usingSensitiveParameterAttribute', $serializedData['Trace'][0]['function']);
+			$this->assertSame('u57474', $serializedData['Trace'][0]['args'][0]);
+			$this->assertSame('*** sensitive parameters replaced ***', $serializedData['Trace'][0]['args'][1]);
+		}
+	}
 }
-- 
cgit v1.2.3