From 0ba1622b11b81ff499ab9ba5fa71204d4436a60a Mon Sep 17 00:00:00 2001 From: Ankit Tiwari Date: Thu, 1 Feb 2024 23:10:25 +0530 Subject: [PATCH] fix: Add more tests --- .../storage/mysql/test/LoggingTest.java | 143 ++++++++++++++++++ 1 file changed, 143 insertions(+) diff --git a/src/test/java/io/supertokens/storage/mysql/test/LoggingTest.java b/src/test/java/io/supertokens/storage/mysql/test/LoggingTest.java index fb925e4..c15840f 100644 --- a/src/test/java/io/supertokens/storage/mysql/test/LoggingTest.java +++ b/src/test/java/io/supertokens/storage/mysql/test/LoggingTest.java @@ -21,6 +21,8 @@ import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.Appender; import com.google.gson.JsonObject; + +import io.supertokens.Main; import io.supertokens.ProcessState; import io.supertokens.config.Config; import io.supertokens.featureflag.EE_FEATURES; @@ -308,6 +310,147 @@ public void confirmHikariLoggerClosedOnlyWhenProcessEnds() throws Exception { assertFalse(hikariLogger.iteratorForAppenders().hasNext()); } + @Test + public void testDBPasswordMaskingOnDBConnectionFailUsingConnectionUri() throws Exception { + StorageLayer.close(); + String[] args = { "../" }; + + String dbUser = "db_user"; + String dbPassword = "db_password"; + String dbName = "db_does_not_exist"; + String dbConnectionUri = "mysql://" + dbUser + ":" + dbPassword + "@localhost:3306/" + dbName; + + Utils.setValueInConfig("mysql_connection_uri", dbConnectionUri); + Utils.commentConfigValue("mysql_user"); + Utils.commentConfigValue("mysql_password"); + + TestingProcessManager.TestingProcess process = TestingProcessManager.start(args); + + process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.INIT_FAILURE); + + File errorLog = new File(Config.getConfig(process.getProcess()).getErrorLogPath(process.getProcess())); + + boolean dbPasswordMaskedInErrorLog = false; + + try (Scanner errorScanner = new Scanner(errorLog, StandardCharsets.UTF_8)) { + while (errorScanner.hasNextLine()) { + String line = errorScanner.nextLine(); + if(line.contains(dbName) && line.contains(dbUser) && !line.contains(dbPassword) && line.contains("********")){ + dbPasswordMaskedInErrorLog = true; + break; + } + } + } + + assertTrue(dbPasswordMaskedInErrorLog); + process.kill(); + + assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED)); + } + + @Test + public void testDBPasswordMaskingOnDBConnectionFailUsingCredentials() throws Exception { + StorageLayer.close(); + String[] args = { "../" }; + + String dbUser = "db_user"; + String dbPassword = "db_password"; + String dbName = "db_does_not_exist"; + + Utils.setValueInConfig("mysql_user", dbUser); + Utils.setValueInConfig("mysql_password", dbPassword); + Utils.setValueInConfig("mysql_database_name", dbName); + + TestingProcessManager.TestingProcess process = TestingProcessManager.start(args); + + process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.INIT_FAILURE); + + File errorLog = new File(Config.getConfig(process.getProcess()).getErrorLogPath(process.getProcess())); + + boolean dbPasswordMaskedInErrorLog = false; + + try (Scanner errorScanner = new Scanner(errorLog, StandardCharsets.UTF_8)) { + while (errorScanner.hasNextLine()) { + String line = errorScanner.nextLine(); + if(line.contains(dbName) && line.contains(dbUser) && !line.contains(dbPassword) && line.contains("********")){ + dbPasswordMaskedInErrorLog = true; + break; + } + } + } + + assertTrue(dbPasswordMaskedInErrorLog); + process.kill(); + + assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED)); + } + + @Test + public void testDBPasswordMaskingOnDBConnectionFailWhenCreatingTenant() throws Exception { + StorageLayer.close(); + String[] args = { "../" }; + + String dbUser = "db_user"; + String dbPassword = "db_password"; + String dbName = "db_does_not_exist"; + String dbConnectionUri = "mysql://" + dbUser + ":" + dbPassword + "@localhost:3306/" + dbName; + + TestingProcessManager.TestingProcess process = TestingProcessManager.start(args, false); + Main main = process.getProcess(); + + FeatureFlagTestContent.getInstance(main) + .setKeyValue(FeatureFlagTestContent.ENABLED_FEATURES, new EE_FEATURES[]{ + EE_FEATURES.ACCOUNT_LINKING, EE_FEATURES.MULTI_TENANCY}); + + process.startProcess(); + + assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED)); + + JsonObject config = new JsonObject(); + TenantIdentifier tenantIdentifier = new TenantIdentifier(null, "a1", null); + + config.addProperty("mysql_connection_uri", dbConnectionUri); + StorageLayer.getStorage(new TenantIdentifier(null, null, null), main) + .modifyConfigToAddANewUserPoolForTesting(config, 1); + + try { + Multitenancy.addNewOrUpdateAppOrTenant( + main, + new TenantIdentifier(null, null, null), + new TenantConfig( + tenantIdentifier, + new EmailPasswordConfig(true), + new ThirdPartyConfig(true, null), + new PasswordlessConfig(true), + config + ) + ); + + } catch (Exception e) { + + } + + File errorLog = new File(Config.getConfig(main).getErrorLogPath(main)); + + boolean dbPasswordMaskedInErrorLog = false; + + try (Scanner errorScanner = new Scanner(errorLog, StandardCharsets.UTF_8)) { + while (errorScanner.hasNextLine()) { + String line = errorScanner.nextLine(); + System.out.println("line: " + line); + if(line.contains(dbName) && line.contains(dbUser) && !line.contains(dbPassword) && line.contains("********")){ + dbPasswordMaskedInErrorLog = true; + break; + } + } + } + + assertTrue(dbPasswordMaskedInErrorLog); + process.kill(); + + assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED)); + } + @Test public void testDBPasswordMasking() throws Exception { StorageLayer.close();