chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,35 @@
|
||||
import { describe, expect, it } from "vitest";
|
||||
import { slackSecretLogFields } from "../app/models/safeIntegrationLog.js";
|
||||
|
||||
const secret = {
|
||||
botAccessToken: "xoxb-BOT-SECRET",
|
||||
userAccessToken: "xoxp-USER-SECRET",
|
||||
refreshToken: "xoxe-REFRESH-SECRET",
|
||||
botScopes: ["chat:write", "channels:read"],
|
||||
userScopes: ["identity.basic"],
|
||||
};
|
||||
|
||||
// Built right before secretStore encrypts the same object — the log fields must
|
||||
// never carry the actual token strings.
|
||||
describe("slackSecretLogFields", () => {
|
||||
it("emits presence booleans + scopes, never the token values", () => {
|
||||
const fields = slackSecretLogFields("int_123", secret);
|
||||
const serialized = JSON.stringify(fields);
|
||||
for (const token of ["xoxb-BOT-SECRET", "xoxp-USER-SECRET", "xoxe-REFRESH-SECRET"]) {
|
||||
expect(serialized).not.toContain(token);
|
||||
}
|
||||
expect(fields).toEqual({
|
||||
friendlyId: "int_123",
|
||||
hasUserToken: true,
|
||||
hasRefreshToken: true,
|
||||
botScopes: ["chat:write", "channels:read"],
|
||||
userScopes: ["identity.basic"],
|
||||
});
|
||||
});
|
||||
|
||||
it("reports false when optional tokens are absent", () => {
|
||||
const fields = slackSecretLogFields("int_456", { botAccessToken: "xoxb-x", botScopes: [] });
|
||||
expect(fields.hasUserToken).toBe(false);
|
||||
expect(fields.hasRefreshToken).toBe(false);
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user