Test that an error caused by the internal http client's Do() function does not leak the client secret.
(t *testing.T)
| 2307 | // Test that an error caused by the internal http client's Do() function |
| 2308 | // does not leak the client secret. |
| 2309 | func TestDo_sanitizeURL(t *testing.T) { |
| 2310 | t.Parallel() |
| 2311 | tp := &UnauthenticatedRateLimitedTransport{ |
| 2312 | ClientID: "id", |
| 2313 | ClientSecret: "secret", |
| 2314 | } |
| 2315 | unauthedClient := mustNewClient(t, WithHTTPClient(tp.Client())) |
| 2316 | unauthedClient.baseURL = &url.URL{Scheme: "http", Host: "127.0.0.1:0", Path: "/"} // Use port 0 on purpose to trigger a dial TCP error, expect to get "dial tcp 127.0.0.1:0: connect: can't assign requested address". |
| 2317 | req, err := unauthedClient.NewRequest(t.Context(), "GET", ".", nil) |
| 2318 | if err != nil { |
| 2319 | t.Fatalf("NewRequest returned unexpected error: %v", err) |
| 2320 | } |
| 2321 | _, err = unauthedClient.Do(req, nil) |
| 2322 | if err == nil { |
| 2323 | t.Fatal("Expected error to be returned.") |
| 2324 | } |
| 2325 | if strings.Contains(err.Error(), "client_secret=secret") { |
| 2326 | t.Errorf("Do error contains secret, should be redacted:\n%q", err) |
| 2327 | } |
| 2328 | } |
| 2329 | |
| 2330 | func TestDo_rateLimit(t *testing.T) { |
| 2331 | t.Parallel() |
nothing calls this directly
no test coverage detected
searching dependent graphs…