Ki:%VdZddlZddlmcmZddlZddlZddl m Z ddl Z ejjdee ej j j ddlmZmZmZGddZGddZGd d Zed k(re j2ed gyy) u#utils/redact.py 테스트 스위트N)Path)RedactingFormatterredact_sensitive_textsetup_redacted_loggingceZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZdZy)TestRedactSensitiveTextu(redact_sensitive_text() 패턴 테스트cd}t|}d}||k(}|stjd|fd||fdtjvstj trtj tndtj |tj |tj |dz}dd|iz}ttj|dx}x}x}}y) u(일반 텍스트는 변경 없이 통과z hello world==z0%(py4)s {%(py4)s = %(py0)s(%(py2)s) } == %(py7)srpy0py2py4py7assert %(py9)spy9N r @pytest_ar_call_reprcompare @py_builtinslocals_should_repr_global_name _safereprAssertionError_format_explanationself @py_assert1 @py_assert3 @py_assert6 @py_assert5 @py_format8 @py_format10s ./home/jay/workspace/utils/tests/test_redact.pytest_passthrough_plain_textz3TestRedactSensitiveText.test_passthrough_plain_texts%2D$]3D}D3}DDDD3}DDDDDD$DDD$DDD]DDD3DDD}DDDDDDDcd}t|}d}||u}|stjd|fd||fdtjvstj trtj tndtj |tj |tj |dz}dd|iz}ttj|dx}x}x}}y)uNone 입력은 None 반환N)is)z0%(py4)s {%(py4)s = %(py0)s(%(py2)s) } is %(py7)srr rrrrs r%test_none_returns_nonez.TestRedactSensitiveText.test_none_returns_nones%)2$T*2d2*d2222*d222222$222$222T222*222d2222222r'cd}t|}d}||k(}|stjd|fd||fdtjvstj trtj tndtj |tj |tj |dz}dd|iz}ttj|dx}x}x}}y) u빈 문자열 통과r r rr rrNrrs r%test_empty_stringz)TestRedactSensitiveText.test_empty_strings%'.$R(.B.(B....(B......$...$...R...(...B.......r'cftd}d}||k(}|stjd|fd||fdtjvstj |rtj |ndtj |dz}dd|iz}ttj|d x}}y ) u*비문자열은 str()로 변환 후 처리*42r )z%(py0)s == %(py3)sresult)rpy3assert %(py5)spy5Nr)rr1 @py_assert2r @py_format4 @py_format6s r%test_non_string_coercedz/TestRedactSensitiveText.test_non_string_coercedsd&r*v~vvvr'cd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}d }||v}|stjd |fd ||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}d }||v}|stjd |fd ||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y )u%sk-로 시작하는 API 키 마스킹%key=sk-abcdefghijklmnopqrstuvwxyz1234!sk-abcdefghijklmnopqrstuvwxyz1234not inz%(py1)s not in %(py3)sr1py1r2r3r4Nzsk-abcinz%(py1)s in %(py3)s1234 rrrrrrrrrrtextr1 @py_assert0r5r6r7s r%test_sk_token_maskedz,TestRedactSensitiveText.test_sk_token_masked$s6&t,2@2&@@@@2&@@@2@@@@@@&@@@&@@@@@@@!x6!!!!x6!!!x!!!!!!6!!!6!!!!!!!vvvr'chd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) u"sk-ant- Anthropic 토큰 마스킹z6ANTHROPIC_API_KEY=sk-ant-api03-verylongkeyhere12345678zapi03-verylongkeyhere12345678r<r>r1r?r3r4NrErFs r%test_sk_ant_token_maskedz0TestRedactSensitiveText.test_sk_ant_token_masked,smG&t,.<.f<<<<.f<<<.<<<<<r1r?r3r4NrErFs r%test_github_pat_classic_maskedz6TestRedactSensitiveText.test_github_pat_classic_masked3sm9&t,3A36AAAA36AAA3AAAAAA6AAA6AAAAAAAr'chd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) u#github_pat_ 세밀한 PAT 마스킹+github_pat_ABCDEFGHIJKLMNOPQRSTUVWXYZ123456 ABCDEFGHIJKLMNOPQRSTUVWXYZ123456r<r>r1r?r3r4NrErFs r%#test_github_pat_fine_grained_maskedz;TestRedactSensitiveText.test_github_pat_fine_grained_masked9sm<&t,1?1????1???1????????????????r'chd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) u AKIA AWS Access Key ID 마스킹z&AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLEAKIAIOSFODNN7EXAMPLEr<r>r1r?r3r4NrErFs r%test_aws_access_key_maskedz2TestRedactSensitiveText.test_aws_access_key_masked@sm7&t,%3%V3333%V333%333333V333V3333333r'chd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) usk_live_ Stripe 키 마스킹z'STRIPE_KEY=sk_live_abcdefghijklmnopqrstsk_live_abcdefghijklmnopqrstr<r>r1r?r3r4NrErFs r%test_stripe_live_key_maskedz3TestRedactSensitiveText.test_stripe_live_key_maskedGsm8&t,-;-V;;;;-V;;;-;;;;;;V;;;V;;;;;;;r'cd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}d }||v}|stjd |fd ||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) u%KEY=value 형태 ENV 할당 마스킹z0OPENAI_API_KEY=super_secret_key_value_here_12345!super_secret_key_value_here_12345r<r>r1r?r3r4NzOPENAI_API_KEY=rArCrErFs r%test_env_assignment_api_keyz3TestRedactSensitiveText.test_env_assignment_api_keyNsA&t,2@2&@@@@2&@@@2@@@@@@&@@@&@@@@@@@ * F**** F*** ******F***F*******r'chd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) u1KEY='value' 따옴표 포함 ENV 할당 마스킹z4DATABASE_PASSWORD='my_very_long_secret_password_xyz' my_very_long_secret_password_xyzr<r>r1r?r3r4NrErFs r%test_env_assignment_quotedz2TestRedactSensitiveText.test_env_assignment_quotedUsmE&t,1?1????1???1????????????????r'chd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) uJSON apiKey 필드 마스킹z*{"apiKey": "supersecretlongvalue12345678"}supersecretlongvalue12345678r<r>r1r?r3r4NrErFs r%test_json_api_key_fieldz/TestRedactSensitiveText.test_json_api_key_field\sm;&t,-;-V;;;;-V;;;-;;;;;;V;;;V;;;;;;;r'chd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) uJSON token 필드 마스킹z0{"token": "bearer_token_value_very_long_string"}#bearer_token_value_very_long_stringr<r>r1r?r3r4NrErFs r%test_json_token_fieldz-TestRedactSensitiveText.test_json_token_fieldbsmA&t,4B4FBBBB4FBBB4BBBBBBFBBBFBBBBBBBr'cd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}d }||v}|stjd |fd ||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) u&Authorization: Bearer 헤더 마스킹z5Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpeyJhbGciOiJSUzI1NiIsInR5cCI6Ikpr<r>r1r?r3r4NzAuthorization: BearerrArCrErFs r%test_auth_bearer_headerz/TestRedactSensitiveText.test_auth_bearer_headerisF&t,0>0>>>>0>>>0>>>>>>>>>>>>>>>>&0&&0000&&000&000000&000&0000000r'cd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}d }||v}|stjd |fd ||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) uTelegram bot 토큰 마스킹z0bot123456789:ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghi#ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghir<r>r1r?r3r4N 123456789rArCrErFs r%test_telegram_bot_tokenz/TestRedactSensitiveText.test_telegram_bot_tokenqsA&t,4B4FBBBB4FBBB4BBBBBBFBBBFBBBBBBB${f$$$${f$$${$$$$$$f$$$f$$$$$$$r'cd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}d }||v}|stjd |fd ||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) u'PEM 형식 Private Key 블록 마스킹zN-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEA -----END RSA PRIVATE KEY-----MIIEpAIBAAKCAQEAr<r>r1r?r3r4Nz[REDACTED PRIVATE KEY]rArCrErFs r%test_private_key_blockz.TestRedactSensitiveText.test_private_key_blockysa&t,!/!////!///!////////////////'1'61111'6111'111111611161111111r'cd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}d }||v}|stjd |fd ||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}d }||v}|stjd |fd ||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y )u2PostgreSQL 연결 문자열 비밀번호 마스킹z4postgresql://user:mysecretpassword@localhost:5432/dbmysecretpasswordr<r>r1r?r3r4Nzpostgresql://user:rArCz @localhostrErFs r%test_postgres_connection_stringz7TestRedactSensitiveText.test_postgres_connection_strings"E&t,!/!////!///!////////////////#-#v----#v---#------v---v-------%|v%%%%|v%%%|%%%%%%v%%%v%%%%%%%r'chd}t|}d}||v}|stjd|fd||ftj|dt j vstj |rtj|nddz}dd|iz}ttj|d x}}y ) u-MySQL 연결 문자열 비밀번호 마스킹z-mysql://admin:p@ssw0rd123@db.example.com/mydbz p@ssw0rd123r<r>r1r?r3r4NrErFs r%test_mysql_connection_stringz4TestRedactSensitiveText.test_mysql_connection_stringsj>&t,*}F****}F***}******F***F*******r'cd}t|}g}d}||v}|}|sd}||v}|}|sXtjd|fd||ftj|dt j vstj |rtj|nddz} dd | iz} |j| |stjd fd |ftj|dt j vstj |rtj|ndd z} d d| iz} |j| tj|diz} dd| iz}ttj|dx}x}x}x}x}}y)u/18자 미만 토큰은 *** 로 완전 마스킹zAPI_KEY=short_val_xz*** short_val_xrA)z%(py3)s in %(py5)sr1)r2r4z%(py7)srr<)z%(py10)s not in %(py12)s)py10py12z%(py14)spy14zassert %(py17)spy17N) rrrrrrrappend_format_booloprr)rrGr1rr5 @py_assert4rH @py_assert9 @py_assert11r7r# @py_format13 @py_format15 @py_format16 @py_format18s r%test_short_token_fully_maskedz5TestRedactSensitiveText.test_short_token_fully_maskeds%&t,=u=u=-=-v"=====u===u================-v===-======v===v==============r'c|jddd}t|}||k(}|stjd|fd||fdt j vstj |rtj|nddt j vstj |rtj|nddz}d d |iz}ttj|d }y ) u?DISABLE_REDACT_SECRETS=1 환경변수로 마스킹 비활성화DISABLE_REDACT_SECRETS1r;r )z%(py0)s == %(py2)sr1rG)rrzassert %(py4)srN) setenvrrrrrrrrr)r monkeypatchrGr1r @py_format3 @py_format5s r%test_env_disabled_via_envvarz4TestRedactSensitiveText.test_env_disabled_via_envvars3S92&t,~vvvr'N)__name__ __module__ __qualname____doc__r&r*r-r8rIrKrNrRrUrXr[r^rardrgrkrnrqrsrrr'r%rrss2E3/  =B @4<+@< C1%2&+>r'rceZdZdZdZdZy)TestRedactingFormatteru-RedactingFormatter 로그 포맷터 테스트c td}tjdtjddddd }|j |}d }||v}|st j d |fd ||ft j|d tjvst j|rt j|nd dz}dd|iz}tt j|dx}}y)u'로그 메시지에서 비밀 마스킹 %(message)sfmttestr,rr:rNnamelevelpathnamelinenomsgargsexc_infor;r<r>outputr?r3r4 rlogging LogRecordINFOformatrrrrrrrrr formatterrecordrrHr5r6r7s r%#test_formatter_masks_secrets_in_logz:TestRedactingFormatter.test_formatter_masks_secrets_in_logs&=9 "",,7 !!&)2@2&@@@@2&@@@2@@@@@@&@@@&@@@@@@@r'c td}tjdtjddddd }|j |}d}||v}|st j d |fd ||ft j|d tjvst j|rt j|nd d z}dd|iz}tt j|dx}}y)u(일반 메시지는 변경 없이 통과rrrr,rznormal log messagerNrrArCrr?r3r4rrs r% test_formatter_passes_plain_textz7TestRedactingFormatter.test_formatter_passes_plain_texts&=9 "",,$ !!&)#-#v----#v---#------v---v-------r'N)rrrrrrrr'r%rrs7 A .r'rc"eZdZdZdZdZdZy)TestSetupRedactedLoggingu)setup_redacted_logging() 통합 테스트c tjd}|jjtj}|j tj d|j|t||jD]E}|j}t|t}|sddtjvstjtrtj tnddtjvstj|rtj |ndtj |dtjvstjtrtj tndtj |dz}t#tj$|dx}}Hy) u*기존 로거에 RedactingFormatter 적용ztest.setup_redactrTassert %(py6)s {%(py6)s = %(py0)s(%(py3)s {%(py3)s = %(py1)s.formatter }, %(py4)s) } isinstancehrrr@r2rpy6N)r getLoggerhandlersclear StreamHandler setFormatter Formatter addHandlerrrrrrrrrrrrrloggerhandlerrr5r" @py_format7s r%test_applies_to_existing_loggerz8TestSetupRedactedLogging.test_applies_to_existing_loggers""#67'')W..}=>'"v& ?Akk >:k+=> >> > > > > >: > > >: > > > > > >a > > >a > > >k > > > > > >+= > > >+= > > >> > > > > > > ?r'c tj}t|j}tj}|j tj d|j| t|jD]E}|j}t|t}|sddtjvstjtrtj tnddtjvstj|rtj |ndtj |dtjvstjtrtj tndtj |dz}t#tj$|dx}}H |j'|t|jD]}||vs|j'|y#|j'|t|jD]}||vs|j'|wxYw)u0인수 없이 호출 시 루트 로거에 적용rrrrrrN)rrlistrrrrrrrrrrrrrrrr removeHandler)rrootoriginal_handlers test_handlerrr5r"rs r%&test_applies_to_root_logger_by_defaultz?TestSetupRedactedLogging.test_applies_to_root_logger_by_defaults  " /,,. !!'"3"3M"BC  % * " $]] C"#++Bz+/ABBBBBBBBzBBBzBBBBBB!BBB!BBB+BBBBBB/ABBB/ABBBBBBBBBB C   | ,$--( *--&&q) *   | ,$--( *--&&q) *s4EH.IIc ltjd}|jjtj}|j |t ||jD]E}|j}t|t}|sddtjvstjtrtjtnddtjvstj|rtj|ndtj|dtjvstjtrtjtndtj|dz}ttj |dx}}Hy)u5formatter가 없는 핸들러도 오류 없이 처리ztest.no_formatterrrrrrN)rrrrrrrrrrrrrrrrrrs r%*test_no_error_on_handler_without_formatterzCTestSetupRedactedLogging.test_no_error_on_handler_without_formatters""#67'')'" v& ?Akk >:k+=> >> > > > > >: > > >: > > > > > >a > > >a > > >k > > > > > >+= > > >+= > > >> > > > > > > ?r'N)rrrrrrrrr'r%rrs3 ?*, ?r'r__main__z-v)rbuiltinsr_pytest.assertion.rewrite assertionrewriterrsyspathlibrpytestpathinsertstr__file__parent utils.redactrrrrrrrmainrr'r%rs)  3tH~,,33::;<ZZOOd..D4?4?n zFKK4 !r'