awoooi/apps/api/tests/test_secret_redactor.py

# 2026-04-20 @ Asia/Taipei
# Import root 由 pytest rootdir=apps/api 提供（見 pyproject.toml），因此不得用 `apps.api.src.*` 絕對路徑
from src.utils.secret_redactor import redact


def test_openrouter_key_redacted():
    assert "<redacted:openrouter>" in redact("sk-or-v1-abcdef0123456789ABCDEFghijklmnopqrstuv")


def test_anthropic_key_redacted():
    assert "<redacted:anthropic>" in redact("sk-ant-api03-abcDEF_123-xyz")


def test_github_token_redacted():
    assert "<redacted:github>" in redact("ghp_abcdef0123456789ABCDEFghijklmnopqrst")


def test_google_key_redacted():
    assert "<redacted:google>" in redact("AIzaSyABCDEFGHIJKLMNOPQRSTUVWXYZ1234567")


def test_telegram_bot_token_redacted():
    assert "<redacted:telegram>" in redact("111222333:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")


def test_aws_key_redacted():
    assert "<redacted:aws>" in redact("key=AKIAIOSFODNN7EXAMPLE")


def test_clean_passthrough():
    assert redact("normal text here") == "normal text here"


def test_nested_dict():
    d = {"a": "ghp_abcdef0123456789ABCDEFghijklmnopqrst", "b": {"c": "AIzaSyABCDEFGHIJKLMNOPQRSTUVWXYZ1234567"}}
    out = redact(d)
    assert "ghp_abc" not in str(out)
    assert "AIzaSy" not in str(out)