readProjectFile('lib/Service/Audit/SystemAuditRedactionService.php'); foreach ([ "'password'", "'access_token'", "'refresh_token'", "'id_token'", "'authorization'", "'api_key'", "'client_secret'", "'smtp_password'", "'microsoft_shared_client_secret'", "'email'", "'to_email'", ] as $needle) { self::assertStringContainsString($needle, $content); } self::assertStringContainsString("return str_contains(\$key, 'password')", $content); self::assertStringContainsString("|| str_contains(\$key, 'secret')", $content); self::assertStringContainsString("|| str_contains(\$key, 'token')", $content); self::assertStringContainsString("|| str_contains(\$key, 'authorization')", $content); self::assertStringContainsString("|| str_ends_with(\$key, '_key');", $content); } public function testApiAuditRedactionCoversCredentialsAndAuthorizationFields(): void { $content = $this->readProjectFile('lib/Service/Audit/ApiAuditService.php'); foreach ([ "'token'", "'access_token'", "'refresh_token'", "'id_token'", "'secret'", "'password'", "'authorization'", "'api_key'", "'client_secret'", "'key'", ] as $needle) { self::assertStringContainsString($needle, $content); } self::assertStringContainsString("return str_contains(\$key, 'token')", $content); self::assertStringContainsString("|| str_contains(\$key, 'secret')", $content); self::assertStringContainsString("|| str_contains(\$key, 'password')", $content); self::assertStringContainsString("|| str_contains(\$key, 'authorization')", $content); self::assertStringContainsString("|| str_ends_with(\$key, '_key');", $content); } }