forked from samanhappy/mcphub
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathserialization.test.ts
More file actions
131 lines (116 loc) · 4.16 KB
/
Copy pathserialization.test.ts
File metadata and controls
131 lines (116 loc) · 4.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
import {
createSafeJSON,
formatErrorForLogging,
safeStringify,
summarizeErrorForLogging,
} from '../../src/utils/serialization.js';
describe('serialization utilities', () => {
it('safeStringify redacts OAuth tokens and remote HTTP error details from logs', () => {
const remoteError = Object.assign(new Error('access_token=super-secret'), {
code: 'ERR_BAD_REQUEST',
response: {
status: 401,
data: {
access_token: 'super-secret',
refresh_token: 'even-more-secret',
},
headers: {
'x-request-id': 'req-123',
},
},
});
const result = safeStringify({
accessToken: 'abc123',
authorization: 'Bearer abc123',
nested: {
clientSecret: 'shhh',
},
error: remoteError,
});
expect(result).toContain('"accessToken":"[REDACTED]"');
expect(result).toContain('"authorization":"[REDACTED]"');
expect(result).toContain('"clientSecret":"[REDACTED]"');
expect(result).toContain('"message":"[Remote request failed; response details omitted]"');
expect(result).toContain('"status":401');
expect(result).toContain('"requestId":"req-123"');
expect(result).not.toContain('super-secret');
expect(result).not.toContain('even-more-secret');
});
it('safeStringify preserves nested Error details instead of serializing them as empty objects', () => {
const error = new Error('boom');
(error as Error & { code?: string }).code = 'E_BANG';
const result = safeStringify({
scope: 'test',
error,
});
expect(result).toContain('"scope":"test"');
expect(result).toContain('"message":"boom"');
expect(result).toContain('"name":"Error"');
expect(result).toContain('"code":"E_BANG"');
expect(result).toContain('"stack":');
expect(result).not.toContain('"error":{}');
});
it('createSafeJSON preserves nested Error details while still handling circular references', () => {
const error = new Error('circular boom');
const payload: Record<string, unknown> = { error };
payload.self = payload;
const safePayload = createSafeJSON(payload) as {
error: { name: string; message: string; stack: string };
self: string;
};
expect(safePayload.error).toEqual(
expect.objectContaining({
name: 'Error',
message: 'circular boom',
}),
);
expect(typeof safePayload.error.stack).toBe('string');
expect(safePayload.self).toBe('[Circular Reference]');
});
it('summarizeErrorForLogging and formatErrorForLogging omit remote response details', () => {
const error = Object.assign(new Error('oauth response: {"access_token":"top-secret"}'), {
code: 'ERR_BAD_REQUEST',
response: {
status: 401,
data: {
access_token: 'top-secret',
},
headers: {
'x-request-id': 'req-456',
},
},
});
const summary = summarizeErrorForLogging(error);
const formatted = formatErrorForLogging(error);
expect(summary).toEqual(
expect.objectContaining({
message: '[Remote request failed; response details omitted]',
status: 401,
code: 'ERR_BAD_REQUEST',
requestId: 'req-456',
}),
);
expect(JSON.stringify(summary)).not.toContain('top-secret');
expect(formatted).toContain('[Remote request failed; response details omitted]');
expect(formatted).toContain('status=401');
expect(formatted).not.toContain('top-secret');
});
it('summarizeErrorForLogging redacts secrets from ordinary Error fields', () => {
const error = Object.assign(new Error('oauth access_token=top-secret'), {
code: 'E_OAUTH',
accessToken: 'also-secret',
});
const summary = summarizeErrorForLogging(error);
const formatted = formatErrorForLogging(error);
expect(summary).toEqual(
expect.objectContaining({
message: 'oauth access_token=[REDACTED]',
code: 'E_OAUTH',
}),
);
expect(summary).not.toHaveProperty('accessToken');
expect(JSON.stringify(summary)).not.toContain('top-secret');
expect(JSON.stringify(summary)).not.toContain('also-secret');
expect(formatted).not.toContain('top-secret');
});
});