github.com/pingcap/tiflow@v0.0.0-20240520035814-5bf52d54e205/pkg/util/uri_test.go (about) 1 // Copyright 2022 PingCAP, Inc. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // See the License for the specific language governing permissions and 12 // limitations under the License. 13 14 package util 15 16 import ( 17 "testing" 18 19 "github.com/stretchr/testify/require" 20 ) 21 22 func TestIsValidIPv6AddressFormatInURI(t *testing.T) { 23 t.Parallel() 24 25 tests := []struct { 26 name string 27 host string 28 want bool 29 }{ 30 {"valid ipv6 address", "[::1]", true}, 31 {"valid ipv6 address1 with port", "[::1]:8080", true}, 32 {"valid ipv6 address2 with port", "[1080:0:0:0:8:800:200C:417A]:8080", true}, 33 {"valid ipv6 address3 with port", "[::FFFF:129.144.52.38]:8080", true}, 34 {"invalid ipv6 address", "::1", false}, 35 {"invalid ipv6 address with port", "::1:8000", false}, 36 } 37 for _, tt := range tests { 38 test := tt 39 t.Run(test.name, func(t *testing.T) { 40 t.Parallel() 41 require.Equal(t, test.want, IsValidIPv6AddressFormatInURI(test.host)) 42 }) 43 } 44 } 45 46 func TestIsIPv6Address(t *testing.T) { 47 t.Parallel() 48 49 tests := []struct { 50 name string 51 host string 52 want bool 53 }{ 54 {"valid ipv6 address1", "::1", true}, 55 {"valid ipv6 address2", "1080:0:0:0:8:800:200C:417A", true}, 56 {"ipv4 address", "127.0.0.1", false}, 57 {"empty address", "", false}, 58 {"not ip address", "emmmmmmmm", false}, 59 } 60 61 for _, tt := range tests { 62 test := tt 63 t.Run(test.name, func(t *testing.T) { 64 t.Parallel() 65 require.Equal(t, test.want, IsIPv6Address(test.host)) 66 }) 67 } 68 } 69 70 func TestMaskSinkURI(t *testing.T) { 71 tests := []struct { 72 uri string 73 masked string 74 }{ 75 { 76 "mysql://root:123456@127.0.0.1:3306/?time-zone=Asia/Shanghai", 77 "mysql://root:xxxxx@127.0.0.1:3306/?time-zone=Asia/Shanghai", 78 }, 79 { 80 "kafka://127.0.0.1:9093/cdc?sasl-mechanism=SCRAM-SHA-256&sasl-user=ticdc&sasl-password=verysecure", 81 "kafka://127.0.0.1:9093/cdc?sasl-mechanism=SCRAM-SHA-256&sasl-password=xxxxx&sasl-user=ticdc", 82 }, 83 } 84 85 for _, tt := range tests { 86 maskedURI, err := MaskSinkURI(tt.uri) 87 require.NoError(t, err) 88 require.Equal(t, tt.masked, maskedURI) 89 } 90 } 91 92 func TestMaskSensitiveDataInURI(t *testing.T) { 93 tests := []struct { 94 uri string 95 masked string 96 }{ 97 { 98 "mysql://root:123456@127.0.0.1:3306/?time-zone=c", 99 "mysql://root:xxxxx@127.0.0.1:3306/?time-zone=c", 100 }, 101 { 102 "mysql://root:123456@127.0.0.1:3306/?access_key=c", 103 "mysql://root:xxxxx@127.0.0.1:3306/?access_key=xxxxx", 104 }, 105 { 106 "mysql://root:123456@127.0.0.1:3306/?secret_access_key=c", 107 "mysql://root:xxxxx@127.0.0.1:3306/?secret_access_key=xxxxx", 108 }, 109 { 110 "mysql://root:123456@127.0.0.1:3306/?client_secret=c", 111 "mysql://root:xxxxx@127.0.0.1:3306/?client_secret=xxxxx", 112 }, 113 { 114 "", 115 "", 116 }, 117 { 118 "abc", 119 "abc", 120 }, 121 } 122 for _, q := range sensitiveQueryParameterNames { 123 tests = append(tests, struct { 124 uri string 125 masked string 126 }{ 127 "kafka://127.0.0.1:9093/cdc?" + q + "=verysecure", 128 "kafka://127.0.0.1:9093/cdc?" + q + "=xxxxx", 129 }) 130 } 131 132 for _, tt := range tests { 133 maskedURI := MaskSensitiveDataInURI(tt.uri) 134 require.Equal(t, tt.masked, maskedURI) 135 } 136 }