refactor: don't re-use redacted headers to redact query string params

the-avid-engineer · the-avid-engineer · commit 04119bdf232e · 2021-12-28T22:53:50.000-05:00
diff --git a/src/EntityDb.Mvc.Tests/Agents/HttpContextAgentSignatureTests.cs b/src/EntityDb.Mvc.Tests/Agents/HttpContextAgentSignatureTests.cs
@@ -9,23 +9,23 @@ namespace EntityDb.Mvc.Tests.Agents
     public class HttpContextAgentSignatureTests
     {
         [Fact]
-        public void GivenNoDoNotRecordHeaders_WhenHttpContextHasSingleHeader_ThenAgentSignatureHasSingleHeader()
+        public void GivenNoRedactedHeaders_WhenHttpContextHasHeader_ThenAgentSignatureHasHeaderValue()
         {
             // ARRANGE
 
-            const string RecordHeaderName = nameof(RecordHeaderName);
-            const string RecordHeaderValue = nameof(RecordHeaderValue);
+            const string HeaderName = nameof(HeaderName);
+            const string HeaderValue = nameof(HeaderValue);
 
             var httpContextAgentOptions = new HttpContextAgentSignatureOptions
             {
-                DoNotRecordHeaders = Array.Empty<string>()
+                RedactedHeaders = Array.Empty<string>()
             };
 
             var httpContext = HttpContextSeeder.CreateHttpContext(new HttpContextSeederOptions
             {
                 Headers = new()
                 {
-                    [RecordHeaderName] = new[] { RecordHeaderValue }
+                    [HeaderName] = new[] { HeaderValue }
                 }
             });
 
@@ -36,28 +36,31 @@ public void GivenNoDoNotRecordHeaders_WhenHttpContextHasSingleHeader_ThenAgentSi
             // ASSERT
 
             agentSignature.Request.Headers.Length.ShouldBe(1);
-            agentSignature.Request.Headers[0].Name.ShouldBe(RecordHeaderName);
+            agentSignature.Request.Headers[0].Name.ShouldBe(HeaderName);
             agentSignature.Request.Headers[0].Values.Length.ShouldBe(1);
-            agentSignature.Request.Headers[0].Values[0].ShouldBe(RecordHeaderValue);
+            agentSignature.Request.Headers[0].Values[0].ShouldBe(HeaderValue);
         }
 
         [Fact]
-        public void GivenDoNotRecordHeader_WhenHttpContextContainsOnlyThatHeader_ThenAgentSignatureHasNoHeaders()
+        public void GivenRedactedHeader_WhenHttpContextContainsOnlyThatHeader_ThenAgentSignatureHasRedactedHeader()
         {
             // ARRANGE
 
-            const string DoNotRecordHeader = nameof(DoNotRecordHeader);
+            const string HeaderName = nameof(HeaderName);
+            const string HeaderValue = nameof(HeaderValue);
+            const string RedactedValue = nameof(RedactedValue);
 
             var httpContextAgentOptions = new HttpContextAgentSignatureOptions
             {
-                DoNotRecordHeaders = new[] { DoNotRecordHeader }
+                RedactedHeaders = new[] { HeaderName },
+                RedactedValue = RedactedValue,
             };
 
             var httpContext = HttpContextSeeder.CreateHttpContext(new HttpContextSeederOptions
             {
                 Headers = new()
                 {
-                    [DoNotRecordHeader] = Array.Empty<string>()
+                    [HeaderName] = new[] { HeaderValue }
                 }
             });
 
@@ -67,7 +70,78 @@ public void GivenDoNotRecordHeader_WhenHttpContextContainsOnlyThatHeader_ThenAge
 
             // ASSERT
 
-            agentSignature.Request.Headers.ShouldBeEmpty();
+            agentSignature.Request.Headers.Length.ShouldBe(1);
+            agentSignature.Request.Headers[0].Name.ShouldBe(HeaderName);
+            agentSignature.Request.Headers[0].Values.Length.ShouldBe(1);
+            agentSignature.Request.Headers[0].Values[0].ShouldBe(RedactedValue);
+        }
+
+        [Fact]
+        public void GivenNoRedactedQueryStringParams_WhenHttpContextHasQueryStringParam_ThenAgentSignatureHasQueryStringParamValue()
+        {
+            // ARRANGE
+
+            const string QueryStringParamName = nameof(QueryStringParamName);
+            const string QueryStringParamValue = nameof(QueryStringParamValue);
+
+            var httpContextAgentOptions = new HttpContextAgentSignatureOptions
+            {
+                RedactedQueryStringParams = Array.Empty<string>()
+            };
+
+            var httpContext = HttpContextSeeder.CreateHttpContext(new HttpContextSeederOptions
+            {
+                QueryStringParams = new()
+                {
+                    [QueryStringParamName] = new[] { QueryStringParamValue }
+                }
+            });
+
+            // ACT
+
+            var agentSignature = HttpContextAgentSignature.GetSnapshot(httpContext, httpContextAgentOptions);
+
+            // ASSERT
+
+            agentSignature.Request.QueryStringParams.Length.ShouldBe(1);
+            agentSignature.Request.QueryStringParams[0].Name.ShouldBe(QueryStringParamName);
+            agentSignature.Request.QueryStringParams[0].Values.Length.ShouldBe(1);
+            agentSignature.Request.QueryStringParams[0].Values[0].ShouldBe(QueryStringParamValue);
+        }
+
+        [Fact]
+        public void GivenRedactedQueryStringParam_WhenHttpContextContainsOnlyThatQueryStringParam_ThenAgentSignatureHasRedactedQueryStringParams()
+        {
+            // ARRANGE
+
+            const string QueryStringParamName = nameof(QueryStringParamName);
+            const string QueryStringParamValue = nameof(QueryStringParamValue);
+            const string RedactedValue = nameof(RedactedValue);
+
+            var httpContextAgentOptions = new HttpContextAgentSignatureOptions
+            {
+                RedactedQueryStringParams = new[] { QueryStringParamName },
+                RedactedValue = RedactedValue,
+            };
+
+            var httpContext = HttpContextSeeder.CreateHttpContext(new HttpContextSeederOptions
+            {
+                QueryStringParams = new()
+                {
+                    [QueryStringParamName] = new[] { QueryStringParamValue }
+                }
+            });
+
+            // ACT
+
+            var agentSignature = HttpContextAgentSignature.GetSnapshot(httpContext, httpContextAgentOptions);
+
+            // ASSERT
+
+            agentSignature.Request.QueryStringParams.Length.ShouldBe(1);
+            agentSignature.Request.QueryStringParams[0].Name.ShouldBe(QueryStringParamName);
+            agentSignature.Request.QueryStringParams[0].Values.Length.ShouldBe(1);
+            agentSignature.Request.QueryStringParams[0].Values[0].ShouldBe(RedactedValue);
         }
     }
 }
diff --git a/src/EntityDb.Mvc.Tests/Seeder/HttpContextSeeder.cs b/src/EntityDb.Mvc.Tests/Seeder/HttpContextSeeder.cs
@@ -41,7 +41,7 @@ private static ConnectionInfo CreateConnectionInfo(HttpContextSeederOptions http
 
         private static HttpRequest CreateHttpRequest(HttpContextSeederOptions httpContextSeederOptions)
         {
-            var query = httpContextSeederOptions.Query.ToDictionary(x => x.Key, x => new StringValues(x.Value));
+            var query = httpContextSeederOptions.QueryStringParams.ToDictionary(x => x.Key, x => new StringValues(x.Value));
 
             var queryCollectionMock = new Mock<IQueryCollection>(MockBehavior.Strict);
 
diff --git a/src/EntityDb.Mvc.Tests/Seeder/HttpContextSeederOptions.cs b/src/EntityDb.Mvc.Tests/Seeder/HttpContextSeederOptions.cs
@@ -4,14 +4,19 @@ namespace EntityDb.Mvc.Tests.Seeder
 {
     public class HttpContextSeederOptions
     {
+        // Request
         public Dictionary<string, string[]> Headers { get; set; } = new();
-        public Dictionary<string, string[]> Query { get; set; } = new();
-        public bool HasIpAddress { get; set; }
-        public string? Role { get; set; }
+        public Dictionary<string, string[]> QueryStringParams { get; set; } = new();
         public string Method { get; set; } = "GET";
         public string Scheme { get; set; } = "https";
         public string Host { get; set; } = "localhost";
         public string Path { get; set; } = "/";
         public string Protocol { get; set; } = "HTTP/1.1";
+
+        // Connection
+        public bool HasIpAddress { get; set; }
+
+        // Claims Principal
+        public string? Role { get; set; }
     }
 }
diff --git a/src/EntityDb.Mvc/Agents/HttpContextAgentSignature.cs b/src/EntityDb.Mvc/Agents/HttpContextAgentSignature.cs
@@ -31,7 +31,7 @@ public sealed record RequestSnapshot
             string? Path,
             string Protocol,
             NameValuesPairSnapshot[] Headers,
-            NameValuesPairSnapshot[] Queries
+            NameValuesPairSnapshot[] QueryStringParams
         );
 
         /// <summary>
@@ -55,14 +55,13 @@ public sealed record Snapshot
             ConnectionSnapshot Connection
         );
 
-        private static NameValuesPairSnapshot[] GetNameValuesPairSnapshots(IEnumerable<KeyValuePair<string, StringValues>> dictionary, HttpContextAgentSignatureOptions httpContextAgentOptions)
+        private static NameValuesPairSnapshot[] GetNameValuesPairSnapshots(IEnumerable<KeyValuePair<string, StringValues>> dictionary, string[] redactedKeys, string redactedValue)
         {
             return dictionary
-                .Where(pair => !httpContextAgentOptions.DoNotRecordHeaders.Contains(pair.Key))
                 .Select(pair => new NameValuesPairSnapshot
                 (
                     Name: pair.Key,
-                    Values: pair.Value.ToArray()
+                    Values: redactedKeys.Contains(pair.Key) ? new[] { redactedValue } : pair.Value.ToArray()
                 ))
                 .ToArray();
         }
@@ -76,8 +75,8 @@ private static RequestSnapshot GetRequestSnapshot(HttpRequest httpRequest, HttpC
                 Host: httpRequest.Host.Value,
                 Path: httpRequest.Path.Value,
                 Protocol: httpRequest.Protocol,
-                Headers: GetNameValuesPairSnapshots(httpRequest.Headers, httpContextAgentOptions),
-                Queries: GetNameValuesPairSnapshots(httpRequest.Query, httpContextAgentOptions)
+                Headers: GetNameValuesPairSnapshots(httpRequest.Headers, httpContextAgentOptions.RedactedHeaders, httpContextAgentOptions.RedactedValue),
+                QueryStringParams: GetNameValuesPairSnapshots(httpRequest.Query, httpContextAgentOptions.RedactedQueryStringParams, httpContextAgentOptions.RedactedValue)
             );
         }
 
diff --git a/src/EntityDb.Mvc/Agents/HttpContextAgentSignatureOptions.cs b/src/EntityDb.Mvc/Agents/HttpContextAgentSignatureOptions.cs
@@ -11,6 +11,17 @@ public class HttpContextAgentSignatureOptions
         ///     If there is a header whose value is sensitive and should not be recorded in the
         ///     agent signature, put it in this array.
         /// </summary>
-        public string[] DoNotRecordHeaders { get; set; } = Array.Empty<string>();
+        public string[] RedactedHeaders { get; set; } = Array.Empty<string>();
+
+        /// <summary>
+        ///     If there is a query string param whose value is sensitive and should not be recorded in the
+        ///     agent signature, put it in this array.
+        /// </summary>
+        public string[] RedactedQueryStringParams { get; set; } = Array.Empty<string>();
+
+        /// <summary>
+        ///     Redacted information will be substituted with this value.
+        /// </summary>
+        public string RedactedValue { get; set; } = "*REDACTED*";
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ private static ConnectionInfo CreateConnectionInfo(HttpContextSeederOptions http`
`41`	`41`
`42`	`42`	`private static HttpRequest CreateHttpRequest(HttpContextSeederOptions httpContextSeederOptions)`
`43`	`43`	`{`
`44`		`- var query = httpContextSeederOptions.Query.ToDictionary(x => x.Key, x => new StringValues(x.Value));`
	`44`	`+ var query = httpContextSeederOptions.QueryStringParams.ToDictionary(x => x.Key, x => new StringValues(x.Value));`
`45`	`45`
`46`	`46`	`var queryCollectionMock = new Mock<IQueryCollection>(MockBehavior.Strict);`
`47`	`47`
Original file line number	Diff line number	Diff line change
`@@ -4,14 +4,19 @@ namespace EntityDb.Mvc.Tests.Seeder`
`4`	`4`	`{`
`5`	`5`	`public class HttpContextSeederOptions`
`6`	`6`	`{`
	`7`	`+ // Request`
`7`	`8`	`public Dictionary<string, string[]> Headers { get; set; } = new();`
`8`		`- public Dictionary<string, string[]> Query { get; set; } = new();`
`9`		`- public bool HasIpAddress { get; set; }`
`10`		`- public string? Role { get; set; }`
	`9`	`+ public Dictionary<string, string[]> QueryStringParams { get; set; } = new();`
`11`	`10`	`public string Method { get; set; } = "GET";`
`12`	`11`	`public string Scheme { get; set; } = "https";`
`13`	`12`	`public string Host { get; set; } = "localhost";`
`14`	`13`	`public string Path { get; set; } = "/";`
`15`	`14`	`public string Protocol { get; set; } = "HTTP/1.1";`
	`15`	`+`
	`16`	`+ // Connection`
	`17`	`+ public bool HasIpAddress { get; set; }`
	`18`	`+`
	`19`	`+ // Claims Principal`
	`20`	`+ public string? Role { get; set; }`
`16`	`21`	`}`
`17`	`22`	`}`