Obfuscate a testing secret from logs

canvas-medical · Jul 12, 2024 · 14d0932 · 14d0932
1 parent 6d01902
commit 14d0932
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 14 deletions.
diff --git a/canvas_sdk/commands/tests/test_utils.py b/canvas_sdk/commands/tests/test_utils.py
@@ -22,6 +22,17 @@
 from canvas_sdk.commands.constants import Coding
 
 
+class Secret:
+    def __init__(self, value):
+        self.value = value
+
+    def __repr__(self) -> str:
+        return "Secret(********)"
+
+    def __str___(self) -> str:
+        return "*******"
+
+
 def get_field_type_unformatted(field_props: dict[str, Any]) -> str:
     if t := field_props.get("type"):
         return field_props.get("format") or t

diff --git a/canvas_sdk/commands/tests/tests.py b/canvas_sdk/commands/tests/tests.py
@@ -20,6 +20,7 @@
 )
 from canvas_sdk.commands.constants import Coding
 from canvas_sdk.commands.tests.test_utils import (
+    Secret,
     fake,
     get_field_type,
     raises_missing_error,
@@ -317,22 +318,24 @@ def test_command_allows_kwarg_with_correct_type(
 
 
 @pytest.fixture(scope="session")
-def token() -> str:
-    return requests.post(
-        f"{settings.INTEGRATION_TEST_URL}/auth/token/",
-        headers={"Content-Type": "application/x-www-form-urlencoded"},
-        data={
-            "grant_type": "client_credentials",
-            "client_id": settings.INTEGRATION_TEST_CLIENT_ID,
-            "client_secret": settings.INTEGRATION_TEST_CLIENT_SECRET,
-        },
-    ).json()["access_token"]
+def token() -> Secret:
+    return Secret(
+        requests.post(
+            f"{settings.INTEGRATION_TEST_URL}/auth/token/",
+            headers={"Content-Type": "application/x-www-form-urlencoded"},
+            data={
+                "grant_type": "client_credentials",
+                "client_id": settings.INTEGRATION_TEST_CLIENT_ID,
+                "client_secret": settings.INTEGRATION_TEST_CLIENT_SECRET,
+            },
+        ).json()["access_token"]
+    )
 
 
 @pytest.fixture
-def note_uuid(token: str) -> str:
+def note_uuid(token: Secret) -> str:
     headers = {
-        "Authorization": f"Bearer {token}",
+        "Authorization": f"Bearer {token.value}",
         "Content-Type": "application/json",
         "Accept": "application/json",
     }
@@ -380,7 +383,7 @@ def command_type_map() -> dict[str, type]:
     ],
 )
 def test_command_schema_matches_command_api(
-    token: str,
+    token: Secret,
     command_type_map: dict[str, str],
     note_uuid: str,
     Command: (
@@ -399,7 +402,7 @@ def test_command_schema_matches_command_api(
 ) -> None:
     # first create the command in the new note
     data = {"noteKey": note_uuid, "schemaKey": Command.Meta.key}
-    headers = {"Authorization": f"Bearer {token}"}
+    headers = {"Authorization": f"Bearer {token.value}"}
     url = f"{settings.INTEGRATION_TEST_URL}/core/api/v1/commands/"
     command_resp = requests.post(url, headers=headers, data=data).json()
     assert "uuid" in command_resp