fix test cases

sanchitmehta94 · sanchitmehta94 · commit 55d14af3567c · 2025-12-07T19:28:41.000+05:30
diff --git a/Auth0/SensitiveDataRedactor.swift b/Auth0/SensitiveDataRedactor.swift
@@ -14,7 +14,7 @@ struct SensitiveDataRedactor {
     /// Note: These logs are only for debugging purposes and never persisted in production.
     ///
     /// - Parameter data: The response data to redact.
-    /// - Returns: A JSON string with sensitive fields replaced by `<REDACTED>`, or `nil` if not valid JSON.
+    /// - Returns: A JSON string with sensitive fields replaced by `<REDACTED>` if valid JSON, otherwise returns the data decoded as a UTF-8 string, or `nil` if decoding fails.
     static func redact(_ data: Data) -> String? {
         do {
             // Attempt to parse as JSON
@@ -32,8 +32,8 @@ struct SensitiveDataRedactor {
             return String(data: redactedData, encoding: .utf8) ?? "<REDACTED>"
             
         } catch {
-            // If not JSON, return nil
-            return nil
+            // If not JSON, return try converting data to  string
+            return String(data: data, encoding: .utf8)
         }
     }
 }
diff --git a/Auth0Tests/LoggerSpec.swift b/Auth0Tests/LoggerSpec.swift
@@ -189,9 +189,11 @@ class LoggerSpec: QuickSpec {
             }
 
             it("should log response body") {
-                let json = "{key: \"\(UUID().uuidString)\"}"
-                logger.trace(response: response, data: json.data(using: .utf8))
-                expect(output.messages).to(contain(json))
+                let jsonDict: [String: String] = ["key": UUID().uuidString]
+                let jsonData = try! JSONSerialization.data(withJSONObject: jsonDict, options: [.prettyPrinted])
+                let expectedJson = String(data: jsonData, encoding: .utf8)!
+                logger.trace(response: response, data: jsonData)
+                expect(output.messages).to(contain("API Response: \(expectedJson)"))
             }
 
             it("should log nothing for non http response") {
diff --git a/Auth0Tests/SensitiveDataRedactorSpec.swift b/Auth0Tests/SensitiveDataRedactorSpec.swift
@@ -0,0 +1,149 @@
+import Quick
+import Nimble
+
+@testable import Auth0
+
+class SensitiveDataRedactorSpec: QuickSpec {
+    
+    override class func spec() {
+        
+        describe("SensitiveDataRedactor") {
+            
+            context("redact()") {
+                
+                it("should redact access_token") {
+                    let json = """
+                    {
+                        "access_token": "secret_access_token_value",
+                        "token_type": "Bearer",
+                        "expires_in": 86400
+                    }
+                    """
+                    let data = json.data(using: .utf8)!
+                    
+                    let result = SensitiveDataRedactor.redact(data)
+                    
+                    expect(result).toNot(beNil())
+                    expect(result).to(contain("<REDACTED>"))
+                    expect(result).toNot(contain("secret_access_token_value"))
+                    expect(result).to(contain("token_type"))
+                    expect(result).to(contain("expires_in"))
+                }
+                
+                it("should redact id_token") {
+                    let json = """
+                    {
+                        "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.payload.signature",
+                        "token_type": "Bearer"
+                    }
+                    """
+                    let data = json.data(using: .utf8)!
+                    
+                    let result = SensitiveDataRedactor.redact(data)
+                    
+                    expect(result).toNot(beNil())
+                    expect(result).to(contain("<REDACTED>"))
+                    expect(result).toNot(contain("eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9"))
+                }
+                
+                it("should redact refresh_token") {
+                    let json = """
+                    {
+                        "access_token": "access_value",
+                        "refresh_token": "refresh_value"
+                    }
+                    """
+                    let data = json.data(using: .utf8)!
+                    
+                    let result = SensitiveDataRedactor.redact(data)
+                    
+                    expect(result).toNot(beNil())
+                    expect(result).to(contain("<REDACTED>"))
+                    expect(result).toNot(contain("access_value"))
+                    expect(result).toNot(contain("refresh_value"))
+                }
+                
+                it("should redact multiple sensitive fields") {
+                    let json = """
+                    {
+                        "access_token": "at_123",
+                        "id_token": "it_456",
+                        "refresh_token": "rt_789",
+                        "scope": "openid profile email"
+                    }
+                    """
+                    let data = json.data(using: .utf8)!
+                    
+                    let result = SensitiveDataRedactor.redact(data)
+                    
+                    expect(result).toNot(beNil())
+                    expect(result).to(contain("<REDACTED>"))
+                    expect(result).toNot(contain("at_123"))
+                    expect(result).toNot(contain("it_456"))
+                    expect(result).toNot(contain("rt_789"))
+                    expect(result).to(contain("scope"))
+                    expect(result).to(contain("openid profile email"))
+                }
+                
+                it("should preserve non-sensitive fields") {
+                    let json = """
+                    {
+                        "user_id": "auth0|123456",
+                        "email": "user@example.com",
+                        "access_token": "secret"
+                    }
+                    """
+                    let data = json.data(using: .utf8)!
+                    
+                    let result = SensitiveDataRedactor.redact(data)
+                    
+                    expect(result).toNot(beNil())
+                    expect(result).to(contain("user_id"))
+                    expect(result).to(contain("auth0|123456"))
+                    expect(result).to(contain("email"))
+                    expect(result).to(contain("user@example.com"))
+                    expect(result).toNot(contain("secret"))
+                }
+                
+                it("should return non-JSON String for non-JSON data") {
+                    let plainText = "This is not JSON"
+                    let data = plainText.data(using: .utf8)!
+                    
+                    let result = SensitiveDataRedactor.redact(data)
+                    
+                    expect(result).to(contain(plainText))
+                }
+                
+                it("should handle empty JSON") {
+                    let json = "{}"
+                    let data = json.data(using: .utf8)!
+                    
+                    let result = SensitiveDataRedactor.redact(data)
+                    
+                    expect(result).toNot(beNil())
+                    let expectedJson = try! JSONSerialization.data(withJSONObject: [:], options: [.prettyPrinted])
+                    let expected = String(data: expectedJson, encoding: .utf8)!
+                    expect(result).to(equal(expected))
+                }
+                
+                it("should handle JSON with no sensitive fields") {
+                    let json = """
+                    {
+                        "username": "john",
+                        "age": 30
+                    }
+                    """
+                    let data = json.data(using: .utf8)!
+                    
+                    let result = SensitiveDataRedactor.redact(data)
+                    
+                    expect(result).toNot(beNil())
+                    expect(result).to(contain("username"))
+                    expect(result).to(contain("john"))
+                    expect(result).to(contain("age"))
+                    expect(result).toNot(contain("<REDACTED>"))
+                }
+            }
+        }
+    }
+}
diff --git a/README.md b/README.md
@@ -441,4 +441,4 @@ Please do not report security vulnerabilities on the public GitHub issue tracker
 
 <p align="center">Auth0 is an easy-to-implement, adaptable authentication and authorization platform. To learn more check out <a href="https://auth0.com/why-auth0">Why Auth0?</a></p>
 
-<p align="center">This project is licensed under the MIT license. See the <a href="./LICENSE"> LICENSE</a> file for more info.</p>
+<p align="center">This project is licensed under the MIT license. See the <a href="./LICENSE"> LICENSE</a> file for more info.</p>

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ struct SensitiveDataRedactor {`
`14`	`14`	`/// Note: These logs are only for debugging purposes and never persisted in production.`
`15`	`15`	`///`
`16`	`16`	`/// - Parameter data: The response data to redact.`
`17`		- /// - Returns: A JSON string with sensitive fields replaced by `<REDACTED>`, or `nil` if not valid JSON.
	`17`	+ /// - Returns: A JSON string with sensitive fields replaced by `<REDACTED>` if valid JSON, otherwise returns the data decoded as a UTF-8 string, or `nil` if decoding fails.
`18`	`18`	`static func redact(_ data: Data) -> String? {`
`19`	`19`	`do {`
`20`	`20`	`// Attempt to parse as JSON`
`@@ -32,8 +32,8 @@ struct SensitiveDataRedactor {`
`32`	`32`	`return String(data: redactedData, encoding: .utf8) ?? "<REDACTED>"`
`33`	`33`
`34`	`34`	`} catch {`
`35`		`- // If not JSON, return nil`
`36`		`- return nil`
	`35`	`+ // If not JSON, return try converting data to string`
	`36`	`+ return String(data: data, encoding: .utf8)`
`37`	`37`	`}`
`38`	`38`	`}`
`39`	`39`	`}`
Original file line number	Diff line number	Diff line change
`@@ -189,9 +189,11 @@ class LoggerSpec: QuickSpec {`
`189`	`189`	`}`
`190`	`190`
`191`	`191`	`it("should log response body") {`
`192`		`- let json = "{key: \"\(UUID().uuidString)\"}"`
`193`		`- logger.trace(response: response, data: json.data(using: .utf8))`
`194`		`- expect(output.messages).to(contain(json))`
	`192`	`+ let jsonDict: [String: String] = ["key": UUID().uuidString]`
	`193`	`+ let jsonData = try! JSONSerialization.data(withJSONObject: jsonDict, options: [.prettyPrinted])`
	`194`	`+ let expectedJson = String(data: jsonData, encoding: .utf8)!`
	`195`	`+ logger.trace(response: response, data: jsonData)`
	`196`	`+ expect(output.messages).to(contain("API Response: \(expectedJson)"))`
`195`	`197`	`}`
`196`	`198`
`197`	`199`	`it("should log nothing for non http response") {`
Original file line number	Diff line number	Diff line change
`@@ -441,4 +441,4 @@ Please do not report security vulnerabilities on the public GitHub issue tracker`
`441`	`441`
`442`	`442`	`<p align="center">Auth0 is an easy-to-implement, adaptable authentication and authorization platform. To learn more check out <a href="https://auth0.com/why-auth0">Why Auth0?</a></p>`
`443`	`443`
`444`		`-<p align="center">This project is licensed under the MIT license. See the <a href="./LICENSE"> LICENSE</a> file for more info.</p>`
	`444`	`+<p align="center">This project is licensed under the MIT license. See the <a href="./LICENSE"> LICENSE</a> file for more info.</p>`