sendico/api/pkg/messaging/internal/natsb/broker_test.go

package natsb

import (
	"strings"
	"testing"
)

func TestSanitizeNATSURL(t *testing.T) {
	t.Parallel()

	t.Run("redacts single URL credentials", func(t *testing.T) {
		t.Parallel()

		raw := "nats://alice:supersecret@localhost:4222"
		sanitized := sanitizeNATSURL(raw)

		if strings.Contains(sanitized, "supersecret") {
			t.Fatalf("expected password to be redacted, got %q", sanitized)
		}
		if !strings.Contains(sanitized, "alice:xxxxx@") {
			t.Fatalf("expected redacted URL to keep username, got %q", sanitized)
		}
	})

	t.Run("keeps URL without credentials unchanged", func(t *testing.T) {
		t.Parallel()

		raw := "nats://localhost:4222"
		sanitized := sanitizeNATSURL(raw)
		if sanitized != raw {
			t.Fatalf("expected URL without credentials to remain unchanged, got %q", sanitized)
		}
	})

	t.Run("redacts each URL in server list", func(t *testing.T) {
		t.Parallel()

		raw := " nats://alice:one@localhost:4222, nats://bob:two@localhost:4223 "
		sanitized := sanitizeNATSURL(raw)

		if strings.Contains(sanitized, "one") || strings.Contains(sanitized, "two") {
			t.Fatalf("expected passwords to be redacted, got %q", sanitized)
		}
		if !strings.Contains(sanitized, "alice:xxxxx@") || !strings.Contains(sanitized, "bob:xxxxx@") {
			t.Fatalf("expected both URLs to be redacted, got %q", sanitized)
		}
	})

	t.Run("returns invalid URL as-is", func(t *testing.T) {
		t.Parallel()

		raw := "not a url"
		sanitized := sanitizeNATSURL(raw)
		if sanitized != raw {
			t.Fatalf("expected invalid URL to remain unchanged, got %q", sanitized)
		}
	})
}