from skyvern.exceptions import ( CredentialParameterNotFoundError, InvalidCredentialId, sanitize_credential_for_error, ) class TestSanitizeCredentialForError: def test_normal_credential_id_passes_through(self) -> None: assert sanitize_credential_for_error("cred_abc123") == "cred_abc123" def test_uuid_credential_id_passes_through(self) -> None: assert sanitize_credential_for_error("550e8400-e29b-41d4-a716-446655440000") == ( "550e8400-e29b-41d4-a716-446655440000" ) def test_redacts_string_containing_password(self) -> None: value = "{'password': 'secret123', 'username': 'user@example.com'}" result = sanitize_credential_for_error(value) assert "secret123" not in result assert "user@example.com" not in result assert " None: result = sanitize_credential_for_error("username=admin") assert "admin" not in result assert " None: result = sanitize_credential_for_error("secret_value=my_api_key") assert "my_api_key" not in result assert " None: result = sanitize_credential_for_error("totp=JBSWY3DPEHPK3PXP") assert "JBSWY3DPEHPK3PXP" not in result assert " None: value = "a" * 201 result = sanitize_credential_for_error(value) assert result == "" def test_case_insensitive_detection(self) -> None: result = sanitize_credential_for_error("{'PASSWORD': 'secret'}") assert " None: assert sanitize_credential_for_error("") == "" def test_none_returns_redacted(self) -> None: assert sanitize_credential_for_error(None) == "" def test_dict_returns_redacted(self) -> None: result = sanitize_credential_for_error({"password": "secret", "username": "user"}) assert "secret" not in result assert "user" not in result assert "" == result class TestInvalidCredentialIdSanitization: def test_normal_id_in_message(self) -> None: exc = InvalidCredentialId("cred_abc123") assert "cred_abc123" in str(exc) assert "Invalid credential ID" in str(exc) def test_credential_dict_redacted_in_message(self) -> None: credential_dict_str = str({"password": "real_password", "username": "real_user@example.com"}) exc = InvalidCredentialId(credential_dict_str) assert "real_password" not in str(exc) assert "real_user@example.com" not in str(exc) assert " None: credential_dict_str = str({"password": "secret", "username": "user"}) exc = InvalidCredentialId(credential_dict_str) assert "secret" not in exc.message assert " None: credential_dict = {"password": "real_password", "username": "real_user@example.com"} exc = InvalidCredentialId(f"") assert "real_password" not in str(exc) assert "real_user@example.com" not in str(exc) assert "non-string value of type dict" in str(exc) def test_list_value_raises_with_safe_message(self) -> None: exc = InvalidCredentialId("") assert "non-string value of type list" in str(exc) class TestCredentialParameterNotFoundErrorSanitization: def test_normal_id_in_message(self) -> None: exc = CredentialParameterNotFoundError("cred_abc123") assert "cred_abc123" in str(exc) def test_credential_dict_redacted_in_message(self) -> None: credential_dict_str = str({"password": "real_password", "username": "real_user"}) exc = CredentialParameterNotFoundError(credential_dict_str) assert "real_password" not in str(exc) assert "real_user" not in str(exc) assert "