public void ClearData_Clear_SecureDataInJson_ReturnEscapeSecureData()
{
//Arrange
string secureString =
@"{
user:
'******',
pass:
'******'
}";
string secureXMLAttr = "user";
SecureStringFormat secureFormat = SecureStringFormat.json;
//Act
string escapedString = Clear(secureString, secureXMLAttr, secureFormat);
//Assert
Assert.AreEqual(
@"{
user:
'******',
pass:
'******'
}", escapedString);
}
public void ClearData_Clear_SecureDataInJsonValue_ReturnEscapeSecureData()
{
//Arrange
string secureString =
@"{
user: {
key: '32',
value: 'max'
},
password: {
value: '123456'
}
}";
string secureXMLAttr = "user";
SecureStringFormat secureFormat = SecureStringFormat.jsonvalue;
//Act
string escapedString = Clear(secureString, secureXMLAttr, secureFormat);
//Assert
Assert.AreEqual(
@"{
user: {
key: '32',
value: 'XXX'
},
password: {
value: '123456'
}
}", escapedString);
}
/// <summary>
/// 1) string
/// 2) key
/// 3) format (urlget|urlrest|xmlelementvalue|xmlattribute|json|jsonvalue)
/// </summary>
public static string Clear(string secureString, string secureKeys, SecureStringFormat secureStringFormat)
{
char delimiter = ',';
string[] SecureStringsArray = secureKeys.Split(delimiter);
foreach (string secureKey in SecureStringsArray)
{
string regex = "";
switch (secureStringFormat)
{
case SecureStringFormat.urlget: //http://test.com?user=XXX&pass=XXXXXX
regex = @"((?<=(\?|\&)\s*" + secureKey + @"\s*=\s*)([^\&|\n]*))";
break;
case SecureStringFormat.urlrest: //http://test.com/users/XXX/info
regex = @"((?<=/" + secureKey + @"\s*\/)([^\/|\n]*))";
break;
case SecureStringFormat.xmlelementvalue: //<auth><user>XXX</user><pass>XXXXXX</pass></auth>
regex = @"((?<=<\s*" + secureKey + @"\s*>)([^\<]*))";
break;
case SecureStringFormat.xmlattribute: //<auth user='******' pass='******'>
regex = @"((?<=<.*\s+" + secureKey + @"\s*=\s*')([^']*))";
break;
case SecureStringFormat.json: //{ user: '******', pass:'******' }
regex = @"(?<={[^}]+?" + secureKey + @"\s*:\s*')([^']*)";
break;
case SecureStringFormat.jsonvalue: //{user: {value:'XXX'}, pass:{value:'XXXXXX'}}
regex = @"(?<={[\s\S]*?" + secureKey + @"\s*?:\s*?{[^}]*value\s*:\s*')([^']*)";
break;
default:
regex = @"((?<=(\?|\&)\s*" + secureKey + @"\s*=\s*)([^\&|\n]*))|" +
@"((?<=<\s*" + secureKey + @"\s*>)([^\<]*))|" +
@"((?<=/" + secureKey + @"\s*\/)([^\/|\n]*))|" +
@"((?<=<.*\s+" + secureKey + @"\s*=\s*')([^']*))|" +
@"(?<={[\s\S]+?" + secureKey + @"\s*:\s*')([^']*)|" +
@"(?<={[\s\S]*?" + secureKey + @"\s*?:\s*?{[^}]*value\s*:\s*')([^']*)";
break;
}
foreach (Match matches in Regex.Matches(secureString, regex))
{
//Console.WriteLine("'{0}' найдено на позиции {1}.", matches.Value, matches.Index);
string asterisks = "";
for (int i = 0; i < matches.Value.Length; i++)
{
asterisks += "X";
}
secureString = secureString.Remove(matches.Index, matches.Length).Insert(matches.Index, asterisks);
}
}
return(secureString);
}
public void ClearData_Clear_SecureDataInGetParams_ReturnEscapeSecureData()
{
//Arrange
string secureString = "http://test.com?user=max&pass=123456";
string secureGetParam = "user,pass";
SecureStringFormat secureFormat = SecureStringFormat.urlget;
//Act
string escapedString = Clear(secureString, secureGetParam, secureFormat);
//Assert
Assert.AreEqual("http://test.com?user=XXX&pass=XXXXXX", escapedString);
}
public void ClearData_Clear_SecureDataInXmlAttribute_ReturnEscapeSecureData()
{
//Arrange
string secureString = "<auth user='******' pass='******'>";
string secureXMLAttr = "pass";
SecureStringFormat secureFormat = SecureStringFormat.xmlattribute;
//Act
string escapedString = Clear(secureString, secureXMLAttr, secureFormat);
//Assert
Assert.AreEqual("<auth user='******' pass='******'>", escapedString);
}
public void ClearData_Clear_SecureDataInXmlElementText_ReturnEscapeSecureData()
{
//Arrange
string secureString = "<auth><user>max</user><pass>123456</pass></auth>";
string secureXMLValue = "pass";
SecureStringFormat secureFormat = SecureStringFormat.xmlelementvalue;
//Act
string escapedString = Clear(secureString, secureXMLValue, secureFormat);
//Assert
Assert.AreEqual("<auth><user>max</user><pass>XXXXXX</pass></auth>", escapedString);
}
public void ClearData_Clear_SecureDataInUrlRestText_ReturnEscapeSecureData()
{
//Arrange
string secureString = "http://test.com/user/max/info";
string secureXMLValue = "user";
SecureStringFormat secureFormat = SecureStringFormat.urlrest;
//Act
string escapedString = Clear(secureString, secureXMLValue, secureFormat);
//Assert
Assert.AreEqual("http://test.com/user/XXX/info", escapedString);
}
