mivita/tests/Unit/Dhl/DhlSanitizeLoggingTest.php

<?php

use App\Services\DhlShipmentService;

it('redacts DHL credentials from configuration logs', function () {
    $config = [
        'base_url' => 'https://api-eu.dhl.com',
        'api_key' => 'super-secret-api-key',
        'username' => 'mivita-user',
        'password' => 'super-secret-password',
        'api_secret' => 'super-secret-api-secret',
        'billing_number' => '63144073550101',
        'use_queue' => false,
        'default_product' => 'V01PAK',
        'print_only_if_codeable' => true,
        'international_countries' => ['AT', 'ES'],
        'account_numbers' => [
            'V01PAK' => '63144073550101',
            'V62KP' => '63144073556201',
            'V53PAK' => '63144073555301',
            'V07PAK' => null,
        ],
    ];

    $sanitized = DhlShipmentService::sanitizeDhlConfigForLog($config);
    $serialized = json_encode($sanitized);

    expect($sanitized)
        ->toHaveKey('has_api_key', true)
        ->toHaveKey('has_username', true)
        ->toHaveKey('has_password', true)
        ->toHaveKey('has_api_secret', true)
        ->toHaveKey('base_url', 'https://api-eu.dhl.com')
        ->toHaveKey('international_countries', ['AT', 'ES'])
        ->and($sanitized['account_numbers_configured'])->toEqualCanonicalizing(['V01PAK', 'V62KP', 'V53PAK']);

    expect($serialized)
        ->not->toContain('super-secret-api-key')
        ->not->toContain('super-secret-password')
        ->not->toContain('super-secret-api-secret')
        ->not->toContain('mivita-user')
        ->not->toContain('63144073550101');
});

it('marks missing DHL credentials as not configured', function () {
    $sanitized = DhlShipmentService::sanitizeDhlConfigForLog([
        'base_url' => null,
        'api_key' => '',
        'username' => null,
        'password' => '',
        'account_numbers' => [
            'V01PAK' => '',
            'V62KP' => null,
        ],
    ]);

    expect($sanitized)
        ->toHaveKey('has_api_key', false)
        ->toHaveKey('has_username', false)
        ->toHaveKey('has_password', false)
        ->toHaveKey('account_numbers_configured', []);
});

it('redacts personally identifiable information from order data logs', function () {
    $orderData = [
        'order_id' => 4711,
        'product_code' => 'V01PAK',
        'weight_kg' => 1.25,
        'label_format' => 'PDF',
        'print_format' => 'A4',
        'print_only_if_codeable' => true,
        'reference' => 'Order-4711',
        'shipper' => [
            'name' => 'mivita care gmbh',
            'street' => 'Leinfeld',
            'houseNumber' => '2',
            'postalCode' => '87755',
            'city' => 'Kirchhaslach',
            'country' => 'DE',
            'email' => 'versand@mivita.care',
            'phone' => '+49 123 456789',
        ],
        'consignee' => [
            'name' => 'Max Mustermann',
            'street' => 'Hauptstrasse',
            'houseNumber' => '5',
            'postalCode' => '10115',
            'city' => 'Berlin',
            'country' => 'DE',
            'email' => 'max@example.com',
            'phone' => '+4930123456',
            'postNumber' => '1234567890',
        ],
    ];

    $sanitized = DhlShipmentService::sanitizeOrderDataForLog($orderData);
    $serialized = json_encode($sanitized);

    expect($sanitized)
        ->toHaveKey('order_id', 4711)
        ->toHaveKey('product_code', 'V01PAK')
        ->toHaveKey('weight_kg', 1.25)
        ->toHaveKey('consignee_country', 'DE')
        ->toHaveKey('consignee_postal_prefix', '10')
        ->toHaveKey('consignee_has_post_number', true)
        ->toHaveKey('has_reference', true);

    expect($serialized)
        ->not->toContain('Max Mustermann')
        ->not->toContain('Hauptstrasse')
        ->not->toContain('max@example.com')
        ->not->toContain('+4930123456')
        ->not->toContain('1234567890')
        ->not->toContain('10115')
        ->not->toContain('Berlin');
});