shreemaan-abhishek opened a new pull request, #13684:
URL: https://github.com/apache/apisix/pull/13684

   ### Description
   
   Adds regression tests for two behaviors that APISIX already implements but 
that no test exercises. Both are pure test additions; no plugin or schema code 
changes.
   
   **`data-mask`** - `apisix/plugins/data-mask.lua` handles two edge cases that 
are currently untested:
   
   - a query parameter repeated multiple times arrives as a table, and the 
`regex` action is applied per entry (`data-mask.lua:124-137`);
   - a JSON field whose value is not a string is skipped with a warning rather 
than crashing the `regex` action (`data-mask.lua:190-199`).
   
   This adds four blocks covering both paths (multi-value masking, and 
regex-skipped-without-crash). The existing access-log tests move from TEST 
15/16 to TEST 19/20; they are unchanged otherwise.
   
   **`saml-auth`** - `auth_protocol_binding_method = "HTTP-POST"` is currently 
only reached by schema-validation tests (`t/plugin/saml-auth.t` TEST 4 and TEST 
7). The integration tests all run the default HTTP-Redirect binding, so the 
POST binding has no end-to-end coverage.
   
   This adds `t/plugin/saml-auth-post.t` with six blocks: login and logout, 
single logout across two service providers, a wrong `login_callback_uri`, and a 
failed login. It reuses the existing `t/lib/keycloak_saml.lua` helper (no 
changes needed - it already implements the HTTP-POST branch) and the 
`apisix_keycloak_saml` service that `ci/pod/docker-compose.plugin.yml` and 
`ci/init-plugin-test-service.sh` already start and configure.
   
   ### Which issue(s) this PR fixes
   
   Not tied to a GitHub issue. Both gaps were found while comparing test 
coverage between APISIX and a downstream fork; the code being tested is 
upstream's and is already correct.
   
   ### Checklist
   
   - [x] I have explained the need for this PR and the problem it solves
   - [x] I have explained the changes or the new features added to this PR
   - [x] I have added tests corresponding to this change
   - [ ] I have updated the documentation to reflect this change - not 
applicable, no user-facing behavior changes
   - [x] I have verified that this change is backward compatible
   
   ### Verification
   
   `prove -I. t/plugin/data-mask.t` - the four new blocks (TEST 15-18) pass, 
and the renumbered access-log blocks are unchanged.
   
   `t/plugin/saml-auth-post.t` is an integration test and runs against the 
`apisix_keycloak_saml` service configured by `ci/kcadm_configure_saml.sh`; it 
relies on `127.0.0.2` resolving to loopback, as several existing plugin tests 
already do.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to