From 32b3414887dd19bdbd73ef309ff496f8cf6471ba Mon Sep 17 00:00:00 2001
From: OHZEKI Naoki <0h23k1.n40k1@gmail.com>
Date: Wed, 28 May 2025 20:57:39 +0900
Subject: [PATCH] test(recovery): Add a test for maskAuthorization

---
 recovery_test.go | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/recovery_test.go b/recovery_test.go
index 08eec1e4..cbd9f56b 100644
--- a/recovery_test.go
+++ b/recovery_test.go
@@ -88,6 +88,24 @@ func TestPanicWithAbort(t *testing.T) {
 	assert.Equal(t, http.StatusBadRequest, w.Code)
 }
 
+func TestMaskAuthorization(t *testing.T) {
+	secret := "Bearer aaaabbbbccccddddeeeeffff"
+	headers := []string{
+		"Host: www.example.com",
+		"Authorization: " + secret,
+		"User-Agent: curl/7.51.0",
+		"Accept: */*",
+		"Content-Type: application/json",
+		"Content-Length: 1",
+	}
+	maskAuthorization(headers)
+
+	for _, h := range headers {
+		assert.NotContains(t, h, secret)
+	}
+	assert.Contains(t, headers, "Authorization: *")
+}
+
 func TestSource(t *testing.T) {
 	bs := source(nil, 0)
 	assert.Equal(t, dunno, bs)