From 5d3b0421b0af12286f7b5342e1c0c71990976e4c Mon Sep 17 00:00:00 2001
From: Bas Dijkstra <bas@ontestautomation.com>
Date: Wed, 20 Nov 2024 14:33:17 +0100
Subject: [PATCH] Fix issue with not properly masking headers and cookies when
 specified in request specification

---
 RestAssured.Net.Tests/LoggingTests.cs         | 26 +++++++++----------
 .../MaskingSensitiveDataTests.cs              | 15 ++++++-----
 .../Request/Builders/RequestSpecBuilder.cs    |  3 ++-
 RestAssured.Net/Request/ExecutableRequest.cs  | 16 ++++++------
 4 files changed, 31 insertions(+), 29 deletions(-)

diff --git a/RestAssured.Net.Tests/LoggingTests.cs b/RestAssured.Net.Tests/LoggingTests.cs
index 3e2f5c8..420c3ab 100644
--- a/RestAssured.Net.Tests/LoggingTests.cs
+++ b/RestAssured.Net.Tests/LoggingTests.cs
@@ -41,7 +41,7 @@ public void RequestDetailsCanBeWrittenToStandardOutputForJson()
 
             var logConfig = new LogConfiguration
             {
-                RequestLogLevel = Logging.RequestLogLevel.All,
+                RequestLogLevel = RequestLogLevel.All,
             };
 
             Given()
@@ -90,7 +90,7 @@ public void RequestDetailsCanBeWrittenToStandardOutputForXml()
 
             var logConfig = new LogConfiguration
             {
-                RequestLogLevel = Logging.RequestLogLevel.All,
+                RequestLogLevel = RequestLogLevel.All,
             };
 
             Given()
@@ -114,7 +114,7 @@ public void ResponseDetailsCanBeWrittenToStandardOutputForJson()
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.All,
+                ResponseLogLevel = ResponseLogLevel.All,
             };
 
             Given()
@@ -154,7 +154,7 @@ public void ResponseDetailsCanBeWrittenToStandardOutputForXml()
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.All,
+                ResponseLogLevel = ResponseLogLevel.All,
             };
 
             Given()
@@ -177,7 +177,7 @@ public void NoResponseBodyDoesntThrowNullReferenceException()
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.All,
+                ResponseLogLevel = ResponseLogLevel.All,
             };
 
             Given()
@@ -200,7 +200,7 @@ public void NoRequestBodyDoesntThrowNullReferenceException()
 
             var logConfig = new LogConfiguration
             {
-                RequestLogLevel = Logging.RequestLogLevel.All,
+                RequestLogLevel = RequestLogLevel.All,
             };
 
             Given()
@@ -224,7 +224,7 @@ public void ResponseBodyDetailsAreLoggedOnlyOnErrorResponseCode()
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.OnError,
+                ResponseLogLevel = ResponseLogLevel.OnError,
             };
 
             Given()
@@ -248,7 +248,7 @@ public void ResponseBodyDetailsAreNotLoggedOnOkResponseCode()
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.OnError,
+                ResponseLogLevel = ResponseLogLevel.OnError,
             };
 
             Given()
@@ -272,7 +272,7 @@ public void ResponseBodyDetailsAreLoggedIfVerificationFails()
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.OnVerificationFailure,
+                ResponseLogLevel = ResponseLogLevel.OnVerificationFailure,
             };
 
             Given()
@@ -295,7 +295,7 @@ public void ResponseBodyDetailsAreLoggedCorrectlyUsingRequestSpecificationSettin
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.All,
+                ResponseLogLevel = ResponseLogLevel.All,
             };
 
             var requestSpecification = new RequestSpecBuilder()
@@ -322,7 +322,7 @@ public void ResponseBodyDetailsAreLoggedCorrectlyOverwritingRequestSpecification
 
             var originalLogConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.All,
+                ResponseLogLevel = ResponseLogLevel.All,
             };
 
             var requestSpecification = new RequestSpecBuilder()
@@ -331,7 +331,7 @@ public void ResponseBodyDetailsAreLoggedCorrectlyOverwritingRequestSpecification
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.ResponseTime,
+                ResponseLogLevel = ResponseLogLevel.ResponseTime,
             };
 
             Given()
@@ -354,7 +354,7 @@ public void ResponseCookieDetailsAreLogged()
 
             var logConfig = new LogConfiguration
             {
-                ResponseLogLevel = Logging.ResponseLogLevel.All,
+                ResponseLogLevel = ResponseLogLevel.All,
             };
 
             Given()
diff --git a/RestAssured.Net.Tests/MaskingSensitiveDataTests.cs b/RestAssured.Net.Tests/MaskingSensitiveDataTests.cs
index 51f544b..728d1f2 100644
--- a/RestAssured.Net.Tests/MaskingSensitiveDataTests.cs
+++ b/RestAssured.Net.Tests/MaskingSensitiveDataTests.cs
@@ -37,9 +37,16 @@ public class MaskingSensitiveDataTests : TestBase
         [SetUp]
         public void CreateRequestSpecification()
         {
+            var logConfig = new LogConfiguration
+            {
+                RequestLogLevel = RequestLogLevel.All,
+                ResponseLogLevel = ResponseLogLevel.All,
+                SensitiveRequestHeadersAndCookies = new List<string>() { "SensitiveRequestHeader", "SensitiveRequestCookie" },
+            };
+
             this.requestSpecification = new RequestSpecBuilder()
                 .WithPort(9876)
-                .WithMaskingOfHeadersAndCookies(new List<string>() { "SensitiveRequestHeader", "SensitiveRequestCookie" })
+                .WithLogConfiguration(logConfig)
                 .Build();
         }
 
@@ -158,16 +165,10 @@ public void SensitiveHeaderAndCookieNamesCanBeDefinedInRequestSpecification()
         {
             this.CreateStubForMaskingSensitiveData();
 
-            var logConfig = new LogConfiguration
-            {
-                RequestLogLevel = RequestLogLevel.All,
-            };
-
             Given()
                 .Spec(this.requestSpecification)
                 .Header("NonsensitiveRequestHeader", "This one is printed")
                 .Header("SensitiveRequestHeader", "This one is masked")
-                .Log(logConfig)
                 .When()
                 .Get($"{MOCK_SERVER_BASE_URL}/masking-sensitive-data")
                 .Then()
diff --git a/RestAssured.Net/Request/Builders/RequestSpecBuilder.cs b/RestAssured.Net/Request/Builders/RequestSpecBuilder.cs
index 189e105..19ee8ae 100644
--- a/RestAssured.Net/Request/Builders/RequestSpecBuilder.cs
+++ b/RestAssured.Net/Request/Builders/RequestSpecBuilder.cs
@@ -298,9 +298,10 @@ public RequestSpecBuilder WithJsonSerializerSettings(JsonSerializerSettings json
         /// </summary>
         /// <param name="sensitiveHeaderOrCookieNames">The names of the request headers or cookies to be masked when logging.</param>
         /// <returns>The current <see cref="RequestSpecBuilder"/> object.</returns>
+        [Obsolete("Please specify request header and cookie names to be masked using the LogConfiguration. This method will be removed in RestAssured.Net 5.0.0")]
         public RequestSpecBuilder WithMaskingOfHeadersAndCookies(List<string> sensitiveHeaderOrCookieNames)
         {
-            this.requestSpecification.SensitiveRequestHeadersAndCookies.AddRange(sensitiveHeaderOrCookieNames);
+            this.requestSpecification.LogConfiguration.SensitiveRequestHeadersAndCookies.AddRange(sensitiveHeaderOrCookieNames);
             return this;
         }
 
diff --git a/RestAssured.Net/Request/ExecutableRequest.cs b/RestAssured.Net/Request/ExecutableRequest.cs
index 534f6a8..fc2e0fb 100644
--- a/RestAssured.Net/Request/ExecutableRequest.cs
+++ b/RestAssured.Net/Request/ExecutableRequest.cs
@@ -70,12 +70,12 @@ public class ExecutableRequest : IDisposable
         /// <summary>
         /// The response logging level for this request.
         /// </summary>
-        internal RestAssured.Response.Logging.ResponseLogLevel ResponseLoggingLevel { get; set; }
+        internal Response.Logging.ResponseLogLevel ResponseLoggingLevel { get; set; }
 
         /// <summary>
         /// The configuration settings to use when logging request and response details.
         /// </summary>
-        internal LogConfiguration LogConfiguration { get; set; }
+        internal LogConfiguration? LogConfiguration { get; set; }
 
         /// <summary>
         /// Initializes a new instance of the <see cref="ExecutableRequest"/> class.
@@ -702,12 +702,6 @@ private VerifiableResponse Send(HttpMethod httpMethod, string endpoint)
                 this.httpCompletionOption = this.requestSpecification.HttpCompletionOption;
             }
 
-            // Add header and cookie values to be masked specified in RequestSpecification to the list
-            if (this.requestSpecification != null)
-            {
-                this.sensitiveRequestHeadersAndCookies.AddRange(this.requestSpecification.SensitiveRequestHeadersAndCookies);
-            }
-
             var legacyLogConfiguration = new LogConfiguration
             {
                 RequestLogLevel = (RequestLogLevel)this.RequestLoggingLevel,
@@ -723,6 +717,12 @@ private VerifiableResponse Send(HttpMethod httpMethod, string endpoint)
                 this.LogConfiguration ??= this.requestSpecification.LogConfiguration;
             }
 
+            // Add header and cookie values to be masked specified in RequestSpecification to the list
+            if (this.requestSpecification != null)
+            {
+                this.sensitiveRequestHeadersAndCookies.AddRange(this.requestSpecification.SensitiveRequestHeadersAndCookies);
+            }
+
             var logger = new RequestResponseLogger(this.LogConfiguration ?? legacyLogConfiguration);
 
             // RequestLogger.LogToConsole(this.request, this.RequestLoggingLevel, this.cookieCollection, this.sensitiveRequestHeadersAndCookies);