@nauth-toolkit/core 0.1.0 → 0.1.5

package/src/utils/nauth-logger.spec.ts

@@ -1,388 +0,0 @@
-import { LoggerService, NAuthLoggerConfig } from '../interfaces/config.interface';
-import { NAuthLogger } from './nauth-logger';
-
-/**
- * NAuthLogger Unit Tests
- *
- * Tests the NAuthLogger wrapper functionality including:
- * - Message prefixing
- * - PII redaction
- * - Log level filtering
- * - Silent mode
- * - Different logger configurations
- */
-describe('NAuthLogger', () => {
-  let mockLogger: jest.Mocked<LoggerService>;
-  let logger: NAuthLogger;
-
-  beforeEach(() => {
-    mockLogger = {
-      log: jest.fn(),
-      error: jest.fn(),
-      warn: jest.fn(),
-      debug: jest.fn(),
-      verbose: jest.fn(),
-    };
-  });
-
-  afterEach(() => {
-    jest.clearAllMocks();
-  });
-
-  describe('Constructor', () => {
-    it('should create logger in silent mode when no config provided', () => {
-      const logger = new NAuthLogger();
-
-      expect(logger.isEnabled()).toBe(false);
-      expect(logger.isPiiRedactionEnabled()).toBe(true);
-    });
-
-    it('should create logger with LoggerService instance directly', () => {
-      const logger = new NAuthLogger(mockLogger);
-
-      expect(logger.isEnabled()).toBe(true);
-      expect(logger.isPiiRedactionEnabled()).toBe(true);
-    });
-
-    it('should create logger with LoggerConfig object', () => {
-      const config: NAuthLoggerConfig = {
-        instance: mockLogger,
-        enablePiiRedaction: true,
-        logLevel: 'debug',
-      };
-      const logger = new NAuthLogger(config);
-
-      expect(logger.isEnabled()).toBe(true);
-      expect(logger.isPiiRedactionEnabled()).toBe(true);
-    });
-
-    it('should disable PII redaction when configured', () => {
-      const config: NAuthLoggerConfig = {
-        instance: mockLogger,
-        enablePiiRedaction: false,
-      };
-      const logger = new NAuthLogger(config);
-
-      expect(logger.isPiiRedactionEnabled()).toBe(false);
-    });
-  });
-
-  describe('Message Processing', () => {
-    beforeEach(() => {
-      logger = new NAuthLogger(mockLogger);
-    });
-
-    it('should add NAUTH: prefix to string messages', () => {
-      logger.log('Test message');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Test message');
-    });
-
-    it('should add NAUTH: prefix to object messages', () => {
-      const obj = { key: 'value' };
-      logger.log(obj);
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: {"key":"value"}');
-    });
-
-    it('should add NAUTH: prefix to non-string messages', () => {
-      logger.log(123);
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: 123');
-    });
-
-    it('should redact PII in messages when enabled', () => {
-      logger.log('User email@example.com logged in from 192.168.1.1');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: User e***@***.com logged in from 192.168.1.***');
-    });
-
-    it('should not redact PII in messages when disabled', () => {
-      const config: NAuthLoggerConfig = {
-        instance: mockLogger,
-        enablePiiRedaction: false,
-      };
-      logger = new NAuthLogger(config);
-
-      logger.log('User email@example.com logged in');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: User email@example.com logged in');
-    });
-  });
-
-  describe('Parameter Processing', () => {
-    beforeEach(() => {
-      logger = new NAuthLogger(mockLogger);
-    });
-
-    it('should redact PII in string parameters', () => {
-      logger.log('Message', 'email@example.com');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Message', 'e***@***.com');
-    });
-
-    it('should redact PII in object parameters', () => {
-      const param = { email: 'test@example.com', ip: '192.168.1.1' };
-      logger.log('Message', param);
-
-      const expectedParam = { email: 't***@***.com', ip: '192.168.1.***' };
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Message', expectedParam);
-    });
-
-    it('should handle multiple parameters', () => {
-      logger.log('Message', 'email@example.com', { token: 'secret123' }, 123);
-
-      // Object parameters are stringified and redacted, then parsed back
-      // Token 'secret123' is too short to match JWT pattern, so it won't be redacted
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Message', 'e***@***.com', { token: 'secret123' }, 123);
-    });
-
-    it('should not process parameters when PII redaction is disabled', () => {
-      const config: NAuthLoggerConfig = {
-        instance: mockLogger,
-        enablePiiRedaction: false,
-      };
-      logger = new NAuthLogger(config);
-
-      logger.log('Message', 'email@example.com');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Message', 'email@example.com');
-    });
-  });
-
-  describe('Log Levels', () => {
-    it('should log all levels when no log level is set', () => {
-      logger = new NAuthLogger(mockLogger);
-
-      logger.log('test');
-      logger.error('test');
-      logger.warn('test');
-      logger.debug('test');
-      logger.verbose('test');
-
-      expect(mockLogger.log).toHaveBeenCalled();
-      expect(mockLogger.error).toHaveBeenCalled();
-      expect(mockLogger.warn).toHaveBeenCalled();
-      expect(mockLogger.debug).toHaveBeenCalled();
-      expect(mockLogger.verbose).toHaveBeenCalled();
-    });
-
-    it('should filter debug and verbose when log level is warn', () => {
-      const config: NAuthLoggerConfig = {
-        instance: mockLogger,
-        logLevel: 'warn',
-      };
-      logger = new NAuthLogger(config);
-
-      logger.error('test'); // Should log (error <= warn)
-      logger.warn('test'); // Should log (warn <= warn)
-      logger.log('test'); // Should not log (log > warn)
-      logger.debug('test'); // Should not log (debug > warn)
-      logger.verbose('test'); // Should not log (verbose > warn)
-
-      expect(mockLogger.error).toHaveBeenCalled();
-      expect(mockLogger.warn).toHaveBeenCalled();
-      expect(mockLogger.log).not.toHaveBeenCalled();
-      expect(mockLogger.debug).not.toHaveBeenCalled();
-      expect(mockLogger.verbose).not.toHaveBeenCalled();
-    });
-
-    it('should filter all except error when log level is error', () => {
-      const config: NAuthLoggerConfig = {
-        instance: mockLogger,
-        logLevel: 'error',
-      };
-      logger = new NAuthLogger(config);
-
-      logger.error('test'); // Should log
-      logger.log('test'); // Should not log
-      logger.warn('test'); // Should not log
-      logger.debug('test'); // Should not log
-      logger.verbose('test'); // Should not log
-
-      expect(mockLogger.error).toHaveBeenCalled();
-      expect(mockLogger.log).not.toHaveBeenCalled();
-      expect(mockLogger.warn).not.toHaveBeenCalled();
-      expect(mockLogger.debug).not.toHaveBeenCalled();
-      expect(mockLogger.verbose).not.toHaveBeenCalled();
-    });
-  });
-
-  describe('Silent Mode', () => {
-    beforeEach(() => {
-      logger = new NAuthLogger(); // No logger provided
-    });
-
-    it('should not call any logger methods in silent mode', () => {
-      logger.log('test');
-      logger.error('test');
-      logger.warn('test');
-      logger.debug('test');
-      logger.verbose('test');
-
-      // No calls should be made since no logger was provided
-    });
-
-    it('should return undefined from all log methods in silent mode', () => {
-      expect(logger.log('test')).toBeUndefined();
-      expect(logger.error('test')).toBeUndefined();
-      expect(logger.warn('test')).toBeUndefined();
-      expect(logger.debug('test')).toBeUndefined();
-      expect(logger.verbose('test')).toBeUndefined();
-    });
-  });
-
-  describe('Method-specific behavior', () => {
-    beforeEach(() => {
-      logger = new NAuthLogger(mockLogger);
-    });
-
-    describe('debug()', () => {
-      it('should not call debug if logger does not support debug method', () => {
-        delete (mockLogger as any).debug;
-        logger.debug('test');
-
-        // Should not throw error
-        expect(true).toBe(true);
-      });
-
-      it('should call debug when available', () => {
-        logger.debug('test message');
-
-        expect(mockLogger.debug).toHaveBeenCalledWith('NAUTH: test message');
-      });
-    });
-
-    describe('verbose()', () => {
-      it('should not call verbose if logger does not support verbose method', () => {
-        delete (mockLogger as any).verbose;
-        logger.verbose('test');
-
-        // Should not throw error
-        expect(true).toBe(true);
-      });
-
-      it('should call verbose when available', () => {
-        logger.verbose('test message');
-
-        expect(mockLogger.verbose).toHaveBeenCalledWith('NAUTH: test message');
-      });
-    });
-  });
-
-  describe('Edge Cases', () => {
-    beforeEach(() => {
-      logger = new NAuthLogger(mockLogger);
-    });
-
-    it('should handle null messages', () => {
-      logger.log(null);
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: null');
-    });
-
-    it('should handle undefined messages', () => {
-      logger.log(undefined);
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: undefined');
-    });
-
-    it('should handle empty string messages', () => {
-      logger.log('');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: ');
-    });
-
-    it('should handle circular references in objects', () => {
-      const obj: any = { key: 'value' };
-      obj.self = obj; // Circular reference
-
-      // Should not throw error, should handle gracefully
-      expect(() => logger.log('message', obj)).not.toThrow();
-      expect(mockLogger.log).toHaveBeenCalled();
-      // Should handle circular reference by converting to safe string
-      const callArgs = mockLogger.log.mock.calls[0];
-      expect(callArgs[1]).toBe('[Object with circular reference or invalid JSON]');
-    });
-
-    it('should handle malformed JSON in parameters', () => {
-      const malformedParam = {
-        toJSON: () => {
-          throw new Error('Bad JSON');
-        },
-      };
-
-      // The logger catches JSON.stringify errors (toJSON throwing) and handles them gracefully
-      expect(() => logger.log('message', malformedParam)).not.toThrow();
-      expect(mockLogger.log).toHaveBeenCalled();
-      const callArgs = mockLogger.log.mock.calls[0];
-      expect(callArgs[1]).toBe('[Object with circular reference or invalid JSON]');
-    });
-
-    it('should handle empty parameters array', () => {
-      logger.log('message');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: message');
-    });
-
-    it('should handle invalid log levels gracefully', () => {
-      const config: NAuthLoggerConfig = {
-        instance: mockLogger,
-        logLevel: 'invalid' as any,
-      };
-      logger = new NAuthLogger(config);
-
-      // When logLevel is invalid, indexOf returns -1, which means nothing will log
-      // This is expected behavior - invalid levels should not log
-      logger.debug('test');
-      expect(mockLogger.debug).not.toHaveBeenCalled();
-    });
-  });
-
-  describe('PII Redaction Integration', () => {
-    beforeEach(() => {
-      logger = new NAuthLogger(mockLogger);
-    });
-
-    it('should redact emails in messages', () => {
-      logger.log('Contact user@test.com for support');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Contact u***@***.com for support');
-    });
-
-    it('should redact IP addresses in messages', () => {
-      logger.log('Request from 192.168.1.100');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Request from 192.168.1.***');
-    });
-
-    it('should redact tokens in messages', () => {
-      // JWT tokens have dots that get redacted separately - each part (before/after dot) matches JWT pattern
-      logger.log('Using token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Using token [REDACTED_TOKEN].[REDACTED_TOKEN]');
-    });
-
-    it('should redact phone numbers in messages', () => {
-      logger.log('Call +1234567890');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: Call +123***7890');
-    });
-
-    it('should redact names in messages', () => {
-      // Name redaction only works in specific JSON patterns, not in plain text
-      // This test verifies names are logged as-is in plain text messages
-      logger.log('User John Doe signed up');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: User John Doe signed up');
-    });
-
-    it('should redact passwords when PII redaction is enabled', () => {
-      // Password redaction works on JSON-like patterns: password="value" or password: "value"
-      // Plain text "Password is ..." doesn't match the pattern
-      logger.log('password: mySecret123');
-
-      expect(mockLogger.log).toHaveBeenCalledWith('NAUTH: password=[REDACTED]');
-    });
-  });
-});

package/src/utils/nauth-logger.ts

@@ -1,215 +0,0 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
-import { LoggerService, NAuthLoggerConfig } from '../interfaces/config.interface';
-import { PiiRedactor } from './pii-redactor';
-
-/**
- * NAuth Logger Wrapper
- *
- * Wraps any NestJS-compatible logger and adds features:
- * 1. "NAUTH:" prefix to all messages for easy identification
- * 2. Automatic PII redaction (emails, IPs, tokens, etc.) - enabled by default
- * 3. Optional log level filtering
- * 4. Silent mode if no logger is provided
- *
- * This allows nauth-toolkit to integrate seamlessly with the consuming application's
- * logging infrastructure while maintaining security and compliance.
- *
- * @example
- * ```typescript
- * // With NestJS built-in logger (PII redaction enabled by default)
- * const logger = new NAuthLogger(new Logger('MyApp'));
- * logger.log('User user@example.com signed up');
- * // Output: [MyApp] NAUTH: User u***@***.com signed up
- *
- * // With config options
- * const logger = new NAuthLogger({
- *   instance: new Logger('MyApp'),
- *   enablePiiRedaction: true,  // Default
- *   logLevel: 'debug'
- * });
- *
- * // Disable PII redaction (debugging only)
- * const logger = new NAuthLogger({
- *   instance: myLogger,
- *   enablePiiRedaction: false
- * });
- *
- * // Silent mode (no logger provided)
- * const logger = new NAuthLogger();
- * logger.log('This will not be logged'); // No output
- * ```
- */
-export class NAuthLogger implements LoggerService {
-  private static readonly PREFIX = 'NAUTH:';
-
-  private readonly logger?: LoggerService;
-  private readonly piiRedactor: PiiRedactor;
-  private readonly enablePiiRedaction: boolean;
-  private readonly logLevel?: string;
-
-  constructor(config?: LoggerService | NAuthLoggerConfig) {
-    if (!config) {
-      // Silent mode
-      this.logger = undefined;
-      this.enablePiiRedaction = true;
-      this.piiRedactor = new PiiRedactor();
-    } else if ('instance' in config) {
-      // LoggerConfig object
-      this.logger = config.instance;
-      this.enablePiiRedaction = config.enablePiiRedaction !== false; // Default: true
-      this.logLevel = config.logLevel;
-      this.piiRedactor = new PiiRedactor({
-        redactEmails: this.enablePiiRedaction,
-        redactIpAddresses: this.enablePiiRedaction,
-        redactTokens: this.enablePiiRedaction,
-        redactPhoneNumbers: this.enablePiiRedaction,
-        redactNames: this.enablePiiRedaction,
-        redactPasswords: true, // Always redact passwords
-      });
-    } else {
-      // LoggerService instance directly
-      this.logger = config;
-      this.enablePiiRedaction = true; // Default: enabled
-      this.piiRedactor = new PiiRedactor();
-    }
-  }
-
-  /**
-   * Log a message (info level)
-   */
-  log(message: any, ...optionalParams: any[]): any {
-    if (!this.logger || !this.shouldLog('log')) return;
-
-    const processedMessage = this.processMessage(message);
-    const processedParams = this.processParams(optionalParams);
-    return this.logger.log(processedMessage, ...processedParams);
-  }
-
-  /**
-   * Log an error message
-   */
-  error(message: any, ...optionalParams: any[]): any {
-    if (!this.logger || !this.shouldLog('error')) return;
-
-    const processedMessage = this.processMessage(message);
-    const processedParams = this.processParams(optionalParams);
-    return this.logger.error(processedMessage, ...processedParams);
-  }
-
-  /**
-   * Log a warning message
-   */
-  warn(message: any, ...optionalParams: any[]): any {
-    if (!this.logger || !this.shouldLog('warn')) return;
-
-    const processedMessage = this.processMessage(message);
-    const processedParams = this.processParams(optionalParams);
-    return this.logger.warn(processedMessage, ...processedParams);
-  }
-
-  /**
-   * Log a debug message
-   */
-  debug(message: any, ...optionalParams: any[]): any {
-    if (!this.logger || !this.logger.debug || !this.shouldLog('debug')) return;
-
-    const processedMessage = this.processMessage(message);
-    const processedParams = this.processParams(optionalParams);
-    return this.logger.debug(processedMessage, ...processedParams);
-  }
-
-  /**
-   * Log a verbose message
-   */
-  verbose(message: any, ...optionalParams: any[]): any {
-    if (!this.logger || !this.logger.verbose || !this.shouldLog('verbose')) return;
-
-    const processedMessage = this.processMessage(message);
-    const processedParams = this.processParams(optionalParams);
-    return this.logger.verbose(processedMessage, ...processedParams);
-  }
-
-  /**
-   * Process message: add prefix and apply PII redaction
-   * @private
-   */
-  private processMessage(message: any): any {
-    let processedMessage: string;
-
-    if (typeof message === 'string') {
-      processedMessage = message;
-    } else if (typeof message === 'object') {
-      // For objects, stringify then redact
-      processedMessage = JSON.stringify(message);
-    } else {
-      processedMessage = String(message);
-    }
-
-    // Apply PII redaction if enabled
-    if (this.enablePiiRedaction) {
-      processedMessage = this.piiRedactor.redactMessage(processedMessage);
-    }
-
-    // Add NAUTH: prefix
-    return `${NAuthLogger.PREFIX} ${processedMessage}`;
-  }
-
-  /**
-   * Process optional parameters: apply PII redaction
-   * @private
-   */
-  private processParams(params: any[]): any[] {
-    if (!this.enablePiiRedaction || params.length === 0) {
-      return params;
-    }
-
-    return params.map((param) => {
-      if (typeof param === 'string') {
-        return this.piiRedactor.redactMessage(param);
-      } else if (typeof param === 'object') {
-        // For objects, stringify, redact, then parse back
-        try {
-          const stringified = JSON.stringify(param);
-          const redacted = this.piiRedactor.redactMessage(stringified);
-          try {
-            return JSON.parse(redacted);
-          } catch {
-            return redacted;
-          }
-        } catch {
-          // Handle circular references or other JSON.stringify errors (e.g., toJSON throwing)
-          return '[Object with circular reference or invalid JSON]';
-        }
-      }
-      return param;
-    });
-  }
-
-  /**
-   * Check if message should be logged based on log level
-   * @private
-   */
-  private shouldLog(level: string): boolean {
-    if (!this.logLevel) return true; // No filter, log everything
-
-    const levels = ['error', 'warn', 'log', 'debug', 'verbose'];
-    const configLevel = levels.indexOf(this.logLevel);
-    const messageLevel = levels.indexOf(level);
-
-    return messageLevel <= configLevel;
-  }
-
-  /**
-   * Check if logger is enabled
-   */
-  isEnabled(): boolean {
-    return !!this.logger;
-  }
-
-  /**
-   * Check if PII redaction is enabled
-   */
-  isPiiRedactionEnabled(): boolean {
-    return this.enablePiiRedaction;
-  }
-}