test: address code review feedback on PRO API key tests

- Route malformed-key redaction tests through the real extraction → scope →
  resolve path instead of injecting _Malformed() directly, so redaction is
  verified in the actual request flow.
- Move the _Malformed import to the module header in the contract test.
- Make header name/value leak checks case-insensitive in the decorator and
  analytics tests.
- Assert the periodic-progress callback was actually awaited.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

Author: akolotov

tests/test_analytics.py

@@ -200,7 +200,8 @@ def test_pro_api_key_not_in_analytics_payload(monkeypatch):
         # Inspect every string in the call for the key value and header name
         all_text = str(call_args)
         assert client_key not in all_text
-        assert "Blockscout-MCP-Pro-Api-Key" not in all_text
+        # Case-insensitive: catch a leaked header name regardless of casing.
+        assert "blockscout-mcp-pro-api-key" not in all_text.lower()
 
         # Also explicitly check that the properties dict doesn't contain the key
         args, kwargs = call_args

tests/test_pro_api_key_context.py

@@ -216,24 +216,52 @@ def test_resolve_malformed_does_not_fall_back_to_server_key(monkeypatch):
 # ===========================================================================
 
 
-def test_malformed_error_does_not_embed_control_char_value(monkeypatch):
-    """ValueError message must not reproduce the raw submitted value."""
+@pytest.mark.asyncio
+async def test_malformed_error_does_not_embed_control_char_value(monkeypatch):
+    """The malformed-key ValueError must not reproduce the raw submitted value.
+
+    The value flows through the real extraction → scope → resolve path: the
+    decorator extracts the control-char header, records the ``_Malformed`` state,
+    and ``resolve_pro_api_key()`` raises inside the scope.
+    """
+    monkeypatch.setattr(config, "pro_api_key_header", "Blockscout-MCP-Pro-Api-Key", raising=False)
     monkeypatch.setattr(config, "pro_api_key", "server-key", raising=False)
     raw_value = "key-with\ncontrol-char"
-    with _set_key_state(_Malformed()):
-        with pytest.raises(ValueError) as exc_info:
-            resolve_pro_api_key()
-        assert raw_value not in str(exc_info.value)
+
+    @pro_api_key_scope
+    async def dummy(ctx) -> None:
+        resolve_pro_api_key()
+
+    # Plain dict headers: real starlette Headers reject control-char values at
+    # construction time, while the extractor works with any Mapping.
+    request = SimpleNamespace(headers={"Blockscout-MCP-Pro-Api-Key": raw_value})
+    ctx = SimpleNamespace(request_context=SimpleNamespace(request=request))
+
+    with pytest.raises(ValueError) as exc_info:
+        await dummy(ctx=ctx)
+    assert raw_value not in str(exc_info.value)
 
 
-def test_malformed_error_does_not_embed_over_length_value(monkeypatch):
-    """ValueError message must not reproduce an over-length submitted value."""
+@pytest.mark.asyncio
+async def test_malformed_error_does_not_embed_over_length_value(monkeypatch):
+    """The malformed-key ValueError must not reproduce an over-length submitted value.
+
+    Same real extraction → scope → resolve path as the control-char case.
+    """
+    monkeypatch.setattr(config, "pro_api_key_header", "Blockscout-MCP-Pro-Api-Key", raising=False)
     monkeypatch.setattr(config, "pro_api_key", "server-key", raising=False)
     raw_value = "a" * 257
-    with _set_key_state(_Malformed()):
-        with pytest.raises(ValueError) as exc_info:
-            resolve_pro_api_key()
-        assert raw_value not in str(exc_info.value)
+
+    @pro_api_key_scope
+    async def dummy(ctx) -> None:
+        resolve_pro_api_key()
+
+    request = SimpleNamespace(headers={"Blockscout-MCP-Pro-Api-Key": raw_value})
+    ctx = SimpleNamespace(request_context=SimpleNamespace(request=request))
+
+    with pytest.raises(ValueError) as exc_info:
+        await dummy(ctx=ctx)
+    assert raw_value not in str(exc_info.value)
 
 
 # ===========================================================================

tests/tools/contract/test_fetch_and_process_contract.py

@@ -5,7 +5,7 @@
 
 from blockscout_mcp_server.cache import CachedContract
 from blockscout_mcp_server.config import config
-from blockscout_mcp_server.pro_api_key_context import _client_key_state, _Valid
+from blockscout_mcp_server.pro_api_key_context import _client_key_state, _Malformed, _Valid
 from blockscout_mcp_server.tools.contract._shared import _fetch_and_process_contract
 
 
@@ -259,8 +259,6 @@ async def test_fetch_and_process_cache_hit_serverless_valid_client_key(mock_ctx)
 @pytest.mark.asyncio
 async def test_fetch_and_process_cache_hit_malformed_key_fails_closed(mock_ctx):
     """Cache hit with malformed client key: gate raises ValueError before cache is consulted."""
-    from blockscout_mcp_server.pro_api_key_context import _Malformed
-
     cached = CachedContract(metadata={}, source_files={})
     token = _client_key_state.set(_Malformed())
     try:

tests/tools/test_common_blockscout_request_auth.py

@@ -251,6 +251,8 @@ async def test_get_context_var_propagates_into_periodic_progress_task(monkeypatc
         _client_key_state.reset(token)
 
     assert result == {"result": "ok"}
+    # Progress beats must have been emitted along the periodic-progress path.
+    mock_ctx.report_progress.assert_awaited()
     # The key must have been visible inside the spawned child task
     assert fake_client.get_headers.get("Authorization") == "Bearer propagated-client-key"
 

tests/tools/test_decorators.py

@@ -277,5 +277,7 @@ async def dummy_tool(a: int, ctx: Context) -> int:
 
     await dummy_tool(7, ctx=mock_ctx)
 
-    assert client_key not in caplog.text
-    assert "Blockscout-MCP-Pro-Api-Key" not in caplog.text
+    # Case-insensitive: catch a leaked header name/value regardless of logger casing.
+    logged_text = caplog.text.lower()
+    assert client_key.lower() not in logged_text
+    assert "blockscout-mcp-pro-api-key" not in logged_text