Add tests

Author: xrmx

instrumentation/opentelemetry-instrumentation-urllib3/tests/test_urllib3_integration.py

@@ -11,6 +11,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+
 import json
 import typing
 from unittest import mock
@@ -609,3 +610,344 @@ def test_no_op_tracer_provider(self):
         response = self.perform_request(self.HTTP_URL)
         self.assertEqual(b"Hello!", response.data)
         self.assert_span(num_spans=0)
+
+    def test_custom_response_headers_captured(self):
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument(
+            captured_response_headers=["X-Custom-Header", "X-Another-Header"]
+        )
+
+        response_headers = {
+            "X-Custom-Header": "custom-value",
+            "X-Another-Header": "another-value",
+        }
+        url = "http://mock//capture_headers"
+        httpretty.register_uri(
+            httpretty.GET, url, body="Hello!", adding_headers=response_headers
+        )
+        self.perform_request(url)
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.response.header.x_custom_header"],
+            ("custom-value",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.x_another_header"],
+            ("another-value",),
+        )
+        self.assertNotIn(
+            "http.response.header.x_excluded_header", span.attributes
+        )
+
+    def test_custom_headers_not_captured_when_not_configured(self):
+        """Test that headers are not captured when env vars are not set."""
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument()
+
+        self.perform_request(
+            self.HTTP_URL,
+            headers={"X-Request-Header": "request-value"},
+        )
+
+        span = self.assert_span(num_spans=1)
+        self.assertNotIn(
+            "http.request.header.x_request_header", span.attributes
+        )
+        self.assertNotIn(
+            "http.response.header.x_response_header", span.attributes
+        )
+
+    def test_sensitive_headers_sanitized(self):
+        """Test that sensitive header values are redacted."""
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument(
+            captured_request_headers=["Authorization", "X-Api-Key"],
+            captured_response_headers=["Set-Cookie", "X-Secret"],
+            sensitive_headers=[
+                "Authorization",
+                "X-Api-Key",
+                "Set-Cookie",
+                "X-Secret",
+            ],
+        )
+
+        response_headers = {
+            "Set-Cookie": "session=abc123",
+            "X-Secret": "secret",
+        }
+        url = "http://mock//capture_headers"
+        httpretty.register_uri(
+            httpretty.GET, url, body="Hello!", adding_headers=response_headers
+        )
+        self.perform_request(
+            url,
+            headers={
+                "Authorization": "Bearer secret-token",
+                "X-Api-Key": "secret-key",
+            },
+        )
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.request.header.authorization"],
+            ("[REDACTED]",),
+        )
+        self.assertEqual(
+            span.attributes["http.request.header.x_api_key"],
+            ("[REDACTED]",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.set_cookie"],
+            ("[REDACTED]",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.x_secret"],
+            ("[REDACTED]",),
+        )
+
+    def test_custom_headers_with_regex(self):
+        """Test that header capture works with regex patterns."""
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument(
+            captured_request_headers=["X-Custom-Request-.*"],
+            captured_response_headers=["X-Custom-Response-.*"],
+        )
+
+        response_headers = {
+            "X-Custom-Response-A": "value-A",
+            "X-Custom-Response-B": "value-B",
+            "X-Other-Response-Header": "other-value",
+        }
+        url = "http://mock//capture_headers"
+        httpretty.register_uri(
+            httpretty.GET, url, body="Hello!", adding_headers=response_headers
+        )
+        self.perform_request(
+            url,
+            headers={
+                "X-Custom-Request-One": "value-one",
+                "X-Custom-Request-Two": "value-two",
+                "X-Other-Request-Header": "other-value",
+            },
+        )
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.request.header.x_custom_request_one"],
+            ("value-one",),
+        )
+        self.assertEqual(
+            span.attributes["http.request.header.x_custom_request_two"],
+            ("value-two",),
+        )
+        self.assertNotIn(
+            "http.request.header.x_other_request_header", span.attributes
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.x_custom_response_a"],
+            ("value-A",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.x_custom_response_b"],
+            ("value-B",),
+        )
+        self.assertNotIn(
+            "http.response.header.x_other_response_header", span.attributes
+        )
+
+    def test_custom_headers_case_insensitive(self):
+        """Test that header capture is case-insensitive."""
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument(
+            captured_request_headers=["x-request-header"],
+            captured_response_headers=["x-response-header"],
+        )
+
+        response_headers = {"X-ReSPoNse-HeaDER": "custom-value"}
+        url = "http://mock//capture_headers"
+        httpretty.register_uri(
+            httpretty.GET, url, body="Hello!", adding_headers=response_headers
+        )
+        self.perform_request(
+            url,
+            headers={"X-ReQuESt-HeaDER": "custom-value"},
+        )
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.request.header.x_request_header"],
+            ("custom-value",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.x_response_header"],
+            ("custom-value",),
+        )
+
+    def test_standard_http_headers_captured(self):
+        """Test that standard HTTP headers can be captured."""
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument(
+            captured_request_headers=["Content-Type", "Accept"],
+            captured_response_headers=["Content-Type", "Server"],
+        )
+
+        response_headers = {
+            "Content-Type": "text/plain",
+            "Server": "TestServer/1.0",
+        }
+        url = "http://mock//capture_headers"
+        httpretty.register_uri(
+            httpretty.GET, url, body="Hello!", adding_headers=response_headers
+        )
+        self.perform_request(
+            url,
+            headers={
+                "Content-Type": "application/json",
+                "Accept": "application/json",
+            },
+        )
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.request.header.content_type"],
+            ("application/json",),
+        )
+        self.assertEqual(
+            span.attributes["http.request.header.accept"],
+            ("application/json",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.content_type"],
+            ("text/plain",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.server"],
+            ("TestServer/1.0",),
+        )
+
+    def test_capture_all_request_headers(self):
+        """Test that all request headers can be captured with .* pattern."""
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument(captured_request_headers=[".*"])
+
+        self.perform_request(
+            self.HTTP_URL,
+            headers={
+                "X-Header-One": "value1",
+                "X-Header-Two": "value2",
+                "X-Header-Three": "value3",
+            },
+        )
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.request.header.x_header_one"],
+            ("value1",),
+        )
+        self.assertEqual(
+            span.attributes["http.request.header.x_header_two"],
+            ("value2",),
+        )
+        self.assertEqual(
+            span.attributes["http.request.header.x_header_three"],
+            ("value3",),
+        )
+
+    def test_capture_all_response_headers(self):
+        """Test that all response headers can be captured with .* pattern."""
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument(captured_response_headers=[".*"])
+
+        response_headers = {
+            "X-Response-One": "value1",
+            "X-Response-Two": "value2",
+            "X-Response-Three": "value3",
+        }
+        url = "http://mock//capture_headers"
+        httpretty.register_uri(
+            httpretty.GET, url, body="Hello!", adding_headers=response_headers
+        )
+        self.perform_request(url)
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.response.header.x_response_one"],
+            ("value1",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.x_response_two"],
+            ("value2",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.x_response_three"],
+            ("value3",),
+        )
+
+    def test_sanitize_with_regex_pattern(self):
+        """Test that sanitization works with regex patterns."""
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument(
+            captured_request_headers=["X-Test.*"],
+            sensitive_headers=[".*secret.*"],
+        )
+
+        self.perform_request(
+            self.HTTP_URL,
+            headers={
+                "X-Test": "normal-value",
+                "X-Test-Secret": "secret-value",
+            },
+        )
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.request.header.x_test"],
+            ("normal-value",),
+        )
+        self.assertEqual(
+            span.attributes["http.request.header.x_test_secret"],
+            ("[REDACTED]",),
+        )
+
+    @mock.patch.dict(
+        "os.environ",
+        {
+            "OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_CLIENT_REQUEST": "x-request-one,x-request-two",
+            "OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_CLIENT_RESPONSE": "x-response-one",
+            "OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SANITIZE_FIELDS": "x-request-two",
+        },
+    )
+    def test_capture_and_sanitize_environment_variables(self):
+        URLLib3Instrumentor().uninstrument()
+        URLLib3Instrumentor().instrument()
+
+        response_headers = {
+            "X-Response-One": "value1",
+            "X-Response-Two": "value2",
+        }
+        url = "http://mock//capture_headers"
+        httpretty.register_uri(
+            httpretty.GET, url, body="Hello!", adding_headers=response_headers
+        )
+        self.perform_request(
+            url, headers={"x-request-one": "one", "x-request-two": "two"}
+        )
+
+        span = self.assert_span(num_spans=1)
+        self.assertEqual(
+            span.attributes["http.request.header.x_request_one"],
+            ("one",),
+        )
+        self.assertEqual(
+            span.attributes["http.request.header.x_request_two"],
+            ("[REDACTED]",),
+        )
+        self.assertEqual(
+            span.attributes["http.response.header.x_response_one"],
+            ("value1",),
+        )
+        self.assertNotIn(
+            "http.response.header.x_response_two",
+            span.attributes,
+        )