Match whether ignored_parameters are present in a request (without matching content)

3 files changed, 38 insertions, 21 deletions

diff --git a/tests/integration/base_cache_test.py b/tests/integration/base_cache_test.py
index 5d69ea8..546f6c5 100644
--- a/tests/integration/base_cache_test.py
+++ b/tests/integration/base_cache_test.py
@@ -313,7 +313,7 @@ class BaseCacheTest:
         assert response.from_cache is False
         response = session.request(method, url, headers={"Authorization": "<Secret Key>"})
         assert response.from_cache is True
-        assert response.request.headers.get('Authorization') is None
+        assert response.request.headers.get('Authorization') == 'REDACTED'
 
     @pytest.mark.parametrize('method', HTTPBIN_METHODS)
     def test_filter_request_query_parameters(self, method):
@@ -325,23 +325,25 @@ class BaseCacheTest:
         assert response.from_cache is True
         query = urlparse(response.request.url).query
         query_dict = parse_qs(query)
-        assert 'api_key' not in query_dict
+        assert query_dict['api_key'] == ['REDACTED']
 
     @pytest.mark.parametrize('post_type', ['data', 'json'])
     def test_filter_request_post_data(self, post_type):
         method = 'POST'
         url = httpbin(method.lower())
+        body = {"api_key": "<Secret Key>"}
+        headers = {}
+        if post_type == 'data':
+            body = json.dumps(body)
+            headers = {'Content-Type': 'application/json'}
         session = self.init_session(ignored_parameters=['api_key'])
-        response = session.request(method, url, **{post_type: {"api_key": "<Secret Key>"}})
-        assert response.from_cache is False
-        response = session.request(method, url, **{post_type: {"api_key": "<Secret Key>"}})
+
+        response = session.request(method, url, headers=headers, **{post_type: body})
+        response = session.request(method, url, headers=headers, **{post_type: body})
         assert response.from_cache is True
-        if post_type == 'data':
-            body = parse_qs(response.request.body)
-            assert "api_key" not in body
-        elif post_type == 'json':
-            body = json.loads(response.request.body)
-            assert "api_key" not in body
+
+        parsed_body = json.loads(response.request.body)
+        assert parsed_body['api_key'] == 'REDACTED'
 
     @pytest.mark.parametrize('executor_class', [ThreadPoolExecutor, ProcessPoolExecutor])
     @pytest.mark.parametrize('iteration', range(N_ITERATIONS))
diff --git a/tests/unit/test_cache_keys.py b/tests/unit/test_cache_keys.py
index cb76f52..40cca7f 100644
--- a/tests/unit/test_cache_keys.py
+++ b/tests/unit/test_cache_keys.py
@@ -69,7 +69,7 @@ def test_normalize_request__json_body():
         headers={'Content-Type': 'application/json'},
     )
     norm_request = normalize_request(request, ignored_parameters=['param_2'])
-    assert norm_request.body == b'{"param_1": "value_1"}'
+    assert norm_request.body == b'{"param_1": "value_1", "param_2": "REDACTED"}'
 
 
 def test_normalize_request__json_body_list():
diff --git a/tests/unit/test_session.py b/tests/unit/test_session.py
index 5151a7d..dda449a 100644
--- a/tests/unit/test_session.py
+++ b/tests/unit/test_session.py
@@ -143,10 +143,18 @@ def test_all_methods__ignored_parameters__redacted(field, method, mock_session):
 
     mock_session.request(method, MOCKED_URL, **{field: params_1})
     cached_response = mock_session.request(method, MOCKED_URL, **{field: params_1})
-    assert 'ignored' not in cached_response.url
-    assert 'ignored' not in cached_response.request.url
-    assert 'ignored' not in cached_response.request.headers
-    assert 'ignored' not in cached_response.request.body.decode('utf-8')
+    request_url = cached_response.request.url
+    headers = cached_response.request.headers
+    body = cached_response.request.body.decode('utf-8')
+
+    assert 'ignored' not in cached_response.url or 'ignored=REDACTED' in cached_response.url
+    assert 'ignored' not in request_url or 'ignored=REDACTED' in request_url
+    assert 'ignored' not in headers or headers['ignored'] == 'REDACTED'
+    if field == 'data':
+        assert 'ignored=REDACTED' in body
+    elif field == 'json':
+        body = json.loads(body)
+        assert body['ignored'] == 'REDACTED'
 
 
 # Variations of relevant request arguments
@@ -502,12 +510,19 @@ def test_default_ignored_parameters(mock_session):
         params={'access_token': 'token'},
         headers={'Authorization': 'Bearer token'},
     )
-    response = mock_session.get(MOCKED_URL)
-
+    response = mock_session.get(
+        MOCKED_URL,
+        params={'access_token': 'token'},
+        headers={'Authorization': 'Bearer token'},
+    )
     assert response.from_cache is True
-    assert 'access_token' not in response.url
-    assert 'access_token' not in response.request.url
-    assert 'Authorization' not in response.request.headers
+
+    unauthenticated_response = mock_session.get(MOCKED_URL)
+    assert unauthenticated_response.from_cache is False
+
+    assert 'access_token=REDACTED' in response.url
+    assert 'access_token=REDACTED' in response.request.url
+    assert response.request.headers['Authorization'] == 'REDACTED'
 
 
 @patch_normalize_url