only redact client_secret, add test for sanitizeURL

github/github.go

@@ -344,8 +344,7 @@ func sanitizeURL(uri *url.URL) *url.URL {
 		return nil
 	}
 	params := uri.Query()
-	if len(params.Get("client_secret")) > 0 || len(params.Get("client_id")) > 0 {
-		params.Set("client_id", "REDACTED")
+	if len(params.Get("client_secret")) > 0 {
 		params.Set("client_secret", "REDACTED")
 		uri.RawQuery = params.Encode()
 	}

github/github_test.go

@@ -430,6 +430,25 @@ func TestDo_rateLimit_errorResponse(t *testing.T) {
 	}
 }
 
+func TestSanitizeURL(t *testing.T) {
+	tests := []struct {
+		in, want string
+	}{
+		{"/?a=b", "/?a=b"},
+		{"/?a=b&client_secret=secret", "/?a=b&client_secret=REDACTED"},
+		{"/?a=b&client_id=id&client_secret=secret", "/?a=b&client_id=id&client_secret=REDACTED"},
+	}
+
+	for _, tt := range tests {
+		inURL, _ := url.Parse(tt.in)
+		want, _ := url.Parse(tt.want)
+
+		if got := sanitizeURL(inURL); !reflect.DeepEqual(got, want) {
+			t.Errorf("sanitizeURL(%v) returned %v, want %v", tt.in, got, want)
+		}
+	}
+}
+
 func TestCheckResponse(t *testing.T) {
 	res := &http.Response{
 		Request:    &http.Request{},