ministryofjustice · Lbagg1 · Dec 19, 2023 · Dec 14, 2023 · Dec 14, 2023 · Dec 14, 2023
@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Service\Log\Output;
+
+use function hash;
+
+class Email
+{
+    public function __construct(private string $email)
+    {
+    }
+
+    public function __toString(): string
+    {
+        return hash('sha256', $this->email);
+    }
+}
@@ -12,6 +12,7 @@
 use App\Exception\GoneException;
 use App\Exception\NotFoundException;
 use App\Exception\UnauthorizedException;
+use App\Service\Log\Output\Email;
 use DateTime;
 use DateTimeInterface;
 use Exception;
@@ -190,7 +191,7 @@ public function requestPasswordReset(string $email): array
         } catch (Exception $e) {
             $this->logger->notice(
                 'Attempt made to reset password for non-existent account',
-                ['email' => $email]
+                ['email' => new Email($email)]
             );
 
             throw $e;

@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace AppTest\Service\Log\Output;
+
+use App\Service\Log\Output\Email;
+use PHPUnit\Framework\TestCase;
+
+class EmailTest extends TestCase
+{
+    /** @test */
+    public function it_hides_a_string()
+    {
+        $email = new Email('[email protected]');
+        $this->assertMatchesRegularExpression('/.*/', (string)$email);
+        $this->assertStringNotContainsString('[email protected]', (string)$email);
+    }
+}
@@ -11,6 +11,7 @@
 use App\Exception\GoneException;
 use App\Exception\NotFoundException;
 use App\Exception\UnauthorizedException;
+use App\Service\Log\Output\Email;
 use App\Service\User\UserService;
 use DateTime;
 use Exception;
@@ -189,6 +190,36 @@ public function cannot_add_existing_user_as_email_used_in_reset()
         $us->add($userData);
     }
 
+    /** @test */
+    public function logs_Notice_When_Password_Reset_Is_Requested_For_Non_Existent_Account(): void
+    {
+        $email        = '[email protected]';
+        $hashed_email = hash('sha256', $email);
+
+        $repoProphecy   = $this->prophesize(ActorUsersInterface::class);
+        $loggerProphecy = $this->prophesize(LoggerInterface::class);
+
+        $repoProphecy
+            ->recordPasswordResetRequest(Argument::cetera())
+            ->willThrow(Exception::class);
+
+        $loggerProphecy
+            ->notice(
+                'Attempt made to reset password for non-existent account',
+                Argument::that(function ($arg) use ($hashed_email) {
+                    return $arg['email'] instanceof Email && (string)($arg['email']) == $hashed_email;
+                })
+            )
+            ->shouldBeCalled();
+
+        $userService = new UserService($repoProphecy->reveal(), $loggerProphecy->reveal());
+
+        try {
+            $userService->requestPasswordReset($email);
+        } catch (Exception) {
+        }
+    }
+
     /** @test */
     public function can_get_a_user_from_storage(): void
     {

@@ -117,7 +117,7 @@ public function authenticate(string $credential, ?string $password = null): ?Use
                 'Authentication failed for {email} with code {code}',
                 [
                     'code'  => $e->getCode(),
-                    'email' => $credential,
+                    'email' =>new Email($credential),
                 ]
             );
             if ($e->getCode() === StatusCodeInterface::STATUS_UNAUTHORIZED) {