128 lines
3.0 KiB
Go
128 lines
3.0 KiB
Go
package handlers
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
"time"
|
|
|
|
"git.threesix.ai/jordan/sp4-verify-1770325799/pkg/auth"
|
|
"git.threesix.ai/jordan/sp4-verify-1770325799/pkg/logging"
|
|
)
|
|
|
|
func TestValidate_Check(t *testing.T) {
|
|
secret := []byte("test-secret")
|
|
logger := logging.New(logging.Config{Level: logging.LevelDebug})
|
|
|
|
validator := auth.NewJWTValidator(auth.JWTConfig{
|
|
Secret: secret,
|
|
Issuer: "sp4-verify-1770325799",
|
|
})
|
|
handler := NewValidate(validator, logger)
|
|
|
|
// Generate a valid token
|
|
user := &auth.User{
|
|
ID: "user-123",
|
|
Email: "test@example.com",
|
|
Roles: []string{"admin"},
|
|
Scopes: []string{"read", "write"},
|
|
}
|
|
validToken, err := auth.GenerateTokenWithIssuer(secret, user, time.Hour, "sp4-verify-1770325799", "")
|
|
if err != nil {
|
|
t.Fatalf("failed to generate token: %v", err)
|
|
}
|
|
|
|
tests := []struct {
|
|
name string
|
|
authHeader string
|
|
queryToken string
|
|
wantValid bool
|
|
wantUserID string
|
|
wantStatusCode int
|
|
}{
|
|
{
|
|
name: "valid token in Authorization header",
|
|
authHeader: "Bearer " + validToken,
|
|
wantValid: true,
|
|
wantUserID: "user-123",
|
|
wantStatusCode: http.StatusOK,
|
|
},
|
|
{
|
|
name: "valid token without Bearer prefix",
|
|
authHeader: validToken,
|
|
wantValid: true,
|
|
wantUserID: "user-123",
|
|
wantStatusCode: http.StatusOK,
|
|
},
|
|
{
|
|
name: "valid token in query parameter",
|
|
queryToken: validToken,
|
|
wantValid: true,
|
|
wantUserID: "user-123",
|
|
wantStatusCode: http.StatusOK,
|
|
},
|
|
{
|
|
name: "invalid token",
|
|
authHeader: "Bearer invalid-token",
|
|
wantValid: false,
|
|
wantStatusCode: http.StatusOK,
|
|
},
|
|
{
|
|
name: "missing token",
|
|
wantValid: false,
|
|
wantStatusCode: http.StatusBadRequest,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
url := "/api/auth-svc/validate"
|
|
if tt.queryToken != "" {
|
|
url += "?token=" + tt.queryToken
|
|
}
|
|
|
|
req := httptest.NewRequest(http.MethodGet, url, nil)
|
|
if tt.authHeader != "" {
|
|
req.Header.Set("Authorization", tt.authHeader)
|
|
}
|
|
|
|
rr := httptest.NewRecorder()
|
|
err := handler.Check(rr, req)
|
|
|
|
// Check if error was returned (for bad request cases)
|
|
if tt.wantStatusCode == http.StatusBadRequest {
|
|
if err == nil {
|
|
t.Error("expected error for missing token")
|
|
}
|
|
return
|
|
}
|
|
|
|
if err != nil {
|
|
t.Fatalf("handler returned error: %v", err)
|
|
}
|
|
|
|
if rr.Code != tt.wantStatusCode {
|
|
t.Errorf("status code = %d, want %d", rr.Code, tt.wantStatusCode)
|
|
}
|
|
|
|
var resp struct {
|
|
Data ValidateResponse `json:"data"`
|
|
}
|
|
if err := json.NewDecoder(rr.Body).Decode(&resp); err != nil {
|
|
t.Fatalf("failed to decode response: %v", err)
|
|
}
|
|
|
|
if resp.Data.Valid != tt.wantValid {
|
|
t.Errorf("valid = %v, want %v", resp.Data.Valid, tt.wantValid)
|
|
}
|
|
|
|
if tt.wantValid && resp.Data.User != nil {
|
|
if resp.Data.User.ID != tt.wantUserID {
|
|
t.Errorf("user ID = %s, want %s", resp.Data.User.ID, tt.wantUserID)
|
|
}
|
|
}
|
|
})
|
|
}
|
|
}
|