Files
GearBox/tests/services/auth.service.test.ts
Jean-Luc Makiola 689a56b2b7 feat(15-03): update E2E seed and auth tests for OIDC architecture
- E2E seed creates API key instead of user for authentication
- Auth service tests cover only API key CRUD (removed user/session tests)
- Auth middleware tests validate three-way auth: API key, Bearer token, OIDC session
- Auth route tests mock getAuth for OIDC session, test /me and /keys endpoints
- Remove all references to createUser, verifyPassword, createSession in auth tests
2026-04-04 20:54:18 +02:00

69 lines
2.0 KiB
TypeScript

import { beforeEach, describe, expect, it } from "bun:test";
import {
createApiKey,
deleteApiKey,
listApiKeys,
verifyApiKey,
} from "../../src/server/services/auth.service.ts";
import { createTestDb } from "../helpers/db.ts";
describe("Auth Service", () => {
let db: ReturnType<typeof createTestDb>;
beforeEach(() => {
db = createTestDb();
});
describe("API Key Management", () => {
it("creates key and returns raw key once (length > 16, prefix matches first 8 chars)", async () => {
const result = await createApiKey(db, "test-key");
expect(result).toBeDefined();
expect(result.rawKey).toBeDefined();
expect(result.rawKey.length).toBeGreaterThan(16);
expect(result.keyPrefix).toBe(result.rawKey.slice(0, 8));
expect(result.name).toBe("test-key");
});
it("verifies valid key returns true", async () => {
const result = await createApiKey(db, "test-key");
const isValid = await verifyApiKey(db, result.rawKey);
expect(isValid).toBe(true);
});
it("rejects invalid key returns false", async () => {
await createApiKey(db, "test-key");
const isValid = await verifyApiKey(db, "invalidkey12345678");
expect(isValid).toBe(false);
});
it("deletes key so it is no longer valid", async () => {
const result = await createApiKey(db, "test-key");
deleteApiKey(db, result.id);
const isValid = await verifyApiKey(db, result.rawKey);
expect(isValid).toBe(false);
});
it("listApiKeys returns keys without hashes", async () => {
await createApiKey(db, "key-one");
await createApiKey(db, "key-two");
const keys = listApiKeys(db);
expect(keys).toHaveLength(2);
expect(keys[0].name).toBe("key-one");
expect(keys[1].name).toBe("key-two");
// Ensure no hash is exposed
for (const key of keys) {
expect(key).toHaveProperty("id");
expect(key).toHaveProperty("name");
expect(key).toHaveProperty("keyPrefix");
expect(key).toHaveProperty("createdAt");
expect(key).not.toHaveProperty("keyHash");
}
});
});
});