style: run eslint and prettier
All checks were successful
TrafficCue Server CI / check (push) Successful in 23s
All checks were successful
TrafficCue Server CI / check (push) Successful in 23s
This commit is contained in:
@ -1,6 +1,10 @@
|
||||
import { afterAll, beforeAll, describe, expect, it } from "bun:test";
|
||||
import { getDb, initDb } from "../src/db";
|
||||
import { GenericContainer, Wait, type StartedTestContainer } from "testcontainers";
|
||||
import {
|
||||
GenericContainer,
|
||||
Wait,
|
||||
type StartedTestContainer,
|
||||
} from "testcontainers";
|
||||
import { createTestKey } from "./keys";
|
||||
import { sign } from "jsonwebtoken";
|
||||
import { getTokenData, getTokenUID, verifyToken } from "../src/auth";
|
||||
@ -13,7 +17,7 @@ process.env.OIDC_TOKEN_URL = "http://oidc.example.com/token";
|
||||
process.env.NODE_ENV = "test";
|
||||
process.env.REVIEWS_ENABLED = "true";
|
||||
|
||||
const app = await import("../src/main").then(m => m.default);
|
||||
const app = await import("../src/main").then((m) => m.default);
|
||||
|
||||
const PGSQL_IMAGE = "postgres:latest";
|
||||
let postgresContainer: StartedTestContainer | null = null;
|
||||
@ -22,12 +26,12 @@ let privateKey: string;
|
||||
|
||||
// Spin up a temporary Postgres container for testing
|
||||
beforeAll(async () => {
|
||||
if(!process.env.DATABASE_URL) {
|
||||
if (!process.env.DATABASE_URL) {
|
||||
postgresContainer = await new GenericContainer(PGSQL_IMAGE)
|
||||
.withEnvironment({
|
||||
POSTGRES_USER: "tc",
|
||||
POSTGRES_PASSWORD: "tc",
|
||||
POSTGRES_DB: "tc"
|
||||
POSTGRES_DB: "tc",
|
||||
})
|
||||
.withExposedPorts(5432)
|
||||
.withHealthCheck({
|
||||
@ -38,10 +42,10 @@ beforeAll(async () => {
|
||||
})
|
||||
.withWaitStrategy(Wait.forHealthCheck())
|
||||
.start();
|
||||
|
||||
|
||||
process.env.DATABASE_URL = `postgres://tc:tc@localhost:${postgresContainer.getMappedPort(5432)}/tc`;
|
||||
}
|
||||
|
||||
|
||||
getDb(true);
|
||||
await initDb();
|
||||
});
|
||||
@ -51,7 +55,7 @@ afterAll(async () => {
|
||||
const db = getDb();
|
||||
await db.dropDatabase();
|
||||
await db.destroy();
|
||||
if(postgresContainer) await postgresContainer.stop();
|
||||
if (postgresContainer) await postgresContainer.stop();
|
||||
});
|
||||
|
||||
// Override JWKS URL to prevent external calls during tests
|
||||
@ -63,7 +67,7 @@ beforeAll(async () => {
|
||||
// Mock the fetch function to return the test JWK
|
||||
// @ts-expect-error - we just need to override fetch for tests
|
||||
global.fetch = async () => ({
|
||||
json: async () => ({ keys: [jwk] })
|
||||
json: async () => ({ keys: [jwk] }),
|
||||
});
|
||||
});
|
||||
|
||||
@ -86,31 +90,35 @@ it("Serves a correct config", async () => {
|
||||
expect(config.capabilities).toBeArray();
|
||||
expect(config.capabilities).toContain("auth");
|
||||
expect(config.capabilities).toContain("reviews");
|
||||
expect(config.oidc).toEqual({CLIENT_ID: "test-client", AUTH_URL: "http://oidc.example.com/auth", TOKEN_URL: "http://oidc.example.com/token"});
|
||||
})
|
||||
expect(config.oidc).toEqual({
|
||||
CLIENT_ID: "test-client",
|
||||
AUTH_URL: "http://oidc.example.com/auth",
|
||||
TOKEN_URL: "http://oidc.example.com/token",
|
||||
});
|
||||
});
|
||||
|
||||
describe("Authentication", () => {
|
||||
it("verifies a valid token", async () => {
|
||||
const token = sign({ sub: "test" }, privateKey, {
|
||||
algorithm: "RS256",
|
||||
keyid: jwk.kid,
|
||||
expiresIn: "1h"
|
||||
expiresIn: "1h",
|
||||
});
|
||||
expect(await verifyToken(token)).toBe(true);
|
||||
expect(getTokenUID(token)).toBe("test");
|
||||
expect(getTokenData(token)).toMatchObject({ sub: "test" });
|
||||
})
|
||||
});
|
||||
|
||||
it("fails with invalid KID", async () => {
|
||||
const token = sign({ sub: "test" }, privateKey, {
|
||||
algorithm: "RS256",
|
||||
keyid: "invalid-kid",
|
||||
expiresIn: "1h"
|
||||
expiresIn: "1h",
|
||||
});
|
||||
expect(await verifyToken(token)).toBe(false);
|
||||
expect(getTokenUID(token)).toBe("test");
|
||||
expect(getTokenData(token)).toMatchObject({ sub: "test" });
|
||||
})
|
||||
});
|
||||
|
||||
it("fails on an invalid token", async () => {
|
||||
const token = "invalid.token.here";
|
||||
@ -123,42 +131,52 @@ describe("Authentication", () => {
|
||||
const token = sign({ sub: "test" }, privateKey, {
|
||||
algorithm: "RS256",
|
||||
keyid: jwk.kid,
|
||||
expiresIn: "-1h"
|
||||
expiresIn: "-1h",
|
||||
});
|
||||
expect(await verifyToken(token)).toBe(false);
|
||||
expect(getTokenUID(token)).toBe("test");
|
||||
expect(getTokenData(token)).toMatchObject({ sub: "test" });
|
||||
});
|
||||
})
|
||||
});
|
||||
|
||||
let token: string;
|
||||
const uid = crypto.randomUUID();
|
||||
|
||||
describe("User Endpoints", () => {
|
||||
it("fails with invalid token", async () => {
|
||||
const res = await app.fetch(new Request("http://localhost/api/user", {
|
||||
method: "POST",
|
||||
body: JSON.stringify({ token: "invalid.token.here" }),
|
||||
}));
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/user", {
|
||||
method: "POST",
|
||||
body: JSON.stringify({ token: "invalid.token.here" }),
|
||||
}),
|
||||
);
|
||||
expect(res.status).toBe(400);
|
||||
});
|
||||
it("uploads a token", async () => {
|
||||
token = sign({
|
||||
sub: uid,
|
||||
preferred_username: "testuser",
|
||||
}, privateKey, {
|
||||
algorithm: "RS256",
|
||||
keyid: jwk.kid,
|
||||
expiresIn: "1h"
|
||||
});
|
||||
const res = await app.fetch(new Request("http://localhost/api/user", {
|
||||
method: "POST",
|
||||
body: JSON.stringify({ token }),
|
||||
}));
|
||||
token = sign(
|
||||
{
|
||||
sub: uid,
|
||||
preferred_username: "testuser",
|
||||
},
|
||||
privateKey,
|
||||
{
|
||||
algorithm: "RS256",
|
||||
keyid: jwk.kid,
|
||||
expiresIn: "1h",
|
||||
},
|
||||
);
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/user", {
|
||||
method: "POST",
|
||||
body: JSON.stringify({ token }),
|
||||
}),
|
||||
);
|
||||
expect(res.status).toBe(200);
|
||||
});
|
||||
it("finds the user in search", async () => {
|
||||
const res = await app.fetch(new Request("http://localhost/api/user?name=testuser"));
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/user?name=testuser"),
|
||||
);
|
||||
expect(res.status).toBe(200);
|
||||
const json = await res.json();
|
||||
expect(json).toBeDefined();
|
||||
@ -166,34 +184,38 @@ describe("User Endpoints", () => {
|
||||
const users = json as { username: string }[];
|
||||
expect(users.length).toBeGreaterThan(0);
|
||||
expect(users[0]!.username).toBe("testuser");
|
||||
})
|
||||
})
|
||||
});
|
||||
});
|
||||
|
||||
describe("Reviews", () => {
|
||||
it("creates a review", async () => {
|
||||
const res = await app.fetch(new Request("http://localhost/api/review", {
|
||||
method: "POST",
|
||||
headers: {
|
||||
"Authorization": `Bearer ${token}`,
|
||||
"Content-Type": "application/json"
|
||||
},
|
||||
body: JSON.stringify({
|
||||
rating: 4,
|
||||
comment: "This is a test review.",
|
||||
lat: 51.5074,
|
||||
lon: 7.4653
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/review", {
|
||||
method: "POST",
|
||||
headers: {
|
||||
Authorization: `Bearer ${token}`,
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
body: JSON.stringify({
|
||||
rating: 4,
|
||||
comment: "This is a test review.",
|
||||
lat: 51.5074,
|
||||
lon: 7.4653,
|
||||
}),
|
||||
}),
|
||||
}));
|
||||
);
|
||||
expect(res.status).toBe(200);
|
||||
const json = await res.json();
|
||||
expect(json).toBeDefined();
|
||||
expect(json).toBeObject();
|
||||
const review = json as { success: boolean };
|
||||
expect(review.success).toBe(true);
|
||||
})
|
||||
});
|
||||
|
||||
it("lists reviews", async () => {
|
||||
const res = await app.fetch(new Request("http://localhost/api/reviews?lat=51.5074&lon=7.4653"));
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/reviews?lat=51.5074&lon=7.4653"),
|
||||
);
|
||||
expect(res.status).toBe(200);
|
||||
const json = await res.json();
|
||||
expect(json).toBeDefined();
|
||||
@ -202,22 +224,24 @@ describe("Reviews", () => {
|
||||
expect(reviews.length).toBeGreaterThan(0);
|
||||
expect(reviews[0]!.rating).toBe(4);
|
||||
expect(reviews[0]!.comment).toBe("This is a test review.");
|
||||
})
|
||||
})
|
||||
});
|
||||
});
|
||||
|
||||
describe("Saved Routes", () => {
|
||||
it("saves a route", async () => {
|
||||
const res = await app.fetch(new Request("http://localhost/api/saved", {
|
||||
method: "PUT",
|
||||
headers: {
|
||||
"Authorization": `Bearer ${token}`,
|
||||
"Content-Type": "application/json"
|
||||
},
|
||||
body: JSON.stringify({
|
||||
name: "Home to Work",
|
||||
data: "This is some test route data."
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/saved", {
|
||||
method: "PUT",
|
||||
headers: {
|
||||
Authorization: `Bearer ${token}`,
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
body: JSON.stringify({
|
||||
name: "Home to Work",
|
||||
data: "This is some test route data.",
|
||||
}),
|
||||
}),
|
||||
}));
|
||||
);
|
||||
expect(res.status).toBe(200);
|
||||
const json = await res.json();
|
||||
expect(json).toBeDefined();
|
||||
@ -226,12 +250,14 @@ describe("Saved Routes", () => {
|
||||
expect(result.success).toBe(true);
|
||||
});
|
||||
it("lists saved routes", async () => {
|
||||
const res = await app.fetch(new Request("http://localhost/api/saved", {
|
||||
method: "GET",
|
||||
headers: {
|
||||
"Authorization": `Bearer ${token}`,
|
||||
},
|
||||
}));
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/saved", {
|
||||
method: "GET",
|
||||
headers: {
|
||||
Authorization: `Bearer ${token}`,
|
||||
},
|
||||
}),
|
||||
);
|
||||
expect(res.status).toBe(200);
|
||||
const json = await res.json();
|
||||
expect(json).toBeDefined();
|
||||
@ -242,16 +268,18 @@ describe("Saved Routes", () => {
|
||||
expect(routes[0]!.data).toBe("This is some test route data.");
|
||||
});
|
||||
it("deletes a saved route", async () => {
|
||||
const res = await app.fetch(new Request("http://localhost/api/saved", {
|
||||
method: "DELETE",
|
||||
headers: {
|
||||
"Authorization": `Bearer ${token}`,
|
||||
"Content-Type": "application/json"
|
||||
},
|
||||
body: JSON.stringify({
|
||||
name: "Home to Work",
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/saved", {
|
||||
method: "DELETE",
|
||||
headers: {
|
||||
Authorization: `Bearer ${token}`,
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
body: JSON.stringify({
|
||||
name: "Home to Work",
|
||||
}),
|
||||
}),
|
||||
}));
|
||||
);
|
||||
expect(res.status).toBe(200);
|
||||
const json = await res.json();
|
||||
expect(json).toBeDefined();
|
||||
@ -260,12 +288,14 @@ describe("Saved Routes", () => {
|
||||
expect(result.success).toBe(true);
|
||||
});
|
||||
it("no longer lists deleted routes", async () => {
|
||||
const res = await app.fetch(new Request("http://localhost/api/saved", {
|
||||
method: "GET",
|
||||
headers: {
|
||||
"Authorization": `Bearer ${token}`,
|
||||
},
|
||||
}));
|
||||
const res = await app.fetch(
|
||||
new Request("http://localhost/api/saved", {
|
||||
method: "GET",
|
||||
headers: {
|
||||
Authorization: `Bearer ${token}`,
|
||||
},
|
||||
}),
|
||||
);
|
||||
expect(res.status).toBe(200);
|
||||
const json = await res.json();
|
||||
expect(json).toBeDefined();
|
||||
@ -273,4 +303,4 @@ describe("Saved Routes", () => {
|
||||
const routes = json as { name: string; data: string }[];
|
||||
expect(routes.length).toBe(0);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user