244 lines
10 KiB
Java
244 lines
10 KiB
Java
package com.krrishg.controller;
|
|
|
|
import com.krrishg.config.GlobalExceptionHandler;
|
|
import com.krrishg.dto.AuthResponse;
|
|
import com.krrishg.dto.AuthResponse.UserInfo;
|
|
import com.krrishg.dto.LoginRequest;
|
|
import com.krrishg.dto.RefreshTokenRequest;
|
|
import com.krrishg.dto.RegisterRequest;
|
|
import com.krrishg.dto.RegistrationResponse;
|
|
import com.krrishg.dto.ResendVerificationRequest;
|
|
import com.krrishg.dto.SetPasswordRequest;
|
|
import com.krrishg.dto.VerifyEmailRequest;
|
|
import com.krrishg.dto.VerifyEmailResponse;
|
|
import com.krrishg.service.AuthService;
|
|
import com.krrishg.support.TestSecurityConfig;
|
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
|
import org.junit.jupiter.api.Test;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
|
import org.springframework.context.annotation.Import;
|
|
import org.springframework.http.MediaType;
|
|
import org.springframework.boot.test.mock.mockito.MockBean;
|
|
import org.springframework.test.web.servlet.MockMvc;
|
|
|
|
import java.util.UUID;
|
|
|
|
import static org.mockito.ArgumentMatchers.any;
|
|
import static org.mockito.Mockito.doThrow;
|
|
import static org.mockito.Mockito.when;
|
|
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
|
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
|
|
|
|
@WebMvcTest(AuthController.class)
|
|
@Import({GlobalExceptionHandler.class, TestSecurityConfig.class})
|
|
class AuthControllerTest {
|
|
|
|
private final MockMvc mockMvc;
|
|
private final ObjectMapper objectMapper;
|
|
|
|
@MockBean
|
|
private AuthService authService;
|
|
|
|
AuthControllerTest(@Autowired MockMvc mockMvc, @Autowired ObjectMapper objectMapper) {
|
|
this.mockMvc = mockMvc;
|
|
this.objectMapper = objectMapper;
|
|
}
|
|
|
|
@Test
|
|
void registerReturns201WithMessage() throws Exception {
|
|
when(authService.register(any(RegisterRequest.class)))
|
|
.thenReturn(new RegistrationResponse("If this email is available, a verification link has been sent."));
|
|
|
|
RegisterRequest request = new RegisterRequest();
|
|
request.setEmail("test@example.com");
|
|
|
|
mockMvc.perform(post("/api/auth/register")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isCreated())
|
|
.andExpect(jsonPath("$.message").value("If this email is available, a verification link has been sent."));
|
|
}
|
|
|
|
@Test
|
|
void registerReturns400OnValidationError() throws Exception {
|
|
RegisterRequest request = new RegisterRequest();
|
|
|
|
mockMvc.perform(post("/api/auth/register")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isBadRequest());
|
|
}
|
|
|
|
@Test
|
|
void loginReturns200() throws Exception {
|
|
AuthResponse response = AuthResponse.builder()
|
|
.accessToken("at-123")
|
|
.refreshToken("rt-456")
|
|
.tokenType("Bearer")
|
|
.user(new UserInfo(UUID.randomUUID(), "login@example.com", "Login User", null))
|
|
.build();
|
|
when(authService.login(any(LoginRequest.class))).thenReturn(response);
|
|
|
|
LoginRequest request = new LoginRequest();
|
|
request.setEmail("login@example.com");
|
|
request.setPassword("password123");
|
|
|
|
mockMvc.perform(post("/api/auth/login")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isOk())
|
|
.andExpect(jsonPath("$.accessToken").value("at-123"))
|
|
.andExpect(jsonPath("$.user.email").value("login@example.com"));
|
|
}
|
|
|
|
@Test
|
|
void loginReturns400OnInvalidCredentials() throws Exception {
|
|
when(authService.login(any(LoginRequest.class)))
|
|
.thenThrow(new IllegalArgumentException("Invalid email or password"));
|
|
|
|
LoginRequest request = new LoginRequest();
|
|
request.setEmail("bad@example.com");
|
|
request.setPassword("wrong");
|
|
|
|
mockMvc.perform(post("/api/auth/login")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isBadRequest())
|
|
.andExpect(jsonPath("$.detail").value("Invalid email or password"));
|
|
}
|
|
|
|
@Test
|
|
void loginReturns400OnUnverifiedEmail() throws Exception {
|
|
when(authService.login(any(LoginRequest.class)))
|
|
.thenThrow(new IllegalArgumentException("Please verify your email address before logging in"));
|
|
|
|
LoginRequest request = new LoginRequest();
|
|
request.setEmail("unverified@example.com");
|
|
request.setPassword("password123");
|
|
|
|
mockMvc.perform(post("/api/auth/login")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isBadRequest())
|
|
.andExpect(jsonPath("$.detail").value("Please verify your email address before logging in"));
|
|
}
|
|
|
|
@Test
|
|
void refreshReturns200() throws Exception {
|
|
AuthResponse response = AuthResponse.builder()
|
|
.accessToken("new-at")
|
|
.refreshToken("new-rt")
|
|
.tokenType("Bearer")
|
|
.user(new UserInfo(UUID.randomUUID(), "user@example.com", "User", null))
|
|
.build();
|
|
when(authService.refreshToken(any(RefreshTokenRequest.class))).thenReturn(response);
|
|
|
|
RefreshTokenRequest request = new RefreshTokenRequest();
|
|
request.setRefreshToken("valid-refresh-token");
|
|
|
|
mockMvc.perform(post("/api/auth/refresh")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isOk())
|
|
.andExpect(jsonPath("$.accessToken").value("new-at"));
|
|
}
|
|
|
|
@Test
|
|
void logoutReturns204() throws Exception {
|
|
mockMvc.perform(post("/api/auth/logout"))
|
|
.andExpect(status().isNoContent());
|
|
}
|
|
|
|
@Test
|
|
void verifyEmailReturns200() throws Exception {
|
|
when(authService.verifyEmail(any(VerifyEmailRequest.class)))
|
|
.thenReturn(new VerifyEmailResponse("Email verified successfully", "setup-token-123"));
|
|
|
|
VerifyEmailRequest request = new VerifyEmailRequest();
|
|
request.setToken("valid-token");
|
|
|
|
mockMvc.perform(post("/api/auth/verify-email")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isOk())
|
|
.andExpect(jsonPath("$.message").value("Email verified successfully"))
|
|
.andExpect(jsonPath("$.setupToken").value("setup-token-123"));
|
|
}
|
|
|
|
@Test
|
|
void verifyEmailReturns400OnInvalidToken() throws Exception {
|
|
when(authService.verifyEmail(any(VerifyEmailRequest.class)))
|
|
.thenThrow(new IllegalArgumentException("Invalid verification token"));
|
|
|
|
VerifyEmailRequest request = new VerifyEmailRequest();
|
|
request.setToken("bad-token");
|
|
|
|
mockMvc.perform(post("/api/auth/verify-email")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isBadRequest())
|
|
.andExpect(jsonPath("$.detail").value("Invalid verification token"));
|
|
}
|
|
|
|
@Test
|
|
void verifyEmailReturns400OnExpiredToken() throws Exception {
|
|
when(authService.verifyEmail(any(VerifyEmailRequest.class)))
|
|
.thenThrow(new IllegalArgumentException("Verification token has expired"));
|
|
|
|
VerifyEmailRequest request = new VerifyEmailRequest();
|
|
request.setToken("expired-token");
|
|
|
|
mockMvc.perform(post("/api/auth/verify-email")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isBadRequest())
|
|
.andExpect(jsonPath("$.detail").value("Verification token has expired"));
|
|
}
|
|
|
|
@Test
|
|
void resendVerificationReturns200() throws Exception {
|
|
when(authService.resendVerification(any(ResendVerificationRequest.class)))
|
|
.thenReturn(new RegistrationResponse("If this email is available, a verification link has been sent."));
|
|
|
|
ResendVerificationRequest request = new ResendVerificationRequest();
|
|
request.setEmail("user@example.com");
|
|
|
|
mockMvc.perform(post("/api/auth/resend-verification")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isOk())
|
|
.andExpect(jsonPath("$.message").value("If this email is available, a verification link has been sent."));
|
|
}
|
|
|
|
@Test
|
|
void setPasswordReturns200() throws Exception {
|
|
SetPasswordRequest request = new SetPasswordRequest();
|
|
request.setSetupToken("setup-token-123");
|
|
request.setPassword("new-password");
|
|
request.setName("Test");
|
|
|
|
mockMvc.perform(post("/api/auth/set-password")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isOk());
|
|
}
|
|
|
|
@Test
|
|
void setPasswordReturns400OnInvalidToken() throws Exception {
|
|
doThrow(new IllegalArgumentException("Invalid setup token"))
|
|
.when(authService).setPassword(any(SetPasswordRequest.class));
|
|
|
|
SetPasswordRequest request = new SetPasswordRequest();
|
|
request.setSetupToken("bad-token");
|
|
request.setPassword("new-password");
|
|
request.setName("Test");
|
|
|
|
mockMvc.perform(post("/api/auth/set-password")
|
|
.contentType(MediaType.APPLICATION_JSON)
|
|
.content(objectMapper.writeValueAsString(request)))
|
|
.andExpect(status().isBadRequest())
|
|
.andExpect(jsonPath("$.detail").value("Invalid setup token"));
|
|
}
|
|
}
|