From c52e24f17ed615b2e2dd55a285eb272014a2ccbf Mon Sep 17 00:00:00 2001 From: Owen Jacobson Date: Sun, 24 Aug 2025 16:37:41 -0400 Subject: Factor out common authentication test verification steps into helpers. These checks tended to be wordy, and were prone to being done subtly differently in different locations for no good reason. Centralizing them cleans this up and makes the tests easier to follow, at the expense of making it somewhat harder to follow what the test is specifically checking. --- src/test/mod.rs | 1 + src/test/verify/identity.rs | 33 +++++++++++++++++++++++++++++++++ src/test/verify/login.rs | 25 +++++++++++++++++++++++++ src/test/verify/mod.rs | 3 +++ src/test/verify/token.rs | 34 ++++++++++++++++++++++++++++++++++ 5 files changed, 96 insertions(+) create mode 100644 src/test/verify/identity.rs create mode 100644 src/test/verify/login.rs create mode 100644 src/test/verify/mod.rs create mode 100644 src/test/verify/token.rs (limited to 'src/test') diff --git a/src/test/mod.rs b/src/test/mod.rs index d066349..ebbbfef 100644 --- a/src/test/mod.rs +++ b/src/test/mod.rs @@ -1 +1,2 @@ pub mod fixtures; +pub mod verify; diff --git a/src/test/verify/identity.rs b/src/test/verify/identity.rs new file mode 100644 index 0000000..226ee74 --- /dev/null +++ b/src/test/verify/identity.rs @@ -0,0 +1,33 @@ +use crate::{ + app::App, + name::Name, + test::{fixtures, verify}, + token::{app::ValidateError, extract::IdentityCookie}, + user::User, +}; + +pub async fn valid_for_name(app: &App, identity: &IdentityCookie, name: &Name) { + let secret = identity + .secret() + .expect("identity cookie must be set to be valid"); + verify::token::valid_for_name(app, &secret, name).await; +} + +pub async fn valid_for_user(app: &App, identity: &IdentityCookie, user: &User) { + let secret = identity + .secret() + .expect("identity cookie must be set to be valid"); + verify::token::valid_for_user(app, &secret, user).await; +} + +pub async fn invalid(app: &App, identity: &IdentityCookie) { + let secret = identity + .secret() + .expect("identity cookie must be set to be invalid"); + let validate_err = app + .tokens() + .validate(&secret, &fixtures::now()) + .await + .expect_err("identity cookie secret must be invalid"); + assert!(matches!(validate_err, ValidateError::InvalidToken)); +} diff --git a/src/test/verify/login.rs b/src/test/verify/login.rs new file mode 100644 index 0000000..3f291a3 --- /dev/null +++ b/src/test/verify/login.rs @@ -0,0 +1,25 @@ +use crate::{ + app::App, + name::Name, + password::Password, + test::{fixtures, verify}, + token::app::LoginError, +}; + +pub async fn valid_login(app: &App, name: &Name, password: &Password) { + let secret = app + .tokens() + .login(&name, &password, &fixtures::now()) + .await + .expect("login credentials expected to be valid"); + verify::token::valid_for_name(&app, &secret, &name).await; +} + +pub async fn invalid_login(app: &App, name: &Name, password: &Password) { + let error = app + .tokens() + .login(name, password, &fixtures::now()) + .await + .expect_err("login credentials expected not to be valid"); + assert!(matches!(error, LoginError::Rejected)); +} diff --git a/src/test/verify/mod.rs b/src/test/verify/mod.rs new file mode 100644 index 0000000..f809c90 --- /dev/null +++ b/src/test/verify/mod.rs @@ -0,0 +1,3 @@ +pub mod identity; +pub mod login; +pub mod token; diff --git a/src/test/verify/token.rs b/src/test/verify/token.rs new file mode 100644 index 0000000..99cd31f --- /dev/null +++ b/src/test/verify/token.rs @@ -0,0 +1,34 @@ +use crate::{ + app::App, + name::Name, + test::fixtures, + token::{Secret, app}, + user::User, +}; + +pub async fn valid_for_name(app: &App, secret: &Secret, name: &Name) { + let identity = app + .tokens() + .validate(secret, &fixtures::now()) + .await + .expect("provided secret is valid"); + assert_eq!(name, &identity.user.name); +} + +pub async fn valid_for_user(app: &App, secret: &Secret, user: &User) { + let identity = app + .tokens() + .validate(secret, &fixtures::now()) + .await + .expect("provided secret is valid"); + assert_eq!(user, &identity.user); +} + +pub async fn invalid(app: &App, secret: &Secret) { + let error = app + .tokens() + .validate(secret, &fixtures::now()) + .await + .expect_err("provided secret is invalid"); + assert!(matches!(error, app::ValidateError::InvalidToken)); +} -- cgit v1.2.3