authorizer/server/test/logout_test.go

package test

import (
	"fmt"
	"strings"
	"testing"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/graph/model"
	"github.com/authorizerdev/authorizer/server/memorystore"
	"github.com/authorizerdev/authorizer/server/resolvers"
	"github.com/authorizerdev/authorizer/server/token"
	"github.com/stretchr/testify/assert"
)

func logoutTests(t *testing.T, s TestSetup) {
	t.Helper()
	t.Run(`should logout user`, func(t *testing.T) {
		req, ctx := createContext(s)
		email := "logout." + s.TestInfo.Email

		magicLoginRes, err := resolvers.MagicLinkLoginResolver(ctx, model.MagicLinkLoginInput{
			Email: email,
		})
		assert.NoError(t, err)
		assert.NotNil(t, magicLoginRes)
		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeMagicLinkLogin)
		assert.NoError(t, err)
		assert.NotNil(t, verificationRequest)
		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
			Token: verificationRequest.Token,
		})
		assert.NoError(t, err)
		assert.NotNil(t, verifyRes)
		accessToken := *verifyRes.AccessToken
		assert.NotEmpty(t, accessToken)
		// Test logout with access token
		req.Header.Set("Authorization", "Bearer "+accessToken)
		logoutRes, err := resolvers.LogoutResolver(ctx)
		assert.Nil(t, err)
		assert.NotNil(t, logoutRes)
		assert.NotEmpty(t, logoutRes.Message)
		req.Header.Set("Authorization", "")

		// Test logout with session cookie
		magicLoginRes, err = resolvers.MagicLinkLoginResolver(ctx, model.MagicLinkLoginInput{
			Email: email,
		})
		assert.NoError(t, err)
		assert.NotNil(t, magicLoginRes)
		verificationRequest, err = db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeMagicLinkLogin)
		assert.NoError(t, err)
		assert.NotNil(t, verificationRequest)
		verifyRes, err = resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
			Token: verificationRequest.Token,
		})
		assert.NoError(t, err)
		assert.NotNil(t, verifyRes)
		accessToken = *verifyRes.AccessToken
		assert.NotEmpty(t, accessToken)
		claims, err := token.ParseJWTToken(accessToken)
		assert.NoError(t, err)
		assert.NotEmpty(t, claims)
		loginMethod := claims["login_method"]
		sessionKey := verifyRes.User.ID
		if loginMethod != nil && loginMethod != "" {
			sessionKey = loginMethod.(string) + ":" + verifyRes.User.ID
		}

		sessionToken, err := memorystore.Provider.GetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+claims["nonce"].(string))
		assert.NoError(t, err)
		assert.NotEmpty(t, sessionToken)

		cookie := fmt.Sprintf("%s=%s;", constants.AppCookieName+"_session", sessionToken)
		cookie = strings.TrimSuffix(cookie, ";")

		req.Header.Set("Cookie", cookie)
		_, err = resolvers.LogoutResolver(ctx)
		assert.Nil(t, err)
		cleanData(email)
	})
}
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`package test`

			`import (`
Add _admin_signup mutation 2022-01-09 12:05:37 +00:00			`"fmt"`
fix: session invalidation 2022-06-11 13:40:39 +00:00			`"strings"`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`"testing"`

Add _admin_signup mutation 2022-01-09 12:05:37 +00:00			`"github.com/authorizerdev/authorizer/server/constants"`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`"github.com/authorizerdev/authorizer/server/db"`
			`"github.com/authorizerdev/authorizer/server/graph/model"`
fix: move sessionstore -> memstore 2022-05-27 17:50:38 +00:00			`"github.com/authorizerdev/authorizer/server/memorystore"`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`"github.com/authorizerdev/authorizer/server/resolvers"`
fix: user session access 2022-06-11 18:57:21 +00:00			`"github.com/authorizerdev/authorizer/server/token"`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`"github.com/stretchr/testify/assert"`
			`)`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`func logoutTests(t *testing.T, s TestSetup) {`
			`t.Helper()`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			t.Run(`should logout user`, func(t *testing.T) {
			`req, ctx := createContext(s)`
			`email := "logout." + s.TestInfo.Email`

fix: queries for webhooks + improve tests 2023-03-29 01:36:33 +00:00			`magicLoginRes, err := resolvers.MagicLinkLoginResolver(ctx, model.MagicLinkLoginInput{`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`Email: email,`
			`})`
fix: queries for webhooks + improve tests 2023-03-29 01:36:33 +00:00			`assert.NoError(t, err)`
			`assert.NotNil(t, magicLoginRes)`
feat: implement resolvers 2022-07-10 16:19:33 +00:00			`verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeMagicLinkLogin)`
fix: queries for webhooks + improve tests 2023-03-29 01:36:33 +00:00			`assert.NoError(t, err)`
			`assert.NotNil(t, verificationRequest)`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`Token: verificationRequest.Token,`
			`})`
fix: queries for webhooks + improve tests 2023-03-29 01:36:33 +00:00			`assert.NoError(t, err)`
			`assert.NotNil(t, verifyRes)`
fix: user session access 2022-06-11 18:57:21 +00:00			`accessToken := *verifyRes.AccessToken`
			`assert.NotEmpty(t, accessToken)`
fix: allow logout using access token 2023-12-14 16:42:03 +00:00			`// Test logout with access token`
			`req.Header.Set("Authorization", "Bearer "+accessToken)`
			`logoutRes, err := resolvers.LogoutResolver(ctx)`
			`assert.Nil(t, err)`
			`assert.NotNil(t, logoutRes)`
			`assert.NotEmpty(t, logoutRes.Message)`
			`req.Header.Set("Authorization", "")`

			`// Test logout with session cookie`
			`magicLoginRes, err = resolvers.MagicLinkLoginResolver(ctx, model.MagicLinkLoginInput{`
			`Email: email,`
			`})`
			`assert.NoError(t, err)`
			`assert.NotNil(t, magicLoginRes)`
			`verificationRequest, err = db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeMagicLinkLogin)`
			`assert.NoError(t, err)`
			`assert.NotNil(t, verificationRequest)`
			`verifyRes, err = resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{`
			`Token: verificationRequest.Token,`
			`})`
			`assert.NoError(t, err)`
			`assert.NotNil(t, verifyRes)`
			`accessToken = *verifyRes.AccessToken`
			`assert.NotEmpty(t, accessToken)`
fix: user session access 2022-06-11 18:57:21 +00:00			`claims, err := token.ParseJWTToken(accessToken)`
			`assert.NoError(t, err)`
			`assert.NotEmpty(t, claims)`
fix: add namespace to session token keys 2022-06-29 16:54:00 +00:00			`loginMethod := claims["login_method"]`
			`sessionKey := verifyRes.User.ID`
			`if loginMethod != nil && loginMethod != "" {`
			`sessionKey = loginMethod.(string) + ":" + verifyRes.User.ID`
			`}`

			`sessionToken, err := memorystore.Provider.GetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+claims["nonce"].(string))`
fix: session invalidation 2022-06-11 13:40:39 +00:00			`assert.NoError(t, err)`
fix: user session access 2022-06-11 18:57:21 +00:00			`assert.NotEmpty(t, sessionToken)`

			`cookie := fmt.Sprintf("%s=%s;", constants.AppCookieName+"_session", sessionToken)`
fix: session invalidation 2022-06-11 13:40:39 +00:00			`cookie = strings.TrimSuffix(cookie, ";")`
Implement refresh token logic with fingerprint + rotation 2022-01-22 19:54:41 +00:00
			`req.Header.Set("Cookie", cookie)`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`_, err = resolvers.LogoutResolver(ctx)`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`assert.Nil(t, err)`
			`cleanData(email)`
			`})`
			`}`