authorizer/server/test/session_test.go

package test

import (
	"fmt"
	"strings"
	"testing"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/envstore"
	"github.com/authorizerdev/authorizer/server/graph/model"
	"github.com/authorizerdev/authorizer/server/resolvers"
	"github.com/authorizerdev/authorizer/server/sessionstore"
	"github.com/stretchr/testify/assert"
)

func sessionTests(t *testing.T, s TestSetup) {
	t.Helper()
	t.Run(`should allow access to profile with session only`, func(t *testing.T) {
		req, ctx := createContext(s)
		email := "session." + s.TestInfo.Email

		resolvers.SignupResolver(ctx, model.SignUpInput{
			Email:           email,
			Password:        s.TestInfo.Password,
			ConfirmPassword: s.TestInfo.Password,
		})

		_, err := resolvers.SessionResolver(ctx, &model.SessionQueryInput{})
		assert.NotNil(t, err, "unauthorized")

		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeBasicAuthSignup)
		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
			Token: verificationRequest.Token,
		})

		sessions := sessionstore.GetUserSessions(verifyRes.User.ID)
		cookie := ""
		token := *verifyRes.AccessToken
		// set all they keys in cookie one of them should be session cookie
		for key := range sessions {
			if key != token {
				cookie += fmt.Sprintf("%s=%s;", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", key)
			}
		}
		cookie = strings.TrimSuffix(cookie, ";")

		req.Header.Set("Cookie", cookie)

		_, err = resolvers.SessionResolver(ctx, &model.SessionQueryInput{})
		assert.Nil(t, err)

		cleanData(email)
	})
}
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`package test`

			`import (`
Add _admin_signup mutation 2022-01-09 12:05:37 +00:00			`"fmt"`
fix: auth flow 2022-03-02 12:12:31 +00:00			`"strings"`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`"testing"`

Add _admin_signup mutation 2022-01-09 12:05:37 +00:00			`"github.com/authorizerdev/authorizer/server/constants"`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`"github.com/authorizerdev/authorizer/server/db"`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`"github.com/authorizerdev/authorizer/server/envstore"`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`"github.com/authorizerdev/authorizer/server/graph/model"`
			`"github.com/authorizerdev/authorizer/server/resolvers"`
Implement refresh token logic with fingerprint + rotation 2022-01-22 19:54:41 +00:00			`"github.com/authorizerdev/authorizer/server/sessionstore"`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`"github.com/stretchr/testify/assert"`
			`)`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`func sessionTests(t *testing.T, s TestSetup) {`
			`t.Helper()`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			t.Run(`should allow access to profile with session only`, func(t *testing.T) {
			`req, ctx := createContext(s)`
			`email := "session." + s.TestInfo.Email`

Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`resolvers.SignupResolver(ctx, model.SignUpInput{`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`Email: email,`
			`Password: s.TestInfo.Password,`
			`ConfirmPassword: s.TestInfo.Password,`
			`})`

feat(server): add is_valid_jwt query 2022-01-23 19:02:06 +00:00			`_, err := resolvers.SessionResolver(ctx, &model.SessionQueryInput{})`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`assert.NotNil(t, err, "unauthorized")`

fix: update to use db.Provider 2022-01-21 08:04:04 +00:00			`verificationRequest, err := db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeBasicAuthSignup)`
Feat/dashboard (#105) 2022-01-17 06:02:13 +00:00			`verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`Token: verificationRequest.Token,`
			`})`

Implement refresh token logic with fingerprint + rotation 2022-01-22 19:54:41 +00:00			`sessions := sessionstore.GetUserSessions(verifyRes.User.ID)`
fix: auth flow 2022-03-02 12:12:31 +00:00			`cookie := ""`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`token := *verifyRes.AccessToken`
fix: auth flow 2022-03-02 12:12:31 +00:00			`// set all they keys in cookie one of them should be session cookie`
			`for key := range sessions {`
			`if key != token {`
			`cookie += fmt.Sprintf("%s=%s;", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", key)`
			`}`
			`}`
			`cookie = strings.TrimSuffix(cookie, ";")`
Add _admin_signup mutation 2022-01-09 12:05:37 +00:00
Implement refresh token logic with fingerprint + rotation 2022-01-22 19:54:41 +00:00			`req.Header.Set("Cookie", cookie)`

feat(server): add is_valid_jwt query 2022-01-23 19:02:06 +00:00			`_, err = resolvers.SessionResolver(ctx, &model.SessionQueryInput{})`
feat: add tests for all resolvers 2021-12-24 00:57:39 +00:00			`assert.Nil(t, err)`

			`cleanData(email)`
			`})`
			`}`