ee938ce6a6
- Introduced comprehensive tests for `RegisterForm`, `PasswordResetRequestForm`, and `PasswordResetConfirmForm` covering successful submissions, validation errors, and API error handling. - Refactored forms to handle unexpected errors gracefully and improve test coverage for edge cases. - Updated `crypto` and `storage` modules with robust error handling for storage issues and encryption key management. - Removed unused `axios-mock-adapter` dependency for cleaner dependency management.
158 lines
4.9 KiB
TypeScript
158 lines
4.9 KiB
TypeScript
/**
|
|
* Tests for crypto utilities
|
|
*/
|
|
|
|
import { encryptData, decryptData, clearEncryptionKey } from '@/lib/auth/crypto';
|
|
|
|
describe('Crypto Utilities', () => {
|
|
beforeEach(() => {
|
|
// Clear encryption key before each test
|
|
clearEncryptionKey();
|
|
sessionStorage.clear();
|
|
});
|
|
|
|
describe('encryptData', () => {
|
|
it('should encrypt string data', async () => {
|
|
const plaintext = 'test data';
|
|
const encrypted = await encryptData(plaintext);
|
|
|
|
expect(encrypted).toBeDefined();
|
|
expect(typeof encrypted).toBe('string');
|
|
expect(encrypted).not.toBe(plaintext);
|
|
});
|
|
|
|
it('should produce different ciphertext for same plaintext', async () => {
|
|
const plaintext = 'test data';
|
|
const encrypted1 = await encryptData(plaintext);
|
|
const encrypted2 = await encryptData(plaintext);
|
|
|
|
// Due to random IV, ciphertexts should be different
|
|
expect(encrypted1).not.toBe(encrypted2);
|
|
});
|
|
|
|
it('should handle empty strings', async () => {
|
|
const encrypted = await encryptData('');
|
|
expect(encrypted).toBeDefined();
|
|
});
|
|
|
|
it('should handle special characters', async () => {
|
|
const special = '!@#$%^&*()_+-=[]{}|;:",.<>?/~`';
|
|
const encrypted = await encryptData(special);
|
|
const decrypted = await decryptData(encrypted);
|
|
|
|
expect(decrypted).toBe(special);
|
|
});
|
|
});
|
|
|
|
describe('decryptData', () => {
|
|
it('should decrypt data encrypted by encryptData', async () => {
|
|
const plaintext = 'test data';
|
|
const encrypted = await encryptData(plaintext);
|
|
const decrypted = await decryptData(encrypted);
|
|
|
|
expect(decrypted).toBe(plaintext);
|
|
});
|
|
|
|
it('should throw error for invalid encrypted data', async () => {
|
|
await expect(decryptData('invalid')).rejects.toThrow();
|
|
});
|
|
|
|
it('should throw error for tampered data', async () => {
|
|
const plaintext = 'test data';
|
|
const encrypted = await encryptData(plaintext);
|
|
|
|
// Tamper with encrypted data
|
|
const tampered = encrypted.slice(0, -4) + 'XXXX';
|
|
|
|
await expect(decryptData(tampered)).rejects.toThrow();
|
|
});
|
|
});
|
|
|
|
describe('clearEncryptionKey', () => {
|
|
it('should clear encryption key from session', async () => {
|
|
// Encrypt some data (creates key)
|
|
await encryptData('test');
|
|
|
|
// Clear key
|
|
clearEncryptionKey();
|
|
|
|
// Session storage should be empty
|
|
expect(sessionStorage.getItem('auth_encryption_key')).toBeNull();
|
|
});
|
|
|
|
it('should invalidate previously encrypted data after key cleared', async () => {
|
|
const plaintext = 'test data';
|
|
const encrypted = await encryptData(plaintext);
|
|
|
|
// Clear key
|
|
clearEncryptionKey();
|
|
|
|
// Try to decrypt - should fail because key is regenerated
|
|
await expect(decryptData(encrypted)).rejects.toThrow();
|
|
});
|
|
});
|
|
|
|
describe('Key persistence', () => {
|
|
it('should reuse same key within session', async () => {
|
|
const plaintext = 'test data';
|
|
|
|
const encrypted1 = await encryptData(plaintext);
|
|
const decrypted1 = await decryptData(encrypted1);
|
|
|
|
const encrypted2 = await encryptData(plaintext);
|
|
const decrypted2 = await decryptData(encrypted2);
|
|
|
|
expect(decrypted1).toBe(plaintext);
|
|
expect(decrypted2).toBe(plaintext);
|
|
});
|
|
|
|
it('should handle corrupted stored key gracefully', async () => {
|
|
// Store invalid key data in sessionStorage
|
|
sessionStorage.setItem('auth_encryption_key', 'invalid-json-data{]');
|
|
|
|
// Should generate new key and encrypt successfully
|
|
const plaintext = 'test data';
|
|
const encrypted = await encryptData(plaintext);
|
|
const decrypted = await decryptData(encrypted);
|
|
|
|
expect(decrypted).toBe(plaintext);
|
|
// Key should have been regenerated
|
|
expect(sessionStorage.getItem('auth_encryption_key')).not.toBe('invalid-json-data{]');
|
|
});
|
|
|
|
it('should handle sessionStorage.setItem errors when storing key', async () => {
|
|
// Mock setItem to throw error
|
|
const originalSetItem = sessionStorage.setItem;
|
|
sessionStorage.setItem = jest.fn(() => {
|
|
throw new Error('Storage quota exceeded');
|
|
});
|
|
|
|
// Should still work even if key can't be stored
|
|
const plaintext = 'test data';
|
|
const encrypted = await encryptData(plaintext);
|
|
|
|
// Restore for decryption (which needs to get the key)
|
|
sessionStorage.setItem = originalSetItem;
|
|
|
|
// Should succeed despite storage error (key is kept in memory for the session)
|
|
expect(encrypted).toBeTruthy();
|
|
});
|
|
});
|
|
|
|
describe('Error handling', () => {
|
|
it('should handle clearEncryptionKey errors gracefully', () => {
|
|
// Mock removeItem to throw error
|
|
const originalRemoveItem = sessionStorage.removeItem;
|
|
sessionStorage.removeItem = jest.fn(() => {
|
|
throw new Error('Storage access denied');
|
|
});
|
|
|
|
// Should not throw, just warn
|
|
expect(() => clearEncryptionKey()).not.toThrow();
|
|
|
|
// Restore
|
|
sessionStorage.removeItem = originalRemoveItem;
|
|
});
|
|
});
|
|
});
|