forked from cardosofelipe/fast-next-template
Replace crypto tests with comprehensive unit tests for authStore, storage, and configuration modules
- Removed outdated `crypto` tests; added dedicated and structured tests for `authStore`, `storage`, and `app.config`. - Enhanced test coverage for user and token validation, secure persistence, state management, and configuration parsing. - Consolidated encryption and storage error handling with thorough validation to ensure SSR-safety and resilience. - Improved runtime validations for tokens and configuration with stricter type checks and fallback mechanisms.
This commit is contained in:
Felipe Cardoso
141
frontend/tests/lib/auth/storage.test.ts
Normal file
141
frontend/tests/lib/auth/storage.test.ts
Normal file
@@ -0,0 +1,141 @@
|
||||
/**
|
||||
* Tests for secure storage module
|
||||
*/
|
||||
|
||||
import { saveTokens, getTokens, clearTokens, isStorageAvailable } from '@/lib/auth/storage';
|
||||
|
||||
// Mock crypto functions for testing
|
||||
jest.mock('@/lib/auth/crypto', () => ({
|
||||
encryptData: jest.fn((data: string) => Promise.resolve(`encrypted_${data}`)),
|
||||
decryptData: jest.fn((data: string) => Promise.resolve(data.replace('encrypted_', ''))),
|
||||
clearEncryptionKey: jest.fn(),
|
||||
}));
|
||||
|
||||
describe('Storage Module', () => {
|
||||
beforeEach(() => {
|
||||
localStorage.clear();
|
||||
sessionStorage.clear();
|
||||
jest.clearAllMocks();
|
||||
});
|
||||
|
||||
describe('isStorageAvailable', () => {
|
||||
it('should return true when localStorage is available', () => {
|
||||
expect(isStorageAvailable()).toBe(true);
|
||||
});
|
||||
|
||||
it('should handle quota exceeded errors gracefully', () => {
|
||||
const originalSetItem = Storage.prototype.setItem;
|
||||
Storage.prototype.setItem = jest.fn(() => {
|
||||
throw new Error('QuotaExceededError');
|
||||
});
|
||||
|
||||
expect(isStorageAvailable()).toBe(false);
|
||||
|
||||
Storage.prototype.setItem = originalSetItem;
|
||||
});
|
||||
});
|
||||
|
||||
describe('saveTokens and getTokens', () => {
|
||||
it('should save and retrieve tokens', async () => {
|
||||
const tokens = {
|
||||
accessToken: 'test.access.token',
|
||||
refreshToken: 'test.refresh.token',
|
||||
};
|
||||
|
||||
await saveTokens(tokens);
|
||||
const retrieved = await getTokens();
|
||||
|
||||
expect(retrieved).toEqual(tokens);
|
||||
});
|
||||
|
||||
it('should return null when no tokens are stored', async () => {
|
||||
const result = await getTokens();
|
||||
expect(result).toBeNull();
|
||||
});
|
||||
|
||||
it('should handle corrupted data gracefully', async () => {
|
||||
// Manually set invalid encrypted data
|
||||
localStorage.setItem('auth_tokens', 'invalid_encrypted_data');
|
||||
|
||||
const { decryptData } = require('@/lib/auth/crypto');
|
||||
decryptData.mockRejectedValueOnce(new Error('Decryption failed'));
|
||||
|
||||
const result = await getTokens();
|
||||
expect(result).toBeNull();
|
||||
|
||||
// Should clear corrupted data
|
||||
expect(localStorage.getItem('auth_tokens')).toBeNull();
|
||||
});
|
||||
|
||||
it('should validate token structure after decryption', async () => {
|
||||
const { decryptData } = require('@/lib/auth/crypto');
|
||||
|
||||
// Mock decryptData to return invalid structure
|
||||
decryptData.mockResolvedValueOnce('not_an_object');
|
||||
|
||||
localStorage.setItem('auth_tokens', 'encrypted_data');
|
||||
|
||||
const result = await getTokens();
|
||||
expect(result).toBeNull();
|
||||
});
|
||||
|
||||
it('should reject tokens with missing fields', async () => {
|
||||
const { decryptData } = require('@/lib/auth/crypto');
|
||||
|
||||
// Mock decryptData to return incomplete tokens
|
||||
decryptData.mockResolvedValueOnce(JSON.stringify({ accessToken: 'only_access' }));
|
||||
|
||||
localStorage.setItem('auth_tokens', 'encrypted_data');
|
||||
|
||||
const result = await getTokens();
|
||||
|
||||
// Should still return the object (validation is minimal)
|
||||
expect(result).toEqual({ accessToken: 'only_access' });
|
||||
});
|
||||
});
|
||||
|
||||
describe('clearTokens', () => {
|
||||
it('should clear all stored tokens', async () => {
|
||||
const tokens = {
|
||||
accessToken: 'test.access.token',
|
||||
refreshToken: 'test.refresh.token',
|
||||
};
|
||||
|
||||
await saveTokens(tokens);
|
||||
expect(localStorage.getItem('auth_tokens')).not.toBeNull();
|
||||
|
||||
await clearTokens();
|
||||
expect(localStorage.getItem('auth_tokens')).toBeNull();
|
||||
});
|
||||
|
||||
it('should not throw if no tokens exist', async () => {
|
||||
await expect(clearTokens()).resolves.not.toThrow();
|
||||
});
|
||||
|
||||
it('should call clearEncryptionKey', async () => {
|
||||
const { clearEncryptionKey } = require('@/lib/auth/crypto');
|
||||
|
||||
await clearTokens();
|
||||
|
||||
expect(clearEncryptionKey).toHaveBeenCalled();
|
||||
});
|
||||
});
|
||||
|
||||
describe('Error handling', () => {
|
||||
it('should throw clear error when localStorage not available', async () => {
|
||||
const originalSetItem = Storage.prototype.setItem;
|
||||
Storage.prototype.setItem = jest.fn(() => {
|
||||
throw new Error('localStorage disabled');
|
||||
});
|
||||
|
||||
const tokens = {
|
||||
accessToken: 'test.access.token',
|
||||
refreshToken: 'test.refresh.token',
|
||||
};
|
||||
|
||||
await expect(saveTokens(tokens)).rejects.toThrow('Token storage failed');
|
||||
|
||||
Storage.prototype.setItem = originalSetItem;
|
||||
});
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user