From 78454c5db5b9e4051ad5959b6d526295d481d7f2 Mon Sep 17 00:00:00 2001
From: Hubert Van De Walle <hubv@protonmail.com>
Date: Mon, 15 Jun 2020 16:20:38 +0200
Subject: [PATCH] Test login

---
 .../routing/AuthControllerKtTest.kt           | 113 ++++++++++++++++++
 api/test/utils/OrgJsonExtensions.kt           |   5 +
 2 files changed, 118 insertions(+)
 create mode 100644 api/test/integration/routing/AuthControllerKtTest.kt
 create mode 100644 api/test/utils/OrgJsonExtensions.kt

diff --git a/api/test/integration/routing/AuthControllerKtTest.kt b/api/test/integration/routing/AuthControllerKtTest.kt
new file mode 100644
index 0000000..5c7956b
--- /dev/null
+++ b/api/test/integration/routing/AuthControllerKtTest.kt
@@ -0,0 +1,113 @@
+package integration.routing
+
+import be.vandewalleh.auth.SimpleJWT
+import be.vandewalleh.entities.User
+import be.vandewalleh.mainModule
+import be.vandewalleh.module
+import be.vandewalleh.services.UserService
+import com.auth0.jwt.exceptions.JWTVerificationException
+import io.ktor.http.*
+import io.ktor.server.testing.*
+import io.mockk.every
+import io.mockk.mockk
+import org.amshove.kluent.*
+import org.json.JSONObject
+import org.junit.jupiter.api.*
+import org.kodein.di.Kodein
+import org.kodein.di.generic.bind
+import org.kodein.di.generic.instance
+import org.mindrot.jbcrypt.BCrypt
+import utils.*
+
+@TestInstance(TestInstance.Lifecycle.PER_CLASS)
+class AuthControllerKtTest {
+
+    private val userService = mockk<UserService>()
+
+    init {
+
+        val user = User {
+            password = BCrypt.hashpw("password", BCrypt.gensalt())
+            username = "existing"
+        }
+        user["id"] = 1
+
+        every { userService.getFromUsername("existing") } returns user
+
+
+        val user2 = User {
+            password = BCrypt.hashpw("right password", BCrypt.gensalt())
+            username = "wrong"
+        }
+        user["id"] = 2
+        every { userService.getFromUsername("wrong") } returns user2
+
+        every { userService.getFromUsername("notExisting") } returns null
+    }
+
+
+    private val kodein = Kodein {
+        import(mainModule, allowOverride = true)
+        bind<UserService>(overrides = true) with instance(userService)
+    }
+
+    private val testEngine = TestApplicationEngine().apply {
+        start()
+        application.module(kodein)
+    }
+
+    @Nested
+    inner class Login {
+        @Test
+        fun `login existing user with valid password`() {
+            val res = testEngine.post("/user/login") {
+                json {
+                    it["username"] = "existing"
+                    it["password"] = "password"
+                }
+            }
+            res.status() `should be equal to` HttpStatusCode.OK
+            val jsonObject = JSONObject(res.content)
+
+            val hasToken = jsonObject.has("token")
+            hasToken `should be equal to` true
+
+            jsonObject.keyList() `should be equal to` listOf("token", "refreshToken")
+
+            val authJwt by kodein.instance<SimpleJWT>(tag = "auth")
+            val token = jsonObject.getString("token")
+            authJwt.verifier.verify(token)
+
+            val refreshJwt by kodein.instance<SimpleJWT>(tag = "refresh")
+            val refreshToken = jsonObject.getString("refreshToken")
+            refreshJwt.verifier.verify(refreshToken)
+        }
+
+        @Test
+        fun `login existing user with invalid password`() {
+            val res = testEngine.post("/user/login") {
+                json {
+                    it["username"] = "wrong"
+                    it["password"] = "not this"
+                }
+            }
+            res.status() `should be equal to` HttpStatusCode.Unauthorized
+            res.content `should strictly be equal to json` """{msg: "Unauthorized"}"""
+        }
+
+        @Test
+        fun `login not existing user`() {
+            val res = testEngine.post("/user/login") {
+                json {
+                    it["username"] = "notExisting"
+                    it["password"] = "babababa"
+                }
+            }
+            res.status() `should be equal to` HttpStatusCode.Unauthorized
+            res.content `should strictly be equal to json` """{msg: "Unauthorized"}"""
+        }
+
+    }
+
+
+}
diff --git a/api/test/utils/OrgJsonExtensions.kt b/api/test/utils/OrgJsonExtensions.kt
new file mode 100644
index 0000000..123ee6d
--- /dev/null
+++ b/api/test/utils/OrgJsonExtensions.kt
@@ -0,0 +1,5 @@
+package utils
+
+import org.json.JSONObject
+
+fun JSONObject.keyList(): List<Any?> = keys().asSequence().toList()