dohertj2/jdescopingtool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: use ApiRoutes constants in AuthenticationTests

Browse Source 
Replace hardcoded route strings with ApiRoutes.* constants:
- ApiRoutes.Auth.PublicKey, Login, Logout, Me
- ApiRoutes.Search.Base
- ApiRoutes.Lookup.Items, ProfitCenters, WorkCenters, Operators
This commit is contained in:
Joseph Doherty
2026-01-06 11:12:17 -05:00
parent 6bd6138b2a
commit 13976dea3b
1 changed files with 16 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
NEW/tests/JdeScoping.Api.IntegrationTests/AuthenticationTests.cs
+16 -15
View File
@@ -3,6 +3,7 @@ using System.Net.Http.Json;
using System.Security.Cryptography; using System.Security.Cryptography;
using System.Text; using System.Text;
using System.Text.Json; using System.Text.Json;
using JdeScoping.Core.ApiContracts;
using JdeScoping.Core.Models; using JdeScoping.Core.Models;
using JdeScoping.Core.Models.Auth; using JdeScoping.Core.Models.Auth;
using Microsoft.AspNetCore.Mvc.Testing; using Microsoft.AspNetCore.Mvc.Testing;
@@ -35,7 +36,7 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
private async Task<EncryptedLoginRequest> EncryptLoginAsync(HttpClient client, string username, string password) private async Task<EncryptedLoginRequest> EncryptLoginAsync(HttpClient client, string username, string password)
{ {
// Step 1: Fetch the public key from the server // Step 1: Fetch the public key from the server
var publicKeyResponse = await client.GetFromJsonAsync<PublicKeyResponse>("/api/auth/public-key"); var publicKeyResponse = await client.GetFromJsonAsync<PublicKeyResponse>($"/{ApiRoutes.Auth.PublicKey}");
publicKeyResponse.ShouldNotBeNull(); publicKeyResponse.ShouldNotBeNull();
publicKeyResponse.PublicKeyPem.ShouldStartWith("-----BEGIN PUBLIC KEY-----"); publicKeyResponse.PublicKeyPem.ShouldStartWith("-----BEGIN PUBLIC KEY-----");
@@ -56,7 +57,7 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
public async Task GetPublicKey_ReturnsValidPemKey() public async Task GetPublicKey_ReturnsValidPemKey()
{ {
// Act // Act
var response = await _client.GetAsync("/api/auth/public-key"); var response = await _client.GetAsync($"/{ApiRoutes.Auth.PublicKey}");
// Assert // Assert
response.StatusCode.ShouldBe(HttpStatusCode.OK); response.StatusCode.ShouldBe(HttpStatusCode.OK);
@@ -71,7 +72,7 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
{ {
// Step 1: Login with encrypted credentials // Step 1: Login with encrypted credentials
var encryptedRequest = await EncryptLoginAsync(_client, "testuser", "testpass"); var encryptedRequest = await EncryptLoginAsync(_client, "testuser", "testpass");
var loginResponse = await _client.PostAsJsonAsync("/api/auth/login", encryptedRequest); var loginResponse = await _client.PostAsJsonAsync($"/{ApiRoutes.Auth.Login}", encryptedRequest);
loginResponse.StatusCode.ShouldBe(HttpStatusCode.OK); loginResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
var loginResult = await loginResponse.Content.ReadFromJsonAsync<LoginResultModel>(); var loginResult = await loginResponse.Content.ReadFromJsonAsync<LoginResultModel>();
@@ -81,18 +82,18 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
loginResult.User.Username.ShouldBe("testuser"); loginResult.User.Username.ShouldBe("testuser");
// Step 2: Verify we can access protected endpoint // Step 2: Verify we can access protected endpoint
var meResponse = await _client.GetAsync("/api/auth/me"); var meResponse = await _client.GetAsync($"/{ApiRoutes.Auth.Me}");
meResponse.StatusCode.ShouldBe(HttpStatusCode.OK); meResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
var meUser = await meResponse.Content.ReadFromJsonAsync<UserInfo>(); var meUser = await meResponse.Content.ReadFromJsonAsync<UserInfo>();
meUser.ShouldNotBeNull(); meUser.ShouldNotBeNull();
meUser.Username.ShouldBe("testuser"); meUser.Username.ShouldBe("testuser");
// Step 3: Logout // Step 3: Logout
var logoutResponse = await _client.PostAsync("/api/auth/logout", null); var logoutResponse = await _client.PostAsync($"/{ApiRoutes.Auth.Logout}", null);
logoutResponse.StatusCode.ShouldBe(HttpStatusCode.OK); logoutResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
// Step 4: Verify protected endpoint returns 401 after logout // Step 4: Verify protected endpoint returns 401 after logout
var afterLogoutResponse = await _client.GetAsync("/api/auth/me"); var afterLogoutResponse = await _client.GetAsync($"/{ApiRoutes.Auth.Me}");
afterLogoutResponse.StatusCode.ShouldBe(HttpStatusCode.Unauthorized); afterLogoutResponse.StatusCode.ShouldBe(HttpStatusCode.Unauthorized);
} }
@@ -107,11 +108,11 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
}); });
// Search endpoints require auth // Search endpoints require auth
var searchResponse = await freshClient.GetAsync("/api/search"); var searchResponse = await freshClient.GetAsync($"/{ApiRoutes.Search.Base}");
searchResponse.StatusCode.ShouldBe(HttpStatusCode.Unauthorized); searchResponse.StatusCode.ShouldBe(HttpStatusCode.Unauthorized);
// Auth me endpoint requires auth // Auth me endpoint requires auth
var meResponse = await freshClient.GetAsync("/api/auth/me"); var meResponse = await freshClient.GetAsync($"/{ApiRoutes.Auth.Me}");
meResponse.StatusCode.ShouldBe(HttpStatusCode.Unauthorized); meResponse.StatusCode.ShouldBe(HttpStatusCode.Unauthorized);
} }
@@ -120,7 +121,7 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
{ {
// Login first with encrypted credentials // Login first with encrypted credentials
var encryptedRequest = await EncryptLoginAsync(_client, "testuser", "testpass"); var encryptedRequest = await EncryptLoginAsync(_client, "testuser", "testpass");
var loginResponse = await _client.PostAsJsonAsync("/api/auth/login", encryptedRequest); var loginResponse = await _client.PostAsJsonAsync($"/{ApiRoutes.Auth.Login}", encryptedRequest);
loginResponse.StatusCode.ShouldBe(HttpStatusCode.OK); loginResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
var loginResult = await loginResponse.Content.ReadFromJsonAsync<LoginResultModel>(); var loginResult = await loginResponse.Content.ReadFromJsonAsync<LoginResultModel>();
@@ -128,7 +129,7 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
loginResult.Success.ShouldBeTrue(); loginResult.Success.ShouldBeTrue();
// Now search endpoint should work // Now search endpoint should work
var searchResponse = await _client.GetAsync("/api/search"); var searchResponse = await _client.GetAsync($"/{ApiRoutes.Search.Base}");
searchResponse.StatusCode.ShouldBe(HttpStatusCode.OK); searchResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
} }
@@ -143,16 +144,16 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
}); });
// Lookup endpoints should work without auth // Lookup endpoints should work without auth
var itemsResponse = await freshClient.GetAsync("/api/lookup/items?q=test"); var itemsResponse = await freshClient.GetAsync($"/{ApiRoutes.Lookup.Items}?q=test");
itemsResponse.StatusCode.ShouldBe(HttpStatusCode.OK); itemsResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
var profitCentersResponse = await freshClient.GetAsync("/api/lookup/profit-centers?q=test"); var profitCentersResponse = await freshClient.GetAsync($"/{ApiRoutes.Lookup.ProfitCenters}?q=test");
profitCentersResponse.StatusCode.ShouldBe(HttpStatusCode.OK); profitCentersResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
var workCentersResponse = await freshClient.GetAsync("/api/lookup/work-centers?q=test"); var workCentersResponse = await freshClient.GetAsync($"/{ApiRoutes.Lookup.WorkCenters}?q=test");
workCentersResponse.StatusCode.ShouldBe(HttpStatusCode.OK); workCentersResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
var operatorsResponse = await freshClient.GetAsync("/api/lookup/operators?q=test"); var operatorsResponse = await freshClient.GetAsync($"/{ApiRoutes.Lookup.Operators}?q=test");
operatorsResponse.StatusCode.ShouldBe(HttpStatusCode.OK); operatorsResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
} }
@@ -163,7 +164,7 @@ public class AuthenticationTests : IClassFixture<TestWebApplicationFactory>
var invalidRequest = new EncryptedLoginRequest("not-valid-base64!!!"); var invalidRequest = new EncryptedLoginRequest("not-valid-base64!!!");
// Act // Act
var response = await _client.PostAsJsonAsync("/api/auth/login", invalidRequest); var response = await _client.PostAsJsonAsync($"/{ApiRoutes.Auth.Login}", invalidRequest);
// Assert // Assert
response.StatusCode.ShouldBe(HttpStatusCode.BadRequest); response.StatusCode.ShouldBe(HttpStatusCode.BadRequest);