dohertj2/jdescopingtool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
78e67c2aab359e1234e19aa59c82e4fa0c0f74c5
jdescopingtool/NEW/tests/JdeScoping.Ui.Tests/AuthApiSmokeTests.cs
T
Joseph Doherty 78e67c2aab Migrate UI tests to Playwright dotta
2026-02-10 07:47:48 -05:00

56 lines
2.3 KiB
C#
Raw Blame History

using System.Net;
using System.Net.Http.Json;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;
using JdeScoping.Core.Models.Auth;
using JdeScoping.Ui.Tests.Support;
namespace JdeScoping.Ui.Tests;
/// <summary>
/// API-level smoke tests for the authentication endpoint against the Docker host.
/// Validates the RSA public-key exchange, encrypted login, and session cookie flow.
/// Requires a running Docker host (Category: RequiresDockerHost).
/// </summary>
public class AuthApiSmokeTests
{
/// <summary>
/// Verifies the full login flow: fetch public key, encrypt credentials, POST login, and confirm session via /me.
/// </summary>
/// <remarks>
/// Steps:
/// <list type="number">
/// <item>Create an HttpClient with a CookieContainer for session tracking.</item>
/// <item>GET /api/auth/public-key and verify the PEM response.</item>
/// <item>RSA-encrypt a test login payload using the returned public key.</item>
/// <item>POST /api/auth/login with the encrypted payload and assert HTTP 200.</item>
/// <item>GET /api/auth/me and assert HTTP 200 (session is authenticated).</item>
/// </list>
/// </remarks>
[Fact]
[Trait("Category", "RequiresDockerHost")]
public async Task AuthApi_Login_WorksAgainstDockerHost()
{
var cookies = new CookieContainer();
using var handler = new HttpClientHandler { CookieContainer = cookies };
using var client = new HttpClient(handler) { BaseAddress = new Uri(UiTestSettings.BaseUrl) };
var key = await client.GetFromJsonAsync<PublicKeyResponse>("api/auth/public-key");
Assert.NotNull(key);
Assert.Contains("BEGIN PUBLIC KEY", key!.PublicKeyPem);
string payload = JsonSerializer.Serialize(new LoginModel { Username = "testuser", Password = "testpass" });
using var rsa = RSA.Create();
rsa.ImportFromPem(key.PublicKeyPem);
byte[] encrypted = rsa.Encrypt(Encoding.UTF8.GetBytes(payload), RSAEncryptionPadding.OaepSHA256);
var login = await client.PostAsJsonAsync("api/auth/login",
new EncryptedLoginRequest(Convert.ToBase64String(encrypted)));
Assert.Equal(HttpStatusCode.OK, login.StatusCode);
var me = await client.GetAsync("api/auth/me");
Assert.Equal(HttpStatusCode.OK, me.StatusCode);
}
}
Reference in New Issue View Git Blame Copy Permalink