using MxGateway.Server.Security.Authentication; namespace MxGateway.Tests.Security.Authentication; public sealed class ApiKeyAdminCommandLineParserTests { [Fact] public void Parse_NonApiKeyCommand_ReturnsNotApiKeyCommand() { ApiKeyAdminParseResult result = ApiKeyAdminCommandLineParser.Parse(["--urls=http://localhost:5000"]); Assert.False(result.IsApiKeyCommand); Assert.Null(result.Command); } [Fact] public void Parse_CreateKeyCommand_ReturnsOptions() { ApiKeyAdminParseResult result = ApiKeyAdminCommandLineParser.Parse( [ "apikey", "create-key", "--key-id", "operator01", "--display-name", "Operator", "--scopes", "session:open,events:read", "--sqlite-path", "auth.db", "--pepper", "pepper", "--json" ]); Assert.True(result.IsApiKeyCommand); Assert.Null(result.Error); Assert.NotNull(result.Command); Assert.Equal(ApiKeyAdminCommandKind.CreateKey, result.Command.Kind); Assert.True(result.Command.Json); Assert.Equal("operator01", result.Command.KeyId); Assert.Equal("Operator", result.Command.DisplayName); Assert.Equal("auth.db", result.Command.SqlitePath); Assert.Equal("pepper", result.Command.Pepper); Assert.Contains("session:open", result.Command.Scopes); Assert.Contains("events:read", result.Command.Scopes); } [Fact] public void Parse_CreateKeyWithoutDisplayName_ReturnsError() { ApiKeyAdminParseResult result = ApiKeyAdminCommandLineParser.Parse( ["apikey", "create-key", "--key-id", "operator01"]); Assert.True(result.IsApiKeyCommand); Assert.Null(result.Command); Assert.Contains("--display-name", result.Error, StringComparison.Ordinal); } [Fact] public void Parse_KeyIdWithUnderscore_ReturnsError() { ApiKeyAdminParseResult result = ApiKeyAdminCommandLineParser.Parse( ["apikey", "revoke-key", "--key-id", "operator_01"]); Assert.True(result.IsApiKeyCommand); Assert.Null(result.Command); Assert.Contains("letters, numbers, periods, and hyphens", result.Error, StringComparison.Ordinal); } }