-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathauth_validation_test.go
More file actions
123 lines (100 loc) · 4.07 KB
/
auth_validation_test.go
File metadata and controls
123 lines (100 loc) · 4.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
package cmd
import (
"context"
"errors"
"os"
"strings"
"testing"
"github.com/timescale/tiger-cli/internal/tiger/config"
)
func TestAuthLogin_APIKeyValidationFailure(t *testing.T) {
// Set up test environment but don't use setupAuthTest since we want to test validation failure
tmpDir, err := os.MkdirTemp("", "tiger-auth-test-*")
if err != nil {
t.Fatalf("Failed to create temp dir: %v", err)
}
defer os.RemoveAll(tmpDir)
// Use a unique service name for this test
config.SetTestServiceName(t)
originalValidator := validateAPIKeyForLogin
// Mock the validator to return an error
validateAPIKeyForLogin = func(ctx context.Context, apiKey, projectID string) error {
return errors.New("invalid API key: authentication failed")
}
defer func() {
validateAPIKeyForLogin = originalValidator
}()
// Initialize viper with test directory BEFORE calling RemoveCredentials()
// This ensures RemoveCredentials() operates on the test directory, not the user's real directory
if _, err := config.UseTestConfig(tmpDir, map[string]any{}); err != nil {
t.Fatalf("Failed to use test config: %v", err)
}
// Clean up credentials
config.RemoveCredentials()
defer config.RemoveCredentials()
// Execute login command with public and secret key flags - should fail validation
output, err := executeAuthCommand(t.Context(), "auth", "login", "--public-key", "invalid-public", "--secret-key", "invalid-secret", "--project-id", "test-project-invalid")
if err == nil {
t.Fatal("Expected login to fail with invalid keys, but it succeeded")
}
expectedErrorMsg := "API key validation failed: invalid API key: authentication failed"
if !strings.Contains(err.Error(), expectedErrorMsg) {
t.Errorf("Expected error to contain %q, got: %v", expectedErrorMsg, err)
}
// Verify that output contains validation message
if !strings.Contains(output, "Validating API key...") {
t.Errorf("Expected output to contain validation message, got: %s", output)
}
// Verify that no credentials were stored
if _, _, err := config.GetCredentials(); err == nil {
t.Error("Credentials should not be stored when validation fails")
}
}
func TestAuthLogin_APIKeyValidationSuccess(t *testing.T) {
// Set up test environment
tmpDir, err := os.MkdirTemp("", "tiger-auth-test-*")
if err != nil {
t.Fatalf("Failed to create temp dir: %v", err)
}
defer os.RemoveAll(tmpDir)
// Use a unique service name for this test
config.SetTestServiceName(t)
originalValidator := validateAPIKeyForLogin
// Mock the validator to return success
validateAPIKeyForLogin = func(ctx context.Context, apiKey, projectID string) error {
return nil // Success
}
defer func() {
validateAPIKeyForLogin = originalValidator
}()
// Initialize viper with test directory BEFORE calling RemoveCredentials()
// This ensures RemoveCredentials() operates on the test directory, not the user's real directory
if _, err := config.UseTestConfig(tmpDir, map[string]any{}); err != nil {
t.Fatalf("Failed to use test config: %v", err)
}
// Clean up credentials
config.RemoveCredentials()
defer config.RemoveCredentials()
// Execute login command with public and secret key flags - should succeed
output, err := executeAuthCommand(t.Context(), "auth", "login", "--public-key", "valid-public", "--secret-key", "valid-secret", "--project-id", "test-project-valid")
if err != nil {
t.Fatalf("Expected login to succeed with valid keys, got error: %v", err)
}
expectedOutput := "Validating API key...\nSuccessfully logged in (project: test-project-valid)\n" + nextStepsMessage
if output != expectedOutput {
t.Errorf("Expected output %q, got %q", expectedOutput, output)
}
// Verify that credentials were stored
expectedAPIKey := "valid-public:valid-secret"
expectedProjectID := "test-project-valid"
apiKey, projectID, err := config.GetCredentials()
if err != nil {
t.Fatalf("Credentials not stored in keyring or file: %v", err)
}
if apiKey != expectedAPIKey {
t.Errorf("Expected API key '%s', got '%s'", expectedAPIKey, apiKey)
}
if projectID != expectedProjectID {
t.Errorf("Expected project ID '%s', got '%s'", expectedProjectID, projectID)
}
}