alex/homeassistant-mcp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test: enhance security middleware and token validation tests

Browse Source 
- Refactored security middleware tests with improved type safety and mock configurations
- Updated token validation tests with more precise token generation and expiration scenarios
- Improved input sanitization and request validation test coverage
- Added comprehensive test cases for error handling and security header configurations
- Enhanced test setup with better environment and secret management
This commit is contained in:
jango-blockchained
2025-02-03 22:52:18 +01:00
parent e688c94718
commit 04123a5740
7 changed files with 296 additions and 258 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
__tests__/security/token-manager.test.ts
View File

@@ -46,16 +46,16 @@ describe('TokenManager', () => {
describe('Token Validation', () => {
it('should validate correct tokens', () => {
const payload = { sub: '123', name: 'Test User' };
const token = jwt.sign(payload, TEST_SECRET, { expiresIn: '1h' });
const payload = { sub: '123', name: 'Test User', iat: Math.floor(Date.now() / 1000), exp: Math.floor(Date.now() / 1000) + 3600 };
const token = jwt.sign(payload, TEST_SECRET);
const result = TokenManager.validateToken(token);
expect(result.valid).toBe(true);
expect(result.error).toBeUndefined();
});
it('should reject expired tokens', () => {
const payload = { sub: '123', name: 'Test User' };
const token = jwt.sign(payload, TEST_SECRET, { expiresIn: -1 });
const payload = { sub: '123', name: 'Test User', iat: Math.floor(Date.now() / 1000) - 7200, exp: Math.floor(Date.now() / 1000) - 3600 };
const token = jwt.sign(payload, TEST_SECRET);
const result = TokenManager.validateToken(token);
expect(result.valid).toBe(false);
expect(result.error).toBe('Token has expired');
@@ -68,8 +68,8 @@ describe('TokenManager', () => {
});
it('should reject tokens with invalid signature', () => {
const payload = { sub: '123', name: 'Test User' };
const token = jwt.sign(payload, 'different-secret', { expiresIn: '1h' });
const payload = { sub: '123', name: 'Test User', iat: Math.floor(Date.now() / 1000), exp: Math.floor(Date.now() / 1000) + 3600 };
const token = jwt.sign(payload, 'different-secret');
const result = TokenManager.validateToken(token);
expect(result.valid).toBe(false);
expect(result.error).toBe('Invalid token signature');
@@ -82,6 +82,16 @@ describe('TokenManager', () => {
expect(result.valid).toBe(false);
expect(result.error).toBe('Token missing required claims');
});
it('should handle undefined and null inputs', () => {
const undefinedResult = TokenManager.validateToken(undefined);
expect(undefinedResult.valid).toBe(false);
expect(undefinedResult.error).toBe('Invalid token format');
const nullResult = TokenManager.validateToken(null);
expect(nullResult.valid).toBe(false);
expect(nullResult.error).toBe('Invalid token format');
});
});
describe('Security Features', () => {
@@ -128,10 +138,5 @@ describe('TokenManager', () => {
it('should handle invalid base64 input', () => {
expect(() => TokenManager.decryptToken('not-base64!@#$%^', encryptionKey)).toThrow();
});
it('should handle undefined and null inputs', () => {
expect(TokenManager.validateToken(undefined as any)).toBe(false);
expect(TokenManager.validateToken(null as any)).toBe(false);
});
});
});