Merge pull request #374 from MadAppGang/test_reset_password

add test to reset password function
MadAppGang · Dec 30, 2022 · 5fd844b · 5fd844b
2 parents 9a45fd2 + 45345b9
commit 5fd844b
Show file tree

Hide file tree

Showing 5 changed files with 122 additions and 1 deletion.
diff --git a/test/artifacts/api/apps.json b/test/artifacts/api/apps.json
@@ -28,7 +28,7 @@
 		"token_payload":["name", "email"],
 		"login_app_settings": {
 			"register_url" : "http://madappgang.com/identifo/web",
-			"reset_password_url" : "/identifo/web/reset"
+			"reset_password_url" : "http://rewrite.com/login/cusom"
 		}
 	}
 

diff --git a/test/artifacts/api/response_ok.json b/test/artifacts/api/response_ok.json
@@ -0,0 +1,13 @@
+{
+    "$schema": "http://json-schema.org/draft-04/schema#",
+    "type": "object",
+    "properties": {
+      "result": {
+        "type": "string"
+      }
+    },
+    "required": [
+      "result"
+    ]
+  }
+
diff --git a/web/api/main_test.go b/web/api/main_test.go
@@ -16,6 +16,7 @@ import (
 	"github.com/joho/godotenv"
 	"github.com/madappgang/identifo/v2/config"
 	"github.com/madappgang/identifo/v2/model"
+	"github.com/madappgang/identifo/v2/services/mail/mock"
 	"gopkg.in/h2non/baloo.v3"
 	"gopkg.in/h2non/baloo.v3/assert"
 )
@@ -42,6 +43,8 @@ var cfg = Config{}
 // test stores the HTTP testing client preconfigured
 var request *baloo.Client
 
+var emailService *mock.EmailService
+
 // ============================================================
 // Some test helper function here to setup test environment
 // ============================================================
@@ -91,6 +94,8 @@ func runServer() (model.Server, *http.Server) {
 		log.Fatalf("error creating server: %v", err)
 	}
 
+	emailService = srv.Services().Email.Transport().(*mock.EmailService)
+
 	if err := config.ImportApps("../../test/artifacts/api/apps.json", srv.Storages().App, true); err != nil {
 		log.Fatalf("error importing apps to server: %v", err)
 	}

diff --git a/web/api/reset_password.go b/web/api/reset_password.go
@@ -35,6 +35,8 @@ func (ar *Router) RequestResetPassword() http.HandlerFunc {
 
 		user, err := ar.server.Storages().User.UserByEmail(d.Email)
 		if err == model.ErrUserNotFound {
+			// return ok, but there is no user
+			// TODO: add logging for for reset password for user, who is not exist
 			result := map[string]string{"result": "ok"}
 			ar.ServeJSON(w, http.StatusOK, result)
 			return

diff --git a/web/api/reset_password_test.go b/web/api/reset_password_test.go
@@ -0,0 +1,101 @@
+package api_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestResetPasswordWithCustomURL(t *testing.T) {
+	data := fmt.Sprintf(`
+	{
+		"email": "%s",
+		"reset_page_url": "%s"
+	}`, cfg.User1, "https://customurl.com")
+	signature, _ := Signature(data, cfg.AppSecret)
+
+	request.Post("/auth/request_reset_password").
+		SetHeader("X-Identifo-ClientID", cfg.AppID).
+		SetHeader("Digest", "SHA-256="+signature).
+		SetHeader("Content-Type", "application/json").
+		BodyString(data).
+		Expect(t).
+		AssertFunc(dumpResponse).
+		Type("json").
+		Status(200).
+		JSONSchema("../../test/artifacts/api/response_ok.json").
+		Done()
+
+	// if running local server (the email sever will not be nil then), check the email content
+	if emailService != nil {
+		messages := emailService.Messages()
+		require.GreaterOrEqual(t, len(messages), 1) // at least one message should be send
+		lastMessage := messages[len(messages)-1]
+		assert.Contains(t, lastMessage, cfg.User1)
+		assert.Contains(t, lastMessage, "href=\"https://customurl.com?")
+		assert.Contains(t, lastMessage, fmt.Sprintf("appId=%s", cfg.AppID))
+		fmt.Printf("\nEmail:\n%s\n", lastMessage)
+	}
+}
+
+func TestResetPasswordWithAppSpecificURL(t *testing.T) {
+	data := fmt.Sprintf(`
+	{
+		"email": "%s"
+	}`, cfg.User1)
+	signature, _ := Signature(data, cfg.AppSecret2)
+
+	request.Post("/auth/request_reset_password").
+		SetHeader("X-Identifo-ClientID", cfg.AppID2).
+		SetHeader("Digest", "SHA-256="+signature).
+		SetHeader("Content-Type", "application/json").
+		BodyString(data).
+		Expect(t).
+		AssertFunc(dumpResponse).
+		Type("json").
+		Status(200).
+		JSONSchema("../../test/artifacts/api/response_ok.json").
+		Done()
+
+	// if running local server (the email sever will not be nil then), check the email content
+	if emailService != nil {
+		messages := emailService.Messages()
+		require.GreaterOrEqual(t, len(messages), 1) // at least one message should be send
+		lastMessage := messages[len(messages)-1]
+		assert.Contains(t, lastMessage, cfg.User1)
+		assert.Contains(t, lastMessage, "href=\"http://rewrite.com/login/cusom?")
+		assert.Contains(t, lastMessage, fmt.Sprintf("appId=%s", cfg.AppID2))
+	}
+}
+
+func TestResetPasswordWithDefaultURL(t *testing.T) {
+	data := fmt.Sprintf(`
+	{
+		"email": "%s"
+	}`, cfg.User1)
+	signature, _ := Signature(data, cfg.AppSecret)
+
+	request.Post("/auth/request_reset_password").
+		SetHeader("X-Identifo-ClientID", cfg.AppID).
+		SetHeader("Digest", "SHA-256="+signature).
+		SetHeader("Content-Type", "application/json").
+		BodyString(data).
+		Expect(t).
+		AssertFunc(dumpResponse).
+		Type("json").
+		Status(200).
+		JSONSchema("../../test/artifacts/api/response_ok.json").
+		Done()
+
+	// if running local server (the email sever will not be nil then), check the email content
+	if emailService != nil {
+		messages := emailService.Messages()
+		require.GreaterOrEqual(t, len(messages), 1) // at least one message should be send
+		lastMessage := messages[len(messages)-1]
+		assert.Contains(t, lastMessage, cfg.User1)
+		assert.Contains(t, lastMessage, "href=\"http://localhost:8081/web/password/reset?")
+		assert.Contains(t, lastMessage, fmt.Sprintf("appId=%s", cfg.AppID))
+	}
+}