Stage 3.4

2026-04-20 16:40:44 +03:00
parent 42a047a938
commit b24cbc97f3
25 changed files with 2520 additions and 123 deletions
--- a/test/scripts/test_auth_api.sh
+++ b/test/scripts/test_auth_api.sh
@@ -0,0 +1,217 @@
+#!/bin/bash
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+BASE_URL="http://localhost:8080"
+
+log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
+log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
+log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
+log_warning() { echo -e "${YELLOW}[WARNING]${NC} $1"; }
+
+extract_json() {
+    echo "$1" | grep -o "\"$2\":\"[^\"]*\"" | head -1 | sed "s/\"$2\":\"//;s/\"$//"
+}
+
+http_post() {
+    local url=$1
+    local data=$2
+    local token=$3
+
+    if [ -n "$token" ]; then
+        curl -s -X POST "$url" \
+            -H "Content-Type: application/json" \
+            -H "Authorization: Bearer $token" \
+            -d "$data"
+    else
+        curl -s -X POST "$url" \
+            -H "Content-Type: application/json" \
+            -d "$data"
+    fi
+}
+
+http_get() {
+    local url=$1
+    local token=$2
+
+    if [ -n "$token" ]; then
+        curl -s -X GET "$url" \
+            -H "Authorization: Bearer $token"
+    else
+        curl -s -X GET "$url"
+    fi
+}
+
+echo "============================================================"
+echo "          EVENTHUB AUTHENTICATION API TEST SCRIPT"
+echo "============================================================"
+echo ""
+
+log_info "Checking if server is running..."
+if ! curl -s "$BASE_URL/health" | grep -q "ok"; then
+    log_error "Server is not running"
+    exit 1
+fi
+log_success "Server is running"
+
+echo ""
+log_info "============================================================"
+log_info "TEST 1: Healthcheck"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/health" "")
+if echo "$response" | grep -q "ok"; then
+    log_success "Healthcheck passed: $response"
+else
+    log_error "Healthcheck failed: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 2: Register new user"
+log_info "============================================================"
+
+TEST_EMAIL="test_auth_$(date +%s)@example.com"
+TEST_PASSWORD="testpass123"
+
+log_info "Registering $TEST_EMAIL..."
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$TEST_EMAIL\",\"password\":\"$TEST_PASSWORD\"}" "")
+
+if echo "$response" | grep -q "token"; then
+    TOKEN=$(extract_json "$response" "token")
+    USER_ID=$(extract_json "$response" "id")
+    log_success "Registration successful"
+    log_info "User ID: $USER_ID"
+    log_info "Token: ${TOKEN:0:30}..."
+else
+    log_error "Registration failed: $response"
+    exit 1
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 3: Register with existing email (should fail)"
+log_info "============================================================"
+
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$TEST_EMAIL\",\"password\":\"$TEST_PASSWORD\"}" "")
+if echo "$response" | grep -q "already exists"; then
+    log_success "Duplicate registration correctly rejected"
+else
+    log_error "Duplicate registration not rejected: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 4: Login with correct credentials"
+log_info "============================================================"
+
+response=$(http_post "$BASE_URL/v1/login" "{\"email\":\"$TEST_EMAIL\",\"password\":\"$TEST_PASSWORD\"}" "")
+
+if echo "$response" | grep -q "token"; then
+    LOGIN_TOKEN=$(extract_json "$response" "token")
+    REFRESH_TOKEN=$(extract_json "$response" "refresh_token")
+    log_success "Login successful"
+    log_info "Refresh token received: ${REFRESH_TOKEN:0:30}..."
+else
+    log_error "Login failed: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 5: Login with wrong password (should fail)"
+log_info "============================================================"
+
+response=$(http_post "$BASE_URL/v1/login" "{\"email\":\"$TEST_EMAIL\",\"password\":\"wrongpassword\"}" "")
+if echo "$response" | grep -q "Invalid credentials"; then
+    log_success "Wrong password correctly rejected"
+else
+    log_error "Wrong password not rejected: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 6: Get user profile with valid token"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/user/me" "$TOKEN")
+if echo "$response" | grep -q "$TEST_EMAIL"; then
+    log_success "Profile retrieved successfully"
+    log_info "Response: $response"
+else
+    log_error "Profile retrieval failed: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 7: Get user profile with invalid token"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/user/me" "invalid.token.here")
+if echo "$response" | grep -q "Invalid token"; then
+    log_success "Invalid token correctly rejected"
+else
+    log_error "Invalid token not rejected: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 8: Get user profile without token"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/user/me" "")
+if echo "$response" | grep -q "Missing or invalid Authorization"; then
+    log_success "Missing token correctly rejected"
+else
+    log_error "Missing token not rejected: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 9: Refresh token"
+log_info "============================================================"
+
+if [ -n "$REFRESH_TOKEN" ]; then
+    response=$(http_post "$BASE_URL/v1/refresh" "{\"refresh_token\":\"$REFRESH_TOKEN\"}" "")
+    if echo "$response" | grep -q "token"; then
+        NEW_TOKEN=$(extract_json "$response" "token")
+        NEW_REFRESH=$(extract_json "$response" "refresh_token")
+        log_success "Token refreshed successfully"
+        log_info "New token: ${NEW_TOKEN:0:30}..."
+        log_info "New refresh token: ${NEW_REFRESH:0:30}..."
+    else
+        log_error "Token refresh failed: $response"
+    fi
+
+    log_info "Trying to reuse old refresh token (should fail)..."
+    response=$(http_post "$BASE_URL/v1/refresh" "{\"refresh_token\":\"$REFRESH_TOKEN\"}" "")
+    if echo "$response" | grep -q "Invalid refresh token"; then
+        log_success "Old refresh token correctly rejected"
+    else
+        log_warning "Old refresh token not rejected: $response"
+    fi
+else
+    log_warning "No refresh token to test"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 10: Access protected endpoint with new token"
+log_info "============================================================"
+
+if [ -n "$NEW_TOKEN" ]; then
+    response=$(http_get "$BASE_URL/v1/user/me" "$NEW_TOKEN")
+    if echo "$response" | grep -q "$TEST_EMAIL"; then
+        log_success "Protected endpoint accessible with new token"
+    else
+        log_error "Protected endpoint not accessible: $response"
+    fi
+fi
+
+echo ""
+echo "============================================================"
+log_success "AUTHENTICATION TESTS COMPLETED!"
+echo "============================================================"