sdb-back/tests/test_token_service.py

"""Tests for TokenService."""

from datetime import datetime, timezone
from unittest.mock import patch

import jwt
import pytest

from app.services.token_service import TokenService


class TestTokenService:
    """Test cases for TokenService."""

    def test_init(self) -> None:
        """Test TokenService initialization."""
        token_service = TokenService()
        assert token_service.algorithm == "HS256"
        assert token_service.access_token_expire_minutes == 15
        assert token_service.refresh_token_expire_days == 7

    def test_generate_access_token(self) -> None:
        """Test access token generation."""
        token_service = TokenService()
        user_data = {
            "id": "123",
            "email": "test@example.com",
            "name": "Test User",
        }

        token = token_service.generate_access_token(user_data)
        assert isinstance(token, str)

        # Verify token content
        payload = jwt.decode(
            token,
            token_service.secret_key,
            algorithms=[token_service.algorithm],
        )
        assert payload["user_id"] == "123"
        assert payload["email"] == "test@example.com"
        assert payload["name"] == "Test User"
        assert payload["type"] == "access"

    def test_generate_refresh_token(self) -> None:
        """Test refresh token generation."""
        token_service = TokenService()
        user_data = {
            "id": "123",
            "email": "test@example.com",
            "name": "Test User",
        }

        token = token_service.generate_refresh_token(user_data)
        assert isinstance(token, str)

        # Verify token content
        payload = jwt.decode(
            token,
            token_service.secret_key,
            algorithms=[token_service.algorithm],
        )
        assert payload["user_id"] == "123"
        assert payload["type"] == "refresh"

    def test_verify_valid_token(self) -> None:
        """Test verifying a valid token."""
        token_service = TokenService()
        user_data = {
            "id": "123",
            "email": "test@example.com",
            "name": "Test User",
        }

        token = token_service.generate_access_token(user_data)
        payload = token_service.verify_token(token)

        assert payload is not None
        assert payload["user_id"] == "123"
        assert payload["type"] == "access"

    def test_verify_invalid_token(self) -> None:
        """Test verifying an invalid token."""
        token_service = TokenService()

        payload = token_service.verify_token("invalid.token.here")
        assert payload is None

    @patch("app.services.token_service.datetime")
    def test_verify_expired_token(self, mock_datetime) -> None:
        """Test verifying an expired token."""
        # Set up mock to return a past time for token generation
        past_time = datetime(2020, 1, 1, tzinfo=timezone.utc)
        mock_datetime.now.return_value = past_time
        mock_datetime.UTC = timezone.utc

        token_service = TokenService()
        user_data = {
            "id": "123",
            "email": "test@example.com",
            "name": "Test User",
        }

        token = token_service.generate_access_token(user_data)

        # Reset mock to current time for verification
        mock_datetime.now.return_value = datetime.now(timezone.utc)

        payload = token_service.verify_token(token)
        assert payload is None

    def test_is_access_token(self) -> None:
        """Test access token type checking."""
        token_service = TokenService()

        access_payload = {"type": "access", "user_id": "123"}
        refresh_payload = {"type": "refresh", "user_id": "123"}

        assert token_service.is_access_token(access_payload)
        assert not token_service.is_access_token(refresh_payload)

    def test_is_refresh_token(self) -> None:
        """Test refresh token type checking."""
        token_service = TokenService()

        access_payload = {"type": "access", "user_id": "123"}
        refresh_payload = {"type": "refresh", "user_id": "123"}

        assert token_service.is_refresh_token(refresh_payload)
        assert not token_service.is_refresh_token(access_payload)

    def test_get_user_from_access_token_valid(self) -> None:
        """Test extracting user from valid access token."""
        token_service = TokenService()
        user_data = {
            "id": "123",
            "email": "test@example.com",
            "name": "Test User",
        }

        token = token_service.generate_access_token(user_data)
        extracted_user = token_service.get_user_from_access_token(token)

        assert extracted_user == user_data

    def test_get_user_from_access_token_refresh_token(self) -> None:
        """Test extracting user from refresh token (should fail)."""
        token_service = TokenService()
        user_data = {
            "id": "123",
            "email": "test@example.com",
            "name": "Test User",
        }

        token = token_service.generate_refresh_token(user_data)
        extracted_user = token_service.get_user_from_access_token(token)

        assert extracted_user is None

    def test_get_user_from_access_token_invalid(self) -> None:
        """Test extracting user from invalid token."""
        token_service = TokenService()

        extracted_user = token_service.get_user_from_access_token(
            "invalid.token"
        )
        assert extracted_user is None