From caf7c691296ec4d0e47cf69a4a95197bc36db5a2 Mon Sep 17 00:00:00 2001 From: ssylver93 <107515688+ssylver93@users.noreply.github.com> Date: Mon, 9 Dec 2024 15:42:10 -0800 Subject: [PATCH] Improve token validation logic and fix test coverage (#354) --- .../app/services/util/prev-auth-guard.spec.ts | 93 ++++++++++++++----- .../src/app/services/util/prev-auth-guard.ts | 15 ++- 2 files changed, 80 insertions(+), 28 deletions(-) diff --git a/client/wfprev-war/src/main/angular/src/app/services/util/prev-auth-guard.spec.ts b/client/wfprev-war/src/main/angular/src/app/services/util/prev-auth-guard.spec.ts index 5bfb91c1..8ae021a6 100644 --- a/client/wfprev-war/src/main/angular/src/app/services/util/prev-auth-guard.spec.ts +++ b/client/wfprev-war/src/main/angular/src/app/services/util/prev-auth-guard.spec.ts @@ -1,12 +1,11 @@ -import { TestBed } from '@angular/core/testing'; -import { PrevAuthGuard } from './prev-auth-guard'; -import { TokenService } from 'src/app/services/token.service'; -import { AppConfigService } from 'src/app/services/app-config.service'; -import { Router, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router'; -import { MatSnackBar } from '@angular/material/snack-bar'; -import { of, Subject, BehaviorSubject } from 'rxjs'; import { HttpClientTestingModule, HttpTestingController } from '@angular/common/http/testing'; -import { ResourcesRoutes } from 'src/app/utils'; +import { TestBed, fakeAsync, tick, flush } from '@angular/core/testing'; +import { MatSnackBar } from '@angular/material/snack-bar'; +import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from '@angular/router'; +import { BehaviorSubject, of, Subject } from 'rxjs'; +import { AppConfigService } from 'src/app/services/app-config.service'; +import { TokenService } from 'src/app/services/token.service'; +import { PrevAuthGuard } from './prev-auth-guard'; class MockActivatedRouteSnapshot extends ActivatedRouteSnapshot { constructor(public routeConfigOverride?: any) { @@ -188,25 +187,71 @@ describe('PrevAuthGuard', () => { }); }); - it('should handle route with scopes when token validation fails', (done) => { - // Setup route with scopes + it('should redirect user to error page when token validation fails', fakeAsync(() => { + const route = new ActivatedRouteSnapshot(); route.data = { scopes: [['test-scope']] }; - + + const state = jasmine.createSpyObj('RouterStateSnapshot', [], { url: '/test' }); + // Mock token exists tokenService.getOauthToken.and.returnValue('test-token'); - + // Mock token validation fails tokenService.validateToken.and.returnValue(of(false)); - + // Spy on redirectToErrorPage spyOn(guard, 'redirectToErrorPage'); - - guard.canActivate(route, state).subscribe(result => { - expect(guard.redirectToErrorPage).toHaveBeenCalled(); - done(); - }); + + guard.canActivate(route, state); + + tick(); + flush(); // Flush any remaining async operations + + expect(guard.redirectToErrorPage).toHaveBeenCalled(); + })); + }) + + it('should redirect to error page when getTokenInfo returns false', fakeAsync(() => { + const route = new MockActivatedRouteSnapshot(); + route.data = { scopes: [['test-scope']] }; + const state = jasmine.createSpyObj('RouterStateSnapshot', [], { + url: '/test' }); - }); + + // Spy on getTokenInfo to return false + spyOn(guard, 'getTokenInfo' as any).and.returnValue(Promise.resolve(false)); + + // Spy on redirectToErrorPage + spyOn(guard, 'redirectToErrorPage'); + + guard.canActivate(route, state).subscribe(); + + tick(); + flush(); // Flush any remaining async operations + + expect(guard.redirectToErrorPage).toHaveBeenCalled(); + })); + + it('should redirect to error page when getTokenInfo returns undefined', fakeAsync(() => { + const route = new MockActivatedRouteSnapshot(); + route.data = { scopes: [['test-scope']] }; + const state = jasmine.createSpyObj('RouterStateSnapshot', [], { + url: '/test' + }); + + // Spy on getTokenInfo to return undefined + spyOn(guard, 'getTokenInfo' as any).and.returnValue(Promise.resolve(undefined)); + + // Spy on redirectToErrorPage + spyOn(guard, 'redirectToErrorPage'); + + guard.canActivate(route, state).subscribe(); + + tick(); + flush(); // Flush any remaining async operations + + expect(guard.redirectToErrorPage).toHaveBeenCalled(); + })); describe('getTokenInfo', () => { let mockRoute: any; @@ -284,31 +329,31 @@ describe('PrevAuthGuard', () => { tokenService.getOauthToken.and.returnValue(null); const result = await guard.canAccessRoute([['test-scope']], tokenService); - + expect(result).toBeFalse(); }); it('should return true when token is validated successfully', async () => { // Mock token exists tokenService.getOauthToken.and.returnValue('test-token'); - + // Mock token validation tokenService.validateToken.and.returnValue(of(true)); const result = await guard.canAccessRoute([['test-scope']], tokenService); - + expect(result).toBeTrue(); }); it('should return false when token validation fails', async () => { // Mock token exists tokenService.getOauthToken.and.returnValue('test-token'); - + // Mock token validation fails tokenService.validateToken.and.returnValue(of(false)); const result = await guard.canAccessRoute([['test-scope']], tokenService); - + expect(result).toBeFalse(); }); }); diff --git a/client/wfprev-war/src/main/angular/src/app/services/util/prev-auth-guard.ts b/client/wfprev-war/src/main/angular/src/app/services/util/prev-auth-guard.ts index 4d4f08db..e482d197 100644 --- a/client/wfprev-war/src/main/angular/src/app/services/util/prev-auth-guard.ts +++ b/client/wfprev-war/src/main/angular/src/app/services/util/prev-auth-guard.ts @@ -32,7 +32,6 @@ export class PrevAuthGuard extends AuthGuard { route: ActivatedRouteSnapshot, state: RouterStateSnapshot, ): Observable { - if (!window.navigator.onLine) { return of(false); } @@ -40,11 +39,19 @@ export class PrevAuthGuard extends AuthGuard { if (route?.data?.['scopes']?.length > 0) { // Wrap the Promise returned by getTokenInfo with from() return from(this.getTokenInfo(route)).pipe( - map(result => result), - catchError(() => of(false)) + map(result => { + if (result === false || result === undefined) { + this.redirectToErrorPage(); + return of(false); + } + return result; + }), + catchError(() => { + this.redirectToErrorPage(); + return of(false); + }) ); } else { - console.log('returning true'); return of(true); } }