openreader/tests/unit/auth-config.vitest.spec.ts

111 lines
3 KiB
TypeScript

import { describe, expect, test } from 'vitest';
import { getAuthBaseUrl, isAnonymousAuthSessionsEnabled, isAuthEnabled, isGithubAuthEnabled } from '../../src/lib/server/auth/config';
import { withEnv } from './support/env';
describe('auth config contract', () => {
test('auth is enabled only when AUTH_SECRET and BASE_URL are both set', async () => {
await withEnv(
{
AUTH_SECRET: undefined,
BASE_URL: undefined,
},
async () => {
expect(isAuthEnabled()).toBe(false);
expect(getAuthBaseUrl()).toBeNull();
},
);
await withEnv(
{
AUTH_SECRET: 'unit-secret',
BASE_URL: 'http://localhost:3003',
},
async () => {
expect(isAuthEnabled()).toBe(true);
expect(getAuthBaseUrl()).toBe('http://localhost:3003');
},
);
});
test.each([
{ envValue: undefined, expected: false },
{ envValue: 'true', expected: true },
{ envValue: 'false', expected: false },
{ envValue: '1', expected: false },
{ envValue: 'TRUE', expected: true },
])(
'anonymous sessions honor strict boolean parsing when auth is enabled (value: $envValue)',
async ({ envValue, expected }) => {
await withEnv(
{
AUTH_SECRET: 'unit-secret',
BASE_URL: 'http://localhost:3003',
USE_ANONYMOUS_AUTH_SESSIONS: envValue,
},
async () => {
expect(isAnonymousAuthSessionsEnabled()).toBe(expected);
},
);
},
);
test('anonymous sessions are always disabled when auth is disabled', async () => {
await withEnv(
{
AUTH_SECRET: undefined,
BASE_URL: undefined,
USE_ANONYMOUS_AUTH_SESSIONS: 'true',
},
async () => {
expect(isAnonymousAuthSessionsEnabled()).toBe(false);
},
);
});
test.each([
{
title: 'returns false when auth is disabled',
env: {
AUTH_SECRET: undefined,
BASE_URL: undefined,
GITHUB_CLIENT_ID: 'id',
GITHUB_CLIENT_SECRET: 'secret',
},
expected: false,
},
{
title: 'returns false when GitHub client id is missing',
env: {
AUTH_SECRET: 'unit-secret',
BASE_URL: 'http://localhost:3003',
GITHUB_CLIENT_ID: undefined,
GITHUB_CLIENT_SECRET: 'secret',
},
expected: false,
},
{
title: 'returns false when GitHub client secret is missing',
env: {
AUTH_SECRET: 'unit-secret',
BASE_URL: 'http://localhost:3003',
GITHUB_CLIENT_ID: 'id',
GITHUB_CLIENT_SECRET: undefined,
},
expected: false,
},
{
title: 'returns true when auth is enabled and GitHub credentials are present',
env: {
AUTH_SECRET: 'unit-secret',
BASE_URL: 'http://localhost:3003',
GITHUB_CLIENT_ID: 'id',
GITHUB_CLIENT_SECRET: 'secret',
},
expected: true,
},
])('$title', async ({ env, expected }) => {
await withEnv(env, async () => {
expect(isGithubAuthEnabled()).toBe(expected);
});
});
});