tests/server.rs at 6f959c6c1b6e9ee99e7f6e49c3fc78a4affe0491 · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox
this repo has no description
bspds-sandbox / tests / server.rs
at 6f959c6c1b6e9ee99e7f6e49c3fc78a4affe0491 12 kB view raw
  1mod common;
  2mod helpers;
  3use common::*;
  4use helpers::verify_new_account;
  5use reqwest::StatusCode;
  6use serde_json::{Value, json};
  7#[tokio::test]
  8async fn test_health() {
  9    let client = client();
 10    let res = client
 11        .get(format!("{}/health", base_url().await))
 12        .send()
 13        .await
 14        .expect("Failed to send request");
 15    assert_eq!(res.status(), StatusCode::OK);
 16    assert_eq!(res.text().await.unwrap(), "OK");
 17}
 18#[tokio::test]
 19async fn test_describe_server() {
 20    let client = client();
 21    let res = client
 22        .get(format!(
 23            "{}/xrpc/com.atproto.server.describeServer",
 24            base_url().await
 25        ))
 26        .send()
 27        .await
 28        .expect("Failed to send request");
 29    assert_eq!(res.status(), StatusCode::OK);
 30    let body: Value = res.json().await.expect("Response was not valid JSON");
 31    assert!(body.get("availableUserDomains").is_some());
 32}
 33#[tokio::test]
 34async fn test_create_session() {
 35    let client = client();
 36    let handle = format!("user_{}", uuid::Uuid::new_v4());
 37    let payload = json!({
 38        "handle": handle,
 39        "email": format!("{}@example.com", handle),
 40        "password": "password"
 41    });
 42    let create_res = client
 43        .post(format!(
 44            "{}/xrpc/com.atproto.server.createAccount",
 45            base_url().await
 46        ))
 47        .json(&payload)
 48        .send()
 49        .await
 50        .expect("Failed to create account");
 51    assert_eq!(create_res.status(), StatusCode::OK);
 52    let create_body: Value = create_res.json().await.unwrap();
 53    let did = create_body["did"].as_str().unwrap();
 54    let _ = verify_new_account(&client, did).await;
 55    let payload = json!({
 56        "identifier": handle,
 57        "password": "password"
 58    });
 59    let res = client
 60        .post(format!(
 61            "{}/xrpc/com.atproto.server.createSession",
 62            base_url().await
 63        ))
 64        .json(&payload)
 65        .send()
 66        .await
 67        .expect("Failed to send request");
 68    assert_eq!(res.status(), StatusCode::OK);
 69    let body: Value = res.json().await.expect("Response was not valid JSON");
 70    assert!(body.get("accessJwt").is_some());
 71}
 72#[tokio::test]
 73async fn test_create_session_missing_identifier() {
 74    let client = client();
 75    let payload = json!({
 76        "password": "password"
 77    });
 78    let res = client
 79        .post(format!(
 80            "{}/xrpc/com.atproto.server.createSession",
 81            base_url().await
 82        ))
 83        .json(&payload)
 84        .send()
 85        .await
 86        .expect("Failed to send request");
 87    assert!(
 88        res.status() == StatusCode::BAD_REQUEST || res.status() == StatusCode::UNPROCESSABLE_ENTITY,
 89        "Expected 400 or 422 for missing identifier, got {}",
 90        res.status()
 91    );
 92}
 93#[tokio::test]
 94async fn test_create_account_invalid_handle() {
 95    let client = client();
 96    let payload = json!({
 97        "handle": "invalid!handle.com",
 98        "email": "test@example.com",
 99        "password": "password"
100    });
101    let res = client
102        .post(format!(
103            "{}/xrpc/com.atproto.server.createAccount",
104            base_url().await
105        ))
106        .json(&payload)
107        .send()
108        .await
109        .expect("Failed to send request");
110    assert_eq!(
111        res.status(),
112        StatusCode::BAD_REQUEST,
113        "Expected 400 for invalid handle chars"
114    );
115}
116#[tokio::test]
117async fn test_get_session() {
118    let client = client();
119    let res = client
120        .get(format!(
121            "{}/xrpc/com.atproto.server.getSession",
122            base_url().await
123        ))
124        .bearer_auth(AUTH_TOKEN)
125        .send()
126        .await
127        .expect("Failed to send request");
128    assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
129}
130#[tokio::test]
131async fn test_refresh_session() {
132    let client = client();
133    let handle = format!("refresh_user_{}", uuid::Uuid::new_v4());
134    let payload = json!({
135        "handle": handle,
136        "email": format!("{}@example.com", handle),
137        "password": "password"
138    });
139    let create_res = client
140        .post(format!(
141            "{}/xrpc/com.atproto.server.createAccount",
142            base_url().await
143        ))
144        .json(&payload)
145        .send()
146        .await
147        .expect("Failed to create account");
148    assert_eq!(create_res.status(), StatusCode::OK);
149    let create_body: Value = create_res.json().await.unwrap();
150    let did = create_body["did"].as_str().unwrap();
151    let _ = verify_new_account(&client, did).await;
152    let login_payload = json!({
153        "identifier": handle,
154        "password": "password"
155    });
156    let res = client
157        .post(format!(
158            "{}/xrpc/com.atproto.server.createSession",
159            base_url().await
160        ))
161        .json(&login_payload)
162        .send()
163        .await
164        .expect("Failed to login");
165    assert_eq!(res.status(), StatusCode::OK);
166    let body: Value = res.json().await.expect("Invalid JSON");
167    let refresh_jwt = body["refreshJwt"]
168        .as_str()
169        .expect("No refreshJwt")
170        .to_string();
171    let access_jwt = body["accessJwt"]
172        .as_str()
173        .expect("No accessJwt")
174        .to_string();
175    let res = client
176        .post(format!(
177            "{}/xrpc/com.atproto.server.refreshSession",
178            base_url().await
179        ))
180        .bearer_auth(&refresh_jwt)
181        .send()
182        .await
183        .expect("Failed to refresh");
184    assert_eq!(res.status(), StatusCode::OK);
185    let body: Value = res.json().await.expect("Invalid JSON");
186    assert!(body["accessJwt"].as_str().is_some());
187    assert!(body["refreshJwt"].as_str().is_some());
188    assert_ne!(body["accessJwt"].as_str().unwrap(), access_jwt);
189    assert_ne!(body["refreshJwt"].as_str().unwrap(), refresh_jwt);
190}
191#[tokio::test]
192async fn test_delete_session() {
193    let client = client();
194    let res = client
195        .post(format!(
196            "{}/xrpc/com.atproto.server.deleteSession",
197            base_url().await
198        ))
199        .bearer_auth(AUTH_TOKEN)
200        .send()
201        .await
202        .expect("Failed to send request");
203    assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
204}
205#[tokio::test]
206async fn test_get_service_auth_success() {
207    let client = client();
208    let (access_jwt, did) = create_account_and_login(&client).await;
209    let params = [("aud", "did:web:example.com")];
210    let res = client
211        .get(format!(
212            "{}/xrpc/com.atproto.server.getServiceAuth",
213            base_url().await
214        ))
215        .bearer_auth(&access_jwt)
216        .query(&params)
217        .send()
218        .await
219        .expect("Failed to send request");
220    assert_eq!(res.status(), StatusCode::OK);
221    let body: Value = res.json().await.expect("Response was not valid JSON");
222    assert!(body["token"].is_string());
223    let token = body["token"].as_str().unwrap();
224    let parts: Vec<&str> = token.split('.').collect();
225    assert_eq!(parts.len(), 3, "Token should be a valid JWT");
226    use base64::{Engine as _, engine::general_purpose::URL_SAFE_NO_PAD};
227    let payload_bytes = URL_SAFE_NO_PAD.decode(parts[1]).expect("payload b64");
228    let claims: Value = serde_json::from_slice(&payload_bytes).expect("payload json");
229    assert_eq!(claims["iss"], did);
230    assert_eq!(claims["sub"], did);
231    assert_eq!(claims["aud"], "did:web:example.com");
232}
233#[tokio::test]
234async fn test_get_service_auth_with_lxm() {
235    let client = client();
236    let (access_jwt, did) = create_account_and_login(&client).await;
237    let params = [("aud", "did:web:example.com"), ("lxm", "com.atproto.repo.getRecord")];
238    let res = client
239        .get(format!(
240            "{}/xrpc/com.atproto.server.getServiceAuth",
241            base_url().await
242        ))
243        .bearer_auth(&access_jwt)
244        .query(&params)
245        .send()
246        .await
247        .expect("Failed to send request");
248    assert_eq!(res.status(), StatusCode::OK);
249    let body: Value = res.json().await.expect("Response was not valid JSON");
250    use base64::{Engine as _, engine::general_purpose::URL_SAFE_NO_PAD};
251    let token = body["token"].as_str().unwrap();
252    let parts: Vec<&str> = token.split('.').collect();
253    let payload_bytes = URL_SAFE_NO_PAD.decode(parts[1]).expect("payload b64");
254    let claims: Value = serde_json::from_slice(&payload_bytes).expect("payload json");
255    assert_eq!(claims["iss"], did);
256    assert_eq!(claims["lxm"], "com.atproto.repo.getRecord");
257}
258#[tokio::test]
259async fn test_get_service_auth_no_auth() {
260    let client = client();
261    let params = [("aud", "did:web:example.com")];
262    let res = client
263        .get(format!(
264            "{}/xrpc/com.atproto.server.getServiceAuth",
265            base_url().await
266        ))
267        .query(&params)
268        .send()
269        .await
270        .expect("Failed to send request");
271    assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
272    let body: Value = res.json().await.expect("Response was not valid JSON");
273    assert_eq!(body["error"], "AuthenticationRequired");
274}
275#[tokio::test]
276async fn test_get_service_auth_missing_aud() {
277    let client = client();
278    let (access_jwt, _) = create_account_and_login(&client).await;
279    let res = client
280        .get(format!(
281            "{}/xrpc/com.atproto.server.getServiceAuth",
282            base_url().await
283        ))
284        .bearer_auth(&access_jwt)
285        .send()
286        .await
287        .expect("Failed to send request");
288    assert_eq!(res.status(), StatusCode::BAD_REQUEST);
289}
290#[tokio::test]
291async fn test_check_account_status_success() {
292    let client = client();
293    let (access_jwt, _) = create_account_and_login(&client).await;
294    let res = client
295        .get(format!(
296            "{}/xrpc/com.atproto.server.checkAccountStatus",
297            base_url().await
298        ))
299        .bearer_auth(&access_jwt)
300        .send()
301        .await
302        .expect("Failed to send request");
303    assert_eq!(res.status(), StatusCode::OK);
304    let body: Value = res.json().await.expect("Response was not valid JSON");
305    assert_eq!(body["activated"], true);
306    assert_eq!(body["validDid"], true);
307    assert!(body["repoCommit"].is_string());
308    assert!(body["repoRev"].is_string());
309    assert!(body["indexedRecords"].is_number());
310}
311#[tokio::test]
312async fn test_check_account_status_no_auth() {
313    let client = client();
314    let res = client
315        .get(format!(
316            "{}/xrpc/com.atproto.server.checkAccountStatus",
317            base_url().await
318        ))
319        .send()
320        .await
321        .expect("Failed to send request");
322    assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
323    let body: Value = res.json().await.expect("Response was not valid JSON");
324    assert_eq!(body["error"], "AuthenticationRequired");
325}
326#[tokio::test]
327async fn test_activate_account_success() {
328    let client = client();
329    let (access_jwt, _) = create_account_and_login(&client).await;
330    let res = client
331        .post(format!(
332            "{}/xrpc/com.atproto.server.activateAccount",
333            base_url().await
334        ))
335        .bearer_auth(&access_jwt)
336        .send()
337        .await
338        .expect("Failed to send request");
339    assert_eq!(res.status(), StatusCode::OK);
340}
341#[tokio::test]
342async fn test_activate_account_no_auth() {
343    let client = client();
344    let res = client
345        .post(format!(
346            "{}/xrpc/com.atproto.server.activateAccount",
347            base_url().await
348        ))
349        .send()
350        .await
351        .expect("Failed to send request");
352    assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
353}
354#[tokio::test]
355async fn test_deactivate_account_success() {
356    let client = client();
357    let (access_jwt, _) = create_account_and_login(&client).await;
358    let res = client
359        .post(format!(
360            "{}/xrpc/com.atproto.server.deactivateAccount",
361            base_url().await
362        ))
363        .bearer_auth(&access_jwt)
364        .json(&json!({}))
365        .send()
366        .await
367        .expect("Failed to send request");
368    assert_eq!(res.status(), StatusCode::OK);
369}