solid-connect-server/src/test/java/com/example/solidconnection/auth/service/AuthServiceTest.java at 7d9bf3be7bd517e59bdf09e08172708ef3732a07 · Gyuhyeok99/solid-connect-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
package com.example.solidconnection.auth.service;

import static com.example.solidconnection.common.exception.ErrorCode.REFRESH_TOKEN_EXPIRED;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatCode;
import static org.junit.jupiter.api.Assertions.assertAll;

import com.example.solidconnection.auth.domain.AccessToken;
import com.example.solidconnection.auth.domain.RefreshToken;
import com.example.solidconnection.auth.domain.Subject;
import com.example.solidconnection.auth.dto.ReissueResponse;
import com.example.solidconnection.auth.exception.AuthException;
import com.example.solidconnection.auth.token.TokenBlackListService;
import com.example.solidconnection.siteuser.domain.SiteUser;
import com.example.solidconnection.siteuser.fixture.SiteUserFixture;
import com.example.solidconnection.siteuser.repository.SiteUserRepository;
import com.example.solidconnection.support.TestContainerSpringBootTest;
import java.time.LocalDate;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;

@DisplayName("인증 서비스 테스트")
@TestContainerSpringBootTest
class AuthServiceTest {

    @Autowired
    private AuthService authService;

    @Autowired
    private AuthTokenProvider authTokenProvider;

    @Autowired
    private TokenBlackListService tokenBlackListService;

    @Autowired
    private TokenStorage tokenStorage;

    @Autowired
    private SiteUserFixture siteUserFixture;

    @Autowired
    private SiteUserRepository siteUserRepository;

    @Autowired
    private TokenProvider tokenProvider;

    private SiteUser siteUser;
    private AccessToken accessToken;
    private Subject expectedSubject;

    @BeforeEach
    void setUp() {
        siteUser = siteUserFixture.사용자();
        accessToken = authTokenProvider.generateAccessToken(siteUser);
        expectedSubject = tokenProvider.parseSubject(accessToken.token());
    }

    @Test
    void 로그아웃한다() {
        // when
        authService.signOut(accessToken.token());

        // then
        assertAll(
                () -> assertThat(tokenStorage.findToken(expectedSubject, RefreshToken.class)).isEmpty(),
                () -> assertThat(tokenBlackListService.isTokenBlacklisted(accessToken.token())).isTrue()
        );
    }

    @Test
    void 탈퇴한다() {
        // when
        authService.quit(siteUser.getId(), accessToken.token());

        // then
        LocalDate tomorrow = LocalDate.now().plusDays(1);
        SiteUser actualSitUser = siteUserRepository.findById(siteUser.getId()).orElseThrow();
        assertAll(
                () -> assertThat(actualSitUser.getQuitedAt()).isEqualTo(tomorrow),
                () -> assertThat(tokenStorage.findToken(expectedSubject, RefreshToken.class)).isEmpty(),
                () -> assertThat(tokenBlackListService.isTokenBlacklisted(accessToken.token())).isTrue()
        );
    }

    @Nested
    class 토큰을_재발급한다 {

        @Test
        void 요청의_리프레시_토큰이_저장되어_있으면_액세스_토큰을_재발급한다() {
            // given
            RefreshToken refreshToken = authTokenProvider.generateAndSaveRefreshToken(siteUser);

            // when
            ReissueResponse reissuedAccessToken = authService.reissue(refreshToken.token());

            // then - 요청의 리프레시 토큰과 재발급한 액세스 토큰의 주체가 동일해야 한다.
            SiteUser actualSiteUser = authTokenProvider.parseSiteUser(refreshToken.token());
            SiteUser expectedSiteUser = authTokenProvider.parseSiteUser(reissuedAccessToken.accessToken());
            assertThat(actualSiteUser.getId()).isEqualTo(expectedSiteUser.getId());
        }

        @Test
        void 요청의_리프레시_토큰이_저장되어있지_않다면_예외가_발생한다() {
            // given
            String invalidRefreshToken = accessToken.token();

            // when, then
            assertThatCode(() -> authService.reissue(invalidRefreshToken))
                    .isInstanceOf(AuthException.class)
                    .hasMessage(REFRESH_TOKEN_EXPIRED.getMessage());
        }
    }
}