package devicesession import ( "crypto/ed25519" "github.com/stretchr/testify/require" "testing" "time" "galaxy/authsession/internal/domain/common" ) func TestStatusIsKnown(t *testing.T) { t.Parallel() tests := []struct { name string value Status want bool }{ {name: "active", value: StatusActive, want: true}, {name: "revoked", value: StatusRevoked, want: true}, {name: "unknown", value: Status("unknown"), want: false}, } for _, tt := range tests { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() if got := tt.value.IsKnown(); got != tt.want { require.Failf(t, "test failed", "IsKnown() = %v, want %v", got, tt.want) } }) } } func TestStatusCanTransitionTo(t *testing.T) { t.Parallel() tests := []struct { name string from Status to Status want bool }{ {name: "active to revoked", from: StatusActive, to: StatusRevoked, want: true}, {name: "active to active", from: StatusActive, to: StatusActive, want: false}, {name: "revoked terminal", from: StatusRevoked, to: StatusActive, want: false}, } for _, tt := range tests { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() if got := tt.from.CanTransitionTo(tt.to); got != tt.want { require.Failf(t, "test failed", "CanTransitionTo() = %v, want %v", got, tt.want) } }) } } func TestIsKnownRevokeReasonCode(t *testing.T) { t.Parallel() tests := []struct { name string value common.RevokeReasonCode want bool }{ {name: "device logout", value: RevokeReasonDeviceLogout, want: true}, {name: "logout all", value: RevokeReasonLogoutAll, want: true}, {name: "admin revoke", value: RevokeReasonAdminRevoke, want: true}, {name: "user blocked", value: RevokeReasonUserBlocked, want: true}, {name: "custom code", value: common.RevokeReasonCode("custom_policy"), want: false}, } for _, tt := range tests { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() if got := IsKnownRevokeReasonCode(tt.value); got != tt.want { require.Failf(t, "test failed", "IsKnownRevokeReasonCode() = %v, want %v", got, tt.want) } }) } } func TestSessionValidate(t *testing.T) { t.Parallel() tests := []struct { name string mutate func(*Session) wantErr bool }{ {name: "active valid"}, { name: "revoked valid", mutate: func(s *Session) { s.Status = StatusRevoked s.Revocation = validRevocation() }, }, { name: "active rejects revocation", mutate: func(s *Session) { s.Revocation = validRevocation() }, wantErr: true, }, { name: "revoked requires revocation", mutate: func(s *Session) { s.Status = StatusRevoked }, wantErr: true, }, { name: "revoked requires complete metadata", mutate: func(s *Session) { s.Status = StatusRevoked revocation := validRevocation() revocation.ReasonCode = "" s.Revocation = revocation }, wantErr: true, }, } for _, tt := range tests { tt := tt t.Run(tt.name, func(t *testing.T) { t.Parallel() session := validSession(t) if tt.mutate != nil { tt.mutate(&session) } err := session.Validate() if tt.wantErr && err == nil { require.FailNow(t, "Validate() returned nil error") } if !tt.wantErr && err != nil { require.Failf(t, "test failed", "Validate() returned error: %v", err) } }) } } func validSession(t *testing.T) Session { t.Helper() raw := make(ed25519.PublicKey, ed25519.PublicKeySize) for index := range raw { raw[index] = byte(index + 7) } key, err := common.NewClientPublicKey(raw) if err != nil { require.Failf(t, "test failed", "NewClientPublicKey() returned error: %v", err) } return Session{ ID: common.DeviceSessionID("device-session-123"), UserID: common.UserID("user-123"), ClientPublicKey: key, Status: StatusActive, CreatedAt: time.Unix(1_775_121_600, 0).UTC(), } } func validRevocation() *Revocation { return &Revocation{ At: time.Unix(1_775_121_800, 0).UTC(), ReasonCode: RevokeReasonAdminRevoke, ActorType: common.RevokeActorType("admin"), ActorID: "admin-123", } }