MOL-815: update unit tests

quangmai-sm · quangmai-sm · commit 2e469d3d0e5a · 2025-06-25T10:20:16.000+07:00
diff --git a/processor/tests/commercetools/extension.commercetools.spec.ts b/processor/tests/commercetools/extension.commercetools.spec.ts
@@ -8,6 +8,15 @@ import {
 } from '../../src/commercetools/extensions.commercetools';
 import { Extension } from '@commercetools/platform-sdk';
 
+jest.mock('../../src/utils/config.utils', () => ({
+  readConfiguration: jest.fn().mockReturnValue({
+    commerceTools: {
+      clientId: 'test-client-id',
+      clientSecret: 'test-client-secret',
+    },
+  }),
+}));
+
 jest.mock('../../src/client/create.client', () => ({
   createApiRoot: jest.fn(),
 }));
@@ -29,7 +38,7 @@ describe('Test extension.commercetools', () => {
       url: mockUrl,
       authentication: {
         type: 'AuthorizationHeader',
-        headerValue: 'Bearer _token_',
+        headerValue: 'Basic dGVzdC1jbGllbnQtaWQ6dGVzdC1jbGllbnQtc2VjcmV0',
       },
     },
     triggers: [
@@ -170,9 +179,7 @@ describe('Test extension.commercetools', () => {
       }),
     );
 
-    const accessToken = 'token123';
-
-    await createPaymentExtension(mockUrl, accessToken);
+    await createPaymentExtension(mockUrl);
 
     expect(getExtensions).toHaveBeenCalledTimes(1);
     expect(withKey).toHaveBeenCalledTimes(1);
@@ -192,7 +199,7 @@ describe('Test extension.commercetools', () => {
           url: mockUrl,
           authentication: {
             type: 'AuthorizationHeader',
-            headerValue: `Bearer ${accessToken}`,
+            headerValue: 'Basic dGVzdC1jbGllbnQtaWQ6dGVzdC1jbGllbnQtc2VjcmV0',
           },
         },
         triggers: [
@@ -215,9 +222,7 @@ describe('Test extension.commercetools', () => {
       }),
     );
 
-    const accessToken = 'token123';
-
-    await createPaymentExtension(mockUrl, accessToken);
+    await createPaymentExtension(mockUrl);
 
     expect(getExtensions).toHaveBeenCalledTimes(1);
     expect(createMock).toHaveBeenCalledTimes(1);
@@ -229,7 +234,7 @@ describe('Test extension.commercetools', () => {
           url: mockUrl,
           authentication: {
             type: 'AuthorizationHeader',
-            headerValue: `Bearer ${accessToken}`,
+            headerValue: 'Basic dGVzdC1jbGllbnQtaWQ6dGVzdC1jbGllbnQtc2VjcmV0',
           },
         },
         triggers: [
diff --git a/processor/tests/middleware/basicAuth.middleware.spec.ts b/processor/tests/middleware/basicAuth.middleware.spec.ts
@@ -0,0 +1,109 @@
+import { describe, it, jest, beforeEach, expect, afterEach } from '@jest/globals';
+import { Request, Response, NextFunction } from 'express';
+import { basicAuthMiddleware } from '../../src/middleware/basicAuth.middleware';
+
+jest.mock('../../src/utils/config.utils', () => ({
+  readConfiguration: jest.fn().mockReturnValue({
+    commerceTools: {
+      clientId: 'test-client-id',
+      clientSecret: 'test-client-secret',
+    },
+  }),
+}));
+
+describe('basicAuthMiddleware', () => {
+  let req: Partial<Request>;
+  let res: Partial<Response>;
+  let next: NextFunction;
+
+  beforeEach(() => {
+    req = {
+      headers: {},
+    };
+    res = {
+      // @ts-expect-error: ignore type error
+      status: jest.fn().mockReturnThis(),
+      // @ts-expect-error: ignore type error
+      json: jest.fn(),
+    };
+    next = jest.fn();
+  });
+
+  afterEach(() => {
+    jest.clearAllMocks();
+  });
+
+  it('should call next() when valid Basic Auth credentials are provided', () => {
+    const validCredentials = Buffer.from('test-client-id:test-client-secret').toString('base64');
+    req.headers = {
+      authorization: `Basic ${validCredentials}`,
+    };
+
+    basicAuthMiddleware(req as Request, res as Response, next);
+
+    expect(next).toHaveBeenCalledTimes(1);
+    expect(res.status).not.toHaveBeenCalled();
+    expect(res.json).not.toHaveBeenCalled();
+  });
+
+  it('should return 401 when Authorization header is missing', () => {
+    req.headers = {};
+
+    basicAuthMiddleware(req as Request, res as Response, next);
+
+    expect(res.status).toHaveBeenCalledWith(401);
+    expect(res.json).toHaveBeenCalledWith({ error: 'Missing or invalid Authorization header' });
+    expect(next).not.toHaveBeenCalled();
+  });
+
+  it('should return 401 when Authorization header does not start with "Basic "', () => {
+    req.headers = {
+      authorization: 'Bearer token123',
+    };
+
+    basicAuthMiddleware(req as Request, res as Response, next);
+
+    expect(res.status).toHaveBeenCalledWith(401);
+    expect(res.json).toHaveBeenCalledWith({ error: 'Missing or invalid Authorization header' });
+    expect(next).not.toHaveBeenCalled();
+  });
+
+  it('should return 403 when credentials do not match', () => {
+    const invalidCredentials = Buffer.from('wrong-id:wrong-secret').toString('base64');
+    req.headers = {
+      authorization: `Basic ${invalidCredentials}`,
+    };
+
+    basicAuthMiddleware(req as Request, res as Response, next);
+
+    expect(res.status).toHaveBeenCalledWith(403);
+    expect(res.json).toHaveBeenCalledWith({ error: 'Invalid credentials' });
+    expect(next).not.toHaveBeenCalled();
+  });
+
+  it('should return 403 when client ID is correct but secret is wrong', () => {
+    const invalidCredentials = Buffer.from('test-client-id:wrong-secret').toString('base64');
+    req.headers = {
+      authorization: `Basic ${invalidCredentials}`,
+    };
+
+    basicAuthMiddleware(req as Request, res as Response, next);
+
+    expect(res.status).toHaveBeenCalledWith(403);
+    expect(res.json).toHaveBeenCalledWith({ error: 'Invalid credentials' });
+    expect(next).not.toHaveBeenCalled();
+  });
+
+  it('should return 403 when client secret is correct but ID is wrong', () => {
+    const invalidCredentials = Buffer.from('wrong-id:test-client-secret').toString('base64');
+    req.headers = {
+      authorization: `Basic ${invalidCredentials}`,
+    };
+
+    basicAuthMiddleware(req as Request, res as Response, next);
+
+    expect(res.status).toHaveBeenCalledWith(403);
+    expect(res.json).toHaveBeenCalledWith({ error: 'Invalid credentials' });
+    expect(next).not.toHaveBeenCalled();
+  });
+});
diff --git a/processor/tests/routes/processor.route.spec.ts b/processor/tests/routes/processor.route.spec.ts
@@ -8,8 +8,6 @@ import {
   createCustomPaymentInterfaceInteractionType,
   createCustomTransactionType,
 } from '../../src/commercetools/customFields.commercetools';
-import { getAccessToken } from '../../src/commercetools/auth.commercetools';
-
 jest.mock('../../src/commercetools/extensions.commercetools', () => ({
   deletePaymentExtension: jest.fn(),
   createPaymentExtension: jest.fn(),
@@ -21,10 +19,6 @@ jest.mock('../../src/commercetools/customFields.commercetools', () => ({
   createCustomTransactionType: jest.fn(),
 }));
 
-jest.mock('../../src/commercetools/auth.commercetools', () => ({
-  getAccessToken: jest.fn(),
-}));
-
 describe('Test src/route/processor.route.ts', () => {
   let req: Partial<Request>;
   let res: Partial<Response>;
@@ -158,8 +152,6 @@ describe('Test src/route/processor.route.ts', () => {
       (createCustomPaymentInterfaceInteractionType as jest.Mock).mockReturnValueOnce(Promise.resolve());
       (createCustomTransactionType as jest.Mock).mockReturnValueOnce(Promise.resolve());
 
-      (getAccessToken as jest.Mock).mockReturnValueOnce(Promise.resolve());
-
       req = {
         hostname: 'test.com',
         secure: true,
