✅ Add more test cases

TGM-HIT · Jan 16, 2025 · 3d16095 · 3d16095
1 parent c551176
commit 3d16095
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 2 deletions.
diff --git a/src/main/java/dezsys/authentication/Controller.java b/src/main/java/dezsys/authentication/Controller.java
@@ -31,6 +31,7 @@
 import io.jsonwebtoken.Jws;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.security.SignatureException;
+import io.jsonwebtoken.MalformedJwtException;
 
 @RestController
 @RequestMapping("/auth")
@@ -165,7 +166,7 @@ public ResponseEntity<String> verify(@RequestHeader("Authorization") String toke
         try {
             parseJwt(jwt);
             return ResponseEntity.ok("valid");
-        } catch (SignatureException e) {
+        } catch (SignatureException | MalformedJwtException e) {
             return ResponseEntity.status(HttpStatus.FORBIDDEN).body("bad jwt");
         }
     }

diff --git a/src/test/java/dezsys/authentication/AuthControllerTests.java b/src/test/java/dezsys/authentication/AuthControllerTests.java
@@ -105,7 +105,16 @@ public void testSignin_withValidCredentials_shouldReturnJwt() throws Exception {
     }
 
     @Test
-    public void testSignin_withInvalidCredentials_shouldFail() throws Exception {
+    public void testSignin_withInvalidEmail_shouldFail() throws Exception {
+        String requestBody = createRequestBody(adminUser.email + "uwu", adminUser.password);
+
+        mockMvc.perform(post("/auth/signin")
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(requestBody))
+                .andExpect(status().isForbidden());
+    }
+    @Test
+    public void testSignin_withInvalidPassword_shouldFail() throws Exception {
         String requestBody = createRequestBody(adminUser.email, adminUser.password + "uwu");
 
         mockMvc.perform(post("/auth/signin")
@@ -114,6 +123,16 @@ public void testSignin_withInvalidCredentials_shouldFail() throws Exception {
                 .andExpect(status().isForbidden());
     }
 
+
+    @Test
+    public void testSignin_withInvalidCredentials_shouldFail() throws Exception {
+        String requestBody = createRequestBody(adminUser.email + "uwu", adminUser.password + "uwu");
+
+        mockMvc.perform(post("/auth/signin")
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(requestBody))
+                .andExpect(status().isForbidden());
+    }
     @Test
     public void testVerify_withValidJwt_shouldSucceed() throws Exception {
         mockMvc.perform(get("/auth/verify")
@@ -128,6 +147,13 @@ public void testVerify_withInvalidJwt_shouldFail() throws Exception {
                 .andExpect(status().isForbidden());
     }
 
+    @Test
+    public void testVerify_withMalformedJwt_shouldFail() throws Exception {
+        mockMvc.perform(get("/auth/verify")
+                .header("Authorization", "uwu"))
+                .andExpect(status().isForbidden());
+    }
+
     private String createRequestBody(String email, String password) throws JsonProcessingException {
         ObjectMapper om = new ObjectMapper();
         MyUser user = new MyUser(email, "John Doe", List.of(Role.ADMIN), password);