package kyc import ( "bytes" "context" "encoding/base64" "encoding/json" "net/http" "net/http/httptest" "testing" "github.com/gin-gonic/gin" "github.com/google/uuid" "github.com/spf13/viper" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "nixcn-cms/internal/authtoken" "nixcn-cms/service/service_kyc" "nixcn-cms/testutil" ) func init() { gin.SetMode(gin.TestMode) } func issueToken(t *testing.T, userId uuid.UUID) string { t.Helper() tok := &authtoken.Token{Application: viper.GetString("server.application")} access, _, err := tok.IssueTokens(context.Background(), testutil.TestClientID, userId) require.NoError(t, err) return access } func newKycRouter(t *testing.T) *gin.Engine { t.Helper() r := gin.New() ApiHandler(r.Group("/kyc")) return r } func postWithBearer(t *testing.T, r *gin.Engine, path, token string, body any) *httptest.ResponseRecorder { t.Helper() b, _ := json.Marshal(body) req := httptest.NewRequest(http.MethodPost, path, bytes.NewBuffer(b)) req.Header.Set("Content-Type", "application/json") if token != "" { req.Header.Set("Authorization", "Bearer "+token) } w := httptest.NewRecorder() r.ServeHTTP(w, req) return w } // ---- Session ---- func TestKycSessionHandlerNoAuth(t *testing.T) { testutil.Setup(t) r := newKycRouter(t) w := postWithBearer(t, r, "/kyc/session", "", map[string]any{ "type": "cnrid", "identity": "dGVzdA==", }) assert.Equal(t, http.StatusUnauthorized, w.Code) } func TestKycSessionHandlerInvalidJSON(t *testing.T) { testutil.SetupWithAuth(t) user := testutil.SeedUser(t, testutil.RandomEmail(), 10) token := issueToken(t, user.UserId) r := newKycRouter(t) req := httptest.NewRequest(http.MethodPost, "/kyc/session", bytes.NewBufferString("{bad")) req.Header.Set("Content-Type", "application/json") req.Header.Set("Authorization", "Bearer "+token) w := httptest.NewRecorder() r.ServeHTTP(w, req) assert.Equal(t, http.StatusBadRequest, w.Code) } func TestKycSessionHandlerInvalidBase64Identity(t *testing.T) { testutil.SetupWithAuth(t) user := testutil.SeedUser(t, testutil.RandomEmail(), 10) token := issueToken(t, user.UserId) r := newKycRouter(t) w := postWithBearer(t, r, "/kyc/session", token, service_kyc.KycSessionData{ Type: "cnrid", Identity: "!!!not-base64!!!", }) assert.Equal(t, http.StatusBadRequest, w.Code) } func TestKycSessionHandlerInvalidType(t *testing.T) { testutil.SetupWithAuth(t) user := testutil.SeedUser(t, testutil.RandomEmail(), 10) token := issueToken(t, user.UserId) r := newKycRouter(t) validB64 := base64.StdEncoding.EncodeToString([]byte(`{}`)) w := postWithBearer(t, r, "/kyc/session", token, service_kyc.KycSessionData{ Type: "unknown_type", Identity: validB64, }) assert.Equal(t, http.StatusBadRequest, w.Code) } // ---- Query ---- func TestKycQueryHandlerNoAuth(t *testing.T) { testutil.Setup(t) r := newKycRouter(t) w := postWithBearer(t, r, "/kyc/query", "", map[string]any{ "kyc_id": "00000000-0000-0000-0000-000000000001", }) assert.Equal(t, http.StatusUnauthorized, w.Code) } func TestKycQueryHandlerInvalidJSON(t *testing.T) { testutil.SetupWithAuth(t) user := testutil.SeedUser(t, testutil.RandomEmail(), 10) token := issueToken(t, user.UserId) r := newKycRouter(t) req := httptest.NewRequest(http.MethodPost, "/kyc/query", bytes.NewBufferString("{bad")) req.Header.Set("Content-Type", "application/json") req.Header.Set("Authorization", "Bearer "+token) w := httptest.NewRecorder() r.ServeHTTP(w, req) assert.Equal(t, http.StatusBadRequest, w.Code) }