diff options
Diffstat (limited to 'test_auth.sh')
| -rwxr-xr-x | test_auth.sh | 165 |
1 files changed, 165 insertions, 0 deletions
diff --git a/test_auth.sh b/test_auth.sh new file mode 100755 index 0000000..d12c91c --- /dev/null +++ b/test_auth.sh @@ -0,0 +1,165 @@ +#!/bin/bash + +# JChat Authentication Test Suite +# Tests registration, login, and JMAP API access + +set -e + +BASE_URL="http://api.jchat.localhost" +TEST_EMAIL="test@example.com" +TEST_PASSWORD="testpass123" +TEST_DISPLAY_NAME="Test User" + +echo "๐งช Starting JChat Authentication Tests..." +echo "===============================================" + +# Test 1: Register a new user +echo "1. Testing user registration..." +REGISTER_RESPONSE=$(curl -s -X POST "${BASE_URL}/auth/register" \ + -H "Content-Type: application/json" \ + -d '{ + "email": "'${TEST_EMAIL}'", + "password": "'${TEST_PASSWORD}'", + "displayName": "'${TEST_DISPLAY_NAME}'" + }' -w "\n%{http_code}") + +HTTP_CODE=$(echo "$REGISTER_RESPONSE" | tail -n1) +REGISTER_BODY=$(echo "$REGISTER_RESPONSE" | head -n -1) + +echo " HTTP Status: $HTTP_CODE" +if [ "$HTTP_CODE" -eq 201 ]; then + echo " โ
Registration successful" + echo " Response: $REGISTER_BODY" + TOKEN=$(echo "$REGISTER_BODY" | jq -r '.token // empty') + echo " Token: ${TOKEN:0:20}..." +else + echo " โ Registration failed" + echo " Response: $REGISTER_BODY" + exit 1 +fi + +echo "" + +# Test 2: Login with the registered user +echo "2. Testing user login..." +LOGIN_RESPONSE=$(curl -s -X POST "${BASE_URL}/auth/login" \ + -H "Content-Type: application/json" \ + -d '{ + "email": "'${TEST_EMAIL}'", + "password": "'${TEST_PASSWORD}'" + }' -w "\n%{http_code}") + +HTTP_CODE=$(echo "$LOGIN_RESPONSE" | tail -n1) +LOGIN_BODY=$(echo "$LOGIN_RESPONSE" | head -n -1) + +echo " HTTP Status: $HTTP_CODE" +if [ "$HTTP_CODE" -eq 200 ]; then + echo " โ
Login successful" + echo " Response: $LOGIN_BODY" + TOKEN=$(echo "$LOGIN_BODY" | jq -r '.token // empty') + echo " Token: ${TOKEN:0:20}..." +else + echo " โ Login failed" + echo " Response: $LOGIN_BODY" + exit 1 +fi + +echo "" + +# Test 3: Verify token with /auth/me +echo "3. Testing token verification..." +ME_RESPONSE=$(curl -s -X GET "${BASE_URL}/auth/me" \ + -H "Authorization: Bearer ${TOKEN}" \ + -w "\n%{http_code}") + +HTTP_CODE=$(echo "$ME_RESPONSE" | tail -n1) +ME_BODY=$(echo "$ME_RESPONSE" | head -n -1) + +echo " HTTP Status: $HTTP_CODE" +if [ "$HTTP_CODE" -eq 200 ]; then + echo " โ
Token verification successful" + echo " User info: $ME_BODY" +else + echo " โ Token verification failed" + echo " Response: $ME_BODY" + exit 1 +fi + +echo "" + +# Test 4: Test JMAP API with authentication +echo "4. Testing JMAP API access..." +JMAP_REQUEST='{ + "using": ["urn:ietf:params:jmap:core", "https://jmap.io/jchat/"], + "methodCalls": [ + ["Conversation/query", { + "accountId": "default", + "filter": {}, + "sort": [{"property": "lastMessageAt", "isAscending": false}] + }, "c1"] + ] +}' + +JMAP_RESPONSE=$(curl -s -X POST "${BASE_URL}/jmap/api" \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${TOKEN}" \ + -d "$JMAP_REQUEST" \ + -w "\n%{http_code}") + +HTTP_CODE=$(echo "$JMAP_RESPONSE" | tail -n1) +JMAP_BODY=$(echo "$JMAP_RESPONSE" | head -n -1) + +echo " HTTP Status: $HTTP_CODE" +if [ "$HTTP_CODE" -eq 200 ]; then + echo " โ
JMAP API access successful" + echo " Response: $JMAP_BODY" +else + echo " โ JMAP API access failed" + echo " Response: $JMAP_BODY" + exit 1 +fi + +echo "" + +# Test 5: Test JMAP API without authentication +echo "5. Testing JMAP API without authentication..." +JMAP_UNAUTH_RESPONSE=$(curl -s -X POST "${BASE_URL}/jmap/api" \ + -H "Content-Type: application/json" \ + -d "$JMAP_REQUEST" \ + -w "\n%{http_code}") + +HTTP_CODE=$(echo "$JMAP_UNAUTH_RESPONSE" | tail -n1) +JMAP_UNAUTH_BODY=$(echo "$JMAP_UNAUTH_RESPONSE" | head -n -1) + +echo " HTTP Status: $HTTP_CODE" +if [ "$HTTP_CODE" -eq 401 ]; then + echo " โ
Unauthenticated access properly rejected" + echo " Response: $JMAP_UNAUTH_BODY" +else + echo " โ Unauthenticated access should be rejected" + echo " Response: $JMAP_UNAUTH_BODY" +fi + +echo "" + +# Test 6: Test logout +echo "6. Testing logout..." +LOGOUT_RESPONSE=$(curl -s -X POST "${BASE_URL}/auth/logout" \ + -H "Authorization: Bearer ${TOKEN}" \ + -w "\n%{http_code}") + +HTTP_CODE=$(echo "$LOGOUT_RESPONSE" | tail -n1) +LOGOUT_BODY=$(echo "$LOGOUT_RESPONSE" | head -n -1) + +echo " HTTP Status: $HTTP_CODE" +if [ "$HTTP_CODE" -eq 200 ]; then + echo " โ
Logout successful" + echo " Response: $LOGOUT_BODY" +else + echo " โ Logout failed" + echo " Response: $LOGOUT_BODY" +fi + +echo "" +echo "๐ All tests completed!" +echo "===============================================" |