using Xunit;
using Moq;
using Svrnty.MCP.Gateway.Core.Interfaces;
using Svrnty.MCP.Gateway.Core.Models;
namespace Svrnty.MCP.Gateway.Core.Tests.Interfaces;
///
/// Unit tests for IAuthProvider interface following TDD approach.
/// Tests authentication and authorization logic.
///
public class IAuthProviderTests
{
[Fact]
public async Task AuthenticateAsync_WithValidCredentials_ReturnsSuccess()
{
// Arrange
var mockAuthProvider = new Mock();
var context = new AuthenticationContext
{
ClientId = "valid-client",
Credentials = "valid-token"
};
var expectedResult = new AuthenticationResult
{
IsAuthenticated = true,
ClientId = "valid-client"
};
mockAuthProvider
.Setup(a => a.AuthenticateAsync(It.IsAny(), It.IsAny()))
.ReturnsAsync(expectedResult);
// Act
var result = await mockAuthProvider.Object.AuthenticateAsync(context, CancellationToken.None);
// Assert
Assert.True(result.IsAuthenticated);
Assert.Equal("valid-client", result.ClientId);
mockAuthProvider.Verify(a => a.AuthenticateAsync(context, It.IsAny()), Times.Once);
}
[Fact]
public async Task AuthenticateAsync_WithInvalidCredentials_ReturnsFailure()
{
// Arrange
var mockAuthProvider = new Mock();
var context = new AuthenticationContext
{
ClientId = "invalid-client",
Credentials = "invalid-token"
};
var expectedResult = new AuthenticationResult
{
IsAuthenticated = false,
ErrorMessage = "Invalid credentials"
};
mockAuthProvider
.Setup(a => a.AuthenticateAsync(It.IsAny(), It.IsAny()))
.ReturnsAsync(expectedResult);
// Act
var result = await mockAuthProvider.Object.AuthenticateAsync(context, CancellationToken.None);
// Assert
Assert.False(result.IsAuthenticated);
Assert.NotNull(result.ErrorMessage);
}
[Fact]
public async Task AuthorizeAsync_WithAuthorizedClient_ReturnsSuccess()
{
// Arrange
var mockAuthProvider = new Mock();
var context = new AuthorizationContext
{
ClientId = "authorized-client",
Resource = "read_documents",
Action = "invoke"
};
var expectedResult = new AuthorizationResult
{
IsAuthorized = true
};
mockAuthProvider
.Setup(a => a.AuthorizeAsync(It.IsAny(), It.IsAny()))
.ReturnsAsync(expectedResult);
// Act
var result = await mockAuthProvider.Object.AuthorizeAsync(context, CancellationToken.None);
// Assert
Assert.True(result.IsAuthorized);
mockAuthProvider.Verify(a => a.AuthorizeAsync(context, It.IsAny()), Times.Once);
}
[Fact]
public async Task AuthorizeAsync_WithUnauthorizedClient_ReturnsFailure()
{
// Arrange
var mockAuthProvider = new Mock();
var context = new AuthorizationContext
{
ClientId = "unauthorized-client",
Resource = "delete_documents",
Action = "invoke"
};
var expectedResult = new AuthorizationResult
{
IsAuthorized = false,
ErrorMessage = "Access denied"
};
mockAuthProvider
.Setup(a => a.AuthorizeAsync(It.IsAny(), It.IsAny()))
.ReturnsAsync(expectedResult);
// Act
var result = await mockAuthProvider.Object.AuthorizeAsync(context, CancellationToken.None);
// Assert
Assert.False(result.IsAuthorized);
Assert.NotNull(result.ErrorMessage);
}
[Fact]
public async Task AuthenticateAsync_WithMissingCredentials_ReturnsFailure()
{
// Arrange
var mockAuthProvider = new Mock();
var context = new AuthenticationContext
{
ClientId = "client-without-credentials"
};
var expectedResult = new AuthenticationResult
{
IsAuthenticated = false,
ErrorMessage = "Credentials required"
};
mockAuthProvider
.Setup(a => a.AuthenticateAsync(It.IsAny(), It.IsAny()))
.ReturnsAsync(expectedResult);
// Act
var result = await mockAuthProvider.Object.AuthenticateAsync(context, CancellationToken.None);
// Assert
Assert.False(result.IsAuthenticated);
}
}