network/pkg/auth/credentials_test.go

package auth

import (
	"os"
	"path/filepath"
	"testing"
	"time"
)

func withTempHome(t *testing.T) func() {
	d := t.TempDir()
	oldHome := os.Getenv("HOME")
	os.Setenv("HOME", d)
	return func() { os.Setenv("HOME", oldHome) }
}

func TestCredentialStoreCRUD(t *testing.T) {
	defer withTempHome(t)()
	store, err := LoadCredentials()
	if err != nil { t.Fatal(err) }
	if len(store.Gateways) != 0 { t.Fatalf("expected empty") }

	creds := &Credentials{APIKey: "ak_1:ns", Namespace: "ns", IssuedAt: time.Now()}
	store.SetCredentialsForGateway("http://gw", creds)
	if err := store.SaveCredentials(); err != nil { t.Fatal(err) }

	store2, err := LoadCredentials()
	if err != nil { t.Fatal(err) }
	c, ok := store2.GetCredentialsForGateway("http://gw")
	if !ok || c.APIKey != "ak_1:ns" { t.Fatalf("not found") }

	store2.RemoveCredentialsForGateway("http://gw")
	if err := store2.SaveCredentials(); err != nil { t.Fatal(err) }

	path, _ := GetCredentialsPath()
	if _, err := os.Stat(filepath.Dir(path)); err != nil { t.Fatal(err) }
}

func TestIsExpiredAndValid(t *testing.T) {
	c := &Credentials{APIKey: "ak", Namespace: "ns", ExpiresAt: time.Now().Add(-time.Hour)}
	if !c.IsExpired() { t.Fatalf("expected expired") }
	if c.IsValid() { t.Fatalf("expired should be invalid") }
	c.ExpiresAt = time.Time{}
	if !c.IsValid() { t.Fatalf("no expiry should be valid") }
}