Skip to content

Comments

test(gateway): add unit tests for AuthHandlers#233

Open
eclipse0922 wants to merge 4 commits intoselfpatch:mainfrom
eclipse0922:feat/issue-178-auth-handlers-tests
Open

test(gateway): add unit tests for AuthHandlers#233
eclipse0922 wants to merge 4 commits intoselfpatch:mainfrom
eclipse0922:feat/issue-178-auth-handlers-tests

Conversation

@eclipse0922
Copy link
Contributor

@eclipse0922 eclipse0922 commented Feb 24, 2026

Summary

  • Adds 15 unit tests for AuthHandlers (handle_auth_authorize, handle_auth_token, handle_auth_revoke)
  • All three endpoints return 404 when auth is disabled (default AuthConfig)
  • handle_auth_authorize validation: wrong grant_type → 400 unsupported_grant_type; missing/empty client_id or client_secret → 400 invalid_request
  • handle_auth_token validation: wrong grant_type → 400 unsupported_grant_type; missing/empty refresh_token → 400 invalid_request
  • handle_auth_revoke validation: invalid JSON → 400; missing/non-string token field → 400
  • Verifies error responses follow OAuth2 RFC 6749 format (error/error_description fields)
  • Tests use null GatewayNode and null AuthManager; auth-enabled tests only exercise input-validation paths that return before auth_manager is accessed

Test plan

  • All 15 tests pass: colcon test --ctest-args -R test_auth_handlers
  • Verified in Docker with ros2_medkit_dev:latest

Closes #178

🤖 Generated with Claude Code

eclipse0922 and others added 3 commits February 24, 2026 21:47
@eclipse0922 @claude
test(gateway): add unit tests for AuthHandlers
13317ab 
Adds 15 unit tests covering the three AuthHandlers methods:
- handle_auth_authorize, handle_auth_token, handle_auth_revoke all return
  404 when authentication is disabled (default state)
- handle_auth_authorize input validation: wrong grant_type, missing/empty
  client_id, missing client_secret each return 400
- handle_auth_token input validation: wrong grant_type, missing/empty
  refresh_token each return 400
- handle_auth_revoke input validation: invalid JSON, missing token field,
  non-string token each return 400
- Error responses for auth endpoints follow OAuth2 RFC 6749 format
  (error/error_description) while the auth-disabled 404 uses SOVD format

Tests use a null GatewayNode and null AuthManager. Auth-enabled tests
exercise only input-validation paths that return before auth_manager
is accessed, so null auth_manager is safe.

Closes selfpatch#178

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@eclipse0922
test(gateway): cover auth handlers manager integration
fa45b28
@eclipse0922
test(gateway): fix auth handler status assertions
f363a39 
Align success-path assertions with current handler response behavior and add a missing validation test for empty client_secret.
@mfaferek93 mfaferek93 requested a review from Copilot February 24, 2026 14:02
Copilot AI reviewed Feb 24, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a dedicated GTest unit suite for the REST AuthHandlers so the gateway’s OAuth2-style auth endpoints have explicit input-validation and error-format coverage (closing #178).

Changes:

  • Introduces test_auth_handlers.cpp with ~15 tests covering auth-disabled behavior, request validation, and basic happy-path flows using a real AuthManager.
  • Ensures OAuth2 RFC 6749-style error payload shape (error / error_description) is exercised for validation failures.
  • Wires the new test target into CMakeLists.txt (including coverage flags when enabled).

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 6 comments.

File Description
src/ros2_medkit_gateway/test/test_auth_handlers.cpp New unit tests for /auth/authorize, /auth/token, /auth/revoke handler behavior and response formats.
src/ros2_medkit_gateway/CMakeLists.txt Adds test_auth_handlers target and includes it in coverage instrumentation list.

mfaferek93
mfaferek93 reviewed Feb 24, 2026
View reviewed changes
src/ros2_medkit_gateway/test/test_auth_handlers.cpp
};

// @verifies REQ_INTEROP_086
TEST_F(AuthHandlersRevokeTest, ReturnsBadRequestForInvalidJson) {
Copy link
Collaborator

@mfaferek93 mfaferek93 Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

revoke tests tagged @verifies REQ_INTEROP_086, but docs/requirements/specs/auth.rst only defines 086 for /authorize and 087 for /token. No REQ for /revoke exists. We can add a new one in auth.rst (next free ID is 095) and update lines 268, 283, 297, 400 in the test file.

That way docs/requirements/coverage.rst picks it up automatically.

@mfaferek93 mfaferek93 self-requested a review February 24, 2026 18:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mfaferek93 mfaferek93 mfaferek93 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add unit tests for AuthHandlers

2 participants

@eclipse0922 @mfaferek93