Add Engine API tests for Stage 4

2025-10-26 20:01:57 -06:00 · 2025-10-26 01:30:52 -06:00
parent 73f6d5745f
commit 68c7c772c0
7 changed files with 475 additions and 6 deletions
--- a/Data/Engine/Unit_Tests/test_tokens_api.py
+++ b/Data/Engine/Unit_Tests/test_tokens_api.py
@@ -0,0 +1,92 @@
+from __future__ import annotations
+
+import hashlib
+import sqlite3
+from datetime import datetime, timedelta, timezone
+
+from flask.testing import FlaskClient
+
+from .conftest import EngineTestHarness
+
+
+def _iso(dt: datetime) -> str:
+    return dt.astimezone(timezone.utc).isoformat()
+
+
+def test_refresh_token_success(engine_harness: EngineTestHarness) -> None:
+    harness = engine_harness
+    client: FlaskClient = harness.app.test_client()
+
+    guid = "54E8C9E2-6B3D-4B51-A456-4ACB94C45F00"
+    refresh_token = "refresh-token-value"
+    token_hash = hashlib.sha256(refresh_token.encode("utf-8")).hexdigest()
+    now = datetime.now(tz=timezone.utc)
+    expires_at = now + timedelta(days=1)
+
+    with sqlite3.connect(str(harness.db_path)) as conn:
+        cur = conn.cursor()
+        cur.execute(
+            """
+            INSERT INTO devices (guid, hostname, created_at, last_seen, ssl_key_fingerprint,
+                                 token_version, status, key_added_at)
+            VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+            """,
+            (
+                guid,
+                "device-one",
+                int(now.timestamp()),
+                int(now.timestamp()),
+                "fingerprint",
+                1,
+                "active",
+                _iso(now),
+            ),
+        )
+        cur.execute(
+            """
+            INSERT INTO refresh_tokens (id, guid, token_hash, created_at, expires_at, revoked_at, last_used_at)
+            VALUES (?, ?, ?, ?, ?, NULL, NULL)
+            """,
+            (
+                "token-row",
+                guid,
+                token_hash,
+                _iso(now),
+                _iso(expires_at),
+            ),
+        )
+        conn.commit()
+
+    response = client.post(
+        "/api/agent/token/refresh",
+        json={"guid": guid, "refresh_token": refresh_token},
+    )
+    assert response.status_code == 200
+    payload = response.get_json()
+    assert payload["token_type"] == "Bearer"
+    assert payload["expires_in"] == 900
+    assert isinstance(payload["access_token"], str) and payload["access_token"]
+
+    with sqlite3.connect(str(harness.db_path)) as conn:
+        cur = conn.cursor()
+        cur.execute(
+            "SELECT last_used_at, revoked_at FROM refresh_tokens WHERE guid = ?",
+            (guid,),
+        )
+        row = cur.fetchone()
+    assert row is not None
+    last_used_at, revoked_at = row
+    assert last_used_at is not None
+    assert revoked_at is None
+
+
+def test_refresh_token_requires_payload(engine_harness: EngineTestHarness) -> None:
+    client: FlaskClient = engine_harness.app.test_client()
+
+    response = client.post(
+        "/api/agent/token/refresh",
+        json={"guid": "", "refresh_token": ""},
+    )
+    assert response.status_code == 400
+    payload = response.get_json()
+    assert payload["error"] == "invalid_request"