vitor
/
orquestrador
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
feat/self-evolving-tools-foundation
main
chore/observability-latency-markers
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3a7bfcf59b'
${ noResults }
orquestrador/tests/test_admin_security_service.py

58 lines
2.3 KiB
Python
Raw Blame History

import unittest
from datetime import datetime, timedelta, timezone
from admin_app.core import AdminSecurityService, AdminSettings, AuthenticatedStaffPrincipal
from shared.contracts import StaffRole
class AdminSecurityServiceTests(unittest.TestCase):
def setUp(self):
self.settings = AdminSettings(
admin_auth_token_secret="test-secret",
admin_auth_password_pepper="pepper",
)
self.security_service = AdminSecurityService(self.settings)
def test_hash_password_and_verify_round_trip(self):
password_hash = self.security_service.hash_password("SenhaMuitoSegura!123")
self.assertTrue(self.security_service.verify_password("SenhaMuitoSegura!123", password_hash))
self.assertFalse(self.security_service.verify_password("senha-errada", password_hash))
def test_validate_password_strength_rejects_weak_password(self):
with self.assertRaises(ValueError):
self.security_service.validate_password_strength("fraca")
def test_issue_and_decode_access_token_round_trip(self):
principal = AuthenticatedStaffPrincipal(
id=7,
email="admin@empresa.com",
display_name="Admin",
role=StaffRole.DIRETOR,
is_active=True,
)
token = self.security_service.issue_access_token(principal, session_id=99)
claims = self.security_service.decode_access_token(token)
self.assertEqual(claims.sub, "7")
self.assertEqual(claims.sid, 99)
self.assertEqual(claims.email, "admin@empresa.com")
self.assertEqual(claims.role, StaffRole.DIRETOR)
self.assertEqual(claims.token_type, "access")
def test_refresh_token_hash_is_stable_for_same_token(self):
refresh_token = self.security_service.generate_refresh_token()
self.assertEqual(
self.security_service.hash_refresh_token(refresh_token),
self.security_service.hash_refresh_token(refresh_token),
)
def test_build_refresh_token_expiry_uses_refresh_ttl(self):
expires_at = self.security_service.build_refresh_token_expiry()
min_expected = datetime.now(timezone.utc) + timedelta(days=6)
self.assertGreater(expires_at, min_expected)
if __name__ == "__main__":
unittest.main()
Reference in New Issue View Git Blame Copy Permalink