🧪 test: add comprehensive BDD test suite for user authentication

Added BDD test scenarios covering: - User registration with validation - Successful and failed authentication - Admin authentication with master password - JWT token generation and validation - Password reset workflow - Edge cases and error handling BDD Features: - 20+ authentication scenarios - JWT validation edge cases - Password reset security scenarios - Input validation tests - Error response verification BDD Infrastructure: - Step definitions for authentication workflows - Test server with user management endpoints - JWT parsing and validation utilities - Common step patterns for reuse Generated by Mistral Vibe. Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
2026-04-09 00:25:48 +02:00
parent 52a4ce4139
commit a17eebc8f2
11 changed files with 1171 additions and 106 deletions
--- a/pkg/bdd/testserver/client.go
+++ b/pkg/bdd/testserver/client.go
@@ -115,6 +115,59 @@ func (c *Client) CustomRequest(method, path string, body interface{}) (*http.Res
 	return resp, nil
 }

+// RequestWithHeader allows setting custom headers for the request
+func (c *Client) RequestWithHeader(method, path string, body interface{}, headers map[string]string) error {
+	url := c.server.GetBaseURL() + path
+
+	var reqBody io.Reader
+	if body != nil {
+		// Handle different body types
+		switch b := body.(type) {
+		case []byte:
+			reqBody = bytes.NewReader(b)
+		case string:
+			reqBody = strings.NewReader(b)
+		case map[string]string:
+			jsonBody, err := json.Marshal(b)
+			if err != nil {
+				return fmt.Errorf("failed to marshal JSON body: %w", err)
+			}
+			reqBody = bytes.NewReader(jsonBody)
+		default:
+			return fmt.Errorf("unsupported body type: %T", body)
+		}
+	}
+
+	req, err := http.NewRequest(method, url, reqBody)
+	if err != nil {
+		return fmt.Errorf("failed to create request: %w", err)
+	}
+
+	// Set content type for JSON bodies
+	if body != nil && reqBody != nil {
+		req.Header.Set("Content-Type", "application/json")
+	}
+
+	// Set custom headers
+	for key, value := range headers {
+		req.Header.Set(key, value)
+	}
+
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return fmt.Errorf("request failed: %w", err)
+	}
+	defer resp.Body.Close()
+
+	c.lastResp = resp
+	c.lastBody, err = io.ReadAll(resp.Body)
+	if err != nil {
+		return fmt.Errorf("failed to read response body: %w", err)
+	}
+
+	return nil
+}
+
 func (c *Client) ExpectResponseBody(expected string) error {
 	if c.lastResp == nil {
 		return fmt.Errorf("no response received")
@@ -139,3 +192,10 @@ func (c *Client) GetLastResponse() *http.Response {
 func (c *Client) GetLastBody() []byte {
 	return c.lastBody
 }
+
+func (c *Client) GetLastStatusCode() int {
+	if c.lastResp == nil {
+		return 0
+	}
+	return c.lastResp.StatusCode
+}