konveyor
diff --git a/‎cmd/config/config_test.go‎
Lines changed: 323 additions & 9 deletions b/‎cmd/config/config_test.go‎
Lines changed: 323 additions & 9 deletions
@@ -5,6 +5,7 @@ import (
 	"bytes"
 	"compress/gzip"
 	"context"
+	"encoding/base64"
 	"encoding/json"
 	"io"
 	"net/http"
@@ -20,6 +21,31 @@ import (
 	"gopkg.in/yaml.v2"
 )
 
+// generateMockJWT creates a mock JWT token for testing purposes
+// The token has a valid structure with an expiration claim set to a future date
+func generateMockJWT(expirationTime time.Time) string {
+	// JWT Header
+	header := map[string]interface{}{
+		"alg": "HS256",
+		"typ": "JWT",
+	}
+	headerJSON, _ := json.Marshal(header)
+	headerB64 := base64.RawURLEncoding.EncodeToString(headerJSON)
+
+	// JWT Payload with expiration claim
+	payload := map[string]interface{}{
+		"exp": expirationTime.Unix(),
+	}
+	payloadJSON, _ := json.Marshal(payload)
+	payloadB64 := base64.RawURLEncoding.EncodeToString(payloadJSON)
+
+	// Mock signature (not cryptographically valid, but sufficient for testing)
+	signature := "mock_signature_for_testing"
+	signatureB64 := base64.RawURLEncoding.EncodeToString([]byte(signature))
+
+	return headerB64 + "." + payloadB64 + "." + signatureB64
+}
+
 func TestNewConfigCmd(t *testing.T) {
 	log := logr.Discard()
 	cmd := NewConfigCmd(log)
@@ -391,7 +417,7 @@ func TestSyncCommand_getHubClient(t *testing.T) {
 	}
 
 	// Create test auth with a valid JWT token
-	validJWT := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE4OTM0NTYwMDB9.Hs_ZQhwq7Uy9E7VzTpSKNqvWUdKKYKxWJhUlNhqJGKE"
+	validJWT := generateMockJWT(time.Now().Add(1 * time.Hour))
 
 	testAuth := LoginResponse{
 		Host:         "http://test-host",
@@ -524,11 +550,8 @@ func TestHubClient_doRequest(t *testing.T) {
 	}
 
 	// Create test auth with a valid JWT token
-	// This is a simple JWT token with exp claim set to far future (year 2030)
-	// Header: {"alg":"HS256","typ":"JWT"}
-	// Payload: {"exp":1893456000}
-	// Signature: signed with secret "test"
-	validJWT := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE4OTM0NTYwMDB9.Hs_ZQhwq7Uy9E7VzTpSKNqvWUdKKYKxWJhUlNhqJGKE"
+	// Using generateMockJWT to create a properly structured JWT for testing
+	validJWT := generateMockJWT(time.Now().Add(1 * time.Hour))
 
 	testAuth := LoginResponse{
 		Host:         "http://test-host",
@@ -813,7 +836,7 @@ func TestSyncCommand_getApplicationFromHub(t *testing.T) {
 	}
 
 	// Create test auth with a valid JWT token
-	validJWT := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE4OTM0NTYwMDB9.Hs_ZQhwq7Uy9E7VzTpSKNqvWUdKKYKxWJhUlNhqJGKE"
+	validJWT := generateMockJWT(time.Now().Add(1 * time.Hour))
 
 	testAuth := LoginResponse{
 		Host:         "http://test-host",
@@ -952,7 +975,7 @@ func TestSyncCommand_getProfilesFromHubApplication(t *testing.T) {
 	}
 
 	// Create test auth with a valid JWT token
-	validJWT := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE4OTM0NTYwMDB9.Hs_ZQhwq7Uy9E7VzTpSKNqvWUdKKYKxWJhUlNhqJGKE"
+	validJWT := generateMockJWT(time.Now().Add(1 * time.Hour))
 
 	testAuth := LoginResponse{
 		Host:         "http://test-host",
@@ -1396,7 +1419,7 @@ func TestSyncCommand_downloadProfileBundle(t *testing.T) {
 	}
 
 	// Create test auth with a valid JWT token
-	validJWT := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE4OTM0NTYwMDB9.Hs_ZQhwq7Uy9E7VzTpSKNqvWUdKKYKxWJhUlNhqJGKE"
+	validJWT := generateMockJWT(time.Now().Add(1 * time.Hour))
 
 	testAuth := LoginResponse{
 		Host:         "http://test-host",
@@ -1538,3 +1561,294 @@ func TestConfigCommandIntegration(t *testing.T) {
 		}
 	})
 }
+
+func TestSyncCommand_setDefaultApplicationPath(t *testing.T) {
+	syncCmd := &syncCommand{}
+
+	path, err := syncCmd.setDefaultApplicationPath()
+
+	if err != nil {
+		t.Errorf("setDefaultApplicationPath() unexpected error = %v", err)
+	}
+
+	if path == "" {
+		t.Error("setDefaultApplicationPath() returned empty path")
+	}
+
+	// Verify it returns a valid directory path
+	if _, err := os.Stat(path); os.IsNotExist(err) {
+		t.Errorf("setDefaultApplicationPath() returned non-existent path: %s", path)
+	}
+}
+
+func TestSyncCommand_checkAuthentication(t *testing.T) {
+	// Create temporary auth file for testing
+	homeDir, err := os.UserHomeDir()
+	if err != nil {
+		t.Fatalf("Failed to get home directory: %v", err)
+	}
+
+	kantreDir := filepath.Join(homeDir, ".kantra")
+	authFile := filepath.Join(kantreDir, "auth.json")
+
+	// Backup existing auth file if it exists
+	var backupData []byte
+	var hasBackup bool
+	if data, err := os.ReadFile(authFile); err == nil {
+		backupData = data
+		hasBackup = true
+	}
+
+	tests := []struct {
+		name      string
+		setupAuth func() error
+		wantErr   bool
+		errMsg    string
+	}{
+		{
+			name: "valid authentication",
+			setupAuth: func() error {
+				validJWT := generateMockJWT(time.Now().Add(1 * time.Hour))
+				testAuth := LoginResponse{
+					Host:         "http://test-host",
+					Token:        validJWT,
+					RefreshToken: "test-refresh-token",
+				}
+				os.MkdirAll(kantreDir, 0755)
+				authData, _ := json.Marshal(testAuth)
+				return os.WriteFile(authFile, authData, 0600)
+			},
+			wantErr: false,
+		},
+		{
+			name: "missing token should fail",
+			setupAuth: func() error {
+				testAuth := LoginResponse{
+					Host:         "http://test-host",
+					Token:        "",
+					RefreshToken: "test-refresh-token",
+				}
+				os.MkdirAll(kantreDir, 0755)
+				authData, _ := json.Marshal(testAuth)
+				return os.WriteFile(authFile, authData, 0600)
+			},
+			wantErr: true,
+			errMsg:  "stored authentication is invalid",
+		},
+		{
+			name: "no auth file should fail",
+			setupAuth: func() error {
+				os.Remove(authFile)
+				return nil
+			},
+			wantErr: true,
+			errMsg:  "no stored authentication found",
+		},
+	}
+
+	// Cleanup function
+	defer func() {
+		if hasBackup {
+			os.WriteFile(authFile, backupData, 0600)
+		} else {
+			os.Remove(authFile)
+		}
+	}()
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := tt.setupAuth()
+			if err != nil {
+				t.Fatalf("Failed to setup auth: %v", err)
+			}
+
+			syncCmd := &syncCommand{}
+			err = syncCmd.checkAuthentication()
+
+			if tt.wantErr {
+				if err == nil {
+					t.Errorf("checkAuthentication() expected error but got none")
+				} else if tt.errMsg != "" && !strings.Contains(err.Error(), tt.errMsg) {
+					t.Errorf("checkAuthentication() error = %v, expected to contain %v", err, tt.errMsg)
+				}
+			} else {
+				if err != nil {
+					t.Errorf("checkAuthentication() unexpected error = %v", err)
+				}
+			}
+		})
+	}
+}
+
+func TestHubClient_doRequestWithRetry(t *testing.T) {
+	log := logr.Discard()
+
+	// Create temporary auth file for testing
+	homeDir, err := os.UserHomeDir()
+	if err != nil {
+		t.Fatalf("Failed to get home directory: %v", err)
+	}
+
+	kantreDir := filepath.Join(homeDir, ".kantra")
+	authFile := filepath.Join(kantreDir, "auth.json")
+
+	// Backup existing auth file if it exists
+	var backupData []byte
+	var hasBackup bool
+	if data, err := os.ReadFile(authFile); err == nil {
+		backupData = data
+		hasBackup = true
+	}
+
+	// Create test auth with a valid JWT token
+	validJWT := generateMockJWT(time.Now().Add(1 * time.Hour))
+	testAuth := LoginResponse{
+		Host:         "http://test-host",
+		Token:        validJWT,
+		RefreshToken: "test-refresh-token",
+	}
+
+	// Ensure directory exists
+	os.MkdirAll(kantreDir, 0755)
+
+	// Write test auth
+	authData, _ := json.Marshal(testAuth)
+	os.WriteFile(authFile, authData, 0600)
+
+	// Cleanup function
+	defer func() {
+		if hasBackup {
+			os.WriteFile(authFile, backupData, 0600)
+		} else {
+			os.Remove(authFile)
+		}
+	}()
+
+	tests := []struct {
+		name           string
+		serverResponse func(w http.ResponseWriter, r *http.Request)
+		isRetry        bool
+		wantErr        bool
+		errMsg         string
+	}{
+		{
+			name: "successful request with retry flag",
+			serverResponse: func(w http.ResponseWriter, r *http.Request) {
+				w.Header().Set("Content-Type", "application/json")
+				w.WriteHeader(http.StatusOK)
+				w.Write([]byte(`{"status": "ok"}`))
+			},
+			isRetry: true,
+			wantErr: false,
+		},
+		{
+			name: "unauthorized response triggers retry",
+			serverResponse: func(w http.ResponseWriter, r *http.Request) {
+				w.WriteHeader(http.StatusUnauthorized)
+				w.Write([]byte("Unauthorized"))
+			},
+			isRetry: false,
+			wantErr: true, // Will fail because refresh token logic will fail in test
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			server := httptest.NewServer(http.HandlerFunc(tt.serverResponse))
+			defer server.Close()
+
+			client := &hubClient{
+				client: &http.Client{Timeout: 5 * time.Second},
+				host:   server.URL,
+			}
+
+			resp, err := client.doRequestWithRetry("/test", "application/json", log, tt.isRetry)
+
+			if tt.wantErr {
+				if err == nil {
+					t.Errorf("doRequestWithRetry() expected error but got none")
+				} else if tt.errMsg != "" && !strings.Contains(err.Error(), tt.errMsg) {
+					t.Errorf("doRequestWithRetry() error = %v, expected to contain %v", err, tt.errMsg)
+				}
+			} else {
+				if err != nil {
+					t.Errorf("doRequestWithRetry() unexpected error = %v", err)
+				}
+				if resp != nil {
+					resp.Body.Close()
+				}
+			}
+		})
+	}
+}
+
+func TestHubClient_refreshStoredToken(t *testing.T) {
+	log := logr.Discard()
+
+	tests := []struct {
+		name           string
+		serverResponse func(w http.ResponseWriter, r *http.Request)
+		wantErr        bool
+		errMsg         string
+	}{
+		{
+			name: "successful token refresh",
+			serverResponse: func(w http.ResponseWriter, r *http.Request) {
+				if r.URL.Path == "/auth/refresh" {
+					w.Header().Set("Content-Type", "application/json")
+					w.WriteHeader(http.StatusOK)
+					response := LoginResponse{
+						Host:         "http://test-host",
+						Token:        "new-token",
+						RefreshToken: "new-refresh-token",
+					}
+					json.NewEncoder(w).Encode(response)
+				} else {
+					w.WriteHeader(http.StatusNotFound)
+				}
+			},
+			wantErr: false,
+		},
+		{
+			name: "refresh endpoint error",
+			serverResponse: func(w http.ResponseWriter, r *http.Request) {
+				w.WriteHeader(http.StatusUnauthorized)
+				w.Write([]byte("Refresh failed"))
+			},
+			wantErr: true,
+			errMsg:  "token refresh failed with status 401",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			server := httptest.NewServer(http.HandlerFunc(tt.serverResponse))
+			defer server.Close()
+
+			client := &hubClient{
+				client: &http.Client{Timeout: 5 * time.Second},
+				host:   server.URL,
+			}
+
+			storedAuth := &LoginResponse{
+				Host:         server.URL,
+				Token:        "old-token",
+				RefreshToken: "old-refresh-token",
+			}
+
+			err := client.refreshStoredToken(storedAuth, log)
+
+			if tt.wantErr {
+				if err == nil {
+					t.Errorf("refreshStoredToken() expected error but got none")
+				} else if tt.errMsg != "" && !strings.Contains(err.Error(), tt.errMsg) {
+					t.Errorf("refreshStoredToken() error = %v, expected to contain %v", err, tt.errMsg)
+				}
+			} else {
+				if err != nil {
+					t.Errorf("refreshStoredToken() unexpected error = %v", err)
+				}
+			}
+		})
+	}
+}