user-system/frontend/admin/src/lib/storage/index.test.ts

import { describe, expect, it, beforeEach, afterEach, vi } from 'vitest'

import {
  getRefreshToken,
  setRefreshToken,
  clearRefreshToken,
  hasRefreshToken,
  hasSessionPresenceCookie,
} from './token-storage'

describe('lib/storage/token-storage', () => {
  beforeEach(() => {
    clearRefreshToken()
    vi.clearAllMocks()
  })

  afterEach(() => {
    clearRefreshToken()
  })

  describe('getRefreshToken', () => {
    it('should return null initially', () => {
      expect(getRefreshToken()).toBeNull()
    })

    it('should return the token after setting', () => {
      setRefreshToken('test-token')
      expect(getRefreshToken()).toBe('test-token')
    })

    it('should return null after clearing', () => {
      setRefreshToken('test-token')
      clearRefreshToken()
      expect(getRefreshToken()).toBeNull()
    })
  })

  describe('setRefreshToken', () => {
    it('should set a valid token', () => {
      setRefreshToken('valid-token')
      expect(getRefreshToken()).toBe('valid-token')
    })

    it('should handle null input', () => {
      setRefreshToken('existing-token')
      setRefreshToken(null)
      expect(getRefreshToken()).toBeNull()
    })

    it('should handle undefined input', () => {
      setRefreshToken('existing-token')
      setRefreshToken(undefined)
      expect(getRefreshToken()).toBeNull()
    })

    it('should handle empty string', () => {
      setRefreshToken('existing-token')
      setRefreshToken('')
      expect(getRefreshToken()).toBeNull()
    })

    it('should handle whitespace-only string', () => {
      setRefreshToken('existing-token')
      setRefreshToken('   ')
      expect(getRefreshToken()).toBeNull()
    })

    it('should trim whitespace from token', () => {
      setRefreshToken('  trimmed-token  ')
      expect(getRefreshToken()).toBe('trimmed-token')
    })
  })

  describe('clearRefreshToken', () => {
    it('should clear the token', () => {
      setRefreshToken('test-token')
      clearRefreshToken()
      expect(getRefreshToken()).toBeNull()
    })

    it('should be safe to call multiple times', () => {
      clearRefreshToken()
      clearRefreshToken()
      clearRefreshToken()
      expect(getRefreshToken()).toBeNull()
    })
  })

  describe('hasRefreshToken', () => {
    it('should return false initially', () => {
      expect(hasRefreshToken()).toBe(false)
    })

    it('should return true after setting token', () => {
      setRefreshToken('test-token')
      expect(hasRefreshToken()).toBe(true)
    })

    it('should return false after clearing token', () => {
      setRefreshToken('test-token')
      clearRefreshToken()
      expect(hasRefreshToken()).toBe(false)
    })

    it('should return false for empty token', () => {
      setRefreshToken('')
      expect(hasRefreshToken()).toBe(false)
    })
  })

  describe('hasSessionPresenceCookie', () => {
    it('should return false when cookie is not set', () => {
      // In test environment, document.cookie may be empty
      const result = hasSessionPresenceCookie()
      expect(typeof result).toBe('boolean')
    })

    it('should detect session presence cookie', () => {
      // Set the cookie
      document.cookie = 'ums_session_present=1'

      expect(hasSessionPresenceCookie()).toBe(true)

      // Clean up
      document.cookie = 'ums_session_present=; expires=Thu, 01 Jan 1970 00:00:00 GMT'
    })

    it('should return false when other cookies exist but not session cookie', () => {
      document.cookie = 'other_cookie=value'

      expect(hasSessionPresenceCookie()).toBe(false)

      // Clean up
      document.cookie = 'other_cookie=; expires=Thu, 01 Jan 1970 00:00:00 GMT'
    })

    it('should handle multiple cookies', () => {
      document.cookie = 'cookie1=value1'
      document.cookie = 'ums_session_present=1'
      document.cookie = 'cookie2=value2'

      expect(hasSessionPresenceCookie()).toBe(true)

      // Clean up
      document.cookie = 'cookie1=; expires=Thu, 01 Jan 1970 00:00:00 GMT'
      document.cookie = 'ums_session_present=; expires=Thu, 01 Jan 1970 00:00:00 GMT'
      document.cookie = 'cookie2=; expires=Thu, 01 Jan 1970 00:00:00 GMT'
    })
  })

  describe('security considerations', () => {
    it('should not store token in localStorage', () => {
      setRefreshToken('test-token')

      // Token should not be in localStorage
      expect(localStorage.getItem('refreshToken')).toBeFalsy()
      expect(localStorage.getItem('refresh_token')).toBeFalsy()
    })

    it('should not store token in sessionStorage', () => {
      setRefreshToken('test-token')

      // Token should not be in sessionStorage
      expect(sessionStorage.getItem('refreshToken')).toBeFalsy()
      expect(sessionStorage.getItem('refresh_token')).toBeFalsy()
    })
  })
})