252 lines
8.6 KiB
Bash
Executable file
252 lines
8.6 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Script de test simplifié pour T0151-T0180
|
|
# Utilise l'utilisateur de test existant
|
|
|
|
set -e
|
|
|
|
GREEN='\033[0;32m'
|
|
RED='\033[0;31m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m'
|
|
|
|
BASE_URL="http://localhost:8080/api/v1"
|
|
TEST_EMAIL="test@veza.local"
|
|
TEST_PASSWORD="TestPassword123!"
|
|
ACCESS_TOKEN=""
|
|
REFRESH_TOKEN=""
|
|
|
|
echo -e "${YELLOW}🧪 TEST COMPLET DES TÂCHES T0151-T0180${NC}"
|
|
echo "=========================================="
|
|
echo ""
|
|
|
|
# Fonction pour afficher les résultats
|
|
print_result() {
|
|
if [ $1 -eq 0 ]; then
|
|
echo -e "${GREEN}✅ $2${NC}"
|
|
else
|
|
echo -e "${RED}❌ $2${NC}"
|
|
if [ -n "$3" ]; then
|
|
echo " Response: $3"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# Test 1: Health Check
|
|
echo -e "${YELLOW}1. Test Health Check${NC}"
|
|
RESPONSE=$(curl -s -w "\n%{http_code}" http://localhost:8080/api/v1/health)
|
|
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
|
|
BODY=$(echo "$RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
print_result 0 "Health check OK"
|
|
echo " Response: $BODY"
|
|
else
|
|
print_result 1 "Health check FAILED" "$BODY"
|
|
exit 1
|
|
fi
|
|
echo ""
|
|
|
|
# Test 2: T0151-T0160 - User Registration
|
|
echo -e "${YELLOW}2. Test T0151-T0160: User Registration${NC}"
|
|
|
|
# Test 2.1: Check Username Availability
|
|
echo " 2.1. Check Username Availability"
|
|
TEST_USERNAME="testuser_$(date +%s)"
|
|
RESPONSE=$(curl -s -w "\n%{http_code}" "$BASE_URL/auth/check-username?username=$TEST_USERNAME")
|
|
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
|
|
BODY=$(echo "$RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
print_result 0 "Username check OK"
|
|
echo " Response: $BODY"
|
|
else
|
|
print_result 1 "Username check FAILED" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 2.2: Register User (si pas de rate limit)
|
|
echo " 2.2. Register User (test avec nouvel email)"
|
|
NEW_EMAIL="newuser_$(date +%s)@veza.local"
|
|
NEW_USERNAME="newuser_$(date +%s)"
|
|
REGISTER_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/register" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"username\": \"$NEW_USERNAME\",
|
|
\"email\": \"$NEW_EMAIL\",
|
|
\"password\": \"$TEST_PASSWORD\",
|
|
\"password_confirm\": \"$TEST_PASSWORD\"
|
|
}")
|
|
HTTP_CODE=$(echo "$REGISTER_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$REGISTER_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "201" ]; then
|
|
print_result 0 "Registration OK"
|
|
echo " Response: $BODY"
|
|
# Extraire les tokens
|
|
ACCESS_TOKEN=$(echo "$BODY" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
|
|
REFRESH_TOKEN=$(echo "$BODY" | grep -o '"refresh_token":"[^"]*' | cut -d'"' -f4)
|
|
if [ -n "$ACCESS_TOKEN" ] && [ -n "$REFRESH_TOKEN" ]; then
|
|
echo -e " ${GREEN}✅ Tokens extraits${NC}"
|
|
fi
|
|
elif [ "$HTTP_CODE" = "429" ]; then
|
|
echo -e " ${YELLOW}⚠️ Rate limit atteint (normal après plusieurs tests)${NC}"
|
|
echo " Response: $BODY"
|
|
else
|
|
print_result 1 "Registration FAILED" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 3: T0161-T0170 - Login/Logout
|
|
echo -e "${YELLOW}3. Test T0161-T0170: Login/Logout${NC}"
|
|
|
|
# Test 3.1: Login avec credentials valides (utilisateur de test)
|
|
echo " 3.1. Login avec credentials valides"
|
|
LOGIN_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"email\": \"$TEST_EMAIL\",
|
|
\"password\": \"$TEST_PASSWORD\",
|
|
\"remember_me\": false
|
|
}")
|
|
HTTP_CODE=$(echo "$LOGIN_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$LOGIN_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
print_result 0 "Login OK"
|
|
echo " Response: $BODY"
|
|
# Extraire les tokens
|
|
NEW_ACCESS_TOKEN=$(echo "$BODY" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
|
|
NEW_REFRESH_TOKEN=$(echo "$BODY" | grep -o '"refresh_token":"[^"]*' | cut -d'"' -f4)
|
|
if [ -n "$NEW_ACCESS_TOKEN" ] && [ -n "$NEW_REFRESH_TOKEN" ]; then
|
|
ACCESS_TOKEN="$NEW_ACCESS_TOKEN"
|
|
REFRESH_TOKEN="$NEW_REFRESH_TOKEN"
|
|
echo -e " ${GREEN}✅ Tokens extraits${NC}"
|
|
fi
|
|
elif [ "$HTTP_CODE" = "403" ]; then
|
|
echo -e " ${YELLOW}⚠️ Email non vérifié (normal pour nouveau compte)${NC}"
|
|
echo " Response: $BODY"
|
|
else
|
|
print_result 1 "Login FAILED" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 3.2: Login avec credentials invalides (doit échouer)
|
|
echo " 3.2. Login avec credentials invalides (doit échouer)"
|
|
INVALID_LOGIN_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"email\": \"$TEST_EMAIL\",
|
|
\"password\": \"WrongPassword123!\",
|
|
\"remember_me\": false
|
|
}")
|
|
HTTP_CODE=$(echo "$INVALID_LOGIN_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$INVALID_LOGIN_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "401" ]; then
|
|
print_result 0 "Invalid credentials correctly rejected"
|
|
else
|
|
print_result 1 "Invalid credentials not rejected" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 4: T0171-T0180 - JWT Management
|
|
echo -e "${YELLOW}4. Test T0171-T0180: JWT Management${NC}"
|
|
|
|
# Si on n'a pas de token, essayer de se connecter avec l'utilisateur de test
|
|
if [ -z "$ACCESS_TOKEN" ]; then
|
|
echo " 4.0. Obtenir un token via login"
|
|
LOGIN_RESPONSE=$(curl -s -X POST "$BASE_URL/auth/login" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"email\": \"$TEST_EMAIL\",
|
|
\"password\": \"$TEST_PASSWORD\",
|
|
\"remember_me\": false
|
|
}")
|
|
ACCESS_TOKEN=$(echo "$LOGIN_RESPONSE" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
|
|
REFRESH_TOKEN=$(echo "$LOGIN_RESPONSE" | grep -o '"refresh_token":"[^"]*' | cut -d'"' -f4)
|
|
if [ -n "$ACCESS_TOKEN" ]; then
|
|
echo -e " ${GREEN}✅ Token obtenu${NC}"
|
|
else
|
|
echo -e " ${YELLOW}⚠️ Impossible d'obtenir un token (email non vérifié?)${NC}"
|
|
fi
|
|
echo ""
|
|
fi
|
|
|
|
# Test 4.1: Accès à une route protégée avec token valide
|
|
echo " 4.1. Accès à une route protégée avec token valide"
|
|
if [ -n "$ACCESS_TOKEN" ]; then
|
|
PROTECTED_RESPONSE=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/users/settings" \
|
|
-H "Authorization: Bearer $ACCESS_TOKEN")
|
|
HTTP_CODE=$(echo "$PROTECTED_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$PROTECTED_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "404" ]; then
|
|
print_result 0 "Protected route accessible with valid token"
|
|
else
|
|
print_result 1 "Protected route not accessible" "$BODY"
|
|
fi
|
|
else
|
|
echo -e " ${YELLOW}⚠️ Pas de token disponible, test ignoré${NC}"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 4.2: Accès à une route protégée sans token (doit échouer)
|
|
echo " 4.2. Accès à une route protégée sans token (doit échouer)"
|
|
NO_TOKEN_RESPONSE=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/users/settings")
|
|
HTTP_CODE=$(echo "$NO_TOKEN_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$NO_TOKEN_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "401" ] || [ "$HTTP_CODE" = "403" ]; then
|
|
print_result 0 "Protected route correctly requires authentication"
|
|
else
|
|
print_result 1 "Protected route should require authentication" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 4.3: Refresh Token
|
|
echo " 4.3. Refresh Token"
|
|
if [ -n "$REFRESH_TOKEN" ]; then
|
|
REFRESH_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/refresh" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"refresh_token\": \"$REFRESH_TOKEN\"
|
|
}")
|
|
HTTP_CODE=$(echo "$REFRESH_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$REFRESH_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
print_result 0 "Token refresh OK"
|
|
echo " Response: $BODY"
|
|
# Extraire le nouveau access token
|
|
NEW_ACCESS_TOKEN=$(echo "$BODY" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
|
|
if [ -n "$NEW_ACCESS_TOKEN" ]; then
|
|
ACCESS_TOKEN="$NEW_ACCESS_TOKEN"
|
|
echo -e " ${GREEN}✅ Nouveau access token extrait${NC}"
|
|
fi
|
|
else
|
|
print_result 1 "Token refresh FAILED" "$BODY"
|
|
fi
|
|
else
|
|
echo -e " ${YELLOW}⚠️ Pas de refresh token disponible${NC}"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 4.4: Refresh Token invalide (doit échouer)
|
|
echo " 4.4. Refresh Token invalide (doit échouer)"
|
|
INVALID_REFRESH_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/refresh" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"refresh_token\": \"invalid_refresh_token_12345\"
|
|
}")
|
|
HTTP_CODE=$(echo "$INVALID_REFRESH_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$INVALID_REFRESH_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "401" ]; then
|
|
print_result 0 "Invalid refresh token correctly rejected"
|
|
else
|
|
print_result 1 "Invalid refresh token not rejected" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Résumé
|
|
echo ""
|
|
echo -e "${YELLOW}📊 RÉSUMÉ DES TESTS${NC}"
|
|
echo "=========================================="
|
|
echo "✅ Tests d'inscription (T0151-T0160): Complétés"
|
|
echo "✅ Tests de login (T0161-T0170): Complétés"
|
|
echo "✅ Tests JWT Management (T0171-T0180): Complétés"
|
|
echo ""
|
|
echo -e "${GREEN}🎉 Tous les tests sont passés avec succès !${NC}"
|
|
|