Add and refactor tests

Author: ch5zzy

packages/auth/src/core/strategies/email_and_password.test.ts

@@ -745,76 +745,141 @@ describe('core/strategies/email_and_password/createUserWithEmailAndPassword', ()
       expect(user.isAnonymous).to.be.false;
     });
   });
+});
 
-  context('#passwordPolicy', () => {
-    const TEST_MIN_PASSWORD_LENGTH = 6;
-    const TEST_ALLOWED_NON_ALPHANUMERIC_CHARS = ['!', '(', ')'];
-    const TEST_SCHEMA_VERSION = 1;
+describe('core/strategies/email_and_password/signInWithEmailAndPassword', () => {
+  let auth: TestAuth;
+  const serverUser: APIUserInfo = {
+    localId: 'local-id'
+  };
+
+  beforeEach(async () => {
+    auth = await testAuth();
+    mockFetch.setUp();
+    mockEndpoint(Endpoint.SIGN_IN_WITH_PASSWORD, {
+      idToken: 'id-token',
+      refreshToken: 'refresh-token',
+      expiresIn: '1234',
+      localId: serverUser.localId!
+    });
+    mockEndpoint(Endpoint.GET_ACCOUNT_INFO, {
+      users: [serverUser]
+    });
+  });
+  afterEach(mockFetch.tearDown);
 
-    const TEST_TENANT_ID = 'tenant-id';
-    const TEST_REQUIRE_NUMERIC_TENANT_ID = 'other-tenant-id';
+  it('should sign in the user', async () => {
+    const { _tokenResponse, user, operationType } =
+      (await signInWithEmailAndPassword(
+        auth,
+        'some-email',
+        'some-password'
+      )) as UserCredentialInternal;
+    expect(_tokenResponse).to.eql({
+      idToken: 'id-token',
+      refreshToken: 'refresh-token',
+      expiresIn: '1234',
+      localId: serverUser.localId!
+    });
+    expect(operationType).to.eq(OperationType.SIGN_IN);
+    expect(user.uid).to.eq(serverUser.localId);
+    expect(user.isAnonymous).to.be.false;
+  });
+});
 
-    const PASSWORD_ERROR_MSG =
-      'Firebase: The password does not meet the requirements. (auth/password-does-not-meet-requirements).';
+describe('password policy cache is updated in auth flows upon error', () => {
+  let auth: TestAuth;
 
-    const passwordPolicyResponse = {
-      customStrengthOptions: {
-        minPasswordLength: TEST_MIN_PASSWORD_LENGTH
-      },
-      allowedNonAlphanumericCharacters: TEST_ALLOWED_NON_ALPHANUMERIC_CHARS,
-      schemaVersion: TEST_SCHEMA_VERSION
-    };
-    const passwordPolicyResponseRequireNumeric = {
-      customStrengthOptions: {
-        minPasswordLength: TEST_MIN_PASSWORD_LENGTH,
-        containsNumericCharacter: true
-      },
-      allowedNonAlphanumericCharacters: TEST_ALLOWED_NON_ALPHANUMERIC_CHARS,
-      schemaVersion: TEST_SCHEMA_VERSION
-    };
-    const cachedPasswordPolicy = {
-      customStrengthOptions: {
-        minPasswordLength: TEST_MIN_PASSWORD_LENGTH
+  const TEST_MIN_PASSWORD_LENGTH = 6;
+  const TEST_ALLOWED_NON_ALPHANUMERIC_CHARS = ['!', '(', ')'];
+  const TEST_SCHEMA_VERSION = 1;
+
+  const TEST_TENANT_ID = 'tenant-id';
+  const TEST_REQUIRE_NUMERIC_TENANT_ID = 'other-tenant-id';
+
+  const PASSWORD_ERROR_MSG =
+    'Firebase: The password does not meet the requirements. (auth/password-does-not-meet-requirements).';
+
+  const passwordPolicyResponse = {
+    customStrengthOptions: {
+      minPasswordLength: TEST_MIN_PASSWORD_LENGTH
+    },
+    allowedNonAlphanumericCharacters: TEST_ALLOWED_NON_ALPHANUMERIC_CHARS,
+    schemaVersion: TEST_SCHEMA_VERSION
+  };
+  const passwordPolicyResponseRequireNumeric = {
+    customStrengthOptions: {
+      minPasswordLength: TEST_MIN_PASSWORD_LENGTH,
+      containsNumericCharacter: true
+    },
+    allowedNonAlphanumericCharacters: TEST_ALLOWED_NON_ALPHANUMERIC_CHARS,
+    schemaVersion: TEST_SCHEMA_VERSION
+  };
+  const cachedPasswordPolicy = {
+    customStrengthOptions: {
+      minPasswordLength: TEST_MIN_PASSWORD_LENGTH
+    },
+    allowedNonAlphanumericCharacters: TEST_ALLOWED_NON_ALPHANUMERIC_CHARS
+  };
+  const cachedPasswordPolicyRequireNumeric = {
+    customStrengthOptions: {
+      minPasswordLength: TEST_MIN_PASSWORD_LENGTH,
+      containsNumericCharacter: true
+    },
+    allowedNonAlphanumericCharacters: TEST_ALLOWED_NON_ALPHANUMERIC_CHARS
+  };
+  let policyEndpointMock: mockFetch.Route;
+  let policyEndpointMockWithTenant: mockFetch.Route;
+  let policyEndpointMockWithOtherTenant: mockFetch.Route;
+
+  beforeEach(async () => {
+    auth = await testAuth();
+    mockFetch.setUp();
+    policyEndpointMock = mockEndpointWithParams(
+      Endpoint.GET_PASSWORD_POLICY,
+      {},
+      passwordPolicyResponse
+    );
+    policyEndpointMockWithTenant = mockEndpointWithParams(
+      Endpoint.GET_PASSWORD_POLICY,
+      {
+        tenantId: TEST_TENANT_ID
       },
-      allowedNonAlphanumericCharacters: TEST_ALLOWED_NON_ALPHANUMERIC_CHARS
-    };
-    const cachedPasswordPolicyRequireNumeric = {
-      customStrengthOptions: {
-        minPasswordLength: TEST_MIN_PASSWORD_LENGTH,
-        containsNumericCharacter: true
+      passwordPolicyResponse
+    );
+    policyEndpointMockWithOtherTenant = mockEndpointWithParams(
+      Endpoint.GET_PASSWORD_POLICY,
+      {
+        tenantId: TEST_REQUIRE_NUMERIC_TENANT_ID
       },
-      allowedNonAlphanumericCharacters: TEST_ALLOWED_NON_ALPHANUMERIC_CHARS
+      passwordPolicyResponseRequireNumeric
+    );
+  });
+  afterEach(mockFetch.tearDown);
+
+  context('#createUserWithEmailAndPassword', () => {
+    const serverUser: APIUserInfo = {
+      localId: 'local-id'
     };
-    let policyEndpointMock: mockFetch.Route;
-    let policyEndpointMockWithTenant: mockFetch.Route;
-    let policyEndpointMockWithOtherTenant: mockFetch.Route;
+
+    const email = 'some-email';
+    const password = 'some-password';
 
     beforeEach(() => {
-      policyEndpointMock = mockEndpointWithParams(
-        Endpoint.GET_PASSWORD_POLICY,
-        {},
-        passwordPolicyResponse
-      );
-      policyEndpointMockWithTenant = mockEndpointWithParams(
-        Endpoint.GET_PASSWORD_POLICY,
-        {
-          tenantId: TEST_TENANT_ID
-        },
-        passwordPolicyResponse
-      );
-      policyEndpointMockWithOtherTenant = mockEndpointWithParams(
-        Endpoint.GET_PASSWORD_POLICY,
-        {
-          tenantId: TEST_REQUIRE_NUMERIC_TENANT_ID
-        },
-        passwordPolicyResponseRequireNumeric
-      );
+      mockEndpoint(Endpoint.SIGN_UP, {
+        idToken: 'id-token',
+        refreshToken: 'refresh-token',
+        expiresIn: '1234',
+        localId: serverUser.localId!
+      });
+      mockEndpoint(Endpoint.GET_ACCOUNT_INFO, {
+        users: [serverUser]
+      });
     });
 
     it('does not update the cached password policy upon successful sign up when there is no existing policy cache', async () => {
-      await expect(
-        createUserWithEmailAndPassword(auth, 'some-email', 'some-password')
-      ).to.be.fulfilled;
+      await expect(createUserWithEmailAndPassword(auth, email, password)).to.be
+        .fulfilled;
 
       expect(policyEndpointMock.calls.length).to.eq(0);
       expect(auth._getPasswordPolicy()).to.be.null;
@@ -823,9 +888,8 @@ describe('core/strategies/email_and_password/createUserWithEmailAndPassword', ()
     it('does not update the cached password policy upon successful sign up when there is an existing policy cache', async () => {
       await auth._updatePasswordPolicy();
 
-      await expect(
-        createUserWithEmailAndPassword(auth, 'some-email', 'some-password')
-      ).to.be.fulfilled;
+      await expect(createUserWithEmailAndPassword(auth, email, password)).to.be
+        .fulfilled;
 
       expect(policyEndpointMock.calls.length).to.eq(1);
       expect(auth._getPasswordPolicy()).to.eql(cachedPasswordPolicy);
@@ -853,7 +917,7 @@ describe('core/strategies/email_and_password/createUserWithEmailAndPassword', ()
         // Password policy changed after previous fetch.
         policyEndpointMock.response = passwordPolicyResponseRequireNumeric;
         await expect(
-          createUserWithEmailAndPassword(auth, 'some-email', 'some-password')
+          createUserWithEmailAndPassword(auth, email, password)
         ).to.be.rejectedWith(FirebaseError, PASSWORD_ERROR_MSG);
 
         expect(policyEndpointMock.calls.length).to.eq(2);
@@ -866,7 +930,7 @@ describe('core/strategies/email_and_password/createUserWithEmailAndPassword', ()
         expect(auth._getPasswordPolicy()).to.be.null;
 
         await expect(
-          createUserWithEmailAndPassword(auth, 'some-email', 'some-password')
+          createUserWithEmailAndPassword(auth, email, password)
         ).to.be.rejectedWith(FirebaseError, PASSWORD_ERROR_MSG);
 
         expect(policyEndpointMock.calls.length).to.eq(0);
@@ -881,51 +945,97 @@ describe('core/strategies/email_and_password/createUserWithEmailAndPassword', ()
 
         auth.tenantId = TEST_REQUIRE_NUMERIC_TENANT_ID;
         await expect(
-          createUserWithEmailAndPassword(auth, 'some-email', 'some-password')
+          createUserWithEmailAndPassword(auth, email, password)
         ).to.be.rejectedWith(FirebaseError, PASSWORD_ERROR_MSG);
         expect(policyEndpointMockWithOtherTenant.calls.length).to.eq(0);
         expect(auth._getPasswordPolicy()).to.be.undefined;
       });
     });
   });
-});
 
-describe('core/strategies/email_and_password/signInWithEmailAndPassword', () => {
-  let auth: TestAuth;
-  const serverUser: APIUserInfo = {
-    localId: 'local-id'
-  };
+  context('#confirmPasswordReset', () => {
+    const oobCode = 'oob-code';
+    const newPassword = 'new-password';
 
-  beforeEach(async () => {
-    auth = await testAuth();
-    mockFetch.setUp();
-    mockEndpoint(Endpoint.SIGN_IN_WITH_PASSWORD, {
-      idToken: 'id-token',
-      refreshToken: 'refresh-token',
-      expiresIn: '1234',
-      localId: serverUser.localId!
+    beforeEach(() => {
+      mockEndpoint(Endpoint.RESET_PASSWORD, {
+        email: '[email protected]'
+      });
     });
-    mockEndpoint(Endpoint.GET_ACCOUNT_INFO, {
-      users: [serverUser]
+
+    it('does not update the cached password policy upon successful password reset when there is no existing policy cache', async () => {
+      await expect(confirmPasswordReset(auth, oobCode, newPassword)).to.be
+        .fulfilled;
+
+      expect(policyEndpointMock.calls.length).to.eq(0);
+      expect(auth._getPasswordPolicy()).to.be.null;
     });
-  });
-  afterEach(mockFetch.tearDown);
 
-  it('should sign in the user', async () => {
-    const { _tokenResponse, user, operationType } =
-      (await signInWithEmailAndPassword(
-        auth,
-        'some-email',
-        'some-password'
-      )) as UserCredentialInternal;
-    expect(_tokenResponse).to.eql({
-      idToken: 'id-token',
-      refreshToken: 'refresh-token',
-      expiresIn: '1234',
-      localId: serverUser.localId!
+    it('does not update the cached password policy upon successful password reset when there is an existing policy cache', async () => {
+      await auth._updatePasswordPolicy();
+
+      await expect(confirmPasswordReset(auth, oobCode, newPassword)).to.be
+        .fulfilled;
+
+      expect(policyEndpointMock.calls.length).to.eq(1);
+      expect(auth._getPasswordPolicy()).to.eql(cachedPasswordPolicy);
+    });
+
+    context('handles password validation errors', () => {
+      beforeEach(() => {
+        mockEndpoint(
+          Endpoint.RESET_PASSWORD,
+          {
+            error: {
+              code: 400,
+              message: ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS
+            }
+          },
+          400
+        );
+      });
+
+      it('updates the cached password policy when password does not meet backend requirements', async () => {
+        await auth._updatePasswordPolicy();
+        expect(policyEndpointMock.calls.length).to.eq(1);
+        expect(auth._getPasswordPolicy()).to.eql(cachedPasswordPolicy);
+
+        // Password policy changed after previous fetch.
+        policyEndpointMock.response = passwordPolicyResponseRequireNumeric;
+        await expect(
+          confirmPasswordReset(auth, oobCode, newPassword)
+        ).to.be.rejectedWith(FirebaseError, PASSWORD_ERROR_MSG);
+
+        expect(policyEndpointMock.calls.length).to.eq(2);
+        expect(auth._getPasswordPolicy()).to.eql(
+          cachedPasswordPolicyRequireNumeric
+        );
+      });
+
+      it('does not update the cached password policy upon error if policy has not previously been fetched', async () => {
+        expect(auth._getPasswordPolicy()).to.be.null;
+
+        await expect(
+          confirmPasswordReset(auth, oobCode, newPassword)
+        ).to.be.rejectedWith(FirebaseError, PASSWORD_ERROR_MSG);
+
+        expect(policyEndpointMock.calls.length).to.eq(0);
+        expect(auth._getPasswordPolicy()).to.be.null;
+      });
+
+      it('does not update the cached password policy upon error if tenant changes and policy has not previously been fetched', async () => {
+        auth.tenantId = TEST_TENANT_ID;
+        await auth._updatePasswordPolicy();
+        expect(policyEndpointMockWithTenant.calls.length).to.eq(1);
+        expect(auth._getPasswordPolicy()).to.eql(cachedPasswordPolicy);
+
+        auth.tenantId = TEST_REQUIRE_NUMERIC_TENANT_ID;
+        await expect(
+          confirmPasswordReset(auth, oobCode, newPassword)
+        ).to.be.rejectedWith(FirebaseError, PASSWORD_ERROR_MSG);
+        expect(policyEndpointMockWithOtherTenant.calls.length).to.eq(0);
+        expect(auth._getPasswordPolicy()).to.be.undefined;
+      });
     });
-    expect(operationType).to.eq(OperationType.SIGN_IN);
-    expect(user.uid).to.eq(serverUser.localId);
-    expect(user.isAnonymous).to.be.false;
   });
 });