/** * Descomplicar® Crescimento Digital * https://descomplicar.pt */ 'test_doctor', 'password' => 'password123', ); // ACT: Make POST request to login endpoint $response = $this->make_request( '/wp-json/care/v1/auth/login', 'POST', $login_data ); // ASSERT: Response contract $this->assertRestResponse( $response, 200 ); $data = $response->get_data(); $this->assertArrayHasKey( 'token', $data ); $this->assertArrayHasKey( 'user_id', $data ); $this->assertArrayHasKey( 'role', $data ); $this->assertArrayHasKey( 'expires_in', $data ); // Validate token format (JWT) $this->assertIsString( $data['token'] ); $this->assertMatchesRegularExpression( '/^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+$/', $data['token'] ); // Validate user data $this->assertIsInt( $data['user_id'] ); $this->assertGreaterThan( 0, $data['user_id'] ); $this->assertIsString( $data['role'] ); $this->assertContains( $data['role'], array( 'administrator', 'doctor', 'patient', 'kivicare_receptionist' ) ); } /** * Test POST /wp-json/care/v1/auth/login with invalid credentials. * * @test */ public function test_auth_login_invalid_credentials() { // ARRANGE: Invalid credentials $invalid_data = array( 'username' => 'nonexistent_user', 'password' => 'wrong_password', ); // ACT: Make POST request with invalid data $response = $this->make_request( '/wp-json/care/v1/auth/login', 'POST', $invalid_data ); // ASSERT: Error response contract $this->assertRestResponse( $response, 401 ); $data = $response->get_data(); $this->assertArrayHasKey( 'code', $data ); $this->assertArrayHasKey( 'message', $data ); $this->assertEquals( 'invalid_credentials', $data['code'] ); } /** * Test POST /wp-json/care/v1/auth/login with missing fields. * * @test */ public function test_auth_login_missing_fields() { // ARRANGE: Missing username $incomplete_data = array( 'password' => 'password123', ); // ACT: Make POST request with incomplete data $response = $this->make_request( '/wp-json/care/v1/auth/login', 'POST', $incomplete_data ); // ASSERT: Validation error contract $this->assertRestResponse( $response, 400 ); $data = $response->get_data(); $this->assertArrayHasKey( 'code', $data ); $this->assertEquals( 'rest_missing_callback_param', $data['code'] ); } /** * Test POST /wp-json/care/v1/auth/refresh endpoint contract. * * @test */ public function test_auth_refresh_endpoint_contract() { // This test will fail initially as the endpoint doesn't exist yet $this->markTestIncomplete( 'Refresh endpoint not implemented yet - TDD RED phase' ); // ARRANGE: Valid refresh token (will be implemented) $refresh_data = array( 'refresh_token' => 'valid_refresh_token_here', ); // ACT: Make POST request to refresh endpoint $response = $this->make_request( '/wp-json/care/v1/auth/refresh', 'POST', $refresh_data ); // ASSERT: Response contract (will fail until implemented) $this->assertRestResponse( $response, 200 ); $data = $response->get_data(); $this->assertArrayHasKey( 'token', $data ); $this->assertArrayHasKey( 'expires_in', $data ); } /** * Test POST /wp-json/care/v1/auth/logout endpoint contract. * * @test */ public function test_auth_logout_endpoint_contract() { // This test will fail initially as the endpoint doesn't exist yet $this->markTestIncomplete( 'Logout endpoint not implemented yet - TDD RED phase' ); // ARRANGE: Authenticated user wp_set_current_user( $this->doctor_user ); // ACT: Make POST request to logout endpoint $response = $this->make_request( '/wp-json/care/v1/auth/logout', 'POST' ); // ASSERT: Response contract (will fail until implemented) $this->assertRestResponse( $response, 200 ); $data = $response->get_data(); $this->assertArrayHasKey( 'message', $data ); $this->assertEquals( 'Logout successful', $data['message'] ); } /** * Test authentication middleware with invalid token. * * @test */ public function test_invalid_token_response_contract() { // This test will fail initially as JWT authentication isn't implemented $this->markTestIncomplete( 'JWT authentication not implemented yet - TDD RED phase' ); // ARRANGE: Invalid JWT token $_SERVER['HTTP_AUTHORIZATION'] = 'Bearer invalid_token_here'; // ACT: Try to access protected endpoint $response = $this->make_request( '/wp-json/care/v1/patients' ); // ASSERT: Authentication error contract $this->assertRestResponse( $response, 401 ); $data = $response->get_data(); $this->assertArrayHasKey( 'code', $data ); $this->assertEquals( 'rest_forbidden', $data['code'] ); } /** * Test authentication middleware with expired token. * * @test */ public function test_expired_token_response_contract() { // This test will fail initially as JWT authentication isn't implemented $this->markTestIncomplete( 'JWT authentication not implemented yet - TDD RED phase' ); // ARRANGE: Expired JWT token $_SERVER['HTTP_AUTHORIZATION'] = 'Bearer expired_token_here'; // ACT: Try to access protected endpoint $response = $this->make_request( '/wp-json/care/v1/patients' ); // ASSERT: Token expiry error contract $this->assertRestResponse( $response, 401 ); $data = $response->get_data(); $this->assertArrayHasKey( 'code', $data ); $this->assertEquals( 'jwt_auth_token_expired', $data['code'] ); } }