53d5dca45c
Neue opt-in Policy verhindert Logout durch einen einzelnen transienten /refresh-Fehler beim Cold-Launch. Default-Verhalten unverändert. - `RefreshFailurePolicy.immediateWipe` (Default) — wie bisher: jeder invalidierende Server-Response → keychain.wipe() + .signedOut. - `RefreshFailurePolicy.softFirst` — erster invalidierender Fehler im Prozess wird nicht gewiped, Session bleibt. Wipe erst beim zweiten Fehler oder nach einem zuvor erfolgreichen Refresh im selben Prozess. Plus erweiterte Diagnostik in refreshAccessToken(): jeder Attempt loggt Token-Länge, once-succeeded, failure-count, policy, und bei Failure HTTP-Status + Body-Excerpt (256 chars). Subsystem ev.mana.core. Pageta-native ist erster Konsument (opt-in `.softFirst`) wegen wiederholten TestFlight-Update-Logouts — Hypothese: transienter Server-Glitch beim ersten Refresh nach Cold-Launch. 89/89 Tests (vorher 85/85), 4 neue für die Policy. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
313 lines
12 KiB
Swift
313 lines
12 KiB
Swift
import Foundation
|
|
import Testing
|
|
@testable import ManaCore
|
|
|
|
@Suite("AuthClient Guest-Mode + Resilience")
|
|
@MainActor
|
|
struct AuthClientGuestAndResilienceTests {
|
|
// MARK: - enterGuestMode / currentGuestId
|
|
|
|
@Test("enterGuestMode aus signedOut erzeugt UUID und setzt .guest")
|
|
func enterGuestModeFromSignedOut() throws {
|
|
let mocked = makeMockedAuth()
|
|
mocked.auth.bootstrap()
|
|
#expect(mocked.auth.status == .signedOut)
|
|
|
|
let id = try mocked.auth.enterGuestMode()
|
|
#expect(!id.isEmpty)
|
|
#expect(mocked.auth.status == .guest(id: id))
|
|
#expect(mocked.auth.currentGuestId() == id)
|
|
}
|
|
|
|
@Test("enterGuestMode ist idempotent")
|
|
func enterGuestModeIdempotent() throws {
|
|
let mocked = makeMockedAuth()
|
|
let first = try mocked.auth.enterGuestMode()
|
|
let second = try mocked.auth.enterGuestMode()
|
|
#expect(first == second)
|
|
#expect(mocked.auth.status == .guest(id: first))
|
|
}
|
|
|
|
@Test("enterGuestMode stört aktive Session nicht")
|
|
func enterGuestModeKeepsSignedIn() throws {
|
|
let mocked = makeMockedAuth()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
|
|
let id = try mocked.auth.enterGuestMode()
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
#expect(mocked.auth.currentGuestId() == id)
|
|
}
|
|
|
|
@Test("clearGuestId aus .guest fällt auf .signedOut")
|
|
func clearGuestIdFromGuest() throws {
|
|
let mocked = makeMockedAuth()
|
|
_ = try mocked.auth.enterGuestMode()
|
|
mocked.auth.clearGuestId()
|
|
#expect(mocked.auth.status == .signedOut)
|
|
#expect(mocked.auth.currentGuestId() == nil)
|
|
}
|
|
|
|
@Test("clearGuestId aus .signedIn behält Status")
|
|
func clearGuestIdKeepsSignedIn() throws {
|
|
let mocked = makeMockedAuth()
|
|
_ = try mocked.auth.enterGuestMode()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.auth.clearGuestId()
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
#expect(mocked.auth.currentGuestId() == nil)
|
|
}
|
|
|
|
// MARK: - bootstrap
|
|
|
|
@Test("bootstrap erkennt nur-Guest-Keychain als .guest")
|
|
func bootstrapDetectsGuest() throws {
|
|
let mocked = makeMockedAuth()
|
|
_ = try mocked.auth.enterGuestMode()
|
|
mocked.auth.bootstrap()
|
|
if case let .guest(id) = mocked.auth.status {
|
|
#expect(!id.isEmpty)
|
|
} else {
|
|
Issue.record("Expected .guest after bootstrap, got \(mocked.auth.status)")
|
|
}
|
|
}
|
|
|
|
@Test("bootstrap priorisiert Session über Guest")
|
|
func bootstrapPrioritisesSession() throws {
|
|
let mocked = makeMockedAuth()
|
|
_ = try mocked.auth.enterGuestMode()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.auth.bootstrap()
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
}
|
|
|
|
// MARK: - signOut(keepGuestMode:)
|
|
|
|
@Test("signOut Default löscht alles inkl. Guest-ID")
|
|
func signOutDefaultClearsGuest() async throws {
|
|
let mocked = makeMockedAuth()
|
|
_ = try mocked.auth.enterGuestMode()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in (200, Data()) }
|
|
|
|
await mocked.auth.signOut()
|
|
#expect(mocked.auth.status == .signedOut)
|
|
#expect(mocked.auth.currentGuestId() == nil)
|
|
}
|
|
|
|
@Test("signOut(keepGuestMode: true) behält existierende Guest-ID")
|
|
func signOutKeepsExistingGuest() async throws {
|
|
let mocked = makeMockedAuth()
|
|
let id = try mocked.auth.enterGuestMode()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in (200, Data()) }
|
|
|
|
await mocked.auth.signOut(keepGuestMode: true)
|
|
#expect(mocked.auth.status == .guest(id: id))
|
|
#expect(mocked.auth.currentGuestId() == id)
|
|
}
|
|
|
|
@Test("signOut(keepGuestMode: true) erzeugt neue Guest-ID wenn keine existiert")
|
|
func signOutCreatesGuestWhenMissing() async throws {
|
|
let mocked = makeMockedAuth()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in (200, Data()) }
|
|
|
|
await mocked.auth.signOut(keepGuestMode: true)
|
|
if case let .guest(id) = mocked.auth.status {
|
|
#expect(!id.isEmpty)
|
|
#expect(mocked.auth.currentGuestId() == id)
|
|
} else {
|
|
Issue.record("Expected .guest after signOut(keepGuestMode:), got \(mocked.auth.status)")
|
|
}
|
|
}
|
|
|
|
// MARK: - refreshAccessToken Resilience
|
|
|
|
@Test("refresh 503 wirft serviceUnavailable, behält Session")
|
|
func refreshKeepsSessionOn503() async throws {
|
|
let mocked = makeMockedAuth()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in
|
|
(503, Data(#"{"error":"SERVICE_UNAVAILABLE","status":503}"#.utf8))
|
|
}
|
|
|
|
do {
|
|
_ = try await mocked.auth.refreshAccessToken()
|
|
Issue.record("Expected throw on 503")
|
|
} catch let err as AuthError {
|
|
#expect(err == .serviceUnavailable)
|
|
}
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
}
|
|
|
|
@Test("refresh 500 wirft serverInternal, behält Session")
|
|
func refreshKeepsSessionOn500() async throws {
|
|
let mocked = makeMockedAuth()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in
|
|
(500, Data(#"{"error":"INTERNAL","status":500}"#.utf8))
|
|
}
|
|
|
|
do {
|
|
_ = try await mocked.auth.refreshAccessToken()
|
|
Issue.record("Expected throw on 500")
|
|
} catch let err as AuthError {
|
|
#expect(err == .serverInternal)
|
|
}
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
}
|
|
|
|
@Test("refresh 429 wirft rateLimited, behält Session")
|
|
func refreshKeepsSessionOnRateLimit() async throws {
|
|
let mocked = makeMockedAuth()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in
|
|
(429, Data(#"{"error":"RATE_LIMITED","retryAfterSec":30,"status":429}"#.utf8))
|
|
}
|
|
|
|
do {
|
|
_ = try await mocked.auth.refreshAccessToken()
|
|
Issue.record("Expected throw on 429")
|
|
} catch let err as AuthError {
|
|
if case let .rateLimited(retryAfter) = err {
|
|
#expect(retryAfter == 30)
|
|
} else {
|
|
Issue.record("Expected .rateLimited, got \(err)")
|
|
}
|
|
}
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
}
|
|
|
|
@Test("refresh 401 invalidiert Session ohne Guest → .signedOut")
|
|
func refreshInvalidates401NoGuest() async throws {
|
|
let mocked = makeMockedAuth()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in
|
|
(401, Data(#"{"error":"UNAUTHORIZED","status":401}"#.utf8))
|
|
}
|
|
|
|
do {
|
|
_ = try await mocked.auth.refreshAccessToken()
|
|
Issue.record("Expected throw on 401")
|
|
} catch let err as AuthError {
|
|
#expect(err.invalidatesSession)
|
|
}
|
|
#expect(mocked.auth.status == .signedOut)
|
|
}
|
|
|
|
@Test("refresh 401 mit Guest-ID fällt auf .guest zurück")
|
|
func refreshInvalidates401WithGuest() async throws {
|
|
let mocked = makeMockedAuth()
|
|
let id = try mocked.auth.enterGuestMode()
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in
|
|
(401, Data(#"{"error":"UNAUTHORIZED","status":401}"#.utf8))
|
|
}
|
|
|
|
_ = try? await mocked.auth.refreshAccessToken()
|
|
#expect(mocked.auth.status == .guest(id: id))
|
|
#expect(mocked.auth.currentGuestId() == id)
|
|
}
|
|
|
|
// MARK: - RefreshFailurePolicy.softFirst
|
|
|
|
@Test("softFirst: erster 401-Refresh behält Session, zweiter wiped")
|
|
func softFirstSecondFailureWipes() async throws {
|
|
let mocked = makeMockedAuth(refreshFailurePolicy: .softFirst)
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in
|
|
(401, Data(#"{"error":"UNAUTHORIZED","status":401}"#.utf8))
|
|
}
|
|
|
|
// Erster Versuch — wirft, aber Session bleibt
|
|
do {
|
|
_ = try await mocked.auth.refreshAccessToken()
|
|
Issue.record("Expected throw")
|
|
} catch let err as AuthError {
|
|
#expect(err.invalidatesSession)
|
|
}
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
#expect(mocked.auth.refreshFailureCount == 1)
|
|
|
|
// Zweiter Versuch — wiped jetzt
|
|
do {
|
|
_ = try await mocked.auth.refreshAccessToken()
|
|
Issue.record("Expected throw")
|
|
} catch let err as AuthError {
|
|
#expect(err.invalidatesSession)
|
|
}
|
|
#expect(mocked.auth.status == .signedOut)
|
|
#expect(mocked.auth.refreshFailureCount == 2)
|
|
}
|
|
|
|
@Test("softFirst: 401 nach erfolgreichem Refresh wiped sofort")
|
|
func softFirstAfterSuccessWipes() async throws {
|
|
let mocked = makeMockedAuth(refreshFailurePolicy: .softFirst)
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
|
|
// Erst erfolgreich refreshen
|
|
mocked.setHandler { _ in
|
|
(200, Data(#"{"accessToken":"new-a","refreshToken":"new-r"}"#.utf8))
|
|
}
|
|
_ = try await mocked.auth.refreshAccessToken()
|
|
#expect(mocked.auth.refreshOnceSucceeded)
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
|
|
// Dann 401 — server sagt "Session tot", glaubhaft weil wir
|
|
// gerade vorher noch refreshen konnten
|
|
mocked.setHandler { _ in
|
|
(401, Data(#"{"error":"UNAUTHORIZED","status":401}"#.utf8))
|
|
}
|
|
do {
|
|
_ = try await mocked.auth.refreshAccessToken()
|
|
Issue.record("Expected throw")
|
|
} catch let err as AuthError {
|
|
#expect(err.invalidatesSession)
|
|
}
|
|
#expect(mocked.auth.status == .signedOut)
|
|
}
|
|
|
|
@Test("softFirst: transienter 503 ändert nichts an Counter")
|
|
func softFirstTransientDoesNotCount() async throws {
|
|
let mocked = makeMockedAuth(refreshFailurePolicy: .softFirst)
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in
|
|
(503, Data(#"{"error":"SERVICE_UNAVAILABLE","status":503}"#.utf8))
|
|
}
|
|
|
|
_ = try? await mocked.auth.refreshAccessToken()
|
|
#expect(mocked.auth.status == .signedIn(email: "u@x.de"))
|
|
#expect(mocked.auth.refreshFailureCount == 0)
|
|
}
|
|
|
|
@Test("immediateWipe: erster 401 wiped sofort (Default-Verhalten)")
|
|
func immediateWipeFirstFailureWipes() async throws {
|
|
let mocked = makeMockedAuth(refreshFailurePolicy: .immediateWipe)
|
|
try mocked.auth.persistSession(email: "u@x.de", accessToken: "a", refreshToken: "r")
|
|
mocked.setHandler { _ in
|
|
(401, Data(#"{"error":"UNAUTHORIZED","status":401}"#.utf8))
|
|
}
|
|
|
|
_ = try? await mocked.auth.refreshAccessToken()
|
|
#expect(mocked.auth.status == .signedOut)
|
|
}
|
|
|
|
// MARK: - AuthError.invalidatesSession
|
|
|
|
@Test("invalidatesSession unterscheidet Session-Tot vs. transient")
|
|
func invalidatesSessionPartitioning() {
|
|
// Tot — Session muss weg
|
|
#expect(AuthError.invalidCredentials.invalidatesSession)
|
|
#expect(AuthError.unauthorized.invalidatesSession)
|
|
#expect(AuthError.tokenExpired.invalidatesSession)
|
|
#expect(AuthError.tokenInvalid.invalidatesSession)
|
|
|
|
// Transient — Session bleibt
|
|
#expect(!AuthError.serviceUnavailable.invalidatesSession)
|
|
#expect(!AuthError.serverInternal.invalidatesSession)
|
|
#expect(!AuthError.networkFailure("offline").invalidatesSession)
|
|
#expect(!AuthError.rateLimited(retryAfter: 30).invalidatesSession)
|
|
#expect(!AuthError.accountLocked(retryAfter: nil).invalidatesSession)
|
|
}
|
|
}
|