EssentialCSharp.Web/EssentialCSharp.Web.Tests/McpApiTokenServiceTests.cs at 794da8163d67712d38b3ec3df5c808ed7832d036 · IntelliTect/EssentialCSharp.Web · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
using EssentialCSharp.Web.Models;
using EssentialCSharp.Web.Services;
using Microsoft.Extensions.DependencyInjection;

namespace EssentialCSharp.Web.Tests;

public class McpApiTokenServiceTests : IntegrationTestBase
{
    private readonly List<IServiceScope> _scopes = [];

    [After(Test)]
    public void DisposeScopes()
    {
        foreach (var scope in _scopes)
            scope.Dispose();
        _scopes.Clear();
    }

    private async Task<(string UserId, McpApiTokenService TokenService)> ArrangeAsync(string prefix)
    {
        string userId = await McpTestHelper.CreateUserAsync(Factory, prefix);
        var scope = Factory.Services.CreateScope();
        _scopes.Add(scope);
        var tokenService = scope.ServiceProvider.GetRequiredService<McpApiTokenService>();
        return (userId, tokenService);
    }

    private async Task<McpApiTokenService> FillToLimitAsync(string userId)
    {
        var scope = Factory.Services.CreateScope();
        _scopes.Add(scope);
        var tokenService = scope.ServiceProvider.GetRequiredService<McpApiTokenService>();
        for (int i = 0; i < McpApiTokenService.MaxTokensPerUser; i++)
        {
            await tokenService.CreateTokenAsync(userId, $"token-{i}");
        }
        return tokenService;
    }

    [Test]
    public async Task CreateTokenAsync_WithoutExpiry_UsesSixMonthDefault()
    {
        var (userId, tokenService) = await ArrangeAsync("mcp-default-expiry");

        (_, var entity) = await tokenService.CreateTokenAsync(userId, "default-expiry");

        await Assert.That(entity.ExpiresAt).IsNotNull();
        await Assert.That(entity.ExpiresAt!.Value)
            .IsEqualTo(McpApiTokenService.GetDefaultExpirationUtc(entity.CreatedAt));
    }

    [Test]
    public async Task CreateTokenAsync_WithExpiryWithinSixMonths_UsesRequestedExpiry()
    {
        var (userId, tokenService) = await ArrangeAsync("mcp-custom-expiry");
        DateTime requestedExpiry = DateTime.UtcNow.AddMonths(3);

        (_, var entity) = await tokenService.CreateTokenAsync(userId, "custom-expiry", requestedExpiry);

        await Assert.That(entity.ExpiresAt).IsNotNull();
        await Assert.That(entity.ExpiresAt!.Value).IsEqualTo(requestedExpiry);
    }

    [Test]
    public async Task CreateTokenAsync_WithExpiryBeyondSixMonths_Throws()
    {
        var (userId, tokenService) = await ArrangeAsync("mcp-max-expiry");
        DateTime requestedExpiry = McpApiTokenService.GetDefaultExpirationUtc(DateTime.UtcNow).AddDays(2);

        await Assert.That(() => tokenService.CreateTokenAsync(userId, "too-long", requestedExpiry))
            .Throws<ArgumentOutOfRangeException>()
            .WithMessageContaining(McpApiTokenService.MaxExpiryValidationMessage);
    }

    [Test]
    public async Task CreateTokenAsync_WithExplicitCreatedAt_UsesReferenceTimeForDefaultExpiry()
    {
        var (userId, tokenService) = await ArrangeAsync("mcp-explicit-created-at");
        DateTime createdAtUtc = new(2026, 4, 30, 23, 59, 59, DateTimeKind.Utc);

        (_, var entity) = await tokenService.CreateTokenAsync(
            userId, "explicit-created-at", createdAtUtc: createdAtUtc);

        await Assert.That(entity.CreatedAt).IsEqualTo(createdAtUtc);
        await Assert.That(entity.ExpiresAt).IsNotNull();
        await Assert.That(entity.ExpiresAt!.Value)
            .IsEqualTo(McpApiTokenService.GetDefaultExpirationUtc(createdAtUtc));
    }

    [Test]
    public async Task GetActiveTokenCountAsync_NoTokens_ReturnsZero()
    {
        var (userId, tokenService) = await ArrangeAsync("mcp-count-zero");

        int count = await tokenService.GetActiveTokenCountAsync(userId);

        await Assert.That(count).IsEqualTo(0);
    }

    [Test]
    public async Task GetActiveTokenCountAsync_ActiveTokens_CountsAll()
    {
        var (userId, tokenService) = await ArrangeAsync("mcp-count-active");

        await tokenService.CreateTokenAsync(userId, "token-1");
        await tokenService.CreateTokenAsync(userId, "token-2");
        await tokenService.CreateTokenAsync(userId, "token-3");

        int count = await tokenService.GetActiveTokenCountAsync(userId);

        await Assert.That(count).IsEqualTo(3);
    }

    [Test]
    public async Task GetActiveTokenCountAsync_RevokedToken_ExcludedFromCount()
    {
        var (userId, tokenService) = await ArrangeAsync("mcp-count-revoked");

        await tokenService.CreateTokenAsync(userId, "active-token");
        (_, var revokedEntity) = await tokenService.CreateTokenAsync(userId, "revoked-token");
        await tokenService.RevokeTokenAsync(revokedEntity.Id, userId);

        int count = await tokenService.GetActiveTokenCountAsync(userId);

        await Assert.That(count).IsEqualTo(1);
    }

    [Test]
    public async Task GetActiveTokenCountAsync_ExpiredToken_ExcludedFromCount()
    {
        var (userId, tokenService) = await ArrangeAsync("mcp-count-expired");

        // createdAt 7 months ago → max expiry = 1 month ago; use 2 months ago as expiresAt
        DateTime createdAt = DateTime.UtcNow.AddMonths(-7);
        DateTime pastExpiry = DateTime.UtcNow.AddMonths(-2);
        await tokenService.CreateTokenAsync(userId, "expired-token",
            expiresAt: pastExpiry, createdAtUtc: createdAt);
        await tokenService.CreateTokenAsync(userId, "valid-token");

        int count = await tokenService.GetActiveTokenCountAsync(userId);

        await Assert.That(count).IsEqualTo(1);
    }

    [Test]
    public async Task CreateTokenAsync_AtMaxLimit_ThrowsTokenLimitExceededException()
    {
        var (userId, _) = await ArrangeAsync("mcp-at-limit");
        var tokenService = await FillToLimitAsync(userId);

        await Assert.That(() => tokenService.CreateTokenAsync(userId, "one-too-many"))
            .Throws<TokenLimitExceededException>();
    }

    [Test]
    public async Task CreateTokenAsync_AfterRevokingAtLimit_AllowsNewToken()
    {
        var (userId, _) = await ArrangeAsync("mcp-revoke-then-create");
        var tokenService = await FillToLimitAsync(userId);

        // Revoke the last token to free a slot
        var tokens = await tokenService.GetUserTokensAsync(userId);
        await tokenService.RevokeTokenAsync(tokens[0].Id, userId);

        // Should now succeed — active count dropped below max
        (_, var newEntity) = await tokenService.CreateTokenAsync(userId, "replacement");
        await Assert.That(newEntity).IsNotNull();
        int activeCount = await tokenService.GetActiveTokenCountAsync(userId);
        await Assert.That(activeCount).IsEqualTo(McpApiTokenService.MaxTokensPerUser);
    }
}