@@ -4,13 +4,15 @@ import (
44 "context"
55 "encoding/json"
66 "os"
7+ "path/filepath"
78 "testing"
89
910 "github.com/spf13/afero"
1011 "github.com/stretchr/testify/assert"
1112 "github.com/stretchr/testify/require"
1213 "github.com/supabase/cli/internal/testing/fstest"
1314 "github.com/supabase/cli/internal/utils"
15+ "github.com/supabase/cli/pkg/config"
1416)
1517
1618func TestInitCommand (t * testing.T ) {
@@ -24,6 +26,11 @@ func TestInitCommand(t *testing.T) {
2426 exists , err := afero .Exists (fsys , utils .ConfigPath )
2527 assert .NoError (t , err )
2628 assert .True (t , exists )
29+ // Validate generated signing key
30+ signingKeysPath := filepath .Join (utils .SupabaseDirPath , "signing_keys.json" )
31+ exists , err = afero .Exists (fsys , signingKeysPath )
32+ assert .NoError (t , err )
33+ assert .True (t , exists )
2734 // Validate generated .gitignore
2835 exists , err = afero .Exists (fsys , utils .GitIgnorePath )
2936 assert .NoError (t , err )
@@ -197,3 +204,78 @@ func TestUpdateJsonFile(t *testing.T) {
197204 assert .ErrorContains (t , err , "operation not permitted" )
198205 })
199206}
207+
208+ func TestGenerateDefaultSigningKey (t * testing.T ) {
209+ signingKeysPath := filepath .Join (utils .SupabaseDirPath , "signing_keys.json" )
210+
211+ t .Run ("generates signing key when file doesn't exist" , func (t * testing.T ) {
212+ // Setup in-memory fs
213+ fsys := afero .NewMemMapFs ()
214+ // Run test
215+ assert .NoError (t , generateDefaultSigningKey (fsys ))
216+ // Validate file exists
217+ exists , err := afero .Exists (fsys , signingKeysPath )
218+ assert .NoError (t , err )
219+ assert .True (t , exists )
220+ // Validate file contents
221+ content , err := afero .ReadFile (fsys , signingKeysPath )
222+ assert .NoError (t , err )
223+ var jwkArray []config.JWK
224+ assert .NoError (t , json .Unmarshal (content , & jwkArray ))
225+ assert .Len (t , jwkArray , 1 )
226+ // Validate key structure
227+ key := jwkArray [0 ]
228+ assert .Equal (t , "RSA" , key .KeyType )
229+ assert .Equal (t , config .Algorithm ("RS256" ), key .Algorithm )
230+ assert .NotEmpty (t , key .KeyID )
231+ assert .NotEmpty (t , key .Modulus )
232+ assert .NotEmpty (t , key .Exponent )
233+ assert .NotEmpty (t , key .PrivateExponent )
234+ })
235+
236+ t .Run ("skips generation when file already exists" , func (t * testing.T ) {
237+ // Setup in-memory fs with existing key file
238+ fsys := afero .NewMemMapFs ()
239+ existingKey := []config.JWK {
240+ {
241+ KeyType : "RSA" ,
242+ KeyID : "existing-key-id" ,
243+ Algorithm : config .AlgRS256 ,
244+ },
245+ }
246+ existingContent , err := json .Marshal (existingKey )
247+ require .NoError (t , err )
248+ require .NoError (t , utils .MkdirIfNotExistFS (fsys , utils .SupabaseDirPath ))
249+ require .NoError (t , afero .WriteFile (fsys , signingKeysPath , existingContent , 0600 ))
250+ // Run test
251+ assert .NoError (t , generateDefaultSigningKey (fsys ))
252+ // Validate file wasn't modified
253+ content , err := afero .ReadFile (fsys , signingKeysPath )
254+ assert .NoError (t , err )
255+ var jwkArray []config.JWK
256+ assert .NoError (t , json .Unmarshal (content , & jwkArray ))
257+ assert .Len (t , jwkArray , 1 )
258+ assert .Equal (t , "existing-key-id" , jwkArray [0 ].KeyID )
259+ })
260+
261+ t .Run ("throws error on failure to create directory" , func (t * testing.T ) {
262+ // Setup read-only fs
263+ fsys := afero .NewReadOnlyFs (afero .NewMemMapFs ())
264+ // Run test
265+ err := generateDefaultSigningKey (fsys )
266+ // Check error
267+ assert .Error (t , err )
268+ assert .ErrorContains (t , err , "failed to create supabase directory" )
269+ })
270+
271+ t .Run ("throws error on failure to create file" , func (t * testing.T ) {
272+ // Setup fs that denies file creation
273+ // OpenErrorFs will fail when trying to open/create the file
274+ fsys := & fstest.OpenErrorFs {DenyPath : signingKeysPath }
275+ // Run test
276+ err := generateDefaultSigningKey (fsys )
277+ // Check error - OpenErrorFs will fail on OpenFile call
278+ assert .Error (t , err )
279+ assert .ErrorContains (t , err , "failed to create signing key file" )
280+ })
281+ }
0 commit comments