Implement unit tests for OIDC provider configuration in oidc_provider…

src/core/oidc_providers.rs

@@ -18,3 +18,70 @@ pub fn google_provider_config() -> OIDCProviderConfig {
         discovery_url: "https://accounts.google.com/.well-known/openid-configuration".to_string(),
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use std::env;
+
+    #[test]
+    fn test_google_provider_config_success() {
+        // Set environment variables
+        env::set_var("GOOGLE_CLIENT_ID", "test_client_id");
+        env::set_var("GOOGLE_CLIENT_SECRET", "test_client_secret");
+        env::set_var("GOOGLE_REDIRECT_URI", "https://example.com/callback");
+
+        // Call the google_provider_config function
+        let config = google_provider_config();
+
+        // Assert that the config contains the expected values
+        assert_eq!(config.client_id, "test_client_id");
+        assert_eq!(config.client_secret, "test_client_secret");
+        assert_eq!(config.redirect_uri, "https://example.com/callback");
+        assert_eq!(
+            config.discovery_url,
+            "https://accounts.google.com/.well-known/openid-configuration"
+        );
+
+        // Clean up the environment variables after test
+        env::remove_var("GOOGLE_CLIENT_ID");
+        env::remove_var("GOOGLE_CLIENT_SECRET");
+        env::remove_var("GOOGLE_REDIRECT_URI");
+    }
+
+    #[test]
+    #[should_panic(expected = "GOOGLE_CLIENT_ID must be set")]
+    fn test_missing_google_client_id() {
+        // Unset the GOOGLE_CLIENT_ID to trigger panic
+        env::remove_var("GOOGLE_CLIENT_ID");
+        env::set_var("GOOGLE_CLIENT_SECRET", "test_client_secret");
+        env::set_var("GOOGLE_REDIRECT_URI", "https://example.com/callback");
+
+        // This should panic due to missing GOOGLE_CLIENT_ID
+        google_provider_config();
+    }
+
+    #[test]
+    #[should_panic(expected = "GOOGLE_CLIENT_SECRET must be set")]
+    fn test_missing_google_client_secret() {
+        // Unset the GOOGLE_CLIENT_SECRET to trigger panic
+        env::set_var("GOOGLE_CLIENT_ID", "test_client_id");
+        env::remove_var("GOOGLE_CLIENT_SECRET");
+        env::set_var("GOOGLE_REDIRECT_URI", "https://example.com/callback");
+
+        // This should panic due to missing GOOGLE_CLIENT_SECRET
+        google_provider_config();
+    }
+
+    #[test]
+    #[should_panic(expected = "GOOGLE_REDIRECT_URI must be set")]
+    fn test_missing_google_redirect_uri() {
+        // Unset the GOOGLE_REDIRECT_URI to trigger panic
+        env::set_var("GOOGLE_CLIENT_ID", "test_client_id");
+        env::set_var("GOOGLE_CLIENT_SECRET", "test_client_secret");
+        env::remove_var("GOOGLE_REDIRECT_URI");
+
+        // This should panic due to missing GOOGLE_REDIRECT_URI
+        google_provider_config();
+    }
+}

src/core/scopes.rs

@@ -24,3 +24,84 @@ impl ScopeValidator {
 
     // Optionally, you can add methods to manage scopes (e.g., add/remove)
 }
+
+use super::*;
+
+#[tokio::test]
+async fn test_scope_validator_all_scopes_allowed() {
+    // Arrange: Create a ScopeValidator with allowed scopes
+    let allowed_scopes = vec![
+        "read".to_string(),
+        "write".to_string(),
+        "delete".to_string(),
+    ];
+    let validator = ScopeValidator::new(allowed_scopes);
+
+    // Act: Validate a request with a valid scope
+    let client_id = "client_123";
+    let requested_scope = "read write";
+    let result = validator.validate(client_id, requested_scope).await;
+
+    // Assert: The requested scopes should be valid
+    assert!(result);
+}
+
+#[tokio::test]
+async fn test_scope_validator_some_scopes_invalid() {
+    // Arrange: Create a ScopeValidator with allowed scopes
+    let allowed_scopes = vec!["read".to_string(), "write".to_string()];
+    let validator = ScopeValidator::new(allowed_scopes);
+
+    // Act: Validate a request with an invalid scope
+    let client_id = "client_123";
+    let requested_scope = "read write delete";
+    let result = validator.validate(client_id, requested_scope).await;
+
+    // Assert: The requested scopes should be invalid
+    assert!(!result);
+}
+
+#[tokio::test]
+async fn test_scope_validator_no_scopes_requested() {
+    // Arrange: Create a ScopeValidator with allowed scopes
+    let allowed_scopes = vec!["read".to_string(), "write".to_string()];
+    let validator = ScopeValidator::new(allowed_scopes);
+
+    // Act: Validate a request with no scopes
+    let client_id = "client_123";
+    let requested_scope = "";
+    let result = validator.validate(client_id, requested_scope).await;
+
+    // Assert: No requested scopes should be valid
+    assert!(result);
+}
+
+#[tokio::test]
+async fn test_scope_validator_with_disallowed_scope() {
+    // Arrange: Create a ScopeValidator with allowed scopes
+    let allowed_scopes = vec!["read".to_string(), "write".to_string()];
+    let validator = ScopeValidator::new(allowed_scopes);
+
+    // Act: Validate a request with a disallowed scope
+    let client_id = "client_123";
+    let requested_scope = "delete";
+    let result = validator.validate(client_id, requested_scope).await;
+
+    // Assert: The requested scope should be invalid
+    assert!(!result);
+}
+
+#[tokio::test]
+async fn test_scope_validator_all_scopes_empty() {
+    // Arrange: Create a ScopeValidator with no allowed scopes
+    let allowed_scopes = vec![];
+    let validator = ScopeValidator::new(allowed_scopes);
+
+    // Act: Validate a request with any scope
+    let client_id = "client_123";
+    let requested_scope = "read";
+    let result = validator.validate(client_id, requested_scope).await;
+
+    // Assert: The requested scope should be invalid since no scopes are allowed
+    assert!(!result);
+}