test: update security config tests to include authentication transport mode

2025-10-09 20:27:08 +02:00 · 2025-10-09 20:27:08 +02:00 · b62c626a3f
commit b62c626a3f
parent f7a53403eb
4 changed files with 43 additions and 8 deletions
--- a/backend/src/controllers/participant.controller.ts
+++ b/backend/src/controllers/participant.controller.ts
@ -9,7 +9,7 @@ import {
 	rejectRequestFromMeetError
 } from '../models/error.model.js';
 import { LoggerService, ParticipantService, RoomService, TokenService } from '../services/index.js';
-import { getAuthTransportMode, getCookieOptions, getRecordingToken } from '../utils/index.js';
+import { getAuthTransportMode, getCookieOptions, getParticipantToken } from '../utils/index.js';

 export const generateParticipantToken = async (req: Request, res: Response) => {
 	const logger = container.get(LoggerService);
@ -61,7 +61,7 @@ export const refreshParticipantToken = async (req: Request, res: Response) => {
 	const participantService = container.get(ParticipantService);

 	// Check if there is a previous token
-	const previousToken = await getRecordingToken(req);
+	const previousToken = await getParticipantToken(req);

 	if (!previousToken) {
 		logger.verbose('No previous participant token found. Cannot refresh.');
--- a/backend/tests/helpers/request-helpers.ts
+++ b/backend/tests/helpers/request-helpers.ts
@ -17,6 +17,7 @@ import { createApp, registerDependencies } from '../../src/server.js';
 import { RecordingService, RoomService } from '../../src/services/index.js';
 import {
 	AuthMode,
+	AuthTransportMode,
 	AuthType,
 	MeetRecordingAccess,
 	MeetRecordingInfo,
@ -157,6 +158,7 @@ export const changeSecurityConfig = async (authMode: AuthMode) => {
 			authMethod: {
 				type: AuthType.SINGLE_USER
 			},
+			authTransportMode: AuthTransportMode.COOKIE,
 			authModeToAccessRoom: authMode
 		}
 	});
--- a/backend/tests/integration/api/global-config/security.test.ts
+++ b/backend/tests/integration/api/global-config/security.test.ts
@ -1,7 +1,7 @@
 import { afterEach, beforeAll, describe, expect, it } from '@jest/globals';
 import { container } from '../../../../src/config/dependency-injector.config.js';
 import { MeetStorageService } from '../../../../src/services/index.js';
-import { AuthMode, AuthType } from '../../../../src/typings/ce/index.js';
+import { AuthMode, AuthTransportMode, AuthType } from '../../../../src/typings/ce/index.js';
 import { expectValidationError } from '../../../helpers/assertion-helpers.js';
 import { getSecurityConfig, startTestServer, updateSecurityConfig } from '../../../helpers/request-helpers.js';

@ -10,6 +10,7 @@ const defaultConfig = {
 		authMethod: {
 			type: AuthType.SINGLE_USER
 		},
+		authTransportMode: AuthTransportMode.COOKIE,
 		authModeToAccessRoom: AuthMode.NONE
 	}
 };
@ -35,6 +36,7 @@ describe('Security Config API Tests', () => {
 					authMethod: {
 						type: AuthType.SINGLE_USER
 					},
+					authTransportMode: AuthTransportMode.COOKIE,
 					authModeToAccessRoom: AuthMode.ALL_USERS
 				}
 			};
@ -84,19 +86,49 @@ describe('Security Config API Tests', () => {
 			);
 		});

-		it('should reject when authModeToAccessRoom or authMethod are not provided', async () => {
+		it('should reject when authTransportMode is not a valid enum value', async () => {
+			const response = await updateSecurityConfig({
+				authentication: {
+					authMethod: {
+						type: AuthType.SINGLE_USER
+					},
+					authModeToAccessRoom: AuthMode.ALL_USERS,
+					authTransportMode: 'invalid'
+				}
+			});
+
+			expectValidationError(
+				response,
+				'authentication.authTransportMode',
+				"Invalid enum value. Expected 'cookie' | 'header', received 'invalid'"
+			);
+		});
+
+		it('should reject when authModeToAccessRoom, authTransportMode or authMethod are not provided', async () => {
 			let response = await updateSecurityConfig({
 				authentication: {
-					authMode: AuthMode.NONE
+					authMode: AuthMode.NONE,
+					authTransportMode: AuthTransportMode.COOKIE
 				}
 			});
 			expectValidationError(response, 'authentication.authMethod', 'Required');

 			response = await updateSecurityConfig({
 				authentication: {
-					method: {
+					authMethod: {
 						type: AuthType.SINGLE_USER
-					}
+					},
+					authModeToAccessRoom: AuthMode.NONE
+				}
+			});
+			expectValidationError(response, 'authentication.authTransportMode', 'Required');
+
+			response = await updateSecurityConfig({
+				authentication: {
+					authMethod: {
+						type: AuthType.SINGLE_USER
+					},
+					authTransportMode: AuthTransportMode.COOKIE
 				}
 			});
 			expectValidationError(response, 'authentication.authModeToAccessRoom', 'Required');
--- a/backend/tests/integration/api/security/global-config-security.test.ts
+++ b/backend/tests/integration/api/security/global-config-security.test.ts
@ -5,7 +5,7 @@ import { container } from '../../../../src/config/dependency-injector.config.js'
 import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
 import { MEET_INITIAL_API_KEY } from '../../../../src/environment.js';
 import { MeetStorageService } from '../../../../src/services/index.js';
-import { AuthMode, AuthType, MeetRoomThemeMode } from '../../../../src/typings/ce/index.js';
+import { AuthMode, AuthTransportMode, AuthType, MeetRoomThemeMode } from '../../../../src/typings/ce/index.js';
 import { loginUser, startTestServer } from '../../../helpers/request-helpers.js';

 const CONFIG_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/config`;
@ -79,6 +79,7 @@ describe('Global Config API Security Tests', () => {
 				authMethod: {
 					type: AuthType.SINGLE_USER
 				},
+				authTransportMode: AuthTransportMode.COOKIE,
 				authModeToAccessRoom: AuthMode.ALL_USERS
 			}
 		};