Skip to content

test: add integration tests for authentication endpoints#39

Merged
DenizAltunkapan merged 3 commits into
Vault-Web:mainfrom
GabrielBBaldez:auth-endpoints-integration-tests
Jul 2, 2026
Merged

test: add integration tests for authentication endpoints#39
DenizAltunkapan merged 3 commits into
Vault-Web:mainfrom
GabrielBBaldez:auth-endpoints-integration-tests

Conversation

@GabrielBBaldez

Copy link
Copy Markdown
Member

Summary

Adds integration tests for the public authentication endpoints (/auth/register, /auth/login, /auth/refresh), addressing #31. The gateway is started on a random port backed by an in-memory R2DBC (H2) database, so each test exercises the full controller → service → repository path end to end (no mocking of the data layer).

Coverage (12 tests):

  • register: valid payload, duplicate email, duplicate username, invalid email format, weak password, missing field
  • login: valid (by email and by username), wrong password, non-existent user, missing field
  • refresh: round-trips a refresh token obtained from login

Drive-by fix: the new tests surfaced that request-validation failures (WebExchangeBindException from @Valid bodies) fell through to the generic handler and returned 500. Added a handler so they now return 400 with the field messages, consistent with the existing ConstraintViolationException handling.

Verified locally with mvn spotless:check test → 13 tests pass.

Resolves #31.

Copilot AI review requested due to automatic review settings June 19, 2026 18:37

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds end-to-end integration coverage for the API gateway’s public auth endpoints and fixes a validation error-mapping gap so @Valid @RequestBody failures return 400 instead of falling through to the generic 500 handler.

Changes:

  • Add GatewayAuthControllerIntegrationTest covering /auth/register, /auth/login, and /auth/refresh.
  • Add a WebExchangeBindException handler to return 400 BAD_REQUEST with aggregated field error messages.
  • Add test profile R2DBC H2 configuration + test-scoped H2 dependencies to run against an in-memory database.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File Description
apigateway/src/test/resources/application-test.yaml Configures in-memory R2DBC H2 and schema initialization for integration tests.
apigateway/src/test/java/vaultweb/apigateway/controller/GatewayAuthControllerIntegrationTest.java New integration tests for register/login/refresh flows using WebTestClient.
apigateway/src/main/java/vaultweb/apigateway/exceptions/GlobalExceptionHandler.java Adds handler for WebExchangeBindException to map body validation failures to 400 responses.
apigateway/pom.xml Adds test dependencies for running R2DBC H2 integration tests.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@GabrielBBaldez

Copy link
Copy Markdown
Member Author

Hey @DenizAltunkapan, this one's been sitting for a bit — CI's green and it's mergeable whenever you get a chance to take a look. Thanks!

@DenizAltunkapan

Copy link
Copy Markdown
Member

@GabrielBBaldez thanks for reminding me! it got lost in the emails

@DenizAltunkapan DenizAltunkapan left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DenizAltunkapan
DenizAltunkapan merged commit 75d1e27 into Vault-Web:main Jul 2, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Feature]: Add Integration Tests for Authentication Endpoints

3 participants