npm - @jmlq/auth - Versions diffs - 0.0.1-alpha.1 - Mend

@jmlq/auth 0.0.1-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (332) hide show

package/dist/src/shared/utils/time-parser.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+export declare class TimeParser {
+    private static readonly TIME_UNITS;
+    private static readonly TIME_PATTERN;
+    /**
+     * Convierte una cadena de tiempo (ej: "15m", "1h", "7d") a milisegundos
+     * @param timeString - Cadena de tiempo en formato número + unidad
+     * @returns Tiempo en milisegundos
+     * @throws Error si el formato es inválido
+     */
+    static parseToMilliseconds(timeString: string): number;
+    /**
+     * Valida si una cadena de tiempo tiene el formato correcto
+     * @param timeString - Cadena de tiempo a validar
+     * @returns true si es válida, false en caso contrario
+     */
+    static isValidTimeString(timeString: string): boolean;
+    /**
+     * Obtiene las unidades de tiempo soportadas
+     * @returns Array con las unidades soportadas
+     */
+    static getSupportedUnits(): string[];
+    /**
+     * Convierte milisegundos a formato legible
+     * @param milliseconds - Tiempo en milisegundos
+     * @returns Cadena de tiempo legible
+     */
+    static formatMilliseconds(milliseconds: number): string;
+}

package/dist/src/shared/utils/time-parser.js ADDED Viewed

@@ -0,0 +1,76 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TimeParser = void 0;
+class TimeParser {
+    /**
+     * Convierte una cadena de tiempo (ej: "15m", "1h", "7d") a milisegundos
+     * @param timeString - Cadena de tiempo en formato número + unidad
+     * @returns Tiempo en milisegundos
+     * @throws Error si el formato es inválido
+     */
+    static parseToMilliseconds(timeString) {
+        if (!timeString || typeof timeString !== "string") {
+            throw new Error("Time string is required and must be a string");
+        }
+        const trimmed = timeString.trim().toLowerCase();
+        const match = trimmed.match(this.TIME_PATTERN);
+        if (!match) {
+            throw new Error(`Invalid time format: "${timeString}". Expected format: number + unit (s, m, h, d). Examples: "15m", "1h", "7d"`);
+        }
+        const [, valueStr, unit] = match;
+        const value = parseInt(valueStr, 10);
+        if (isNaN(value) || value <= 0) {
+            throw new Error(`Invalid time value: "${valueStr}". Must be a positive number`);
+        }
+        const multiplier = this.TIME_UNITS[unit];
+        return value * multiplier;
+    }
+    /**
+     * Valida si una cadena de tiempo tiene el formato correcto
+     * @param timeString - Cadena de tiempo a validar
+     * @returns true si es válida, false en caso contrario
+     */
+    static isValidTimeString(timeString) {
+        try {
+            this.parseToMilliseconds(timeString);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Obtiene las unidades de tiempo soportadas
+     * @returns Array con las unidades soportadas
+     */
+    static getSupportedUnits() {
+        return Object.keys(this.TIME_UNITS);
+    }
+    /**
+     * Convierte milisegundos a formato legible
+     * @param milliseconds - Tiempo en milisegundos
+     * @returns Cadena de tiempo legible
+     */
+    static formatMilliseconds(milliseconds) {
+        const units = [
+            { unit: "d", value: 24 * 60 * 60 * 1000 },
+            { unit: "h", value: 60 * 60 * 1000 },
+            { unit: "m", value: 60 * 1000 },
+            { unit: "s", value: 1000 },
+        ];
+        for (const { unit, value } of units) {
+            if (milliseconds >= value && milliseconds % value === 0) {
+                return `${milliseconds / value}${unit}`;
+            }
+        }
+        return `${milliseconds}ms`;
+    }
+}
+exports.TimeParser = TimeParser;
+TimeParser.TIME_UNITS = {
+    s: 1000, // segundos
+    m: 60 * 1000, // minutos
+    h: 60 * 60 * 1000, // horas
+    d: 24 * 60 * 60 * 1000, // días
+};
+TimeParser.TIME_PATTERN = /^(\d+)([smhd])$/;

package/dist/tests/application/factory/auth-service-factory.spec.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/tests/application/factory/auth-service-factory.spec.js ADDED Viewed

@@ -0,0 +1,97 @@
+"use strict";
+// tests/application/factory/auth-service-factory.spec.ts
+Object.defineProperty(exports, "__esModule", { value: true });
+const domain_1 = require("../../../src/domain");
+const infrastructure_1 = require("../../../src/infrastructure");
+const use_cases_1 = require("../../../src/application/use-cases");
+const application_1 = require("src/application");
+describe("AuthServiceFactory", () => {
+    let config;
+    let userRepository;
+    let credentialRepository;
+    // const algorithm: AnyAlgorithm = "HS256";
+    beforeEach(() => {
+        config = {
+            jwt: {
+                accessTokenSecret: "access-secret",
+                refreshTokenSecret: "refresh-secret",
+                accessTokenExpirationMs: 15 * 60 * 1000,
+                refreshTokenExpirationMs: 7 * 24 * 60 * 60 * 1000,
+                accessTokenExpiration: "15m",
+                refreshTokenExpiration: "7d",
+            },
+            info: {
+                issuer: "test-issuer",
+                audience: "test-audience",
+            },
+            bcrypt: {
+                saltRounds: 10,
+            },
+            algorithm: "HS256",
+        };
+        userRepository = new infrastructure_1.InMemoryUserRepository();
+        credentialRepository = new infrastructure_1.InMemoryCredentialRepository();
+    });
+    it("debería crear un contenedor con todas las dependencias correctamente instanciadas", () => {
+        const container = application_1.AuthServiceFactory.create(config, userRepository, credentialRepository);
+        // Repositorios: deben ser exactamente los mismos que pasamos
+        expect(container.userRepository).toBe(userRepository);
+        expect(container.credentialRepository).toBe(credentialRepository);
+        // Servicios de dominio / infraestructura
+        expect(container.passwordHasher).toBeInstanceOf(infrastructure_1.BcryptPasswordHasher);
+        expect(container.passwordPolicy).toBeInstanceOf(domain_1.DefaultPasswordPolicy);
+        expect(container.tokenService).toBeInstanceOf(infrastructure_1.JwtTokenService);
+        expect(container.tokenSession).toBeInstanceOf(infrastructure_1.TokenSessionService);
+        // Casos de uso
+        expect(container.registerUserUseCase).toBeInstanceOf(use_cases_1.RegisterUserUseCase);
+        expect(container.loginWithPasswordUseCase).toBeInstanceOf(use_cases_1.LoginWithPasswordUseCase);
+        expect(container.refreshTokenUseCase).toBeInstanceOf(use_cases_1.RefreshTokenUseCase);
+        expect(container.logoutUseCase).toBeInstanceOf(use_cases_1.LogoutUseCase);
+    });
+    it("debería inyectar correctamente JwtTokenService con la configuración JWT recibida", () => {
+        const container = application_1.AuthServiceFactory.create(config, userRepository, credentialRepository);
+        const tokenService = container.tokenService;
+        const jwtConfig = tokenService.config;
+        expect(jwtConfig.accessTokenSecret).toBe(config.jwt.accessTokenSecret);
+        expect(jwtConfig.refreshTokenSecret).toBe(config.jwt.refreshTokenSecret);
+        expect(jwtConfig.accessTokenExpirationMs).toBe(config.jwt.accessTokenExpirationMs);
+        expect(jwtConfig.refreshTokenExpirationMs).toBe(config.jwt.refreshTokenExpirationMs);
+        expect(tokenService.jwtGenerator).toBeInstanceOf(infrastructure_1.JwtTokenGenerator);
+        expect(tokenService.jwtVerifier).toBeInstanceOf(infrastructure_1.JwtTokenVerifier);
+        expect(tokenService.jwtValidator).toBeInstanceOf(infrastructure_1.JwtTokenValidator);
+        const jwtGenerator = tokenService.jwtGenerator;
+        expect(jwtGenerator.signer).toBeInstanceOf(infrastructure_1.JwtSigner);
+        expect(jwtGenerator.encoder).toBeDefined();
+    });
+    it("debería compartir las mismas instancias de repositorios y servicios entre los casos de uso", () => {
+        const container = application_1.AuthServiceFactory.create(config, userRepository, credentialRepository);
+        const { userRepository: ur, credentialRepository: cr, passwordHasher, passwordPolicy, tokenService, tokenSession, registerUserUseCase, loginWithPasswordUseCase, refreshTokenUseCase, logoutUseCase, } = container;
+        // RegisterUserUseCase
+        expect(registerUserUseCase.userRepository).toBe(ur);
+        expect(registerUserUseCase.passwordHasher).toBe(passwordHasher);
+        expect(registerUserUseCase.passwordPolicy).toBe(passwordPolicy);
+        // LoginWithPasswordUseCase
+        expect(loginWithPasswordUseCase.userRepository).toBe(ur);
+        expect(loginWithPasswordUseCase.passwordHasher).toBe(passwordHasher);
+        expect(loginWithPasswordUseCase.tokenSessionService).toBe(tokenSession);
+        // RefreshTokenUseCase
+        const refreshValues = Object.values(refreshTokenUseCase);
+        expect(refreshValues).toContain(tokenSession);
+        // LogoutUseCase
+        const logoutValues = Object.values(logoutUseCase);
+        expect(logoutValues).toContain(tokenSession);
+        // TokenSessionService wiring interno
+        expect(tokenSession.userRepository).toBe(ur);
+        expect(tokenSession.credentialRepository).toBe(cr);
+        expect(tokenSession.tokenService).toBe(tokenService);
+    });
+    it("debería respetar las instancias de repositorios entregadas por el llamador", () => {
+        const otherUserRepo = new infrastructure_1.InMemoryUserRepository();
+        const otherCredRepo = new infrastructure_1.InMemoryCredentialRepository();
+        const container = application_1.AuthServiceFactory.create(config, otherUserRepo, otherCredRepo);
+        expect(container.userRepository).toBe(otherUserRepo);
+        expect(container.credentialRepository).toBe(otherCredRepo);
+        expect(container.userRepository).not.toBe(userRepository);
+        expect(container.credentialRepository).not.toBe(credentialRepository);
+    });
+});

package/dist/tests/application/use-cases/login-with-password.integration.spec.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/tests/application/use-cases/login-with-password.integration.spec.js ADDED Viewed

@@ -0,0 +1,140 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const application_1 = require("src/application");
+const domain_1 = require("src/domain");
+const infrastructure_1 = require("src/infrastructure");
+/**
+ * FakeTokenSession usa el repositorio de credenciales real,
+ * pero genera tokens simples sin firmar, sólo para pruebas.
+ */
+class FakeTokenSession {
+    constructor(credentialRepo) {
+        this.credentialRepo = credentialRepo;
+    }
+    async createSession(user) {
+        const credential = new domain_1.Credential({
+            userId: user.id,
+            accessToken: `access-${user.id.getValue()}`,
+            refreshToken: `refresh-${user.id.getValue()}`,
+            expiresAt: new Date(Date.now() + 60 * 60 * 1000),
+            createdAt: new Date(),
+        });
+        await this.credentialRepo.save(credential);
+        return credential;
+    }
+}
+// Constantes comunes
+const plainPassword = "MySecureP@ssw0rd";
+const bcryptHash = "$2b$10$CwTycUXWue0Thq9StjUM0uJ8E9aG7vlYgSi0hd0eZBwbNG0Ax7Anm";
+describe("LoginWithPasswordUseCase (integración con repositorios en memoria)", () => {
+    let userRepository;
+    let credentialRepository;
+    let passwordHasher;
+    let tokenSessionService;
+    let createSessionSpy;
+    let useCase;
+    beforeEach(() => {
+        userRepository = new infrastructure_1.InMemoryUserRepository();
+        credentialRepository = new infrastructure_1.InMemoryCredentialRepository();
+        passwordHasher = {
+            hash: jest.fn(),
+            compare: jest.fn(),
+        };
+        tokenSessionService = new FakeTokenSession(credentialRepository);
+        createSessionSpy = jest.spyOn(tokenSessionService, "createSession");
+        useCase = new application_1.LoginWithPasswordUseCase(userRepository, passwordHasher, tokenSessionService);
+    });
+    afterEach(() => {
+        jest.clearAllMocks();
+    });
+    const createUser = (props) => new domain_1.User({
+        id: new domain_1.Id("user-123"),
+        email: new domain_1.Email("login@example.com"),
+        password: new domain_1.HashedPassword(bcryptHash),
+        isActive: true,
+        roles: [new domain_1.Role("user")],
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        ...props,
+    });
+    it("debe crear una sesión persistida al loguear correctamente", async () => {
+        const emailValue = "login@example.com";
+        const user = createUser({ email: new domain_1.Email(emailValue) });
+        await userRepository.save(user);
+        passwordHasher.compare.mockResolvedValue(true);
+        const request = {
+            email: emailValue,
+            password: plainPassword,
+        };
+        // Act
+        const response = await useCase.execute(request);
+        // Assert: respuesta
+        expect(response.accessToken).toBe("access-user-123");
+        expect(response.refreshToken).toBe("refresh-user-123");
+        // Assert: credencial persistida en el repositorio
+        const storedCredential = await credentialRepository.findByUserId(user.id);
+        expect(storedCredential).not.toBeNull();
+        expect(storedCredential?.accessToken).toBe("access-user-123");
+        expect(storedCredential?.refreshToken).toBe("refresh-user-123");
+        // Assert: se llamó a createSession
+        expect(createSessionSpy).toHaveBeenCalledTimes(1);
+        expect(createSessionSpy).toHaveBeenCalledWith(user);
+    });
+    it("debe loguear correctamente cuando las credenciales son válidas y el usuario está activo", async () => {
+        const emailValue = "user@example.com";
+        const user = createUser({ email: new domain_1.Email(emailValue) });
+        await userRepository.save(user);
+        passwordHasher.compare.mockResolvedValue(true);
+        const request = {
+            email: emailValue,
+            password: plainPassword,
+        };
+        // Act
+        const response = await useCase.execute(request);
+        // Assert
+        expect(passwordHasher.compare).toHaveBeenCalledTimes(1);
+        expect(passwordHasher.compare).toHaveBeenCalledWith(request.password, user.password.serialize());
+        expect(createSessionSpy).toHaveBeenCalledTimes(1);
+        expect(createSessionSpy).toHaveBeenCalledWith(user);
+        expect(response).toEqual({
+            accessToken: "access-user-123",
+            refreshToken: "refresh-user-123",
+        });
+    });
+    it("debe lanzar UserNotFoundError cuando el usuario no existe", async () => {
+        const request = {
+            email: "unknown@example.com",
+            password: "whatever",
+        };
+        await expect(useCase.execute(request)).rejects.toBeInstanceOf(domain_1.UserNotFoundError);
+        expect(passwordHasher.compare).not.toHaveBeenCalled();
+        expect(createSessionSpy).not.toHaveBeenCalled();
+    });
+    it("debe lanzar UserDisabledError cuando el usuario está inactivo", async () => {
+        const emailValue = "disabled@example.com";
+        const user = createUser({ email: new domain_1.Email(emailValue) });
+        // Forzamos que canLogin() devuelva false
+        jest.spyOn(user, "canLogin").mockReturnValue(false);
+        await userRepository.save(user);
+        const request = {
+            email: emailValue,
+            password: "any-password",
+        };
+        await expect(useCase.execute(request)).rejects.toBeInstanceOf(domain_1.UserDisabledError);
+        expect(passwordHasher.compare).not.toHaveBeenCalled();
+        expect(createSessionSpy).not.toHaveBeenCalled();
+    });
+    it("debe lanzar PasswordMismatchError cuando la contraseña es incorrecta", async () => {
+        const emailValue = "user@example.com";
+        const user = createUser({ email: new domain_1.Email(emailValue) });
+        await userRepository.save(user);
+        passwordHasher.compare.mockResolvedValue(false);
+        const request = {
+            email: emailValue,
+            password: "wrong-password",
+        };
+        await expect(useCase.execute(request)).rejects.toBeInstanceOf(domain_1.PasswordMismatchError);
+        expect(passwordHasher.compare).toHaveBeenCalledTimes(1);
+        expect(createSessionSpy).not.toHaveBeenCalled();
+    });
+});

package/dist/tests/application/use-cases/logout-use-case.spec.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/tests/application/use-cases/logout-use-case.spec.js ADDED Viewed

@@ -0,0 +1,40 @@
+"use strict";
+// tests/application/use-cases/logout.usecase.spec.ts
+Object.defineProperty(exports, "__esModule", { value: true });
+const application_1 = require("src/application");
+const domain_1 = require("../../../src/domain");
+describe("LogoutUseCase", () => {
+    let tokenSessionMock;
+    let useCase;
+    beforeEach(() => {
+        tokenSessionMock = {
+            revokeSession: jest.fn(),
+        };
+        // Solo necesitamos revokeSession para este caso de uso,
+        // así que casteamos al tipo completo de ITokenSession.
+        useCase = new application_1.LogoutUseCase(tokenSessionMock);
+    });
+    it("debería cerrar sesión correctamente cuando revokeSession no lanza error", async () => {
+        // Arrange
+        const request = { refreshToken: "valid-refresh-token" };
+        tokenSessionMock.revokeSession.mockResolvedValueOnce(); // Promise<void>
+        // Act
+        const response = await useCase.execute(request);
+        // Assert
+        expect(tokenSessionMock.revokeSession).toHaveBeenCalledTimes(1);
+        expect(tokenSessionMock.revokeSession).toHaveBeenCalledWith("valid-refresh-token");
+        expect(response).toEqual({
+            success: true,
+            message: "Successfully logged out",
+        });
+    });
+    it("debería lanzar LogoutError cuando revokeSession lanza un error", async () => {
+        // Arrange
+        const request = { refreshToken: "invalid-refresh-token" };
+        tokenSessionMock.revokeSession.mockRejectedValueOnce(new Error("Some low-level error"));
+        // Act & Assert
+        await expect(useCase.execute(request)).rejects.toEqual(new domain_1.LogoutError("Failed to logout: invalid refresh token"));
+        expect(tokenSessionMock.revokeSession).toHaveBeenCalledTimes(1);
+        expect(tokenSessionMock.revokeSession).toHaveBeenCalledWith("invalid-refresh-token");
+    });
+});

package/dist/tests/application/use-cases/refresh-token-use-case.spec.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/tests/application/use-cases/refresh-token-use-case.spec.js ADDED Viewed

@@ -0,0 +1,116 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const application_1 = require("src/application");
+const refresh_token_use_case_1 = require("src/application/use-cases/refresh-token.use-case");
+const domain_1 = require("src/domain");
+const infrastructure_1 = require("src/infrastructure");
+const shared_1 = require("src/shared");
+describe("RefreshTokenUseCase", () => {
+    let userRepo;
+    let credentialRepo;
+    let passwordHasher;
+    let jwtSigner;
+    let tokenGenerator;
+    let tokenSessionService;
+    const jwtConfig = {
+        accessTokenSecret: "access_secret_key_123",
+        refreshTokenSecret: "refresh_secret_key_123",
+        accessTokenExpirationMs: 1000 * 60 * 15, // 15 minutos
+        refreshTokenExpirationMs: 1000 * 60 * 60 * 24, // 1 día,
+        algorithm: "HS256",
+    };
+    // Hash válido de "Password123!" (cost 10)
+    const VALID_BCRYPT = "$2b$10$CwTycUXWue0Thq9StjUM0uJ8rS8o9VZqvE8G9W9C6q7CwTycUXWu2";
+    beforeEach(() => {
+        userRepo = new infrastructure_1.InMemoryUserRepository();
+        credentialRepo = new infrastructure_1.InMemoryCredentialRepository();
+        passwordHasher = new infrastructure_1.BcryptPasswordHasher();
+        jwtSigner = new infrastructure_1.JwtSigner(new shared_1.Base64UrlEncoder());
+        // 👇 Ajuste: orden típico (signer, encoder). Mantén tu firma real si difiere.
+        tokenGenerator = new infrastructure_1.JwtTokenGenerator(new shared_1.Base64UrlEncoder(), jwtSigner);
+        // TokenSessionJWT implementa ITokenSession
+        class TokenSessionJWT {
+            constructor(tokenGen, credentialRepo) {
+                this.tokenGen = tokenGen;
+                this.credentialRepo = credentialRepo;
+            }
+            validateSession(_accessToken) {
+                throw new Error("Method not implemented.");
+            }
+            async createSession(user) {
+                const accessToken = this.tokenGen.generateAccessToken({
+                    user: {
+                        id: user.id.getValue(),
+                        email: user.email.toString(),
+                        roles: user.roles.map((r) => ({ role: r.getValuePublic().role })),
+                    },
+                    config: jwtConfig,
+                });
+                const refreshToken = this.tokenGen.generateRefreshToken({
+                    user: {
+                        id: user.id.getValue(),
+                        email: user.email.toString(),
+                        roles: user.roles.map((r) => ({ role: r.getValuePublic().role })),
+                    },
+                    config: jwtConfig,
+                });
+                const credential = new domain_1.Credential({
+                    userId: new domain_1.Id(user.id.getValue()),
+                    accessToken,
+                    refreshToken,
+                    expiresAt: new Date(Date.now() + jwtConfig.accessTokenExpirationMs),
+                    createdAt: new Date(),
+                });
+                await this.credentialRepo.save(credential);
+                return credential;
+            }
+            async refreshSession(refreshToken) {
+                const found = await this.credentialRepo.findByRefreshToken(refreshToken);
+                if (!found)
+                    throw new domain_1.InvalidOrExpiredRefreshTokenError();
+                // ✅ (opcional) rotar: revocar el refresh anterior para evitar reutilización
+                await this.credentialRepo.deleteByRefreshToken(refreshToken);
+                const user = new domain_1.User({
+                    id: new domain_1.Id(found.userId.getValue()),
+                    email: new domain_1.Email("user@example.com"),
+                    roles: [new domain_1.Role("USER")],
+                    password: new domain_1.HashedPassword(VALID_BCRYPT),
+                    isActive: true,
+                    createdAt: new Date(),
+                    updatedAt: new Date(),
+                });
+                return this.createSession(user);
+            }
+            async revokeSession(refreshToken) {
+                await this.credentialRepo.deleteByRefreshToken(refreshToken);
+            }
+        }
+        tokenSessionService = new TokenSessionJWT(tokenGenerator, credentialRepo);
+    });
+    it("debería crear un usuario, loguearlo y refrescar su token", async () => {
+        // 1️⃣ Registrar usuario
+        const passwordPolicy = new domain_1.DefaultPasswordPolicy();
+        const registerUser = new application_1.RegisterUserUseCase(userRepo, passwordHasher, passwordPolicy);
+        const email = "user@example.com";
+        const password = "Password123!";
+        const roles = [{ role: "USER" }];
+        await registerUser.execute({ email, password, roles });
+        // 2️⃣ Loguear usuario
+        const login = new application_1.LoginWithPasswordUseCase(userRepo, passwordHasher, tokenSessionService);
+        const loginResponse = await login.execute({ email, password });
+        expect(loginResponse.accessToken).toBeDefined();
+        expect(loginResponse.refreshToken).toBeDefined();
+        // 3️⃣ Refrescar Token
+        const refreshTokenUseCase = new refresh_token_use_case_1.RefreshTokenUseCase(tokenSessionService);
+        const refreshed = await refreshTokenUseCase.execute({
+            refreshToken: loginResponse.refreshToken,
+        });
+        expect(refreshed.accessToken).toBeDefined();
+        expect(refreshed.refreshToken).toBeDefined();
+        expect(refreshed.refreshToken).not.toEqual(loginResponse.refreshToken);
+    });
+    it("debería lanzar InvalidOrExpiredRefreshTokenError si el token no existe", async () => {
+        const refreshTokenUseCase = new refresh_token_use_case_1.RefreshTokenUseCase(tokenSessionService);
+        await expect(refreshTokenUseCase.execute({ refreshToken: "invalid.token" })).rejects.toThrow(domain_1.InvalidOrExpiredRefreshTokenError);
+    });
+});

package/dist/tests/application/use-cases/register-user.usecase.spec.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/tests/application/use-cases/register-user.usecase.spec.js ADDED Viewed

@@ -0,0 +1,151 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const application_1 = require("src/application");
+const domain_1 = require("src/domain");
+describe("RegisterUserUseCase", () => {
+    let userRepository;
+    let passwordHasher;
+    let passwordPolicy;
+    let useCase;
+    beforeEach(() => {
+        userRepository = {
+            findByEmail: jest.fn(),
+            save: jest.fn(),
+            // agrega otros métodos del repo si existen, con jest.fn()
+        };
+        passwordHasher = {
+            hash: jest.fn(),
+        };
+        passwordPolicy = {
+            validateStrength: jest.fn(),
+            getRequirements: jest.fn(),
+        };
+        useCase = new application_1.RegisterUserUseCase(userRepository, passwordHasher, passwordPolicy);
+        jest.clearAllMocks();
+    });
+    it("debería lanzar PasswordPolicyViolationError si la contraseña no cumple la política", async () => {
+        const weakPasswordErrors = ["Too short", "No number"];
+        passwordPolicy.validateStrength.mockReturnValue({
+            isValid: false,
+            errors: weakPasswordErrors,
+        });
+        const request = {
+            email: "test@example.com",
+            password: "weak",
+            roles: [],
+        };
+        await expect(useCase.execute(request)).rejects.toBeInstanceOf(domain_1.PasswordPolicyViolationError);
+        expect(passwordPolicy.validateStrength).toHaveBeenCalledWith(request.password);
+        expect(userRepository.findByEmail).not.toHaveBeenCalled();
+        expect(passwordHasher.hash).not.toHaveBeenCalled();
+        expect(userRepository.save).not.toHaveBeenCalled();
+    });
+    it("debería lanzar EmailAlreadyInUseError si el email ya existe", async () => {
+        passwordPolicy.validateStrength.mockReturnValue({
+            isValid: true,
+            errors: [],
+        });
+        // No necesitamos un User real, basta con algo truthy
+        const existingUser = {};
+        userRepository.findByEmail.mockResolvedValue(existingUser);
+        const request = {
+            email: "used@example.com",
+            password: "StrongP@ss1",
+            roles: [],
+        };
+        await expect(useCase.execute(request)).rejects.toBeInstanceOf(domain_1.EmailAlreadyInUseError);
+        expect(passwordPolicy.validateStrength).toHaveBeenCalledWith(request.password);
+        expect(userRepository.findByEmail).toHaveBeenCalledTimes(1);
+        expect(passwordHasher.hash).not.toHaveBeenCalled();
+        expect(userRepository.save).not.toHaveBeenCalled();
+    });
+    it("debería registrar un usuario, guardar en el repositorio y retornar la respuesta correcta", async () => {
+        passwordPolicy.validateStrength.mockReturnValue({
+            isValid: true,
+            errors: [],
+        });
+        userRepository.findByEmail.mockResolvedValue(null);
+        const hashedPassword = "hashed-password-123";
+        passwordHasher.hash.mockResolvedValue(hashedPassword);
+        const request = {
+            email: "newuser@example.com",
+            password: "StrongP@ss1",
+            roles: [
+                {
+                    role: "ADMIN",
+                    permissions: ["user.read", "user.write"],
+                },
+            ],
+        };
+        // Fake user que retornará User.create
+        const fakeUserIdValue = "generated-user-id";
+        const fakePublicRoles = [
+            {
+                role: "ADMIN",
+                permissions: ["user.read", "user.write"],
+            },
+        ];
+        const fakeUser = {
+            id: {
+                getValue: jest.fn().mockReturnValue(fakeUserIdValue),
+            },
+            roles: [
+                {
+                    getValuePublic: jest.fn().mockReturnValue(fakePublicRoles[0]),
+                },
+            ],
+            isActive: true,
+        };
+        const createSpy = jest
+            .spyOn(domain_1.User, "create")
+            .mockReturnValue(fakeUser);
+        const result = await useCase.execute(request);
+        // Validar interacción con passwordPolicy y repos
+        expect(passwordPolicy.validateStrength).toHaveBeenCalledWith(request.password);
+        expect(userRepository.findByEmail).toHaveBeenCalledTimes(1);
+        expect(passwordHasher.hash).toHaveBeenCalledWith(request.password);
+        // Validar que se llama User.create con los argumentos esperados
+        expect(createSpy).toHaveBeenCalledWith(request.email, expect.arrayContaining([
+            expect.objectContaining({}), // aquí solo validamos que se pasó al menos un Role
+        ]), hashedPassword);
+        // Validar que se persiste el usuario
+        expect(userRepository.save).toHaveBeenCalledWith(fakeUser);
+        const expectedResponse = {
+            id: fakeUserIdValue,
+            roles: fakePublicRoles,
+            isActive: true,
+        };
+        expect(result).toEqual(expectedResponse);
+    });
+    it("debería permitir registrar usuario sin roles (array vacío por defecto)", async () => {
+        passwordPolicy.validateStrength.mockReturnValue({
+            isValid: true,
+            errors: [],
+        });
+        userRepository.findByEmail.mockResolvedValue(null);
+        const hashedPassword = "hashed-no-roles";
+        passwordHasher.hash.mockResolvedValue(hashedPassword);
+        const request = {
+            email: "noroles@example.com",
+            password: "StrongP@ss1",
+            // roles: undefined
+        };
+        const fakeUser = {
+            id: {
+                getValue: jest.fn().mockReturnValue("no-roles-id"),
+            },
+            roles: [],
+            isActive: true,
+        };
+        jest.spyOn(domain_1.User, "create").mockReturnValue(fakeUser);
+        const result = await useCase.execute(request);
+        expect(userRepository.findByEmail).toHaveBeenCalledTimes(1);
+        expect(passwordHasher.hash).toHaveBeenCalledWith(request.password);
+        expect(userRepository.save).toHaveBeenCalledWith(fakeUser);
+        expect(result).toEqual({
+            id: "no-roles-id",
+            roles: [],
+            isActive: true,
+        });
+    });
+});

package/dist/tests/domain/entities/credential.spec.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};