@jmruthers/pace-core 0.5.135 → 0.5.137

package/src/components/PublicLayout/__tests__/PublicPageDebugger.test.tsx

@@ -1,185 +0,0 @@
-/**
- * @file PublicPageDebugger Component Tests
- * @package @jmruthers/pace-core
- * @module Components/PublicLayout/__tests__
- * @since 1.0.0
- *
- * Comprehensive tests for the PublicPageDebugger component
- */
-
-import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
-import { render, screen } from '@testing-library/react';
-import { PublicPageDebugger } from '../PublicPageDebugger';
-import { PublicPageProvider } from '../PublicPageProvider';
-
-describe('PublicPageDebugger', () => {
-  const consoleLogSpy = vi.spyOn(console, 'log');
-  const consoleWarnSpy = vi.spyOn(console, 'warn');
-
-  beforeEach(() => {
-    vi.clearAllMocks();
-    consoleLogSpy.mockImplementation(() => {});
-    consoleWarnSpy.mockImplementation(() => {});
-  });
-
-  afterEach(() => {
-    consoleLogSpy.mockRestore();
-    consoleWarnSpy.mockRestore();
-  });
-
-  describe('Rendering', () => {
-    it('renders debugger UI when enabled', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-      expect(screen.getByText('Check console for context analysis')).toBeInTheDocument();
-    });
-
-    it('does not render when disabled', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={false} />
-        </PublicPageProvider>
-      );
-
-      expect(screen.queryByText('Public Page Debugger')).not.toBeInTheDocument();
-    });
-
-    it('renders with default enabled state', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-    });
-
-    it('renders with custom label', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger label="CustomLabel" />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-    });
-  });
-
-  describe('Console Logging', () => {
-    it('renders with debugging enabled', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} label="TestLabel" />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-    });
-
-    it('does not render when disabled', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={false} label="TestLabel" />
-        </PublicPageProvider>
-      );
-
-      expect(screen.queryByText('Public Page Debugger')).not.toBeInTheDocument();
-    });
-  });
-
-  describe('Context Detection', () => {
-    it('renders within public page context', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} label="TestLabel" />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-    });
-  });
-
-  describe('Visual Debugger', () => {
-    it('displays fixed position debugger', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} />
-        </PublicPageProvider>
-      );
-
-      // Visual debugger should be rendered
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-    });
-
-    it('renders debugger with correct text content', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-      expect(screen.getByText('Check console for context analysis')).toBeInTheDocument();
-    });
-  });
-
-  describe('Edge Cases', () => {
-    it('renders without crashing', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-    });
-
-    it('handles multiple instances', () => {
-      render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} label="FirstDebugger" />
-          <PublicPageDebugger enabled={true} label="SecondDebugger" />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getAllByText('Public Page Debugger')).toHaveLength(2);
-    });
-
-    it('handles label changes on re-render', () => {
-      const { rerender } = render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} label="Label1" />
-        </PublicPageProvider>
-      );
-
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-
-      rerender(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} label="Label2" />
-        </PublicPageProvider>
-      );
-
-      // Component should still render
-      expect(screen.getByText('Public Page Debugger')).toBeInTheDocument();
-    });
-  });
-
-  describe('Performance', () => {
-    it('renders quickly without performance issues', () => {
-      const { container } = render(
-        <PublicPageProvider>
-          <PublicPageDebugger enabled={true} label="TestLabel" />
-        </PublicPageProvider>
-      );
-
-      expect(container).toBeInTheDocument();
-    });
-  });
-});
-

package/src/validation/__tests__/common.unit.test.ts

@@ -1,101 +0,0 @@
-import { describe, it, expect } from 'vitest';
-import { 
-  emailSchema, 
-  nameSchema, 
-  phoneSchema, 
-  urlSchema, 
-  dateSchema 
-} from '../common';
-
-describe('Common Validation Schemas', () => {
-  describe('emailSchema', () => {
-    it('should validate correct email addresses', () => {
-      expect(emailSchema.safeParse('test@example.com').success).toBe(true);
-      expect(emailSchema.safeParse('user.name+tag@domain.co.uk').success).toBe(true);
-      expect(emailSchema.safeParse('123@domain.org').success).toBe(true);
-    });
-
-    it('should reject invalid email addresses', () => {
-      expect(emailSchema.safeParse('invalid-email').success).toBe(false);
-      expect(emailSchema.safeParse('@domain.com').success).toBe(false);
-      expect(emailSchema.safeParse('user@').success).toBe(false);
-      expect(emailSchema.safeParse('').success).toBe(false);
-    });
-
-    it('should reject emails that are too long', () => {
-      const longEmail = 'a'.repeat(255) + '@example.com';
-      expect(emailSchema.safeParse(longEmail).success).toBe(false);
-    });
-  });
-
-  describe('nameSchema', () => {
-    it('should validate correct names', () => {
-      expect(nameSchema.safeParse('John Doe').success).toBe(true);
-      expect(nameSchema.safeParse('Mary-Jane').success).toBe(true);
-      expect(nameSchema.safeParse("O'Connor").success).toBe(true);
-    });
-
-    it('should reject invalid names', () => {
-      expect(nameSchema.safeParse('').success).toBe(false);
-      expect(nameSchema.safeParse('John123').success).toBe(false);
-      expect(nameSchema.safeParse('John@Doe').success).toBe(false);
-    });
-
-    it('should reject names that are too long', () => {
-      const longName = 'A'.repeat(101);
-      expect(nameSchema.safeParse(longName).success).toBe(false);
-    });
-  });
-
-  describe('phoneSchema', () => {
-    it('should validate correct phone numbers', () => {
-      expect(phoneSchema.safeParse('+1-555-123-4567').success).toBe(true);
-      expect(phoneSchema.safeParse('555-123-4567').success).toBe(true);
-      expect(phoneSchema.safeParse('(555) 123-4567').success).toBe(true);
-    });
-
-    it('should reject invalid phone numbers', () => {
-      expect(phoneSchema.safeParse('123').success).toBe(false);
-      expect(phoneSchema.safeParse('not-a-number').success).toBe(false);
-      expect(phoneSchema.safeParse('').success).toBe(false);
-    });
-
-    it('should reject phone numbers that are too short or long', () => {
-      expect(phoneSchema.safeParse('123').success).toBe(false);
-      expect(phoneSchema.safeParse('1'.repeat(21)).success).toBe(false);
-    });
-  });
-
-  describe('urlSchema', () => {
-    it('should validate correct URLs', () => {
-      expect(urlSchema.safeParse('https://example.com').success).toBe(true);
-      expect(urlSchema.safeParse('http://sub.domain.co.uk/path').success).toBe(true);
-      expect(urlSchema.safeParse('https://example.com?param=value').success).toBe(true);
-    });
-
-    it('should reject invalid URLs', () => {
-      expect(urlSchema.safeParse('not-a-url').success).toBe(false);
-      expect(urlSchema.safeParse('').success).toBe(false);
-    });
-
-    it('should reject URLs that are too long', () => {
-      const longUrl = 'https://example.com/' + 'a'.repeat(2048);
-      expect(urlSchema.safeParse(longUrl).success).toBe(false);
-    });
-  });
-
-  describe('dateSchema', () => {
-    it('should validate correct dates', () => {
-      expect(dateSchema.safeParse('2023-12-25').success).toBe(true);
-      expect(dateSchema.safeParse('2023-01-01').success).toBe(true);
-    });
-
-    it('should reject invalid dates', () => {
-      expect(dateSchema.safeParse('invalid-date').success).toBe(false);
-      expect(dateSchema.safeParse('2023/12/25').success).toBe(false);
-      expect(dateSchema.safeParse('12/25/2023').success).toBe(false);
-      expect(dateSchema.safeParse('2023-13-45').success).toBe(false);
-      expect(dateSchema.safeParse('').success).toBe(false);
-    });
-  });
-}); 

package/src/validation/__tests__/csrf.unit.test.ts

@@ -1,365 +0,0 @@
-/**
- * @file CSRF Protection Unit Tests
- * @package @jmruthers/pace-core
- * @module Validation/CSRF/Tests
- * @since 0.1.0
- */
-
-import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
-import {
-  generateCSRFToken,
-  validateCSRFToken,
-  getCSRFToken,
-  csrfManager,
-  CSRFTokenData,
-} from '../csrf';
-
-// Mock crypto for testing
-const mockCrypto = {
-  getRandomValues: vi.fn(),
-};
-
-Object.defineProperty(global, 'crypto', {
-  value: mockCrypto,
-  writable: true,
-});
-
-// Mock secure storage
-vi.mock('../../utils/secureStorage', () => ({
-  secureStorage: {
-    setItem: vi.fn().mockResolvedValue(undefined),
-    getItem: vi.fn().mockResolvedValue(null),
-    removeItem: vi.fn().mockResolvedValue(undefined),
-  },
-}));
-
-describe('CSRF Protection', () => {
-  const testSessionId = 'test-session-123';
-  const testSessionId2 = 'test-session-456';
-
-  beforeEach(() => {
-    vi.clearAllMocks();
-    mockCrypto.getRandomValues.mockImplementation((array) => {
-      for (let i = 0; i < array.length; i++) {
-        array[i] = Math.floor(Math.random() * 256);
-      }
-      return array;
-    });
-  });
-
-  afterEach(async () => {
-    // Clear session tokens
-    await csrfManager.clearSession(testSessionId);
-    await csrfManager.clearSession(testSessionId2);
-  });
-
-  describe('generateCSRFToken', () => {
-    it('should generate a valid CSRF token', async () => {
-      const token = await generateCSRFToken(testSessionId);
-      
-      expect(token).toBeDefined();
-      expect(typeof token).toBe('string');
-      expect(token.length).toBe(64); // 32 bytes * 2 hex chars
-    });
-
-    it('should generate different tokens on subsequent calls', async () => {
-      const token1 = await generateCSRFToken(testSessionId);
-      const token2 = await generateCSRFToken(testSessionId);
-      
-      expect(token1).not.toBe(token2);
-    });
-
-    it('should generate tokens for different sessions', async () => {
-      const token1 = await generateCSRFToken(testSessionId);
-      const token2 = await generateCSRFToken(testSessionId2);
-      
-      expect(token1).not.toBe(token2);
-    });
-
-    it('should handle crypto.getRandomValues errors', async () => {
-      mockCrypto.getRandomValues.mockImplementation(() => {
-        throw new Error('Crypto unavailable');
-      });
-
-      await expect(generateCSRFToken(testSessionId)).rejects.toThrow('CSRF token generation failed');
-    });
-  });
-
-  describe('validateCSRFToken', () => {
-    it('should validate a valid token for correct session', async () => {
-      const token = await generateCSRFToken(testSessionId);
-      const isValid = await validateCSRFToken(token, testSessionId);
-      
-      expect(isValid).toBe(true);
-    });
-
-    it('should reject token for wrong session', async () => {
-      const token = await generateCSRFToken(testSessionId);
-      const isValid = await validateCSRFToken(token, testSessionId2);
-      
-      expect(isValid).toBe(false);
-    });
-
-    it('should reject invalid token format', async () => {
-      const invalidToken = 'invalid-token';
-      const isValid = await validateCSRFToken(invalidToken, testSessionId);
-      
-      expect(isValid).toBe(false);
-    });
-
-    it('should reject reused tokens (one-time use)', async () => {
-      const token = await generateCSRFToken(testSessionId);
-      
-      // First use should succeed
-      const firstUse = await validateCSRFToken(token, testSessionId);
-      expect(firstUse).toBe(true);
-      
-      // Second use should fail
-      const secondUse = await validateCSRFToken(token, testSessionId);
-      expect(secondUse).toBe(false);
-    });
-
-    it('should handle empty or null tokens', async () => {
-      expect(await validateCSRFToken('', testSessionId)).toBe(false);
-      expect(await validateCSRFToken(null as any, testSessionId)).toBe(false);
-      expect(await validateCSRFToken(undefined as any, testSessionId)).toBe(false);
-    });
-  });
-
-  describe('getCSRFToken', () => {
-    it('should return existing valid token for session', async () => {
-      const generatedToken = await generateCSRFToken(testSessionId);
-      const retrievedToken = await getCSRFToken(testSessionId);
-      
-      expect(retrievedToken).toBeDefined();
-      expect(typeof retrievedToken).toBe('string');
-    });
-
-    it('should generate new token if none exists', async () => {
-      const token = await getCSRFToken(testSessionId);
-      
-      expect(token).toBeDefined();
-      expect(typeof token).toBe('string');
-      expect(token!.length).toBe(64);
-    });
-
-    it('should return different tokens for different sessions', async () => {
-      const token1 = await getCSRFToken(testSessionId);
-      const token2 = await getCSRFToken(testSessionId2);
-      
-      expect(token1).not.toBe(token2);
-    });
-  });
-
-  describe('csrfManager', () => {
-    it('should manage multiple sessions', async () => {
-      const token1 = await csrfManager.generateToken(testSessionId);
-      const token2 = await csrfManager.generateToken(testSessionId2);
-      
-      expect(await csrfManager.validateToken(token1, testSessionId)).toBe(true);
-      expect(await csrfManager.validateToken(token2, testSessionId2)).toBe(true);
-      
-      // Cross-session validation should fail
-      expect(await csrfManager.validateToken(token1, testSessionId2)).toBe(false);
-      expect(await csrfManager.validateToken(token2, testSessionId)).toBe(false);
-    });
-
-    it('should clear session tokens', async () => {
-      const token = await csrfManager.generateToken(testSessionId);
-      
-      // Token should be valid
-      expect(await csrfManager.validateToken(token, testSessionId)).toBe(true);
-      
-      // Clear session
-      await csrfManager.clearSession(testSessionId);
-      
-      // Token should no longer be valid
-      expect(await csrfManager.validateToken(token, testSessionId)).toBe(false);
-    });
-
-    it('should handle getCurrentToken for existing session', async () => {
-      await csrfManager.generateToken(testSessionId);
-      const currentToken = await csrfManager.getCurrentToken(testSessionId);
-      
-      expect(currentToken).toBeDefined();
-      expect(typeof currentToken).toBe('string');
-    });
-
-    it('should handle getCurrentToken for new session', async () => {
-      const currentToken = await csrfManager.getCurrentToken('new-session-789');
-      
-      expect(currentToken).toBeDefined();
-      expect(typeof currentToken).toBe('string');
-      expect(currentToken!.length).toBe(64);
-    });
-  });
-
-  describe('Token Lifecycle and Expiry', () => {
-    it('should handle token expiry', async () => {
-      // Mock Date.now to simulate time passage
-      const originalNow = Date.now;
-      const mockNow = vi.fn();
-      Date.now = mockNow;
-
-      try {
-        const initialTime = 1000000;
-        mockNow.mockReturnValue(initialTime);
-
-        const token = await generateCSRFToken(testSessionId);
-        
-        // Token should be valid immediately
-        expect(await validateCSRFToken(token, testSessionId)).toBe(true);
-        
-        // Regenerate token since it was consumed
-        const token2 = await generateCSRFToken(testSessionId);
-        
-        // Simulate time passage beyond expiry (30 minutes + 1 second)
-        mockNow.mockReturnValue(initialTime + (30 * 60 * 1000) + 1000);
-        
-        // Token should now be expired
-        expect(await validateCSRFToken(token2, testSessionId)).toBe(false);
-      } finally {
-        Date.now = originalNow;
-      }
-    });
-  });
-
-  describe('Security Features', () => {
-    it('should limit tokens per session', async () => {
-      // Generate maximum tokens for session
-      const tokens: string[] = [];
-      for (let i = 0; i < 15; i++) { // More than MAX_TOKENS_PER_SESSION (10)
-        const token = await generateCSRFToken(testSessionId);
-        tokens.push(token);
-      }
-      
-      expect(tokens.length).toBe(15);
-      expect(new Set(tokens).size).toBe(15); // All should be unique
-    });
-
-    it('should use cryptographically secure random values', async () => {
-      const calledValues: Uint8Array[] = [];
-      mockCrypto.getRandomValues.mockImplementation((array) => {
-        calledValues.push(new Uint8Array(array));
-        for (let i = 0; i < array.length; i++) {
-          array[i] = i % 256; // Deterministic but different values
-        }
-        return array;
-      });
-
-      await generateCSRFToken(testSessionId);
-      
-      expect(mockCrypto.getRandomValues).toHaveBeenCalledTimes(1);
-      expect(calledValues[0].length).toBe(32); // 32 bytes
-    });
-  });
-
-  describe('Error Handling', () => {
-    it('should handle storage failures gracefully', async () => {
-      // Mock storage to fail
-      const { secureStorage } = await import('../../utils/secureStorage');
-      vi.mocked(secureStorage.setItem).mockRejectedValue(new Error('Storage failed'));
-
-      // Should still generate token despite storage failure
-      const token = await generateCSRFToken(testSessionId);
-      expect(token).toBeDefined();
-    });
-
-    it('should handle storage retrieval failures', async () => {
-      const { secureStorage } = await import('../../utils/secureStorage');
-      vi.mocked(secureStorage.getItem).mockRejectedValue(new Error('Retrieval failed'));
-
-      // Should still work by creating new tokens
-      const token = await getCSRFToken(testSessionId);
-      expect(token).toBeDefined();
-    });
-
-    it('should handle malformed stored data', async () => {
-      const { secureStorage } = await import('../../utils/secureStorage');
-      vi.mocked(secureStorage.getItem).mockResolvedValue('invalid-json');
-
-      // Should clear cache and continue working
-      const token = await getCSRFToken(testSessionId);
-      expect(token).toBeDefined();
-    });
-  });
-
-     describe('Type Safety', () => {
-     it('should have correct CSRFTokenData interface', () => {
-       const tokenData: CSRFTokenData = {
-         token: 'test-token',
-         sessionId: 'test-session',
-         timestamp: Date.now(),
-         used: false,
-       };
-
-       expect(tokenData.token).toBe('test-token');
-       expect(tokenData.sessionId).toBe('test-session');
-       expect(typeof tokenData.timestamp).toBe('number');
-       expect(typeof tokenData.used).toBe('boolean');
-     });
-   });
-
-   describe('Edge Cases', () => {
-     it('should handle very long session IDs', async () => {
-       const longSessionId = 'a'.repeat(500);
-       const token = await generateCSRFToken(longSessionId);
-       
-       expect(token).toBeDefined();
-       expect(token.length).toBe(64);
-       
-       // Should be valid for that session
-       const isValid = await validateCSRFToken(token, longSessionId);
-       expect(isValid).toBe(true);
-     });
-
-     it('should handle rapid token generation', async () => {
-       const tokens = await Promise.all(
-         Array.from({ length: 20 }, () => generateCSRFToken(testSessionId))
-       );
-       
-       expect(tokens).toHaveLength(20);
-       // All should be unique 32-byte tokens
-       const uniqueTokens = new Set(tokens);
-       expect(uniqueTokens.size).toBe(20);
-       
-       // Last token should be valid
-       const lastToken = tokens[tokens.length - 1];
-       expect(await validateCSRFToken(lastToken, testSessionId)).toBe(true);
-     });
-
-     it('should handle storage corruption by clearing cache', async () => {
-       const { secureStorage } = await import('../../utils/secureStorage');
-       
-       // Simulate malformed storage data
-       vi.mocked(secureStorage.getItem).mockResolvedValueOnce('{{invalid json}');
-       
-       // Should handle gracefully and generate new token
-       const token = await getCSRFToken(testSessionId);
-       expect(token).toBeDefined();
-       expect(typeof token).toBe('string');
-     });
-
-     it('should handle concurrent token generation safely', async () => {
-       const promises = Array.from({ length: 10 }, (_, i) => 
-         generateCSRFToken(`session-${i}`)
-       );
-       
-       const tokens = await Promise.all(promises);
-       
-       expect(tokens).toHaveLength(10);
-       expect(new Set(tokens).size).toBe(10);
-     });
-
-     it('should handle session ID collision edge cases', async () => {
-       const sameSession = 'collision-session';
-       
-       const token1 = await generateCSRFToken(sameSession);
-       const token2 = await generateCSRFToken(sameSession);
-       
-       // Both should be valid for same session
-       expect(await validateCSRFToken(token1, sameSession)).toBe(true);
-       expect(await validateCSRFToken(token2, sameSession)).toBe(true);
-     });
-   });
-});