@nauth-toolkit/core 0.1.0 → 0.1.5

package/src/services/auth-audit.service.spec.ts

@@ -1,675 +0,0 @@
-import { Repository, SelectQueryBuilder } from 'typeorm';
-import { InternalAuthAuditService as AuthAuditService } from './auth-audit.service';
-import { BaseAuthAudit, BaseUser } from '../entities';
-import { IAuthAudit, IUser } from '../interfaces/entities.interface';
-import { AuthAuditEventType } from '../enums/auth-audit-event-type.enum';
-import { AuthAuditEventStatus } from '../entities/auth-audit.entity';
-import { NAuthLogger } from '../utils/nauth-logger';
-import { NAuthException } from '../exceptions/nauth.exception';
-import { ClientInfoService } from './client-info.service';
-import { ClientInfo } from '../interfaces/client-info.interface';
-import { RiskFactor } from '../enums/risk-factor.enum';
-import { GetUserAuthHistoryDTO } from '../dto/get-user-auth-history.dto';
-import { GetEventsByTypeDTO } from '../dto/get-events-by-type.dto';
-import { GetSuspiciousActivityDTO } from '../dto/get-suspicious-activity.dto';
-import { GetRiskAssessmentHistoryDTO } from '../dto/get-risk-assessment-history.dto';
-
-/**
- * Auth Audit Service Unit Tests
- *
- * Tests audit event recording, querying, and filtering functionality.
- * Covers all methods, edge cases, client info extraction, and error handling.
- *
- * Platform-agnostic: Uses direct instantiation, no NestJS dependencies.
- */
-describe('AuthAuditService', () => {
-  let service: AuthAuditService; // Use InternalAuthAuditService (aliased) for tests since it includes recordEvent()
-  let mockAuditRepository: jest.Mocked<Repository<BaseAuthAudit>>;
-  let mockUserRepository: jest.Mocked<Repository<BaseUser>>;
-  let mockLogger: jest.Mocked<NAuthLogger>;
-  let mockClientInfoService: jest.Mocked<ClientInfoService>;
-  let mockQueryBuilder: jest.Mocked<SelectQueryBuilder<BaseAuthAudit>>;
-
-  const mockUser: Partial<IUser> = {
-    id: 1,
-    sub: 'user-uuid-123',
-    email: 'test@example.com',
-  };
-
-  const mockAuditRecord: Partial<IAuthAudit> = {
-    id: 1,
-    userId: 1,
-    eventType: AuthAuditEventType.LOGIN_SUCCESS,
-    eventStatus: 'SUCCESS' as AuthAuditEventStatus,
-    ipAddress: '1.2.3.4',
-    userAgent: 'test-user-agent',
-    createdAt: new Date(),
-  };
-
-  beforeEach(() => {
-    // Create mock query builder
-    mockQueryBuilder = {
-      where: jest.fn().mockReturnThis(),
-      andWhere: jest.fn().mockReturnThis(),
-      orderBy: jest.fn().mockReturnThis(),
-      skip: jest.fn().mockReturnThis(),
-      take: jest.fn().mockReturnThis(),
-      getManyAndCount: jest.fn(),
-      getMany: jest.fn(),
-    } as any;
-
-    // TypeScript expects orderBy to accept 1 or 2 arguments, but mock can accept any
-    (mockQueryBuilder.orderBy as any).mockImplementation(() => mockQueryBuilder);
-
-    // Create mock repositories
-    mockAuditRepository = {
-      create: jest.fn(),
-      save: jest.fn(),
-      createQueryBuilder: jest.fn(() => mockQueryBuilder),
-      findOne: jest.fn(),
-    } as any;
-
-    mockUserRepository = {
-      findOne: jest.fn(),
-    } as any;
-
-    // Create mock services
-    mockLogger = {
-      log: jest.fn(),
-      error: jest.fn(),
-      warn: jest.fn(),
-      debug: jest.fn(),
-    } as any;
-
-    mockClientInfoService = {
-      get: jest.fn(),
-    } as any;
-
-    // Instantiate service directly (using InternalAuthAuditService aliased as AuthAuditService for tests)
-    service = new AuthAuditService(mockAuditRepository, mockUserRepository, mockLogger, mockClientInfoService);
-  });
-
-  afterEach(() => {
-    jest.clearAllMocks();
-  });
-
-  // ============================================================================
-  // Service Initialization
-  // ============================================================================
-
-  it('should be defined', () => {
-    expect(service).toBeDefined();
-  });
-
-  // ============================================================================
-  // recordEvent() Method
-  // ============================================================================
-
-  describe('recordEvent', () => {
-    it('should record event successfully with userId', async () => {
-      mockAuditRepository.create.mockReturnValue(mockAuditRecord as any);
-      mockAuditRepository.save.mockResolvedValue(mockAuditRecord as any);
-      mockClientInfoService.get.mockReturnValue({} as ClientInfo);
-
-      const result = await service.recordEvent({
-        userId: 1,
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-      });
-
-      expect(result).toBeDefined();
-      expect(mockAuditRepository.create).toHaveBeenCalled();
-      expect(mockAuditRepository.save).toHaveBeenCalled();
-    });
-
-    it('should resolve userSub to userId when userId not provided', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockAuditRepository.create.mockReturnValue(mockAuditRecord as any);
-      mockAuditRepository.save.mockResolvedValue(mockAuditRecord as any);
-      mockClientInfoService.get.mockReturnValue({} as ClientInfo);
-
-      const result = await service.recordEvent({
-        userSub: 'user-uuid-123',
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-      });
-
-      expect(result).toBeDefined();
-      expect(mockUserRepository.findOne).toHaveBeenCalledWith({ where: { sub: 'user-uuid-123' } });
-      expect(mockAuditRepository.create).toHaveBeenCalledWith((expect as any).objectContaining({ userId: 1 }));
-    });
-
-    it('should return null when userSub provided but user not found', async () => {
-      mockUserRepository.findOne.mockResolvedValue(null);
-
-      const result = await service.recordEvent({
-        userSub: 'non-existent-user',
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-      });
-
-      expect(result).toBeNull();
-      expect(mockLogger.warn).toHaveBeenCalledWith('Cannot record audit event - user not found: non-existent-user');
-    });
-
-    it('should return null when neither userId nor userSub provided', async () => {
-      const result = await service.recordEvent({
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-      } as any);
-
-      expect(result).toBeNull();
-      expect(mockLogger.warn).toHaveBeenCalledWith('Cannot record audit event - userId or userSub required');
-    });
-
-    it('should auto-extract client info from ClientInfoService when available', async () => {
-      const clientInfo: ClientInfo = {
-        ipAddress: '5.6.7.8',
-        ipCountry: 'US',
-        ipCity: 'New York',
-        userAgent: 'Mozilla/5.0',
-        platform: 'Windows',
-        browser: 'Chrome',
-        deviceToken: 'device-123',
-        deviceName: 'My Device',
-        deviceType: 'desktop',
-        sessionId: 456,
-      };
-
-      mockClientInfoService.get.mockReturnValue(clientInfo);
-      mockAuditRepository.create.mockReturnValue(mockAuditRecord as any);
-      mockAuditRepository.save.mockResolvedValue(mockAuditRecord as any);
-
-      await service.recordEvent({
-        userId: 1,
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-      });
-
-      expect(mockAuditRepository.create).toHaveBeenCalledWith(
-        (expect as any).objectContaining({
-          userId: 1,
-          ipAddress: '5.6.7.8',
-          ipCountry: 'US',
-          ipCity: 'New York',
-          userAgent: 'Mozilla/5.0',
-          platform: 'Windows',
-          browser: 'Chrome',
-          deviceId: 'device-123',
-          deviceName: 'My Device',
-          deviceType: 'desktop',
-          sessionId: 456,
-        }),
-      );
-    });
-
-    it('should allow explicit fields to override auto-extracted client info', async () => {
-      const clientInfo: ClientInfo = {
-        ipAddress: '5.6.7.8',
-        userAgent: 'test-agent',
-        ipCountry: 'US',
-      };
-
-      mockClientInfoService.get.mockReturnValue(clientInfo);
-      mockAuditRepository.create.mockReturnValue(mockAuditRecord as any);
-      mockAuditRepository.save.mockResolvedValue(mockAuditRecord as any);
-
-      await service.recordEvent({
-        userId: 1,
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-        ipAddress: '1.2.3.4', // Override
-        ipCountry: 'CA', // Override
-      });
-
-      expect(mockAuditRepository.create).toHaveBeenCalledWith(
-        (expect as any).objectContaining({
-          ipAddress: '1.2.3.4', // Explicit value used
-          ipCountry: 'CA', // Explicit value used
-        }),
-      );
-    });
-
-    it('should handle client info extraction errors gracefully', async () => {
-      mockClientInfoService.get.mockImplementation(() => {
-        throw new Error('Context not available');
-      });
-      mockAuditRepository.create.mockReturnValue(mockAuditRecord as any);
-      mockAuditRepository.save.mockResolvedValue(mockAuditRecord as any);
-
-      const result = await service.recordEvent({
-        userId: 1,
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-      });
-
-      expect(result).toBeDefined();
-      expect(mockLogger.debug).toHaveBeenCalledWith(
-        (expect as any).stringContaining('Failed to extract client info for audit'),
-      );
-    });
-
-    it('should record all event fields correctly', async () => {
-      mockAuditRepository.create.mockReturnValue(mockAuditRecord as any);
-      mockAuditRepository.save.mockResolvedValue(mockAuditRecord as any);
-      mockClientInfoService.get.mockReturnValue({} as ClientInfo);
-
-      await service.recordEvent({
-        userId: 1,
-        eventType: AuthAuditEventType.MFA_VERIFICATION_SUCCESS,
-        eventStatus: 'SUCCESS',
-        riskFactor: 75,
-        riskFactors: [RiskFactor.NEW_DEVICE, RiskFactor.NEW_IP],
-        adaptiveMfaTriggered: true,
-        ipAddress: '1.2.3.4',
-        ipCountry: 'US',
-        ipCity: 'New York',
-        userAgent: 'test-agent',
-        platform: 'iOS',
-        browser: 'Safari',
-        deviceId: 'device-123',
-        deviceName: 'iPhone',
-        deviceType: 'mobile',
-        sessionId: 789,
-        challengeSessionId: 456,
-        authMethod: 'password',
-        performedBy: 'admin@example.com',
-        reason: 'test reason',
-        description: 'test description',
-        metadata: { key: 'value' },
-      });
-
-      expect(mockAuditRepository.create).toHaveBeenCalledWith(
-        (expect as any).objectContaining({
-          userId: 1,
-          eventType: AuthAuditEventType.MFA_VERIFICATION_SUCCESS,
-          eventStatus: 'SUCCESS',
-          riskFactor: 75,
-          riskFactors: [RiskFactor.NEW_DEVICE, RiskFactor.NEW_IP],
-          adaptiveMfaTriggered: true,
-          ipAddress: '1.2.3.4',
-          ipCountry: 'US',
-          ipCity: 'New York',
-          userAgent: 'test-agent',
-          platform: 'iOS',
-          browser: 'Safari',
-          deviceId: 'device-123',
-          deviceName: 'iPhone',
-          deviceType: 'mobile',
-          sessionId: 789,
-          challengeSessionId: 456,
-          authMethod: 'password',
-          performedBy: 'admin@example.com',
-          reason: 'test reason',
-          description: 'test description',
-          metadata: { key: 'value' },
-        }),
-      );
-    });
-
-    it('should handle repository save errors gracefully (non-blocking)', async () => {
-      mockAuditRepository.create.mockReturnValue(mockAuditRecord as any);
-      mockAuditRepository.save.mockRejectedValue(new Error('Database error'));
-      mockClientInfoService.get.mockReturnValue({} as ClientInfo);
-
-      const result = await service.recordEvent({
-        userId: 1,
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-      });
-
-      expect(result).toBeNull();
-      expect(mockLogger.error).toHaveBeenCalledWith(
-        (expect as any).stringContaining('Failed to record audit event'),
-        (expect as any).objectContaining({
-          eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        }),
-      );
-    });
-
-    it('should work without ClientInfoService (optional dependency)', async () => {
-      const serviceWithoutClientInfo = new AuthAuditService(
-        mockAuditRepository,
-        mockUserRepository,
-        mockLogger,
-        undefined, // No ClientInfoService
-      );
-
-      mockAuditRepository.create.mockReturnValue(mockAuditRecord as any);
-      mockAuditRepository.save.mockResolvedValue(mockAuditRecord as any);
-
-      const result = await serviceWithoutClientInfo.recordEvent({
-        userId: 1,
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-        eventStatus: 'SUCCESS',
-      });
-
-      expect(result).toBeDefined();
-      expect(mockAuditRepository.create).toHaveBeenCalled();
-    });
-  });
-
-  // ============================================================================
-  // getUserAuthHistory() Method
-  // ============================================================================
-
-  describe('getUserAuthHistory', () => {
-    it('should get user auth history with default pagination', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 1]);
-
-      const request = new GetUserAuthHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      const result = await service.getUserAuthHistory(request);
-
-      expect(result.data).toEqual([mockAuditRecord as any]);
-      expect(result.total).toBe(1);
-      expect(result.page).toBe(1);
-      expect(result.limit).toBe(50);
-      expect(result.totalPages).toBe(1);
-      expect(mockUserRepository.findOne).toHaveBeenCalledWith({ where: { sub: 'user-uuid-123' } });
-      expect(mockQueryBuilder.where).toHaveBeenCalledWith('audit.userId = :userId', { userId: 1 });
-    });
-
-    it('should throw error when user not found', async () => {
-      mockUserRepository.findOne.mockResolvedValue(null);
-
-      const request = new GetUserAuthHistoryDTO();
-      request.userSub = 'non-existent-user';
-      try {
-        await service.getUserAuthHistory(request);
-        fail('Should have thrown NAuthException');
-      } catch (error: any) {
-        expect(error).toBeInstanceOf(NAuthException);
-        expect(error.message).toContain('User not found');
-      }
-    });
-
-    it('should apply pagination options', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 100]);
-
-      const request = new GetUserAuthHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      request.page = 2;
-      request.limit = 25;
-      const result = await service.getUserAuthHistory(request);
-
-      expect(result.page).toBe(2);
-      expect(result.limit).toBe(25);
-      expect(result.totalPages).toBe(4);
-      expect(mockQueryBuilder.skip).toHaveBeenCalledWith(25);
-      expect(mockQueryBuilder.take).toHaveBeenCalledWith(25);
-    });
-
-    it('should filter by date range', async () => {
-      const startDate = new Date('2025-01-01');
-      const endDate = new Date('2025-01-31');
-
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 1]);
-
-      const request = new GetUserAuthHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      request.startDate = startDate;
-      request.endDate = endDate;
-      await service.getUserAuthHistory(request);
-
-      expect(mockQueryBuilder.andWhere).toHaveBeenCalledWith('audit.createdAt >= :startDate', { startDate });
-      expect(mockQueryBuilder.andWhere).toHaveBeenCalledWith('audit.createdAt <= :endDate', { endDate });
-    });
-
-    it('should filter by event types', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 1]);
-
-      const request = new GetUserAuthHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      request.eventTypes = [AuthAuditEventType.LOGIN_SUCCESS, AuthAuditEventType.LOGIN_FAILED];
-      await service.getUserAuthHistory(request);
-
-      expect(mockQueryBuilder.andWhere).toHaveBeenCalledWith('audit.eventType IN (:...eventTypes)', {
-        eventTypes: [AuthAuditEventType.LOGIN_SUCCESS, AuthAuditEventType.LOGIN_FAILED],
-      });
-    });
-
-    it('should filter by event status', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 1]);
-
-      const request = new GetUserAuthHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      request.eventStatus = ['SUCCESS', 'FAILURE'] as AuthAuditEventStatus[];
-      await service.getUserAuthHistory(request);
-
-      expect(mockQueryBuilder.andWhere).toHaveBeenCalledWith('audit.eventStatus IN (:...eventStatus)', {
-        eventStatus: ['SUCCESS', 'FAILURE'],
-      });
-    });
-
-    it('should order by createdAt DESC', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 1]);
-
-      const request = new GetUserAuthHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      await service.getUserAuthHistory(request);
-
-      // orderBy is called with 2 args but mock signature shows 1, so check it was called
-      expect(mockQueryBuilder.orderBy).toHaveBeenCalled();
-    });
-
-    it('should calculate totalPages correctly', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 100]);
-
-      const request = new GetUserAuthHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      request.limit = 30;
-      const result = await service.getUserAuthHistory(request);
-
-      expect(result.totalPages).toBe(4); // Math.ceil(100 / 30)
-    });
-  });
-
-  // ============================================================================
-  // getEventsByType() Method
-  // ============================================================================
-
-  describe('getEventsByType', () => {
-    it('should get events by type with default pagination', async () => {
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 1]);
-
-      const request = new GetEventsByTypeDTO();
-      request.eventType = AuthAuditEventType.LOGIN_SUCCESS;
-      const result = await service.getEventsByType(request);
-
-      expect(result.data).toEqual([mockAuditRecord as any]);
-      expect(result.total).toBe(1);
-      expect(result.page).toBe(1);
-      expect(result.limit).toBe(50);
-      expect(result.totalPages).toBe(1);
-      expect(mockQueryBuilder.where).toHaveBeenCalledWith('audit.eventType = :eventType', {
-        eventType: AuthAuditEventType.LOGIN_SUCCESS,
-      });
-    });
-
-    it('should apply pagination options', async () => {
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 50]);
-
-      const request = new GetEventsByTypeDTO();
-      request.eventType = AuthAuditEventType.LOGIN_SUCCESS;
-      request.page = 3;
-      request.limit = 10;
-      const result = await service.getEventsByType(request);
-
-      expect(result.page).toBe(3);
-      expect(result.limit).toBe(10);
-      expect(result.totalPages).toBe(5);
-      expect(mockQueryBuilder.skip).toHaveBeenCalledWith(20);
-      expect(mockQueryBuilder.take).toHaveBeenCalledWith(10);
-    });
-
-    it('should filter by date range', async () => {
-      const startDate = new Date('2025-01-01');
-      const endDate = new Date('2025-01-31');
-
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 1]);
-
-      const request = new GetEventsByTypeDTO();
-      request.eventType = AuthAuditEventType.LOGIN_SUCCESS;
-      request.startDate = startDate;
-      request.endDate = endDate;
-      await service.getEventsByType(request);
-
-      expect(mockQueryBuilder.andWhere).toHaveBeenCalledWith('audit.createdAt >= :startDate', { startDate });
-      expect(mockQueryBuilder.andWhere).toHaveBeenCalledWith('audit.createdAt <= :endDate', { endDate });
-    });
-
-    it('should order by createdAt DESC', async () => {
-      mockQueryBuilder.getManyAndCount.mockResolvedValue([[mockAuditRecord as any], 1]);
-
-      const request = new GetEventsByTypeDTO();
-      request.eventType = AuthAuditEventType.LOGIN_SUCCESS;
-      await service.getEventsByType(request);
-
-      // orderBy is called with 2 args but mock signature shows 1, so check it was called
-      expect(mockQueryBuilder.orderBy).toHaveBeenCalled();
-    });
-  });
-
-  // ============================================================================
-  // getSuspiciousActivity() Method
-  // ============================================================================
-
-  describe('getSuspiciousActivity', () => {
-    it('should get all suspicious activity with default limit', async () => {
-      mockQueryBuilder.getMany.mockResolvedValue([mockAuditRecord as any]);
-
-      const request = new GetSuspiciousActivityDTO();
-      const result = await service.getSuspiciousActivity(request);
-
-      expect(result.data).toEqual([mockAuditRecord as any]);
-      expect(mockQueryBuilder.where).toHaveBeenCalledWith(
-        '(audit.eventStatus = :status OR audit.eventType = :eventType)',
-        {
-          status: 'SUSPICIOUS',
-          eventType: AuthAuditEventType.SUSPICIOUS_ACTIVITY,
-        },
-      );
-      expect(mockQueryBuilder.take).toHaveBeenCalledWith(100);
-    });
-
-    it('should filter by user when userSub provided', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getMany.mockResolvedValue([mockAuditRecord as any]);
-
-      const request = new GetSuspiciousActivityDTO();
-      request.userSub = 'user-uuid-123';
-      const result = await service.getSuspiciousActivity(request);
-
-      expect(result.data).toEqual([mockAuditRecord as any]);
-      expect(mockUserRepository.findOne).toHaveBeenCalledWith({ where: { sub: 'user-uuid-123' } });
-      expect(mockQueryBuilder.andWhere).toHaveBeenCalledWith('audit.userId = :userId', { userId: 1 });
-    });
-
-    it('should throw error when userSub provided but user not found', async () => {
-      mockUserRepository.findOne.mockResolvedValue(null);
-
-      try {
-        const request = new GetSuspiciousActivityDTO();
-        request.userSub = 'non-existent-user';
-        await service.getSuspiciousActivity(request);
-        fail('Should have thrown NAuthException');
-      } catch (error: any) {
-        expect(error).toBeInstanceOf(NAuthException);
-        expect(error.message).toContain('User not found');
-      }
-    });
-
-    it('should apply custom limit', async () => {
-      mockQueryBuilder.getMany.mockResolvedValue([mockAuditRecord as any]);
-
-      const request = new GetSuspiciousActivityDTO();
-      request.limit = 50;
-      await service.getSuspiciousActivity(request);
-
-      expect(mockQueryBuilder.take).toHaveBeenCalledWith(50);
-    });
-
-    it('should order by createdAt DESC', async () => {
-      mockQueryBuilder.getMany.mockResolvedValue([mockAuditRecord as any]);
-
-      const request = new GetSuspiciousActivityDTO();
-      await service.getSuspiciousActivity(request);
-
-      // orderBy is called with 2 args but mock signature shows 1, so check it was called
-      expect(mockQueryBuilder.orderBy).toHaveBeenCalled();
-    });
-  });
-
-  // ============================================================================
-  // getRiskAssessmentHistory() Method
-  // ============================================================================
-
-  describe('getRiskAssessmentHistory', () => {
-    it('should get risk assessment history with default limit', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getMany.mockResolvedValue([mockAuditRecord as any]);
-
-      const request = new GetRiskAssessmentHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      const result = await service.getRiskAssessmentHistory(request);
-
-      expect(result.data).toEqual([mockAuditRecord as any]);
-      expect(mockUserRepository.findOne).toHaveBeenCalledWith({ where: { sub: 'user-uuid-123' } });
-      expect(mockQueryBuilder.where).toHaveBeenCalledWith('audit.userId = :userId', { userId: 1 });
-      expect(mockQueryBuilder.andWhere).toHaveBeenCalledWith('audit.eventType IN (:...eventTypes)', {
-        eventTypes: [
-          AuthAuditEventType.ADAPTIVE_MFA_RISK_ASSESSED,
-          AuthAuditEventType.ADAPTIVE_MFA_TRIGGERED,
-          AuthAuditEventType.ADAPTIVE_MFA_BYPASSED,
-        ],
-      });
-      expect(mockQueryBuilder.take).toHaveBeenCalledWith(100);
-    });
-
-    it('should throw error when user not found', async () => {
-      mockUserRepository.findOne.mockResolvedValue(null);
-
-      try {
-        const request = new GetRiskAssessmentHistoryDTO();
-        request.userSub = 'non-existent-user';
-        await service.getRiskAssessmentHistory(request);
-        fail('Should have thrown NAuthException');
-      } catch (error: any) {
-        expect(error).toBeInstanceOf(NAuthException);
-        expect(error.message).toContain('User not found');
-      }
-    });
-
-    it('should apply custom limit', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getMany.mockResolvedValue([mockAuditRecord as any]);
-
-      const request = new GetRiskAssessmentHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      request.limit = 50;
-      await service.getRiskAssessmentHistory(request);
-
-      expect(mockQueryBuilder.take).toHaveBeenCalledWith(50);
-    });
-
-    it('should order by createdAt DESC', async () => {
-      mockUserRepository.findOne.mockResolvedValue(mockUser as any);
-      mockQueryBuilder.getMany.mockResolvedValue([mockAuditRecord as any]);
-
-      const request = new GetRiskAssessmentHistoryDTO();
-      request.userSub = 'user-uuid-123';
-      await service.getRiskAssessmentHistory(request);
-
-      // orderBy is called with 2 args but mock signature shows 1, so check it was called
-      expect(mockQueryBuilder.orderBy).toHaveBeenCalled();
-    });
-  });
-});