nodejs-quickstart-structure 2.1.2 → 2.2.1

package/templates/common/auth/js/services/socialAuthService.js.ejs

@@ -0,0 +1,175 @@
+<% if (architecture === 'MVC') { -%>
+const logger = require('../utils/logger');
+<% } else { -%>
+const logger = require('../log/logger');
+<% } -%>
+const axios = require('axios');
+
+<% if (architecture === 'Clean Architecture') { -%>
+// Provider implementations for Clean Architecture
+<% if (socialAuth.includes('Google')) { -%>
+class GoogleProvider {
+  constructor() {
+    this.name = 'Google';
+  }
+  async getProfile(code, redirectUri) {
+    try {
+      const params = new URLSearchParams();
+      params.append('code', code);
+      params.append('client_id', process.env.GOOGLE_CLIENT_ID);
+      params.append('client_secret', process.env.GOOGLE_CLIENT_SECRET);
+      params.append('redirect_uri', redirectUri);
+      params.append('grant_type', 'authorization_code');
+
+      const tokenResponse = await axios.post('https://oauth2.googleapis.com/token', params.toString(), {
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' }
+      });
+
+      const { access_token } = tokenResponse.data;
+      const profileResponse = await axios.get('https://www.googleapis.com/oauth2/v2/userinfo', {
+        headers: { Authorization: `Bearer ${access_token}` },
+      });
+
+      return {
+        id: profileResponse.data.id,
+        email: profileResponse.data.email,
+        name: profileResponse.data.name,
+        picture: profileResponse.data.picture
+      };
+    } catch (error) {
+      logger.error('Google OAuth error:', error.response?.data || error.message);
+      throw new Error('Failed to authenticate with Google');
+    }
+  }
+}
+<% } -%>
+
+<% if (socialAuth.includes('GitHub')) { -%>
+class GitHubProvider {
+  constructor() {
+    this.name = 'GitHub';
+  }
+  async getProfile(code) {
+    try {
+      const tokenResponse = await axios.post(
+        'https://github.com/login/oauth/access_token',
+        {
+          client_id: process.env.GITHUB_CLIENT_ID,
+          client_secret: process.env.GITHUB_CLIENT_SECRET,
+          code,
+        },
+        { headers: { Accept: 'application/json' } }
+      );
+
+      const { access_token } = tokenResponse.data;
+      if (!access_token) throw new Error('No access token returned from GitHub');
+
+      const [profileRes, emailsRes] = await Promise.all([
+        axios.get('https://api.github.com/user', { headers: { Authorization: `Bearer ${access_token}` } }),
+        axios.get('https://api.github.com/user/emails', { headers: { Authorization: `Bearer ${access_token}` } })
+      ]);
+
+      const email = emailsRes.data.find((e) => e.primary)?.email || emailsRes.data[0]?.email;
+
+      return {
+        id: profileRes.data.id.toString(),
+        email,
+        name: profileRes.data.name || profileRes.data.login,
+      };
+    } catch (error) {
+      logger.error('GitHub OAuth error:', error.response?.data || error.message);
+      throw new Error('Failed to authenticate with GitHub');
+    }
+  }
+}
+<% } -%>
+
+module.exports = {
+  <% if (socialAuth.includes('Google')) { %>GoogleProvider,<% } %>
+  <% if (socialAuth.includes('GitHub')) { %>GitHubProvider,<% } %>
+};
+<% } else { -%>
+class SocialAuthService {
+<% if (socialAuth.includes('Google')) { -%>
+  static async getGoogleProfile(code, redirectUri) {
+    try {
+      const params = new URLSearchParams();
+      params.append('code', code);
+      params.append('client_id', process.env.GOOGLE_CLIENT_ID);
+      params.append('client_secret', process.env.GOOGLE_CLIENT_SECRET);
+      params.append('redirect_uri', redirectUri);
+      params.append('grant_type', 'authorization_code');
+
+      const tokenResponse = await axios.post('https://oauth2.googleapis.com/token', params.toString(), {
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' }
+      });
+
+      const { access_token } = tokenResponse.data;
+
+      const profileResponse = await axios.get('https://www.googleapis.com/oauth2/v2/userinfo', {
+        headers: { Authorization: `Bearer ${access_token}` },
+      });
+
+      return {
+        id: profileResponse.data.id,
+        email: profileResponse.data.email,
+        name: profileResponse.data.name,
+        picture: profileResponse.data.picture
+      };
+    } catch (error) {
+      if (axios.isAxiosError(error)) {
+        const detail = error.response?.data;
+        logger.error('Google OAuth error:', detail || error.message);
+        if (detail?.error === 'invalid_grant') {
+          logger.error('HINT: The code is likely expired or already used. Get a new one!');
+        }
+      } else {
+        logger.error('Google OAuth error:', error.message);
+      }
+      throw new Error('Failed to authenticate with Google');
+    }
+  }
+<% } -%>
+
+<% if (socialAuth.includes('GitHub')) { -%>
+  static async getGithubProfile(code) {
+    try {
+      const tokenResponse = await axios.post(
+        'https://github.com/login/oauth/access_token',
+        {
+          client_id: process.env.GITHUB_CLIENT_ID,
+          client_secret: process.env.GITHUB_CLIENT_SECRET,
+          code,
+        },
+        { headers: { Accept: 'application/json' } }
+      );
+
+      const { access_token } = tokenResponse.data;
+      if (!access_token) {
+        throw new Error('No access token returned from GitHub');
+      }
+
+      const profileResponse = await axios.get('https://api.github.com/user', {
+        headers: { Authorization: `Bearer ${access_token}` },
+      });
+
+      const emailsResponse = await axios.get('https://api.github.com/user/emails', {
+        headers: { Authorization: `Bearer ${access_token}` },
+      });
+
+      const primaryEmail = emailsResponse.data.find((e) => e.primary)?.email || emailsResponse.data[0]?.email;
+
+      return {
+        id: profileResponse.data.id.toString(),
+        email: primaryEmail,
+        name: profileResponse.data.name || profileResponse.data.login,
+      };
+    } catch (error) {
+      logger.error('GitHub OAuth error:', error.response?.data || error.message);
+      throw new Error('Failed to authenticate with GitHub');
+    }
+  }
+<% } -%>
+}
+module.exports = { SocialAuthService };
+<% } -%>

package/templates/common/auth/js/services/socialAuthService.spec.js.ejs

@@ -0,0 +1,192 @@
+const axios = require('axios');
+<% if (architecture === 'MVC') { -%>
+const { SocialAuthService } = require('@/services/socialAuthService');
+const logger = require('@/utils/logger');
+<% } -%>
+
+jest.mock('axios');
+jest.mock('<% if (architecture === "MVC") { %>@/utils/logger<% } else { %>@/infrastructure/log/logger<% } %>', () => ({
+  error: jest.fn(),
+  info: jest.fn(),
+  warn: jest.fn(),
+}));
+
+// Mock environment variables for testing
+process.env.GOOGLE_CLIENT_ID = 'test-google-id';
+process.env.GOOGLE_CLIENT_SECRET = 'test-google-secret';
+process.env.GITHUB_CLIENT_ID = 'test-github-id';
+process.env.GITHUB_CLIENT_SECRET = 'test-github-secret';
+
+describe('SocialAuthService', () => {
+  afterEach(() => {
+    jest.clearAllMocks();
+  });
+
+<% if (socialAuth.includes('Google')) { -%>
+  describe('Google Provider', () => {
+    it('should exchange code for profile', async () => {
+      const mockTokenResponse = { data: { access_token: 'mock_access_token' } };
+      const mockProfileResponse = {
+        data: {
+          id: '123',
+          email: 'test@gmail.com',
+          name: 'Test User',
+          picture: 'http://pic.com/123.jpg'
+        }
+      };
+
+      axios.post.mockResolvedValue(mockTokenResponse);
+      axios.get.mockResolvedValue(mockProfileResponse);
+
+      let profile;
+      <% if (architecture === 'Clean Architecture') { %>
+      const { GoogleProvider } = require('@/infrastructure/auth/socialAuthService');
+      const provider = new GoogleProvider();
+      profile = await provider.getProfile('test_code', 'http://localhost/callback');
+      <% } else { %>
+      profile = await SocialAuthService.getGoogleProfile('test_code', 'http://localhost/callback');
+      <% } %>
+
+      expect(axios.post).toHaveBeenCalled();
+      expect(axios.get).toHaveBeenCalledWith('https://www.googleapis.com/oauth2/v2/userinfo', {
+        headers: { Authorization: 'Bearer mock_access_token' },
+      });
+      expect(profile.email).toBe('test@gmail.com');
+      expect(profile.name).toBe('Test User');
+    });
+
+    it('should throw error if token exchange fails', async () => {
+      axios.post.mockRejectedValue(new Error('Network error'));
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const { GoogleProvider } = require('@/infrastructure/auth/socialAuthService');
+      const provider = new GoogleProvider();
+      await expect(provider.getProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGoogleProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } _%>
+    });
+
+    it('should handle Axios errors', async () => {
+      const axiosError = new Error('Request failed');
+      axiosError.isAxiosError = true;
+      axiosError.response = { data: { message: 'OAuth Error' } };
+      axios.isAxiosError.mockReturnValue(true);
+      axios.post.mockRejectedValue(axiosError);
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const { GoogleProvider } = require('@/infrastructure/auth/socialAuthService');
+      const provider = new GoogleProvider();
+      await expect(provider.getProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGoogleProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+      <%_ } _%>
+    });
+
+    it('should log hint on invalid_grant error', async () => {
+        const axiosError = new Error('Request failed');
+        axiosError.isAxiosError = true;
+        axiosError.response = { data: { error: 'invalid_grant' } };
+        axios.isAxiosError.mockReturnValue(true);
+        axios.post.mockRejectedValue(axiosError);
+
+        <%_ if (architecture === 'MVC') { _%>
+        await expect(SocialAuthService.getGoogleProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+        expect(logger.error).toHaveBeenCalledWith(expect.stringContaining('HINT'));
+        <%_ } else { _%>
+        const { GoogleProvider } = require('@/infrastructure/auth/socialAuthService');
+        const provider = new GoogleProvider();
+        await expect(provider.getProfile('test_code', 'url')).rejects.toThrow('Failed to authenticate with Google');
+        <%_ } _%>
+    });
+  });
+<% } -%>
+
+<% if (socialAuth.includes('GitHub')) { -%>
+  describe('GitHub Provider', () => {
+    it('should exchange code for profile', async () => {
+      const mockTokenResponse = { data: { access_token: 'mock_access_token' } };
+      const mockProfileResponse = {
+        data: { id: 456, login: 'testuser', name: 'Test Github User' }
+      };
+      const mockEmailsResponse = {
+        data: [{ email: 'github@test.com', primary: true }]
+      };
+
+      axios.post.mockResolvedValue(mockTokenResponse);
+      axios.get
+        .mockResolvedValueOnce(mockProfileResponse)
+        .mockResolvedValueOnce(mockEmailsResponse);
+
+      let profile;
+      <% if (architecture === 'Clean Architecture') { %>
+      const { GitHubProvider } = require('@/infrastructure/auth/socialAuthService');
+      const provider = new GitHubProvider();
+      profile = await provider.getProfile('test_code');
+      <% } else { %>
+      profile = await SocialAuthService.getGithubProfile('test_code');
+      <% } %>
+
+      expect(axios.post).toHaveBeenCalled();
+      expect(axios.get).toHaveBeenCalledTimes(2);
+      expect(profile.email).toBe('github@test.com');
+      expect(profile.id).toBe('456');
+    });
+
+    it('should throw error if token exchange fails', async () => {
+      axios.post.mockRejectedValue(new Error('Network error'));
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const { GitHubProvider } = require('@/infrastructure/auth/socialAuthService');
+      const provider = new GitHubProvider();
+      await expect(provider.getProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGithubProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } _%>
+    });
+
+    it('should handle Axios errors', async () => {
+      const axiosError = new Error('Request failed');
+      axiosError.isAxiosError = true;
+      axiosError.response = { data: { message: 'OAuth Error' } };
+      axios.isAxiosError.mockReturnValue(true);
+      axios.post.mockRejectedValue(axiosError);
+
+      <%_ if (architecture === 'Clean Architecture') { _%>
+      const { GitHubProvider } = require('@/infrastructure/auth/socialAuthService');
+      const provider = new GitHubProvider();
+      await expect(provider.getProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } else { _%>
+      await expect(SocialAuthService.getGithubProfile('test_code')).rejects.toThrow('Failed to authenticate with GitHub');
+      <%_ } _%>
+    });
+
+    it('should fallback to first email if primary not found', async () => {
+        const mockTokenResponse = { data: { access_token: 'mock_at' } };
+        axios.post.mockResolvedValue(mockTokenResponse);
+        axios.get
+            .mockResolvedValueOnce({ data: { id: 789, login: 'test' } })
+            .mockResolvedValueOnce({ data: [{ email: 'secondary@test.com', primary: false }] });
+
+        let profile;
+        <% if (architecture === 'Clean Architecture') { %>
+        const { GitHubProvider } = require('@/infrastructure/auth/socialAuthService');
+        const provider = new GitHubProvider();
+        profile = await provider.getProfile('code');
+        <% } else { %>
+        profile = await SocialAuthService.getGithubProfile('code');
+        <% } %>
+        expect(profile.email).toBe('secondary@test.com');
+    });
+
+    it('should throw error if no access token returned', async () => {
+        axios.post.mockResolvedValue({ data: {} });
+        <% if (architecture === 'Clean Architecture') { %>
+        const { GitHubProvider } = require('@/infrastructure/auth/socialAuthService');
+        const provider = new GitHubProvider();
+        await expect(provider.getProfile('code')).rejects.toThrow('Failed to authenticate with GitHub');
+        <% } else { %>
+        await expect(SocialAuthService.getGithubProfile('code')).rejects.toThrow('Failed to authenticate with GitHub');
+        <% } %>
+    });
+  });
+<% } -%>
+});

package/templates/common/auth/js/usecases/SocialLoginUseCase.js.ejs

@@ -0,0 +1,114 @@
+const JwtService = require('<% if (architecture === "MVC") { %>../services/jwtService<% } else { %>../../infrastructure/auth/jwtService<% } %>');
+<%_ if (architecture === 'Clean Architecture') { _%>
+const User = require('../../domain/models/User');
+<%_ } else { _%>
+const User = require('<% if (architecture === "MVC") { %>../models/User<% } else { %>../../infrastructure/database/models/User<% } %>');
+<%_ } _%>
+
+class SocialLoginUseCase {
+  constructor(provider<% if (architecture === 'Clean Architecture') { %>, userRepository<% } %>) {
+    this.provider = provider;
+    <% if (architecture === 'Clean Architecture') { %>this.userRepository = userRepository;<% } %>
+  }
+
+  async execute(code, redirectUri) {
+    const profile = await this.provider.getProfile(code, redirectUri);
+
+    if (!profile || !profile.email) {
+      throw new Error('No email associated with this social account');
+    }
+
+    // 1. Find or create user
+    <% if (architecture === 'Clean Architecture') { -%>
+    let user = await this.userRepository.findByEmail(profile.email);
+
+    if (!user) {
+      user = new User(
+        null,
+        profile.name,
+        profile.email,
+        null,
+        <%_ if (socialAuth.includes('Google')) { _%>
+        this.provider.name === 'Google' ? profile.id : null,
+        <%_ } _%>
+        <%_ if (socialAuth.includes('GitHub')) { _%>
+        this.provider.name === 'GitHub' ? profile.id : null,
+        <%_ } _%>
+      );
+      user = await this.userRepository.save(user);
+    } else {
+      // Link social ID if not already linked
+      let updated = false;
+      <%_ if (socialAuth.includes('Google')) { _%>
+      if (this.provider.name === 'Google' && !user.googleId) {
+        user.googleId = profile.id;
+        updated = true;
+      }
+      <%_ } _%>
+      <%_ if (socialAuth.includes('GitHub')) { _%>
+      if (this.provider.name === 'GitHub' && !user.githubId) {
+        user.githubId = profile.id;
+        updated = true;
+      }
+      <%_ } _%>
+      if (updated) {
+        await this.userRepository.update(user.id, user);
+      }
+    }
+    <% } else { -%>
+    <% if (database === 'MongoDB' || database === 'None') { %>
+    let user = await User.findOne({ email: profile.email });
+    <% } else { %>
+    let user = await User.findOne({ where: { email: profile.email } });
+    <% } %>
+
+    if (!user) {
+      user = await User.create({
+        email: profile.email,
+        name: profile.name,
+        password: null, // Social login users don't have passwords
+        <%_ if (socialAuth.includes('Google')) { _%>
+        googleId: this.provider.name === 'Google' ? profile.id : null,
+        <%_ } _%>
+        <%_ if (socialAuth.includes('GitHub')) { _%>
+        githubId: this.provider.name === 'GitHub' ? profile.id : null,
+        <%_ } _%>
+      });
+    } else {
+      // Link social ID if not already linked
+      let updated = false;
+      <%_ if (socialAuth.includes('Google')) { _%>
+      if (this.provider.name === 'Google' && !user.googleId) {
+        user.googleId = profile.id;
+        updated = true;
+      }
+      <%_ } _%>
+      <%_ if (socialAuth.includes('GitHub')) { _%>
+      if (this.provider.name === 'GitHub' && !user.githubId) {
+        user.githubId = profile.id;
+        updated = true;
+      }
+      <%_ } _%>
+      if (updated) {
+        <%_ if (database === 'MongoDB') { _%>
+        await user.save();
+        <%_ } else if (database === 'None') { _%>
+        await User.update(user.id, { googleId: user.googleId, githubId: user.githubId });
+        <%_ } else { _%>
+        await user.save();
+        <%_ } _%>
+      }
+    }
+    <% } -%>
+
+    // 2. Generate tokens (jti is handled inside JwtService)
+    const userId = String(user.id || user._id);
+    const payload = { id: userId, email: user.email };
+    const accessToken = JwtService.generateToken(payload);
+    const refreshToken = JwtService.generateRefreshToken(payload);
+
+    return { user, accessToken, refreshToken };
+  }
+}
+
+module.exports = { SocialLoginUseCase };

package/templates/common/auth/js/usecases/SocialLoginUseCase.spec.js.ejs

@@ -0,0 +1,143 @@
+jest.mock('@/infrastructure/auth/jwtService');
+<% if (architecture === 'Clean Architecture') { -%>
+jest.mock('@/infrastructure/repositories/UserRepository', () => {
+  return jest.fn().mockImplementation(() => ({
+    findByEmail: jest.fn(),
+    save: jest.fn(),
+    update: jest.fn(),
+  }));
+});
+const UserRepository = require('@/infrastructure/repositories/UserRepository');
+<% } else { -%>
+jest.mock('@/infrastructure/database/models/User', () => ({
+  findOne: jest.fn(),
+  create: jest.fn(),
+  update: jest.fn(),
+}));
+const User = require('@/infrastructure/database/models/User');
+<% } -%>
+
+const { SocialLoginUseCase } = require('@/usecases/auth/socialLoginUseCase');
+const JwtService = require('@/infrastructure/auth/jwtService');
+
+describe('SocialLoginUseCase', () => {
+  let useCase;
+  let mockProvider;
+  <%_ if (architecture === 'Clean Architecture') { _%>
+  let mockRepo;
+  <%_ } _%>
+
+  beforeEach(() => {
+    mockProvider = {
+      name: 'Google',
+      getProfile: jest.fn(),
+    };
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo = new UserRepository();
+    useCase = new SocialLoginUseCase(mockProvider, mockRepo);
+    <%_ } else { _%>
+    useCase = new SocialLoginUseCase(mockProvider);
+    <%_ } _%>
+    jest.clearAllMocks();
+  });
+
+  it('should find existing user and generate tokens', async () => {
+    const mockProfile = { id: 'google-123', email: 'test@test.com', name: 'Test User' };
+    const mockUser = { id: '1', email: 'test@test.com', googleId: null };
+    
+    mockProvider.getProfile.mockResolvedValue(mockProfile);
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo.findByEmail.mockResolvedValue(mockUser);
+    <%_ } else { _%>
+    User.findOne.mockResolvedValue(mockUser);
+    <%_ } _%>
+    JwtService.generateToken.mockReturnValue('access-token');
+    JwtService.generateRefreshToken.mockReturnValue('refresh-token');
+
+    const result = await useCase.execute('test-code');
+
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    expect(mockRepo.findByEmail).toHaveBeenCalled();
+    <%_ } else { _%>
+    expect(User.findOne).toHaveBeenCalled();
+    <%_ } _%>
+    expect(result.accessToken).toBe('access-token');
+  });
+
+  it('should create new user if not exists', async () => {
+    const mockProfile = { id: 'google-456', email: 'new@test.com', name: 'New User' };
+    const mockUser = { id: '2', email: 'new@test.com' };
+    
+    mockProvider.getProfile.mockResolvedValue(mockProfile);
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo.findByEmail.mockResolvedValue(null);
+    mockRepo.save.mockResolvedValue(mockUser);
+    <%_ } else { _%>
+    User.findOne.mockResolvedValue(null);
+    User.create.mockResolvedValue(mockUser);
+    <%_ } _%>
+    JwtService.generateToken.mockReturnValue('access-token');
+    JwtService.generateRefreshToken.mockReturnValue('refresh-token');
+
+    await useCase.execute('test-code');
+
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    expect(mockRepo.save).toHaveBeenCalled();
+    <%_ } else { _%>
+    expect(User.create).toHaveBeenCalled();
+    <%_ } _%>
+  });
+
+  it('should link GitHub ID if existing user does not have it', async () => {
+    mockProvider.name = 'GitHub';
+    const mockProfile = { id: 'github-789', email: 'test@test.com', name: 'Test User' };
+    const mockUser = { id: '1', email: 'test@test.com', githubId: null };
+    
+    mockProvider.getProfile.mockResolvedValue(mockProfile);
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo.findByEmail.mockResolvedValue(mockUser);
+    <%_ } else { _%>
+    User.findOne.mockResolvedValue(mockUser);
+    <%_ } _%>
+    JwtService.generateToken.mockReturnValue('access-token');
+    JwtService.generateRefreshToken.mockReturnValue('refresh-token');
+
+    await useCase.execute('test-code');
+
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    expect(mockRepo.update).toHaveBeenCalledWith('1', expect.objectContaining({ githubId: 'github-789' }));
+    <%_ } else { _%>
+    <%_ if (database === 'MongoDB') { _%>
+    expect(mockUser.save || jest.fn()).toHaveBeenCalled();
+    <%_ } else { _%>
+    expect(User.update || jest.fn()).toHaveBeenCalled();
+    <%_ } _%>
+    <%_ } _%>
+  });
+
+  it('should link Google ID if existing user does not have it', async () => {
+    mockProvider.name = 'Google';
+    const mockProfile = { id: 'google-789', email: 'test@test.com', name: 'Test User' };
+    const mockUser = { id: '1', email: 'test@test.com', googleId: null };
+    
+    mockProvider.getProfile.mockResolvedValue(mockProfile);
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    mockRepo.findByEmail.mockResolvedValue(mockUser);
+    <%_ } else { _%>
+    User.findOne.mockResolvedValue(mockUser);
+    <%_ } _%>
+    JwtService.generateToken.mockReturnValue('access-token');
+    JwtService.generateRefreshToken.mockReturnValue('refresh-token');
+
+    await useCase.execute('test-code');
+
+    <%_ if (architecture === 'Clean Architecture') { _%>
+    expect(mockRepo.update).toHaveBeenCalledWith('1', expect.objectContaining({ googleId: 'google-789' }));
+    <%_ } _%>
+  });
+
+  it('should throw error if profile has no email', async () => {
+    mockProvider.getProfile.mockResolvedValue({ id: '123' }); // No email
+    await expect(useCase.execute('test-code')).rejects.toThrow('No email associated with this social account');
+  });
+});