From 24686cf0bb314fc513f22500a92aa7b2821feab5 Mon Sep 17 00:00:00 2001
From: Xiao Yijun <xiaoyijun@silverhand.io>
Date: Thu, 10 Aug 2023 11:37:23 +0800
Subject: [PATCH] test: add sad paths for reset password flow (#4298)

---
 .../happy-path.test.ts}                       |   0
 .../forgot-password/sad-path.test.ts          | 113 ++++++++++++++++++
 2 files changed, 113 insertions(+)
 rename packages/integration-tests/src/tests/api/interaction/{forgot-password.test.ts => forgot-password/happy-path.test.ts} (100%)
 create mode 100644 packages/integration-tests/src/tests/api/interaction/forgot-password/sad-path.test.ts

diff --git a/packages/integration-tests/src/tests/api/interaction/forgot-password.test.ts b/packages/integration-tests/src/tests/api/interaction/forgot-password/happy-path.test.ts
similarity index 100%
rename from packages/integration-tests/src/tests/api/interaction/forgot-password.test.ts
rename to packages/integration-tests/src/tests/api/interaction/forgot-password/happy-path.test.ts
diff --git a/packages/integration-tests/src/tests/api/interaction/forgot-password/sad-path.test.ts b/packages/integration-tests/src/tests/api/interaction/forgot-password/sad-path.test.ts
new file mode 100644
index 000000000..2d87d3a78
--- /dev/null
+++ b/packages/integration-tests/src/tests/api/interaction/forgot-password/sad-path.test.ts
@@ -0,0 +1,113 @@
+import { ConnectorType } from '@logto/connector-kit';
+import { InteractionEvent } from '@logto/schemas';
+
+import { suspendUser } from '#src/api/admin-user.js';
+import {
+  patchInteractionIdentifiers,
+  putInteraction,
+  putInteractionProfile,
+  sendVerificationCode,
+} from '#src/api/interaction.js';
+import { initClient } from '#src/helpers/client.js';
+import {
+  clearConnectorsByTypes,
+  setEmailConnector,
+  setSmsConnector,
+} from '#src/helpers/connector.js';
+import { expectRejects, readVerificationCode } from '#src/helpers/index.js';
+import { generateNewUser, generateNewUserProfile } from '#src/helpers/user.js';
+import { generatePassword } from '#src/utils.js';
+
+describe('reset password flow sad path', () => {
+  it('Should fail to reset password with email if related user is not exist', async () => {
+    await setEmailConnector();
+
+    const { primaryEmail } = generateNewUserProfile({ primaryEmail: true });
+
+    const client = await initClient();
+
+    await client.successSend(putInteraction, { event: InteractionEvent.ForgotPassword });
+    await client.successSend(sendVerificationCode, {
+      email: primaryEmail,
+    });
+
+    const { code: verificationCode } = await readVerificationCode();
+    await client.successSend(patchInteractionIdentifiers, {
+      email: primaryEmail,
+      verificationCode,
+    });
+
+    await client.successSend(putInteractionProfile, { password: generatePassword() });
+    await expectRejects(client.submitInteraction(), {
+      code: 'user.user_not_exist',
+      statusCode: 404,
+    });
+
+    // Clear
+    await clearConnectorsByTypes([ConnectorType.Email]);
+  });
+
+  it('Should fail to reset password with phone if related user is not exist', async () => {
+    await setSmsConnector();
+
+    const { primaryPhone } = generateNewUserProfile({ primaryPhone: true });
+
+    const client = await initClient();
+
+    await client.successSend(putInteraction, { event: InteractionEvent.ForgotPassword });
+    await client.successSend(sendVerificationCode, {
+      phone: primaryPhone,
+    });
+
+    const { code: verificationCode } = await readVerificationCode();
+    await client.successSend(patchInteractionIdentifiers, {
+      phone: primaryPhone,
+      verificationCode,
+    });
+
+    await client.successSend(putInteractionProfile, { password: generatePassword() });
+    await expectRejects(client.submitInteraction(), {
+      code: 'user.user_not_exist',
+      statusCode: 404,
+    });
+
+    // Clear
+    await clearConnectorsByTypes([ConnectorType.Sms]);
+  });
+
+  it('Should fail to reset password if related user is suspended', async () => {
+    await setSmsConnector();
+
+    const {
+      user,
+      userProfile: { primaryPhone },
+    } = await generateNewUser({
+      primaryPhone: true,
+      password: true,
+    });
+
+    await suspendUser(user.id, true);
+
+    const client = await initClient();
+
+    await client.successSend(putInteraction, { event: InteractionEvent.ForgotPassword });
+    await client.successSend(sendVerificationCode, {
+      phone: primaryPhone,
+    });
+
+    const { code: verificationCode } = await readVerificationCode();
+    await client.successSend(patchInteractionIdentifiers, {
+      phone: primaryPhone,
+      verificationCode,
+    });
+
+    await client.successSend(putInteractionProfile, { password: generatePassword() });
+    await expectRejects(client.submitInteraction(), {
+      code: 'user.suspended',
+      statusCode: 401,
+    });
+
+    // Clear
+    await clearConnectorsByTypes([ConnectorType.Sms]);
+  });
+});