import { describe, expect, it } from 'vitest'; import { OIDC_PROVIDER, parseAdminEmails, resolveRole, deriveName, } from '../azureAuth'; describe('azureAuth', () => { it('exposes the OIDC provider name used by authWithOAuth2', () => { expect(OIDC_PROVIDER).toBe('oidc'); }); describe('parseAdminEmails', () => { it('returns [] for empty/undefined input', () => { expect(parseAdminEmails()).toEqual([]); expect(parseAdminEmails('')).toEqual([]); expect(parseAdminEmails(' ')).toEqual([]); }); it('lower-cases, trims, drops blanks and de-duplicates', () => { expect(parseAdminEmails(' RVE@respellion.nl , admin@respellion.nl ,, rve@respellion.nl')) .toEqual(['rve@respellion.nl', 'admin@respellion.nl']); }); }); describe('resolveRole', () => { it('returns admin for an allow-listed e-mail (case-insensitive)', () => { expect(resolveRole('RVE@respellion.nl', 'rve@respellion.nl')).toBe('admin'); }); it('returns user for a non-listed e-mail', () => { expect(resolveRole('jane@respellion.nl', 'rve@respellion.nl')).toBe('user'); }); it('returns user when the allow-list is empty', () => { expect(resolveRole('rve@respellion.nl', '')).toBe('user'); expect(resolveRole('rve@respellion.nl')).toBe('user'); }); }); describe('deriveName', () => { it('prefers the OIDC name claim', () => { expect(deriveName({ name: 'Raymond Verhoef' }, 'rve@respellion.nl')).toBe('Raymond Verhoef'); }); it('falls back to the e-mail prefix when no name claim', () => { expect(deriveName({}, 'rve@respellion.nl')).toBe('rve'); expect(deriveName(undefined, 'jane.doe@respellion.nl')).toBe('jane.doe'); }); it('falls back to "Onbekend" with no usable input', () => { expect(deriveName({}, '')).toBe('Onbekend'); expect(deriveName(null, null)).toBe('Onbekend'); }); }); });