src/test/java/de/zendric/app/xpensely_Server/security/AuthenticatedUserResolverTest.java

@@ -0,0 +1,78 @@
+package de.zendric.app.xpensely_Server.security;
+
+import de.zendric.app.xpensely_server.model.AppUser;
+import de.zendric.app.xpensely_server.security.AuthenticatedUserResolver;
+import de.zendric.app.xpensely_server.services.UserService;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.oauth2.jwt.Jwt;
+import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
+import org.springframework.web.server.ResponseStatusException;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+class AuthenticatedUserResolverTest {
+
+    UserService userService;
+    AuthenticatedUserResolver resolver;
+
+    @BeforeEach
+    void setUp() {
+        userService = mock(UserService.class);
+        resolver = new AuthenticatedUserResolver(userService);
+    }
+
+    @Test
+    void resolveCurrentUser_validJwt_returnsAppUser() {
+        Jwt jwt = Jwt.withTokenValue("token")
+                .header("alg", "RS256")
+                .subject("google-id-123")
+                .build();
+        JwtAuthenticationToken auth = new JwtAuthenticationToken(jwt);
+
+        AppUser user = new AppUser();
+        user.setId(1L);
+        user.setGoogleId("google-id-123");
+        when(userService.getUserByGoogleId("google-id-123")).thenReturn(user);
+
+        AppUser result = resolver.resolveCurrentUser(auth);
+        assertEquals(user, result);
+    }
+
+    @Test
+    void resolveCurrentUser_userNotFound_throws403() {
+        Jwt jwt = Jwt.withTokenValue("token")
+                .header("alg", "RS256")
+                .subject("unknown-id")
+                .build();
+        JwtAuthenticationToken auth = new JwtAuthenticationToken(jwt);
+        when(userService.getUserByGoogleId("unknown-id")).thenReturn(null);
+
+        ResponseStatusException ex = assertThrows(ResponseStatusException.class,
+                () -> resolver.resolveCurrentUser(auth));
+        assertEquals(HttpStatus.FORBIDDEN, ex.getStatusCode());
+    }
+
+    @Test
+    void resolveCurrentUser_userServiceThrows_throws403() {
+        Jwt jwt = Jwt.withTokenValue("token")
+                .header("alg", "RS256")
+                .subject("gone-id")
+                .build();
+        JwtAuthenticationToken auth = new JwtAuthenticationToken(jwt);
+        when(userService.getUserByGoogleId("gone-id")).thenThrow(new IllegalArgumentException("not found"));
+
+        ResponseStatusException ex = assertThrows(ResponseStatusException.class,
+                () -> resolver.resolveCurrentUser(auth));
+        assertEquals(HttpStatus.FORBIDDEN, ex.getStatusCode());
+    }
+
+    @Test
+    void resolveCurrentUser_nullAuthentication_throws403() {
+        ResponseStatusException ex = assertThrows(ResponseStatusException.class,
+                () -> resolver.resolveCurrentUser(null));
+        assertEquals(HttpStatus.FORBIDDEN, ex.getStatusCode());
+    }
+}