✅ test: improve coverage for oidc and env packages (#5)

* ✅ test: improve coverage for oidc and env packages

- Add unit tests for `internal/oidc` using mock HTTP server.
- Add tests for `Get` and `Find` in `internal/env`.
- Increase total test coverage to ~57%.

Author: SebastienLaurent-CF

internal/env/env_test.go

@@ -92,3 +92,60 @@ func TestManager_Update(t *testing.T) {
 		})
 	}
 }
+
+func TestManager_Get(t *testing.T) {
+	tmpDir := t.TempDir()
+	envFile := filepath.Join(tmpDir, ".env")
+	err := os.WriteFile(envFile, []byte("KEY=VALUE\n"), 0644)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	m := NewManager(envFile, "KEY")
+	val, err := m.Get()
+	if err != nil {
+		t.Fatalf("Get() error = %v", err)
+	}
+	if val != "VALUE" {
+		t.Errorf("Get() = %s, want VALUE", val)
+	}
+
+	m2 := NewManager(envFile, "MISSING")
+	_, err = m2.Get()
+	if err == nil {
+		t.Error("Get() expected error for missing key, got nil")
+	}
+}
+
+func TestFind(t *testing.T) {
+	tmpDir := t.TempDir()
+	subdir := filepath.Join(tmpDir, "subdir")
+	if err := os.Mkdir(subdir, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	envFile := filepath.Join(tmpDir, ".env")
+	if err := os.WriteFile(envFile, []byte(""), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	// Test finding from subdir
+	wd, err := os.Getwd()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer func() {
+		_ = os.Chdir(wd)
+	}()
+	if err := os.Chdir(subdir); err != nil {
+		t.Fatal(err)
+	}
+
+	found, err := Find(".env")
+	if err != nil {
+		t.Fatalf("Find() error = %v", err)
+	}
+	if found != envFile {
+		t.Errorf("Find() = %s, want %s", found, envFile)
+	}
+}

internal/oidc/client_test.go

@@ -0,0 +1,113 @@
+package oidc
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/codozor/authk/internal/config"
+)
+
+func TestClient_GetToken(t *testing.T) {
+	// Mock OIDC Provider
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.URL.Path {
+		case "/.well-known/openid-configuration":
+			if err := json.NewEncoder(w).Encode(map[string]string{
+				"token_endpoint": "http://" + r.Host + "/token",
+			}); err != nil {
+				t.Error(err)
+			}
+		case "/token":
+			if err := r.ParseForm(); err != nil {
+				t.Error(err)
+			}
+			if r.Form.Get("grant_type") == "client_credentials" {
+				if err := json.NewEncoder(w).Encode(TokenResponse{
+					AccessToken: "mock_access_token",
+					ExpiresIn:   3600,
+					TokenType:   "Bearer",
+				}); err != nil {
+					t.Error(err)
+				}
+			} else {
+				w.WriteHeader(http.StatusBadRequest)
+			}
+		default:
+			w.WriteHeader(http.StatusNotFound)
+		}
+	}))
+	defer ts.Close()
+
+	cfg := &config.Config{
+		OIDC: config.OIDCConfig{
+			IssuerURL:    ts.URL,
+			ClientID:     "client",
+			ClientSecret: "secret",
+			AuthMethod:   "basic",
+		},
+	}
+
+	client, err := NewClient(cfg)
+	if err != nil {
+		t.Fatalf("NewClient() error = %v", err)
+	}
+
+	token, err := client.GetToken("", "")
+	if err != nil {
+		t.Fatalf("GetToken() error = %v", err)
+	}
+
+	if token.AccessToken != "mock_access_token" {
+		t.Errorf("expected access token 'mock_access_token', got %s", token.AccessToken)
+	}
+}
+
+func TestClient_RefreshToken(t *testing.T) {
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.URL.Path {
+		case "/.well-known/openid-configuration":
+			if err := json.NewEncoder(w).Encode(map[string]string{
+				"token_endpoint": "http://" + r.Host + "/token",
+			}); err != nil {
+				t.Error(err)
+			}
+		case "/token":
+			if err := r.ParseForm(); err != nil {
+				t.Error(err)
+			}
+			if r.Form.Get("grant_type") == "refresh_token" && r.Form.Get("refresh_token") == "valid_refresh" {
+				if err := json.NewEncoder(w).Encode(TokenResponse{
+					AccessToken: "new_access_token",
+					ExpiresIn:   3600,
+				}); err != nil {
+					t.Error(err)
+				}
+			} else {
+				w.WriteHeader(http.StatusBadRequest)
+			}
+		}
+	}))
+	defer ts.Close()
+
+	cfg := &config.Config{
+		OIDC: config.OIDCConfig{
+			IssuerURL: ts.URL,
+		},
+	}
+
+	client, err := NewClient(cfg)
+	if err != nil {
+		t.Fatalf("NewClient() error = %v", err)
+	}
+
+	token, err := client.RefreshToken("valid_refresh")
+	if err != nil {
+		t.Fatalf("RefreshToken() error = %v", err)
+	}
+
+	if token.AccessToken != "new_access_token" {
+		t.Errorf("expected access token 'new_access_token', got %s", token.AccessToken)
+	}
+}