test(auth/api): assert schema on totp

apps/ex_fleet_yards/lib/ex_fleet_yards/schemas.ex

@@ -92,7 +92,7 @@ defmodule ExFleetYards.Schemas do
   defmacro __using__(_opts) do
     quote do
       use OpenApiSpex.ControllerSpecs
-      alias __MODULE__.Result
+      alias unquote(__MODULE__).Result
     end
   end
 end

apps/ex_fleet_yards_auth/lib/ex_fleet_yards_auth.ex

@@ -34,6 +34,27 @@ defmodule ExFleetYardsAuth do
     end
   end
 
+  def controller_api do
+    quote do
+      @moduledoc "Controller used for Auth"
+      use Phoenix.Controller,
+        formats: [:html, :json],
+        layouts: [html: ExFleetYardsAuth.Layouts]
+
+      use ExFleetYards.Schemas
+
+      import Plug.Conn
+
+      alias ExFleetYards.Repo
+
+      alias ExFleetYardsAuth.Router.Helpers, as: Routes
+
+      unquote(verified_routes())
+
+      import ExFleetYards.Plugs.ApiAuthorization, only: [authorize: 2]
+    end
+  end
+
   def live_view do
     quote do
       use Phoenix.LiveView,

apps/ex_fleet_yards_auth/lib/ex_fleet_yards_auth/controllers/api/totp_controller.ex

@@ -2,11 +2,9 @@ defmodule ExFleetYardsAuth.Api.TotpController do
   @moduledoc """
   Totp controller
   """
-  use ExFleetYardsAuth, :controller
-  use ExFleetYards.Schemas
+  use ExFleetYardsAuth, :controller_api
   require Logger
 
-  import ExFleetYards.Plugs.ApiAuthorization, only: [authorize: 2]
   alias ExFleetYardsAuth.Api.TotpSchema
   alias ExFleetYards.Repo.Account.User
 
@@ -16,7 +14,7 @@ defmodule ExFleetYardsAuth.Api.TotpController do
 
   operation :index,
     summary: "Returns if user has totp setup",
-    response: [
+    responses: [
       ok: {"UserHasTotp", "application/json", TotpSchema.UserHasTotp}
     ]
 
@@ -31,7 +29,7 @@ defmodule ExFleetYardsAuth.Api.TotpController do
 
   operation :delete,
     summary: "Delete totp for user",
-    response: [
+    responses: [
       ok: {"Result", "application/json", Result},
       not_found: {"Result", "application/json", Result}
     ]
@@ -57,7 +55,7 @@ defmodule ExFleetYardsAuth.Api.TotpController do
 
   operation :create,
     summary: "Create totp secret for user",
-    response: [
+    responses: [
       ok: {"TotpSecret", "application/json", TotpSchema.TotpSecret},
       bad_request: {"Result", "application/json", Result}
     ]
@@ -81,7 +79,7 @@ defmodule ExFleetYardsAuth.Api.TotpController do
 
   operation :put,
     summary: "Put totp secret for user",
-    response: [
+    responses: [
       created: {"TotpRecovery", "application/json", TotpSchema.TotpRecovery},
       bad_request: {"Result", "application/json", Result}
     ]

apps/ex_fleet_yards_auth/lib/ex_fleet_yards_auth/router.ex

@@ -123,7 +123,7 @@ defmodule ExFleetYardsAuth.Router do
         persist_authorization: true,
         oauth: [
           app_name: "Fleetyards Auth API",
-          client_id: ExFleetYardsAuth.Release.OauthClient.get_or_create_swagger_client_id(),
+          client_id: ExFleetYardsAuth.Release.OauthClient.swagger_ui_uuid(),
           scopes: ["openid", "profile", "user", "user:security"]
         ]
 

apps/ex_fleet_yards_auth/test/ex_fleet_yards_auth/unit/api/controllers/totp_controller_test.exs

@@ -1,36 +1,45 @@
 defmodule ExFleetYardsAuth.Controllers.Api.TotpControllerTest do
   use ExFleetYardsAuth.ConnCase, async: true
   use ExFleetYardsAuth.Mox
+  import OpenApiSpex.TestAssertions
 
   setup :verify_on_exit!
 
   describe "totp" do
-    test "has no totp", %{conn: conn} do
+    test "has no totp", %{conn: conn, spec: spec} do
       login_user("testuser", "user:security")
 
       conn =
         conn
         |> get(~p"/api/v2/totp")
 
-      assert json_response(conn, 200) == %{
+      json = json_response(conn, 200)
+
+      assert_schema json, "UserHasTotp", spec
+
+      assert json == %{
                "has_totp" => false
              }
     end
 
-    test "delete non existing totp", %{conn: conn} do
+    test "delete non existing totp", %{conn: conn, spec: spec} do
       login_user("testuser", "user:security")
 
       conn =
         conn
         |> delete(~p"/api/v2/totp")
 
-      assert json_response(conn, 404) == %{
+      json = json_response(conn, 404)
+
+      assert_schema json, "Result", spec
+
+      assert json == %{
                "code" => "not_found",
                "message" => "totp not found"
              }
     end
 
-    test "create totp", %{conn: conn} do
+    test "create totp", %{conn: conn, spec: spec} do
       login_user("testuser", "user:security")
       login_user("testuser", "user:security")
       login_user("testuser", "user:security")
@@ -40,6 +49,7 @@ defmodule ExFleetYardsAuth.Controllers.Api.TotpControllerTest do
         |> post(~p"/api/v2/totp/create")
 
       json = json_response(conn, 200)
+      assert_schema json, "TotpSecret", spec
       assert json["code"] == "ok"
       assert json["message"] == "totp secret"
       assert json["secret"] != nil
@@ -48,6 +58,8 @@ defmodule ExFleetYardsAuth.Controllers.Api.TotpControllerTest do
         conn
         |> delete(~p"/api/v2/totp")
 
+      assert_schema json_response(conn, 404), "Result", spec
+
       assert json_response(conn, 404) == %{
                "code" => "not_found",
                "message" => "totp not found"
@@ -57,6 +69,8 @@ defmodule ExFleetYardsAuth.Controllers.Api.TotpControllerTest do
         conn
         |> post(~p"/api/v2/totp", %{"secret" => "invalid_base32_secret"})
 
+      assert_schema json_response(conn, 400), "Result", spec
+
       assert json_response(conn, 400) == %{
                "code" => "invalid_secret",
                "message" => "invalid secret"

apps/ex_fleet_yards_auth/test/support/conn_case.ex

@@ -40,6 +40,6 @@ defmodule ExFleetYardsAuth.ConnCase do
 
     conn = Phoenix.ConnTest.build_conn()
 
-    {:ok, conn: conn}
+    {:ok, conn: conn, spec: ExFleetYardsAuth.ApiSpec.spec()}
   end
 end