refactor(test): use credential builders and shared fixtures

- Use validCredentials(), invalidCredentials(), credentialsWithHost(),
  and credentialsWithPort() helpers in Playwright tests
- Extract shared algorithm test fixtures to reduce inline definitions
- Use it.each pattern for parametrized test cases

Author: billchurch

tests/playwright/websocket-async-auth-v2.test.js

@@ -21,7 +21,10 @@ import {
   fillFormDirectly,
   executeCommandsWithExpectedOutput,
   executeCommandList,
-  getTerminalContent
+  getTerminalContent,
+  validCredentials,
+  invalidCredentials,
+  credentialsWithHost
 } from './v2-helpers.js'
 
 test.describe('V2 Async Error Recovery and Edge Cases', () => {
@@ -52,12 +55,7 @@ test.describe('V2 Async/Await Modal Login Authentication', () => {
 
   test('should handle async connect with valid credentials (V2)', async ({ page }) => {
     // Use shared helper to connect
-    await connectV2(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.validUsername,
-      password: TEST_CONFIG.validPassword
-    })
+    await connectV2(page, validCredentials())
 
     // Verify successful async connection with V2
     await waitForV2Connection(page)
@@ -68,12 +66,7 @@ test.describe('V2 Async/Await Modal Login Authentication', () => {
 
   test('should handle async authentication error properly (V2)', async ({ page }) => {
     // Use shared helper to connect with invalid credentials
-    await connectV2(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.invalidUsername,
-      password: TEST_CONFIG.invalidPassword
-    })
+    await connectV2(page, invalidCredentials())
 
     // Use shared helper to check for errors
     const errorFound = await checkForV2AuthError(page)
@@ -88,12 +81,7 @@ test.describe('V2 Async/Await Modal Login Authentication', () => {
 
   test('should handle async connection error for non-existent host (V2)', async ({ page }) => {
     // Use shared helper with non-existent host
-    await connectV2(page, {
-      host: TEST_CONFIG.nonExistentHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.validUsername,
-      password: TEST_CONFIG.validPassword
-    })
+    await connectV2(page, credentialsWithHost(TEST_CONFIG.nonExistentHost))
 
     // V2 should handle network errors asynchronously
     await expect(
@@ -103,12 +91,7 @@ test.describe('V2 Async/Await Modal Login Authentication', () => {
 
   test('should handle async shell creation and terminal operations (V2)', async ({ page }) => {
     // Connect and wait for terminal
-    await connectAndWaitForTerminal(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.validUsername,
-      password: TEST_CONFIG.validPassword
-    })
+    await connectAndWaitForTerminal(page, validCredentials())
 
     // Test multiple async terminal operations
     const commands = [
@@ -129,12 +112,7 @@ test.describe('V2 Async/Await Modal Login Authentication', () => {
 
   test('should handle terminal resize with async operations (V2)', async ({ page }) => {
     // Connect using helper
-    await connectAndWaitForTerminal(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.validUsername,
-      password: TEST_CONFIG.validPassword
-    })
+    await connectAndWaitForTerminal(page, validCredentials())
 
     // Get initial terminal size
     await executeV2Command(page, 'stty size')

tests/playwright/websocket-auth-v2.test.js

@@ -17,7 +17,10 @@ import {
   connectWithBasicAuth,
   executeAndVerifyCommand,
   connectAndWaitForTerminal,
-  fillFormDirectly
+  fillFormDirectly,
+  validCredentials,
+  invalidCredentials,
+  credentialsWithPort
 } from './v2-helpers.js'
 
 test.describe('V2 WebSocket Interactive Authentication', () => {
@@ -27,25 +30,15 @@ test.describe('V2 WebSocket Interactive Authentication', () => {
 
   test('should connect successfully with valid credentials', async ({ page }) => {
     // Use shared helper to connect and wait
-    await connectAndWaitForTerminal(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.validUsername,
-      password: TEST_CONFIG.validPassword
-    })
+    await connectAndWaitForTerminal(page, validCredentials())
 
     // Verify terminal is functional
     await executeAndVerifyCommand(page, 'whoami', TEST_CONFIG.validUsername)
   })
 
   test('should show error with invalid credentials', async ({ page }) => {
     // Use shared helper to connect
-    await connectV2(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.invalidUsername,
-      password: TEST_CONFIG.invalidPassword
-    })
+    await connectV2(page, invalidCredentials())
 
     // Use shared helper to check for errors
     const errorFound = await checkForV2AuthError(page)
@@ -60,25 +53,15 @@ test.describe('V2 WebSocket Interactive Authentication', () => {
 
   test('should show connection error for wrong port', async ({ page }) => {
     // Use shared helper to connect with wrong port
-    await connectV2(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.invalidPort,
-      username: TEST_CONFIG.validUsername,
-      password: TEST_CONFIG.validPassword
-    })
+    await connectV2(page, credentialsWithPort(TEST_CONFIG.invalidPort))
 
     // V2 should show connection error
     await expect(page.locator('text=/Authentication failed|Connection refused|ECONNREFUSED/').first()).toBeVisible({ timeout: TIMEOUTS.DEFAULT })
   })
 
   test('should handle page refresh gracefully', async ({ page }) => {
     // First, establish a connection
-    await connectAndWaitForTerminal(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.validUsername,
-      password: TEST_CONFIG.validPassword
-    })
+    await connectAndWaitForTerminal(page, validCredentials())
 
     // Disable beforeunload handler and refresh
     await page.evaluate(() => {
@@ -91,12 +74,7 @@ test.describe('V2 WebSocket Interactive Authentication', () => {
     await expect(page.locator('[name="username"]')).toBeVisible()
 
     // Re-authenticate
-    await connectAndWaitForTerminal(page, {
-      host: TEST_CONFIG.sshHost,
-      port: TEST_CONFIG.sshPort,
-      username: TEST_CONFIG.validUsername,
-      password: TEST_CONFIG.validPassword
-    })
+    await connectAndWaitForTerminal(page, validCredentials())
   })
 })
 

tests/unit/services/ssh/algorithm-analyzer.vitest.ts

@@ -15,6 +15,13 @@ import {
   createLegacyServerSet,
   createModernServerSet,
   createSetWithCategory,
+  createModernOnlyClientSet,
+  createMinimalLegacyServerSet,
+  createStrictServerSet,
+  createUnknownServerSet,
+  createModernCompatibleServerSet,
+  createCompatibleClientSet,
+  createModernClientSet,
   type AlgorithmSet
 } from './algorithm-test-fixtures.js'
 
@@ -148,21 +155,8 @@ describe('analyzeAlgorithms', () => {
 
   describe('preset suggestion', () => {
     it('suggests legacy preset for servers with only legacy algorithms', () => {
-      // Modern client with no overlap with legacy server
-      const client: AlgorithmSet = {
-        kex: ['curve25519-sha256'],
-        serverHostKey: ['ssh-ed25519'],
-        cipher: ['aes256-gcm@openssh.com'],
-        mac: ['hmac-sha2-256'],
-        compress: ['none']
-      }
-      const server: AlgorithmSet = {
-        kex: ['diffie-hellman-group14-sha1'],
-        serverHostKey: ['ssh-rsa'],
-        cipher: ['aes128-cbc'],
-        mac: ['hmac-sha1'],
-        compress: ['none']
-      }
+      const client = createModernOnlyClientSet()
+      const server = createMinimalLegacyServerSet()
 
       const analysis = analyzeAlgorithms(client, server)
       expect(analysis.suggestedPreset).toBe('legacy')
@@ -179,20 +173,8 @@ describe('analyzeAlgorithms', () => {
 
   describe('env var suggestions', () => {
     it('generates suggestions for mismatched categories', () => {
-      const client: AlgorithmSet = {
-        kex: ['curve25519-sha256'],
-        serverHostKey: ['ssh-ed25519'],
-        cipher: ['aes256-gcm@openssh.com'],
-        mac: ['hmac-sha2-256'],
-        compress: ['none']
-      }
-      const server: AlgorithmSet = {
-        kex: ['diffie-hellman-group14-sha1'],
-        serverHostKey: ['ssh-rsa'],
-        cipher: ['aes128-cbc'],
-        mac: ['hmac-sha1'],
-        compress: ['none']
-      }
+      const client = createModernOnlyClientSet()
+      const server = createMinimalLegacyServerSet()
 
       const analysis = analyzeAlgorithms(client, server)
 
@@ -203,20 +185,12 @@ describe('analyzeAlgorithms', () => {
     })
 
     it('does not generate suggestions for categories with matches', () => {
+      // Client with KEX fallback that matches server
       const client: AlgorithmSet = {
-        kex: ['curve25519-sha256', 'diffie-hellman-group14-sha1'],
-        serverHostKey: ['ssh-ed25519'],
-        cipher: ['aes256-gcm@openssh.com'],
-        mac: ['hmac-sha2-256'],
-        compress: ['none']
-      }
-      const server: AlgorithmSet = {
-        kex: ['diffie-hellman-group14-sha1'],
-        serverHostKey: ['ssh-rsa'],
-        cipher: ['aes128-cbc'],
-        mac: ['hmac-sha1'],
-        compress: ['none']
+        ...createModernOnlyClientSet(),
+        kex: ['curve25519-sha256', 'diffie-hellman-group14-sha1']
       }
+      const server = createMinimalLegacyServerSet()
 
       const analysis = analyzeAlgorithms(client, server)
 
@@ -235,61 +209,18 @@ describe('analyzeAlgorithms', () => {
   })
 })
 
-describe('suggestPreset', () => {
-  it('suggests strict preset for strict-compatible servers', () => {
-    const server: AlgorithmSet = {
-      kex: ['ecdh-sha2-nistp256', 'curve25519-sha256'],
-      serverHostKey: ['ecdsa-sha2-nistp256', 'ssh-ed25519'],
-      cipher: ['aes256-gcm@openssh.com', 'aes128-gcm@openssh.com'],
-      mac: ['hmac-sha2-256', 'hmac-sha2-512'],
-      compress: ['none']
-    }
-
-    expect(suggestPreset(server)).toBe('strict')
-  })
-
-  it('suggests modern preset for servers that need modern but not strict', () => {
-    // Server only supports algorithms in modern preset but NOT in strict preset
-    const server: AlgorithmSet = {
-      kex: ['ecdh-sha2-nistp384'],  // In modern, NOT in strict
-      serverHostKey: ['ecdsa-sha2-nistp384'],  // In modern, NOT in strict
-      cipher: ['aes128-ctr'],  // In modern, NOT in strict
-      mac: ['hmac-sha2-512'],  // In modern, NOT in strict
-      compress: ['none']
-    }
-
-    expect(suggestPreset(server)).toBe('modern')
-  })
-
-  it('suggests legacy preset for legacy servers', () => {
-    const server: AlgorithmSet = {
-      kex: ['diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'],
-      serverHostKey: ['ssh-rsa', 'ssh-dss'],
-      cipher: ['aes128-cbc', '3des-cbc'],
-      mac: ['hmac-sha1', 'hmac-md5'],
-      compress: ['none']
-    }
-
-    expect(suggestPreset(server)).toBe('legacy')
-  })
-
-  it('returns null for servers with completely incompatible algorithms', () => {
-    const server: AlgorithmSet = {
-      kex: ['unknown-kex-algorithm'],
-      serverHostKey: ['unknown-hostkey'],
-      cipher: ['unknown-cipher'],
-      mac: ['unknown-mac'],
-      compress: ['none']
-    }
-
-    expect(suggestPreset(server)).toBeNull()
-  })
-
-  it('handles empty server algorithm set', () => {
-    const server = createEmptyAlgorithmSet()
+// Test cases for suggestPreset function
+const PRESET_TEST_CASES = [
+  { name: 'strict-compatible server', createServer: createStrictServerSet, expected: 'strict' },
+  { name: 'modern-compatible server', createServer: createModernCompatibleServerSet, expected: 'modern' },
+  { name: 'legacy server', createServer: createLegacyServerSet, expected: 'legacy' },
+  { name: 'unknown server', createServer: createUnknownServerSet, expected: null },
+  { name: 'empty server', createServer: createEmptyAlgorithmSet, expected: 'strict' }
+] as const
 
-    // Empty set should match any preset since there are no requirements
-    expect(suggestPreset(server)).toBe('strict')
+describe('suggestPreset', () => {
+  it.each(PRESET_TEST_CASES)('returns $expected for $name', ({ createServer, expected }) => {
+    expect(suggestPreset(createServer())).toBe(expected)
   })
 })
 
@@ -347,20 +278,8 @@ describe('generateEnvVarSuggestions', () => {
 
 describe('Integration: realistic algorithm mismatch scenarios', () => {
   it('analyzes modern client vs legacy server', () => {
-    const client: AlgorithmSet = {
-      kex: ['curve25519-sha256', 'ecdh-sha2-nistp256'],
-      serverHostKey: ['ssh-ed25519', 'ecdsa-sha2-nistp256'],
-      cipher: ['aes256-gcm@openssh.com', 'aes128-gcm@openssh.com'],
-      mac: ['hmac-sha2-256-etm@openssh.com', 'hmac-sha2-256'],
-      compress: ['none', 'zlib@openssh.com']
-    }
-    const server: AlgorithmSet = {
-      kex: ['diffie-hellman-group14-sha1'],
-      serverHostKey: ['ssh-rsa'],
-      cipher: ['aes128-cbc', '3des-cbc'],
-      mac: ['hmac-sha1'],
-      compress: ['none']
-    }
+    const client = createModernClientSet()
+    const server = createMinimalLegacyServerSet()
 
     const analysis = analyzeAlgorithms(client, server)
 
@@ -381,20 +300,8 @@ describe('Integration: realistic algorithm mismatch scenarios', () => {
   })
 
   it('analyzes compatible client and server', () => {
-    const client: AlgorithmSet = {
-      kex: ['curve25519-sha256', 'ecdh-sha2-nistp256', 'diffie-hellman-group14-sha1'],
-      serverHostKey: ['ssh-ed25519', 'ssh-rsa'],
-      cipher: ['aes256-gcm@openssh.com', 'aes128-cbc'],
-      mac: ['hmac-sha2-256', 'hmac-sha1'],
-      compress: ['none']
-    }
-    const server: AlgorithmSet = {
-      kex: ['diffie-hellman-group14-sha1'],
-      serverHostKey: ['ssh-rsa'],
-      cipher: ['aes128-cbc'],
-      mac: ['hmac-sha1'],
-      compress: ['none']
-    }
+    const client = createCompatibleClientSet()
+    const server = createMinimalLegacyServerSet()
 
     const analysis = analyzeAlgorithms(client, server)