test(model): enhance tests for web token claims

• Refactor tests to use table-driven approach for better readability
• Add comprehensive cases for first name, last name, and error handling

Author: nexus49

jwt/model_test.go

@@ -11,140 +11,191 @@ import (
 var signatureAlgorithms = []jose.SignatureAlgorithm{jose.HS256}
 var joseTestKey = []byte("0123456789abcdef0123456789abcdef") // 32 bytes
 
-func TestNew(t *testing.T) {
-	issuer := "my-issuer"
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, &jwt.RegisteredClaims{
-		Issuer: issuer,
-	})
-	tokenString, err := token.SignedString(joseTestKey)
-	assert.NoError(t, err)
-
-	webToken, err := New(tokenString, signatureAlgorithms)
-	assert.NoError(t, err)
-	assert.NotNil(t, webToken)
-	assert.Equal(t, issuer, webToken.Issuer)
-}
-
-func TestNewAndFail(t *testing.T) {
-	tokenString := "just a string"
-	_, err := New(tokenString, signatureAlgorithms)
-	assert.Error(t, err)
-}
-
-func TestNew_DeserializationError(t *testing.T) {
-	// Create a valid JWT header and signature, but with a payload that is not valid JSON
-	// or cannot be unmarshaled into the expected struct.
-	// We'll use jose to construct a token with a payload that is not a JSON object.
-	invalidPayload := "not-a-json-object"
-	signer, err := jose.NewSigner(jose.SigningKey{Algorithm: jose.HS256, Key: joseTestKey}, nil)
-	assert.NoError(t, err)
-
-	object, err := signer.Sign([]byte(invalidPayload))
-	assert.NoError(t, err)
-
-	tokenString, err := object.CompactSerialize()
-	assert.NoError(t, err)
-
-	_, err = New(tokenString, signatureAlgorithms)
-	assert.Error(t, err)
-	assert.Contains(t, err.Error(), "unable to deserialize claims")
-}
-
-func TestNew_WithFirstNameAndLastName(t *testing.T) {
-	claims := map[string]interface{}{
-		"iss":        "test-issuer",
-		"sub":        "test-subject",
-		"first_name": "John",
-		"last_name":  "Doe",
+func TestNew_Success(t *testing.T) {
+	tests := []struct {
+		name       string
+		claims     map[string]interface{}
+		expectedWT WebToken
+	}{
+		{
+			name: "basic issuer claim",
+			claims: map[string]interface{}{
+				"iss": "my-issuer",
+			},
+			expectedWT: WebToken{
+				IssuerAttributes: IssuerAttributes{
+					Issuer: "my-issuer",
+				},
+			},
+		},
+		{
+			name: "with first_name and last_name",
+			claims: map[string]interface{}{
+				"iss":        "test-issuer",
+				"sub":        "test-subject",
+				"first_name": "John",
+				"last_name":  "Doe",
+			},
+			expectedWT: WebToken{
+				IssuerAttributes: IssuerAttributes{
+					Issuer:  "test-issuer",
+					Subject: "test-subject",
+				},
+				UserAttributes: UserAttributes{
+					FirstName: "John",
+					LastName:  "Doe",
+				},
+			},
+		},
+		{
+			name: "with given_name and family_name",
+			claims: map[string]interface{}{
+				"iss":         "test-issuer",
+				"sub":         "test-subject",
+				"given_name":  "Jonathan",
+				"family_name": "Smith",
+			},
+			expectedWT: WebToken{
+				IssuerAttributes: IssuerAttributes{
+					Issuer:  "test-issuer",
+					Subject: "test-subject",
+				},
+				UserAttributes: UserAttributes{
+					FirstName: "Jonathan",
+					LastName:  "Smith",
+				},
+			},
+		},
+		{
+			name: "prefer first_name/last_name over given_name/family_name",
+			claims: map[string]interface{}{
+				"iss":         "test-issuer",
+				"sub":         "test-subject",
+				"first_name":  "John",
+				"last_name":   "Doe",
+				"given_name":  "Jonathan",
+				"family_name": "Smith",
+			},
+			expectedWT: WebToken{
+				IssuerAttributes: IssuerAttributes{
+					Issuer:  "test-issuer",
+					Subject: "test-subject",
+				},
+				UserAttributes: UserAttributes{
+					FirstName: "John",
+					LastName:  "Doe",
+				},
+			},
+		},
+		{
+			name: "fallback to given_name/family_name when first_name/last_name are empty",
+			claims: map[string]interface{}{
+				"iss":         "test-issuer",
+				"sub":         "test-subject",
+				"first_name":  "",
+				"last_name":   "",
+				"given_name":  "Jonathan",
+				"family_name": "Smith",
+			},
+			expectedWT: WebToken{
+				IssuerAttributes: IssuerAttributes{
+					Issuer:  "test-issuer",
+					Subject: "test-subject",
+				},
+				UserAttributes: UserAttributes{
+					FirstName: "Jonathan",
+					LastName:  "Smith",
+				},
+			},
+		},
+		{
+			name: "partial fallback - first_name present, last_name empty",
+			claims: map[string]interface{}{
+				"iss":         "test-issuer",
+				"sub":         "test-subject",
+				"first_name":  "John",
+				"last_name":   "",
+				"given_name":  "Jonathan",
+				"family_name": "Smith",
+			},
+			expectedWT: WebToken{
+				IssuerAttributes: IssuerAttributes{
+					Issuer:  "test-issuer",
+					Subject: "test-subject",
+				},
+				UserAttributes: UserAttributes{
+					FirstName: "John",
+					LastName:  "Smith",
+				},
+			},
+		},
 	}
 
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(claims))
-	tokenString, err := token.SignedString(joseTestKey)
-	assert.NoError(t, err)
-
-	webToken, err := New(tokenString, signatureAlgorithms)
-	assert.NoError(t, err)
-	assert.Equal(t, "John", webToken.FirstName)
-	assert.Equal(t, "Doe", webToken.LastName)
-}
-
-func TestNew_WithGivenNameAndFamilyName(t *testing.T) {
-	claims := map[string]interface{}{
-		"iss":         "test-issuer",
-		"sub":         "test-subject",
-		"given_name":  "Jonathan",
-		"family_name": "Smith",
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(tt.claims))
+			tokenString, err := token.SignedString(joseTestKey)
+			assert.NoError(t, err)
+
+			webToken, err := New(tokenString, signatureAlgorithms)
+			assert.NoError(t, err)
+			assert.NotNil(t, webToken)
+			assert.Equal(t, tt.expectedWT.Issuer, webToken.Issuer)
+			assert.Equal(t, tt.expectedWT.Subject, webToken.Subject)
+			assert.Equal(t, tt.expectedWT.FirstName, webToken.FirstName)
+			assert.Equal(t, tt.expectedWT.LastName, webToken.LastName)
+		})
 	}
-
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(claims))
-	tokenString, err := token.SignedString(joseTestKey)
-	assert.NoError(t, err)
-
-	webToken, err := New(tokenString, signatureAlgorithms)
-	assert.NoError(t, err)
-	assert.Equal(t, "Jonathan", webToken.FirstName)
-	assert.Equal(t, "Smith", webToken.LastName)
-}
-
-func TestNew_PreferFirstLastNameOverGivenFamilyName(t *testing.T) {
-	claims := map[string]interface{}{
-		"iss":         "test-issuer",
-		"sub":         "test-subject",
-		"first_name":  "John",
-		"last_name":   "Doe",
-		"given_name":  "Jonathan",
-		"family_name": "Smith",
-	}
-
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(claims))
-	tokenString, err := token.SignedString(joseTestKey)
-	assert.NoError(t, err)
-
-	webToken, err := New(tokenString, signatureAlgorithms)
-	assert.NoError(t, err)
-	// Should prefer first_name/last_name over given_name/family_name
-	assert.Equal(t, "John", webToken.FirstName)
-	assert.Equal(t, "Doe", webToken.LastName)
 }
 
-func TestNew_FallbackToGivenFamilyNameWhenFirstLastEmpty(t *testing.T) {
-	claims := map[string]interface{}{
-		"iss":         "test-issuer",
-		"sub":         "test-subject",
-		"first_name":  "",
-		"last_name":   "",
-		"given_name":  "Jonathan",
-		"family_name": "Smith",
+func TestNew_Errors(t *testing.T) {
+	tests := []struct {
+		name          string
+		tokenString   string
+		setupToken    func() (string, error)
+		expectedError string
+	}{
+		{
+			name:          "invalid token string",
+			tokenString:   "just a string",
+			expectedError: "unable to parse id_token",
+		},
+		{
+			name: "deserialization error with invalid payload",
+			setupToken: func() (string, error) {
+				// Create a valid JWT header and signature, but with a payload that is not valid JSON
+				invalidPayload := "not-a-json-object"
+				signer, err := jose.NewSigner(jose.SigningKey{Algorithm: jose.HS256, Key: joseTestKey}, nil)
+				if err != nil {
+					return "", err
+				}
+
+				object, err := signer.Sign([]byte(invalidPayload))
+				if err != nil {
+					return "", err
+				}
+
+				return object.CompactSerialize()
+			},
+			expectedError: "unable to deserialize claims",
+		},
 	}
 
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(claims))
-	tokenString, err := token.SignedString(joseTestKey)
-	assert.NoError(t, err)
-
-	webToken, err := New(tokenString, signatureAlgorithms)
-	assert.NoError(t, err)
-	// Should fallback to given_name/family_name when first_name/last_name are empty
-	assert.Equal(t, "Jonathan", webToken.FirstName)
-	assert.Equal(t, "Smith", webToken.LastName)
-}
-
-func TestNew_PartialFallback(t *testing.T) {
-	claims := map[string]interface{}{
-		"iss":         "test-issuer",
-		"sub":         "test-subject",
-		"first_name":  "John",
-		"last_name":   "", // empty
-		"given_name":  "Jonathan",
-		"family_name": "Smith",
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			var tokenString string
+			var err error
+
+			if tt.setupToken != nil {
+				tokenString, err = tt.setupToken()
+				assert.NoError(t, err)
+			} else {
+				tokenString = tt.tokenString
+			}
+
+			_, err = New(tokenString, signatureAlgorithms)
+			assert.Error(t, err)
+			assert.Contains(t, err.Error(), tt.expectedError)
+		})
 	}
-
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(claims))
-	tokenString, err := token.SignedString(joseTestKey)
-	assert.NoError(t, err)
-
-	webToken, err := New(tokenString, signatureAlgorithms)
-	assert.NoError(t, err)
-	// Should use first_name but fallback to family_name for last name
-	assert.Equal(t, "John", webToken.FirstName)
-	assert.Equal(t, "Smith", webToken.LastName)
 }