-

test/auth_test.go

@@ -19,7 +19,8 @@ import (
 func TestAuthenticationService_ValidateJWTToken(t *testing.T) {
 	config := NewMockConfig()
 	logger := zap.NewNop()
-	authService := services.NewAuthenticationService(config, logger)
+	permRepo := NewMockPermissionRepository()
+	authService := services.NewAuthenticationService(config, logger, permRepo)
 
 	userToken := &domain.UserToken{
 		AppID:       "test-app",
@@ -51,7 +52,8 @@ func TestAuthenticationService_ValidateJWTToken(t *testing.T) {
 func TestAuthenticationService_GenerateJWTToken(t *testing.T) {
 	config := NewMockConfig()
 	logger := zap.NewNop()
-	authService := services.NewAuthenticationService(config, logger)
+	permRepo := NewMockPermissionRepository()
+	authService := services.NewAuthenticationService(config, logger, permRepo)
 
 	userToken := &domain.UserToken{
 		AppID:       "test-app",
@@ -76,7 +78,8 @@ func TestAuthenticationService_GenerateJWTToken(t *testing.T) {
 func TestAuthenticationService_RefreshJWTToken(t *testing.T) {
 	config := NewMockConfig()
 	logger := zap.NewNop()
-	authService := services.NewAuthenticationService(config, logger)
+	permRepo := NewMockPermissionRepository()
+	authService := services.NewAuthenticationService(config, logger, permRepo)
 
 	userToken := &domain.UserToken{
 		AppID:       "test-app",

test/integration_test.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
+	"io"
 	"net/http"
 	"net/http/httptest"
 	"testing"
@@ -54,6 +55,7 @@ func (suite *IntegrationTestSuite) SetupSuite() {
 			"INTERNAL_HMAC_KEY":          "test-hmac-key-for-integration-tests",
 			"AUTH_PROVIDER":              "header",
 			"AUTH_HEADER_USER_EMAIL":     "X-User-Email",
+			"JWT_SECRET":                 "test-jwt-secret-for-integration-tests",
 			"RATE_LIMIT_ENABLED":         "false", // Disable for tests
 			"METRICS_ENABLED":            "false",
 		},
@@ -97,7 +99,7 @@ func (suite *IntegrationTestSuite) setupServer() {
 	// Initialize services
 	appService := services.NewApplicationService(appRepo, logger)
 	tokenService := services.NewTokenService(tokenRepo, appRepo, permRepo, grantRepo, suite.cfg.GetString("INTERNAL_HMAC_KEY"), suite.cfg, logger)
-	authService := services.NewAuthenticationService(suite.cfg, logger)
+	authService := services.NewAuthenticationService(suite.cfg, logger, permRepo)
 
 	// Initialize handlers
 	healthHandler := handlers.NewHealthHandler(suite.db, logger)
@@ -396,7 +398,6 @@ func (suite *IntegrationTestSuite) TestStaticTokenWorkflow() {
 	suite.T().Run("VerifyStaticToken", func(t *testing.T) {
 		verifyReq := domain.VerifyRequest{
 			AppID:       testApp.AppID,
-			Type:        domain.TokenTypeStatic,
 			Token:       createdToken.Token,
 			Permissions: []string{"repo.read"},
 		}
@@ -483,6 +484,14 @@ func (suite *IntegrationTestSuite) TestUserTokenWorkflow() {
 		require.NoError(t, err)
 		defer resp.Body.Close()
 
+		// Debug: Print response body if not 200
+		if resp.StatusCode != http.StatusOK {
+			bodyBytes, _ := io.ReadAll(resp.Body)
+			resp.Body.Close()
+			resp.Body = io.NopCloser(bytes.NewReader(bodyBytes))
+			t.Logf("Login failed with status %d, body: %s", resp.StatusCode, string(bodyBytes))
+		}
+
 		assert.Equal(t, http.StatusOK, resp.StatusCode)
 
 		// The response should contain either a token directly or a redirect URL

test/mock_repositories.go

@@ -337,6 +337,18 @@ func NewMockPermissionRepository() repository.PermissionRepository {
 			UpdatedAt:   time.Now(),
 			UpdatedBy:   "system",
 		},
+		{
+			ID:          uuid.New(),
+			Scope:       "app.read",
+			Name:        "Application Read",
+			Description: "Read application data",
+			Category:    "application",
+			IsSystem:    false,
+			CreatedAt:   time.Now(),
+			CreatedBy:   "system",
+			UpdatedAt:   time.Now(),
+			UpdatedBy:   "system",
+		},
 	}
 
 	for _, perm := range defaultPerms {