Skip to content

[test-improver] Improve tests for auth package (GenerateRandomAPIKey) #5441

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lpcox merged 3 commits into from
May 11, 2026
+47 −0
Merged

[test-improver] Improve tests for auth package (GenerateRandomAPIKey) #5441

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ac3f298
Improve tests for auth package (GenerateRandomAPIKey)
github-actions[bot] May 11, 2026
9958fd6
Potential fix for pull request finding
lpcox May 11, 2026
45bb5c3
Potential fix for pull request finding
lpcox May 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 47 additions & 0 deletions internal/auth/apikey_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
package auth_test

import (
"encoding/hex"
"regexp"
"testing"

"github.com/github/gh-aw-mcpg/internal/auth"
Expand All @@ -22,3 +24,48 @@ func TestGenerateRandomAPIKey(t *testing.T) {
require.NoError(t, err)
assert.NotEqual(t, key, key2, "successive calls should produce unique keys")
}

// TestGenerateRandomAPIKey_IsValidHex verifies the returned key is a valid
// hex-encoded string that decodes to exactly 32 bytes.
func TestGenerateRandomAPIKey_IsValidHex(t *testing.T) {
key, err := auth.GenerateRandomAPIKey()
require.NoError(t, err)

decoded, decodeErr := hex.DecodeString(key)
require.NoError(t, decodeErr, "key should be valid hex-encoded string; got %q", key)
assert.Len(t, decoded, 32, "decoded key should be 32 bytes")
}

// TestGenerateRandomAPIKey_IsLowercaseHex verifies the key uses only lowercase
// hex characters (0-9, a-f) as produced by hex.EncodeToString.
func TestGenerateRandomAPIKey_IsLowercaseHex(t *testing.T) {
key, err := auth.GenerateRandomAPIKey()
require.NoError(t, err)

matched, matchErr := regexp.MatchString(`^[0-9a-f]{64}$`, key)
require.NoError(t, matchErr)
assert.True(t, matched, "key should consist of exactly 64 lowercase hex chars; got %q", key)
}

// TestGenerateRandomAPIKey_Uniqueness verifies that repeated calls produce
// distinct keys, confirming that crypto/rand entropy is used.
func TestGenerateRandomAPIKey_Uniqueness(t *testing.T) {
const n = 20
seen := make(map[string]bool, n)
for i := 0; i < n; i++ {
key, err := auth.GenerateRandomAPIKey()
require.NoError(t, err, "call %d: GenerateRandomAPIKey() should not fail", i+1)
assert.False(t, seen[key], "call %d: generated duplicate key %q", i+1, key)
seen[key] = true
}
}

// TestGenerateRandomAPIKey_LengthConsistency verifies that every call returns
// a key of exactly 64 characters, regardless of call order.
func TestGenerateRandomAPIKey_LengthConsistency(t *testing.T) {
for i := 0; i < 10; i++ {
key, err := auth.GenerateRandomAPIKey()
require.NoError(t, err, "call %d: GenerateRandomAPIKey() should not fail", i+1)
assert.Len(t, key, 64, "call %d: key should always be 64 characters", i+1)
}
}
Loading