{"version":3,"file":"mockResponses.mjs","sourceRoot":"","sources":["../../../../src/controllers/authentication/mocks/mockResponses.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,IAAI,uBAAuB,EAC9C,QAAQ,IAAI,YAAY,EACxB,uBAAuB,IAAI,2BAA2B,EACtD,wBAAwB,IAAI,4BAA4B,EACxD,cAAc,EACd,kBAAkB,EAClB,mBAAmB,EACpB,oCAAgC;AAQjC,MAAM,CAAC,MAAM,mBAAmB,GAAG,uBAAuB,CAAC;AAC3D,MAAM,CAAC,MAAM,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC;AACpD,MAAM,CAAC,MAAM,QAAQ,GAAG,YAAY,CAAC;AAErC,MAAM,CAAC,MAAM,wBAAwB,GAAG,GAAG,EAAE;IAC3C,OAAO;QACL,GAAG,EAAE,cAAc;QACnB,aAAa,EAAE,KAAK;QACpB,QAAQ,EAAE,CACR,CAAW,EACX,IAAa,EACb,+BAA+D,EAC/D,EAAE;YACF,2FAA2F;YAC3F,oEAAoE;YACpE,MAAM,UAAU,GAAG,IAAI,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;YAClD,MAAM,aAAa,GAAG,+BAA+B,EAAE,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC;YAE1E,OAAO;gBACL,GAAG,mBAAmB;gBACtB,KAAK,EAAE,aAAa,IAAI,mBAAmB,CAAC,KAAK;gBACjD,UAAU,EAAE,mBAAmB,CAAC,UAAU;aAC3C,CAAC;QACJ,CAAC;KACqB,CAAC;AAC3B,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAG,2BAA2B,CAAC;AAE/D,MAAM,CAAC,MAAM,wBAAwB,GAAG,GAAG,EAAE;IAC3C,OAAO;QACL,GAAG,EAAE,kBAAkB;QACvB,aAAa,EAAE,MAAM;QACrB,mHAAmH;QACnH,+DAA+D;QAC/D,QAAQ,EAAE,CAAC,eAAyC,EAAE,EAAE;YACtD,MAAM,kBAAkB,GAAG,eAAe,EAAE,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnE,MAAM,aAAa,GAAG,kBAAkB,EAAE,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAE1E,OAAO;gBACL,GAAG,mBAAmB;gBACtB,KAAK,EAAE,aAAa,IAAI,mBAAmB,CAAC,KAAK;gBACjD,OAAO,EAAE;oBACP,GAAG,mBAAmB,CAAC,OAAO;oBAC9B,UAAU,EAAE,aAAa,IAAI,mBAAmB,CAAC,OAAO,CAAC,UAAU;oBACnE,aAAa,EACX,aAAa,IAAI,mBAAmB,CAAC,OAAO,CAAC,aAAa;iBAC7D;aACF,CAAC;QACJ,CAAC;KACqB,CAAC;AAC3B,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,wBAAwB,GAAG,4BAA4B,CAAC;AAErE,MAAM,uBAAuB,GAAG,UAAU,CAAC,CAAC,aAAa;AAEzD;;;;;;;GAOG;AACH,MAAM,aAAa,GAAG,CAAC,UAAkB,EAAU,EAAE;IACnD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,IAAI,CAClB,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,uBAAuB,EAAE,CAAC,CAClE,CAAC;IACF,OAAO,GAAG,MAAM,IAAI,OAAO,OAAO,CAAC;AACrC,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,KAAa,EAAU,EAAE;IAC/D,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3C,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9C,OAAO,GAAG,CAAC;YACb,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,2BAA2B;IAC7B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,8BAA8B,GAAG,GAAG,EAAE;IACjD,OAAO;QACL,GAAG,EAAE,mBAAmB;QACxB,aAAa,EAAE,MAAM;QACrB,QAAQ,EAAE,CAAC,eAAwB,EAAE,EAAE;YACrC,2EAA2E;YAC3E,4EAA4E;YAC5E,MAAM,aAAa,GAAG,IAAI,eAAe,CAAC,eAAe,CAAC,CAAC,GAAG,CAC5D,WAAW,CACZ,CAAC;YAEF,OAAO;gBACL,GAAG,wBAAwB;gBAC3B,YAAY,EAAE,aAAa;oBACzB,CAAC,CAAC,aAAa,CAAC,aAAa,CAAC;oBAC9B,CAAC,CAAC,wBAAwB,CAAC,YAAY;aAC1C,CAAC;QACJ,CAAC;KACqB,CAAC;AAC3B,CAAC,CAAC","sourcesContent":["import {\n  MOCK_NONCE_RESPONSE as SDK_MOCK_NONCE_RESPONSE,\n  MOCK_JWT as SDK_MOCK_JWT,\n  MOCK_SRP_LOGIN_RESPONSE as SDK_MOCK_SRP_LOGIN_RESPONSE,\n  MOCK_OIDC_TOKEN_RESPONSE as SDK_MOCK_OIDC_TOKEN_RESPONSE,\n  MOCK_NONCE_URL,\n  MOCK_SRP_LOGIN_URL,\n  MOCK_OIDC_TOKEN_URL,\n} from '../../../sdk/mocks/auth';\n\ntype MockResponse = {\n  url: string;\n  requestMethod: 'GET' | 'POST' | 'PUT';\n  response: unknown;\n};\n\nexport const MOCK_NONCE_RESPONSE = SDK_MOCK_NONCE_RESPONSE;\nexport const MOCK_NONCE = MOCK_NONCE_RESPONSE.nonce;\nexport const MOCK_JWT = SDK_MOCK_JWT;\n\nexport const getMockAuthNonceResponse = () => {\n  return {\n    url: MOCK_NONCE_URL,\n    requestMethod: 'GET',\n    response: (\n      _?: unknown,\n      path?: string,\n      getE2ESrpIdentifierForPublicKey?: (publicKey: string) => string,\n    ) => {\n      // The goal here is to have this identifier bubble all the way up to being the access token\n      // That way, we can use it to segregate data in the test environment\n      const identifier = path?.split('?identifier=')[1];\n      const e2eIdentifier = getE2ESrpIdentifierForPublicKey?.(identifier ?? '');\n\n      return {\n        ...MOCK_NONCE_RESPONSE,\n        nonce: e2eIdentifier ?? MOCK_NONCE_RESPONSE.nonce,\n        identifier: MOCK_NONCE_RESPONSE.identifier,\n      };\n    },\n  } satisfies MockResponse;\n};\n\nexport const MOCK_LOGIN_RESPONSE = SDK_MOCK_SRP_LOGIN_RESPONSE;\n\nexport const getMockAuthLoginResponse = () => {\n  return {\n    url: MOCK_SRP_LOGIN_URL,\n    requestMethod: 'POST',\n    // In case this mock is used in an E2E test, we populate token, profile_id and identifier_id with the e2eIdentifier\n    // to make it easier to segregate data in the test environment.\n    response: (requestJsonBody?: { raw_message: string }) => {\n      const splittedRawMessage = requestJsonBody?.raw_message.split(':');\n      const e2eIdentifier = splittedRawMessage?.[splittedRawMessage.length - 2];\n\n      return {\n        ...MOCK_LOGIN_RESPONSE,\n        token: e2eIdentifier ?? MOCK_LOGIN_RESPONSE.token,\n        profile: {\n          ...MOCK_LOGIN_RESPONSE.profile,\n          profile_id: e2eIdentifier ?? MOCK_LOGIN_RESPONSE.profile.profile_id,\n          identifier_id:\n            e2eIdentifier ?? MOCK_LOGIN_RESPONSE.profile.identifier_id,\n        },\n      };\n    },\n  } satisfies MockResponse;\n};\n\nexport const MOCK_OATH_TOKEN_RESPONSE = SDK_MOCK_OIDC_TOKEN_RESPONSE;\n\nconst MOCK_JWT_FAR_FUTURE_EXP = 4102444800; // 2100-01-01\n\n/**\n * Wraps a plain-text identifier in a minimal JWT so that client-side\n * JWT validation (exp check) passes in E2E tests. The identifier is\n * stored in the `sub` claim and can be extracted via {@link getE2EIdentifierFromJwt}.\n *\n * @param identifier - The plain-text E2E identifier to wrap.\n * @returns A JWT-shaped string containing the identifier.\n */\nconst wrapInMockJwt = (identifier: string): string => {\n  const header = btoa(JSON.stringify({ alg: 'none', typ: 'JWT' }));\n  const payload = btoa(\n    JSON.stringify({ sub: identifier, exp: MOCK_JWT_FAR_FUTURE_EXP }),\n  );\n  return `${header}.${payload}.mock`;\n};\n\n/**\n * Extracts the E2E identifier (`sub` claim) from a mock JWT created\n * by {@link wrapInMockJwt}. Falls back to returning the raw token if\n * decoding fails (backward compatibility with raw-identifier headers).\n *\n * @param token - A bearer token string (JWT or raw identifier).\n * @returns The decoded identifier, or the original token as-is.\n */\nexport const getE2EIdentifierFromJwt = (token: string): string => {\n  try {\n    const parts = token.split('.');\n    if (parts.length === 3) {\n      const { sub } = JSON.parse(atob(parts[1]));\n      if (typeof sub === 'string' && sub.length > 0) {\n        return sub;\n      }\n    }\n  } catch {\n    // not a JWT — fall through\n  }\n  return token;\n};\n\nexport const getMockAuthAccessTokenResponse = () => {\n  return {\n    url: MOCK_OIDC_TOKEN_URL,\n    requestMethod: 'POST',\n    response: (requestJsonBody?: string) => {\n      // We wrap the e2eIdentifier in a JWT so client-side JWT validation passes.\n      // The mock server extracts the identifier back via getE2EIdentifierFromJwt.\n      const e2eIdentifier = new URLSearchParams(requestJsonBody).get(\n        'assertion',\n      );\n\n      return {\n        ...MOCK_OATH_TOKEN_RESPONSE,\n        access_token: e2eIdentifier\n          ? wrapInMockJwt(e2eIdentifier)\n          : MOCK_OATH_TOKEN_RESPONSE.access_token,\n      };\n    },\n  } satisfies MockResponse;\n};\n"]}