108 lines
3.7 KiB
PHP
108 lines
3.7 KiB
PHP
<?php
|
|
|
|
use App\Http\Controllers\SettingController;
|
|
use App\Services\DhlTrackingService;
|
|
use Illuminate\Support\Facades\Http;
|
|
|
|
beforeEach(function () {
|
|
// Pre-populate the process-wide DHL config cache (introduced in Phase 10)
|
|
// so the SettingController::getDhlConfig() call inside DhlTrackingService
|
|
// does not hit the database during the unit test.
|
|
$reflection = new ReflectionClass(SettingController::class);
|
|
$property = $reflection->getProperty('cachedDhlConfig');
|
|
$property->setAccessible(true);
|
|
$property->setValue(null, [
|
|
'api_key' => 'cached-test-api-key-1234',
|
|
]);
|
|
});
|
|
|
|
afterEach(function () {
|
|
SettingController::flushDhlConfigCache();
|
|
DhlTrackingService::clearQuotaPause();
|
|
Mockery::close();
|
|
});
|
|
|
|
it('returns an explicit auth_error and a meaningful message on HTTP 401', function () {
|
|
Http::fake([
|
|
'api-eu.dhl.com/track/shipments*' => Http::response(['title' => 'Unauthorized'], 401),
|
|
]);
|
|
|
|
$service = new DhlTrackingService;
|
|
$result = $service->trackShipment('00340434292135100148');
|
|
|
|
expect($result)
|
|
->toHaveKey('success', false)
|
|
->toHaveKey('auth_error', true)
|
|
->toHaveKey('http_status', 401)
|
|
->toHaveKey('api_used', 'unified');
|
|
|
|
expect($result['message'])
|
|
->toContain('Authentifizierung fehlgeschlagen')
|
|
->toContain('HTTP 401')
|
|
->toContain('Shipment Tracking - Unified');
|
|
|
|
// No fallback request to a phantom Parcel DE tracking endpoint must occur.
|
|
Http::assertSentCount(1);
|
|
});
|
|
|
|
it('marks HTTP 403 as auth error too', function () {
|
|
Http::fake([
|
|
'api-eu.dhl.com/track/shipments*' => Http::response(['title' => 'Forbidden'], 403),
|
|
]);
|
|
|
|
$service = new DhlTrackingService;
|
|
$result = $service->trackShipment('00340434292135100148');
|
|
|
|
expect($result['auth_error'])->toBeTrue()
|
|
->and($result['http_status'])->toBe(403)
|
|
->and($result['message'])->toContain('HTTP 403');
|
|
});
|
|
|
|
it('distinguishes a "not found" response from a 401 auth error', function () {
|
|
Http::fake([
|
|
'api-eu.dhl.com/track/shipments*' => Http::response(['shipments' => []], 200),
|
|
]);
|
|
|
|
$service = new DhlTrackingService;
|
|
$result = $service->trackShipment('99999999999999999999');
|
|
|
|
expect($result)
|
|
->toHaveKey('success', false)
|
|
->toHaveKey('not_found', true)
|
|
->and($result['message'])->toBe('Sendung nicht gefunden oder noch nicht im DHL-System erfasst.');
|
|
|
|
expect($result)->not->toHaveKey('auth_error');
|
|
});
|
|
|
|
it('does not fall back to the non-existent parcel-de tracking endpoint anymore', function () {
|
|
Http::fake([
|
|
'api-eu.dhl.com/track/shipments*' => Http::response(['title' => 'Unauthorized'], 401),
|
|
'api-eu.dhl.com/parcel/de/tracking*' => Http::response('should never be called', 500),
|
|
]);
|
|
|
|
$service = new DhlTrackingService;
|
|
$service->trackShipment('00340434292135100148');
|
|
|
|
Http::assertSentCount(1);
|
|
Http::assertNotSent(function ($request) {
|
|
return str_contains($request->url(), '/parcel/de/tracking');
|
|
});
|
|
});
|
|
|
|
it('redacts the api key in the auth-error log payload', function () {
|
|
Http::fake([
|
|
'api-eu.dhl.com/track/shipments*' => Http::response([], 401),
|
|
]);
|
|
|
|
\Illuminate\Support\Facades\Log::spy();
|
|
|
|
$service = new DhlTrackingService;
|
|
$service->trackShipment('00340434292135100148');
|
|
|
|
\Illuminate\Support\Facades\Log::shouldHaveReceived('error')
|
|
->withArgs(function (string $message, array $context) {
|
|
return str_contains($message, 'authentication failed')
|
|
&& ($context['api_key_suffix'] ?? null) === '***1234'
|
|
&& ! str_contains(json_encode($context), 'cached-test-api-key');
|
|
});
|
|
});
|