the_order/services/identity/src/automated-verification.test.ts

/**
 * Automated Credential Verification Tests
 */

import { describe, it, expect, vi, beforeEach } from 'vitest';
import { initializeAutomatedVerification, verifyCredential } from './automated-verification';
import { KMSClient } from '@the-order/crypto';

vi.mock('@the-order/events');
vi.mock('@the-order/database');
vi.mock('@the-order/auth');
vi.mock('@the-order/shared');
vi.mock('@the-order/crypto');

describe('Automated Credential Verification', () => {
  let kmsClient: KMSClient;

  beforeEach(() => {
    kmsClient = new KMSClient({
      provider: 'aws',
      keyId: 'test-key-id',
      region: 'us-east-1',
    });
    vi.clearAllMocks();
  });

  describe('initializeAutomatedVerification', () => {
    it('should initialize automated verification', async () => {
      await expect(initializeAutomatedVerification(kmsClient)).resolves.not.toThrow();
    });
  });

  describe('verifyCredential', () => {
    it('should verify valid credential', async () => {
      // Mock credential data
      const mockCredential = {
        credential_id: 'test-credential-id',
        issuer_did: 'did:web:example.com',
        subject_did: 'did:web:subject.com',
        credential_type: ['VerifiableCredential', 'IdentityCredential'],
        credential_subject: { name: 'Test User' },
        issuance_date: new Date(),
        expiration_date: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365), // 1 year from now
        proof: {
          type: 'KmsSignature2024',
          jws: 'test-signature',
        },
      };

      const { getVerifiableCredentialById, isCredentialRevoked } = await import('@the-order/database');
      vi.mocked(getVerifiableCredentialById).mockResolvedValue(mockCredential as any);
      vi.mocked(isCredentialRevoked).mockResolvedValue(false);

      const result = await verifyCredential('test-credential-id', kmsClient);

      expect(result.credentialId).toBe('test-credential-id');
    });

    it('should return invalid for revoked credential', async () => {
      const { getVerifiableCredentialById, isCredentialRevoked } = await import('@the-order/database');
      vi.mocked(getVerifiableCredentialById).mockResolvedValue({
        credential_id: 'test-credential-id',
      } as any);
      vi.mocked(isCredentialRevoked).mockResolvedValue(true);

      const result = await verifyCredential('test-credential-id', kmsClient);

      expect(result.valid).toBe(false);
      expect(result.errors).toContain('Credential has been revoked');
    });

    it('should return invalid for expired credential', async () => {
      const mockCredential = {
        credential_id: 'test-credential-id',
        issuance_date: new Date(Date.now() - 1000 * 60 * 60 * 24 * 365 * 2), // 2 years ago
        expiration_date: new Date(Date.now() - 1000 * 60 * 60 * 24), // 1 day ago (expired)
      };

      const { getVerifiableCredentialById, isCredentialRevoked } = await import('@the-order/database');
      vi.mocked(getVerifiableCredentialById).mockResolvedValue(mockCredential as any);
      vi.mocked(isCredentialRevoked).mockResolvedValue(false);

      const result = await verifyCredential('test-credential-id', kmsClient);

      expect(result.valid).toBe(false);
      expect(result.errors).toContain('Credential has expired');
    });
  });
});