testing/assertions.ts

Assertion helpers for auth attack surface testing.
Plain functions called inside explicit test() blocks to verify
surface snapshots, public routes, and middleware stacks.

Declarations
#

7 declarations

view source

assert_error_schema_valid
#

testing/assertions.ts view source

(lookup: Map<string, Partial<Record<number, ZodType<unknown, unknown, $ZodTypeInternals<unknown, unknown>>>>>, route: AppSurfaceRoute, status: number, body: unknown): void

Assert that an error schema exists for a route+status and validate the body against it.
Protected routes should always have auto-derived error schemas (401 for authenticated,
403 for role-restricted). A missing schema indicates a gap in error schema derivation.

`lookup`

map from "METHOD /path" to merged error schemas

type Map<string, Partial<Record<number, ZodType<unknown, unknown, $ZodTypeInternals<unknown, unknown>>>>>

`route`

the surface route to validate against

type AppSurfaceRoute

`status`

expected HTTP status code

type number

`body`

the parsed response body to validate

type unknown

returns

void

assert_full_middleware_stack
#

testing/assertions.ts view source

(surface: AppSurface, path_prefix: string, expected_middleware: string[]): void

`surface`

type AppSurface

`path_prefix`

type string

`expected_middleware`

type string[]

returns

void

assert_only_expected_public_routes
#

testing/assertions.ts view source

(surface: AppSurface, expected_public: string[]): void

Bidirectional check: no unexpected public routes, no missing expected ones.

`surface`

the app surface to check

type AppSurface

`expected_public`

format: ['GET /health', 'POST /api/account/login']

type string[]

returns

void

assert_surface_deterministic
#

testing/assertions.ts view source

(build_surface: () => AppSurface): void

Verify surface generation is deterministic (build twice, compare).

`build_surface`

function that builds the surface

type () => AppSurface

returns

void

assert_surface_matches_snapshot
#

testing/assertions.ts view source

(surface: AppSurface, snapshot_path: string): void

Compare live surface against a committed snapshot JSON file.

`surface`

the live surface to check

type AppSurface

`snapshot_path`

absolute path to the committed JSON snapshot

type string

returns

void

get_route_error_schema
#

testing/assertions.ts view source

(lookup: Map<string, Partial<Record<number, ZodType<unknown, unknown, $ZodTypeInternals<unknown, unknown>>>>>, route: AppSurfaceRoute, status: number): ZodType<...> | undefined

Look up the merged error schema for a route+status from a pre-built schema lookup.

`lookup`

map from "METHOD /path" to merged error schemas

type Map<string, Partial<Record<number, ZodType<unknown, unknown, $ZodTypeInternals<unknown, unknown>>>>>

`route`

the surface route to look up

type AppSurfaceRoute

`status`

HTTP status code

type number

returns

ZodType<unknown, unknown, $ZodTypeInternals<unknown, unknown>> | undefined

resolve_fixture_path
#

testing/assertions.ts view source

(filename: string, import_meta_url: string): string

Resolve an absolute path relative to the caller's module.

`filename`

the filename to resolve

type string

`import_meta_url`

the caller's import.meta.url

type string

returns

string

absolute path

Depends on
#

testing/assert_dev_env.ts

Imported by
#

testing/attack_surface.ts