web/backend/secretapi/config_test.go

package main

import "testing"

func loadConfigIsolated(t *testing.T) Config {
	t.Helper()
	t.Setenv("SECRET_API_DEPLOYMENT_CLASS", "")
	t.Setenv("SECRET_API_REQUIRE_ONCHAIN_TX_VERIFICATION", "")
	return loadConfig()
}

func TestConfigValidateAllowsDefaultLocalConfig(t *testing.T) {
	cfg := loadConfigIsolated(t)
	cfg.ChainID = 84532
	cfg.RequireOnchainTxVerify = false
	cfg.ChainRPCURL = ""
	if err := cfg.Validate(); err != nil {
		t.Fatalf("expected default-like config valid, got %v", err)
	}
}

func TestConfigValidateRejectsStrictVerificationWithoutRPC(t *testing.T) {
	cfg := loadConfigIsolated(t)
	cfg.RequireOnchainTxVerify = true
	cfg.ChainRPCURL = ""
	if err := cfg.Validate(); err == nil {
		t.Fatalf("expected strict verification config validation failure")
	}
}

func TestConfigValidateRejectsNonPositiveChainID(t *testing.T) {
	cfg := loadConfigIsolated(t)
	cfg.ChainID = 0
	if err := cfg.Validate(); err == nil {
		t.Fatalf("expected chain id validation failure")
	}
}

func TestConfigValidateAllowsETHWhenDecimalsMatch(t *testing.T) {
	cfg := loadConfigIsolated(t)
	cfg.MintCurrency = "ETH"
	cfg.MintDecimals = 18
	cfg.MintAmountAtomic = "1"
	if err := cfg.Validate(); err != nil {
		t.Fatalf("expected ETH config to validate, got %v", err)
	}
}

func TestConfigValidateRejectsETHWhenDecimalsMismatch(t *testing.T) {
	cfg := loadConfigIsolated(t)
	cfg.MintCurrency = "ETH"
	cfg.MintDecimals = 6
	if err := cfg.Validate(); err == nil {
		t.Fatalf("expected ETH decimal validation failure")
	}
}

func TestConfigValidateRejectsUSDCWhenDecimalsMismatch(t *testing.T) {
	cfg := loadConfigIsolated(t)
	cfg.MintCurrency = "USDC"
	cfg.MintDecimals = 18
	if err := cfg.Validate(); err == nil {
		t.Fatalf("expected USDC decimal validation failure")
	}
}

func TestConfigValidateRejectsInvalidMintAmount(t *testing.T) {
	cfg := loadConfigIsolated(t)
	cfg.MintAmountAtomic = "not-a-number"
	if err := cfg.Validate(); err == nil {
		t.Fatalf("expected mint amount validation failure")
	}
}

func TestLoadConfigDefaultsWalletSessionRequired(t *testing.T) {
	t.Setenv("SECRET_API_REQUIRE_WALLET_SESSION", "")
	cfg := loadConfigIsolated(t)
	if !cfg.RequireWalletSession {
		t.Fatalf("expected wallet session to be required by default")
	}
}

func TestLoadConfigWalletSessionCanBeDisabled(t *testing.T) {
	t.Setenv("SECRET_API_REQUIRE_WALLET_SESSION", "false")
	cfg := loadConfigIsolated(t)
	if cfg.RequireWalletSession {
		t.Fatalf("expected wallet session requirement to be disabled by env override")
	}
}

func TestLoadConfigDefaultsOnchainVerificationFalseInDevelopment(t *testing.T) {
	t.Setenv("SECRET_API_DEPLOYMENT_CLASS", "development")
	t.Setenv("SECRET_API_REQUIRE_ONCHAIN_TX_VERIFICATION", "")
	cfg := loadConfig()
	if cfg.RequireOnchainTxVerify {
		t.Fatalf("expected strict onchain verification to default false in development")
	}
}

func TestLoadConfigDefaultsOnchainVerificationTrueInProduction(t *testing.T) {
	t.Setenv("SECRET_API_DEPLOYMENT_CLASS", "production")
	t.Setenv("SECRET_API_REQUIRE_ONCHAIN_TX_VERIFICATION", "")
	cfg := loadConfig()
	if !cfg.RequireOnchainTxVerify {
		t.Fatalf("expected strict onchain verification to default true in production")
	}
}

func TestConfigValidateRejectsProductionWhenStrictVerificationDisabled(t *testing.T) {
	cfg := loadConfigIsolated(t)
	cfg.DeploymentClass = "production"
	cfg.RequireOnchainTxVerify = false
	cfg.ChainRPCURL = "https://example.invalid"
	if err := cfg.Validate(); err == nil {
		t.Fatalf("expected production config validation failure when strict onchain verification disabled")
	}
}