feat(app): Next.js 15 + Auth.js v5 portal skeleton
Lands the minimum surface so a developer can: cd platform/orca-platform && make dev-up cd platform/tenant-registry && make dev cd platform/portal && make install && make dev open http://acme.localhost:3000 and complete a real OIDC sign-in against the breakpilot-dev realm. Layout: src/middleware.ts host→slug URL rewrite; backstage carve-out src/auth.ts Auth.js v5 Keycloak provider; passes tenant_id/slug/org_roles/products/plan/status claims through to the session src/app/api/auth/[...nextauth]/ Auth.js handlers (GET, POST) src/app/layout.tsx root html shell src/app/page.tsx apex landing src/app/[slug]/layout.tsx fetches tenant via lib/tenant-registry src/app/[slug]/page.tsx redirect to /dashboard src/app/[slug]/dashboard/page.tsx signed-out → Sign in with Keycloak signed-in → welcome + Sign out src/lib/host.ts testable host parser (apex/tenant/backstage) src/lib/tenant-registry.ts fetch client for the Go service Tooling: vitest 13 tests, 100% coverage of src/lib/ Next.js 15 build compiles all routes; output: standalone ESLint flat config next/core-web-vitals + next/typescript Real RBAC enforcement, the rest of the customer-area surfaces, and the backstage shell land per the M5.2 / M10.1 schedule. This is just enough to be the first thing a developer codes in. Refs: M5.1 (skeleton)
This commit is contained in:
@@ -0,0 +1,62 @@
|
||||
import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
|
||||
import { fetchTenantBySlug, type Tenant } from "./tenant-registry";
|
||||
|
||||
const SAMPLE: Tenant = {
|
||||
id: "00000000-0000-0000-0000-000000000001",
|
||||
slug: "acme",
|
||||
name: "Acme Inc.",
|
||||
status: "active",
|
||||
plan: "professional",
|
||||
products: ["certifai", "compliance"],
|
||||
created_at: "2026-05-18T22:00:00Z",
|
||||
};
|
||||
|
||||
const originalFetch = globalThis.fetch;
|
||||
const originalRegistryUrl = process.env.TENANT_REGISTRY_URL;
|
||||
|
||||
afterEach(() => {
|
||||
globalThis.fetch = originalFetch;
|
||||
process.env.TENANT_REGISTRY_URL = originalRegistryUrl;
|
||||
vi.restoreAllMocks();
|
||||
});
|
||||
|
||||
describe("fetchTenantBySlug", () => {
|
||||
beforeEach(() => {
|
||||
process.env.TENANT_REGISTRY_URL = "http://test:1234";
|
||||
});
|
||||
|
||||
test("200 → parsed tenant", async () => {
|
||||
globalThis.fetch = vi.fn(async () => new Response(JSON.stringify(SAMPLE), { status: 200 }));
|
||||
const t = await fetchTenantBySlug("acme");
|
||||
expect(t).toEqual(SAMPLE);
|
||||
});
|
||||
|
||||
test("404 → null", async () => {
|
||||
globalThis.fetch = vi.fn(async () => new Response("", { status: 404 }));
|
||||
const t = await fetchTenantBySlug("nope");
|
||||
expect(t).toBeNull();
|
||||
});
|
||||
|
||||
test("500 → throws", async () => {
|
||||
globalThis.fetch = vi.fn(async () => new Response("", { status: 500, statusText: "boom" }));
|
||||
await expect(fetchTenantBySlug("acme")).rejects.toThrow(/tenant-registry: 500/);
|
||||
});
|
||||
|
||||
test("falls back to default base URL when env unset", async () => {
|
||||
delete process.env.TENANT_REGISTRY_URL;
|
||||
const fetchSpy = vi.fn(async () => new Response(JSON.stringify(SAMPLE), { status: 200 }));
|
||||
globalThis.fetch = fetchSpy;
|
||||
await fetchTenantBySlug("acme");
|
||||
expect(fetchSpy).toHaveBeenCalledWith(
|
||||
"http://localhost:8080/v1/tenants/by-slug/acme",
|
||||
expect.any(Object),
|
||||
);
|
||||
});
|
||||
|
||||
test("encodes slug to defend against weird input", async () => {
|
||||
const fetchSpy = vi.fn(async () => new Response("", { status: 404 }));
|
||||
globalThis.fetch = fetchSpy;
|
||||
await fetchTenantBySlug("a/b c");
|
||||
expect(fetchSpy.mock.calls[0][0]).toBe("http://test:1234/v1/tenants/by-slug/a%2Fb%20c");
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user