package tencentsig import ( "testing" "time" ) // TestGenerateUserSigIsStable verifies the shared signer keeps deterministic inputs stable. func TestGenerateUserSigIsStable(t *testing.T) { now := time.Unix(1_700_000_000, 0) result, err := GenerateUserSig(Config{ SDKAppID: 1400000000, SecretKey: "secret", TTL: time.Hour, }, "10001", now) if err != nil { t.Fatalf("GenerateUserSig failed: %v", err) } if result.SDKAppID != 1400000000 || result.UserID != "10001" || result.UserSig == "" { t.Fatalf("unexpected usersig result: %+v", result) } if result.ExpireAtMS != now.Add(time.Hour).UnixMilli() { t.Fatalf("expire_at_ms mismatch: got %d", result.ExpireAtMS) } } // TestGenerateUserSigFailsClosed verifies missing credentials never produce a fake token. func TestGenerateUserSigFailsClosed(t *testing.T) { _, err := GenerateUserSig(Config{ SDKAppID: 0, SecretKey: "", TTL: time.Hour, }, "10001", time.Unix(1_700_000_000, 0)) if err == nil { t.Fatalf("GenerateUserSig should reject incomplete config") } }