diff --git a/src/__tests__/auth.service.test.ts b/src/__tests__/auth.service.test.ts index 578cae4..c30a65f 100644 --- a/src/__tests__/auth.service.test.ts +++ b/src/__tests__/auth.service.test.ts @@ -5,18 +5,20 @@ import { config } from "../config/env"; describe("auth service", () => { describe("verifyAccessToken", () => { - it("returns null and logs error for invalid JWT", async () => { + it("returns null WITHOUT logging for an invalid JWT (expected condition)", async () => { const consoleSpy = vi .spyOn(console, "error") .mockImplementation(() => {}); const result = await verifyAccessToken("invalid-token"); expect(result).toBeNull(); - expect(consoleSpy).toHaveBeenCalled(); - expect(consoleSpy.mock.calls[0][0]).toMatch(/JWT verification error/); + // Invalid/expired access tokens are an expected condition (the client + // refreshes on the resulting 401), so verifyAccessToken deliberately + // does NOT log them as errors — only genuinely unexpected failures. + expect(consoleSpy).not.toHaveBeenCalled(); consoleSpy.mockRestore(); }); - it("returns null for expired JWT", async () => { + it("returns null WITHOUT logging for an expired JWT", async () => { const consoleSpy = vi .spyOn(console, "error") .mockImplementation(() => {}); @@ -27,7 +29,7 @@ describe("auth service", () => { ); const result = await verifyAccessToken(expiredToken); expect(result).toBeNull(); - expect(consoleSpy).toHaveBeenCalled(); + expect(consoleSpy).not.toHaveBeenCalled(); consoleSpy.mockRestore(); }); });