Begin work for supporting GoogleSignIn server-side

I'm attempting to be an obedient boy and implement this and future features
using TDD.

TL;DR:
- Defined a few tests
- Defined an empty GoogleSignIn module
- Defined a Fixtures module to quickly create JWTs to test

1 files changed, 21 insertions, 5 deletions

diff --git a/website/sandbox/learnpianochords/src/server/Spec.hs b/website/sandbox/learnpianochords/src/server/Spec.hs
index dfdd3ddebb05..69add5261836 100644
--- a/website/sandbox/learnpianochords/src/server/Spec.hs
+++ b/website/sandbox/learnpianochords/src/server/Spec.hs
@@ -1,13 +1,29 @@
+{-# LANGUAGE OverloadedStrings #-}
 --------------------------------------------------------------------------------
 module Spec where
 --------------------------------------------------------------------------------
 import Test.Hspec
-import Test.QuickCheck
-import Control.Exception (evaluate)
+import Web.JWT
+import Utils
+
+import qualified GoogleSignIn
+import qualified Fixtures as F
 --------------------------------------------------------------------------------
 
 main :: IO ()
 main = hspec $ do
-  describe "Testing" $ do
-    it "is setup" $ do
-      True == True
+  describe "GoogleSignIn" $ do
+    describe "jwtIsValid" $ do
+      it "returns false when the signature is invalid" $ do
+        let mJWT = F.defaultJWTFields { F.overwriteSigner = hmacSecret "wrong" }
+                   |> F.googleJWT
+        case mJWT of
+          Nothing -> True == False
+          Just jwt -> GoogleSignIn.jwtIsValid jwt == False
+
+      it "returns false when the aud field doesn't match my client ID" $ do
+        let mJWT = F.defaultJWTFields { F.overwriteAud = stringOrURI "wrong" }
+                  |> F.googleJWT
+        case mJWT of
+          Nothing -> True == False
+          Just jwt -> GoogleSignIn.jwtIsValid jwt == False