1  """Tests for identity and device resource services (Phase 2)."""
 2  
 3  import pytest
 4  
 5  from auths import AgentIdentity, Auths, DelegatedAgent, Device, Identity
 6  
 7  
 8  @pytest.fixture
 9  def auths(tmp_path):
10      """Create an Auths client with a temp directory (registry auto-inits on first use)."""
11      repo = tmp_path / "test-repo"
12      repo.mkdir()
13      return Auths(repo_path=str(repo), passphrase="Test-pass-123")
14  
15  
16  def test_create_identity(auths):
17      """auths.identities.create() should return an Identity with a did:keri: DID."""
18      identity = auths.identities.create(label="test-key")
19      assert isinstance(identity, Identity)
20      assert identity.did.startswith("did:keri:")
21      assert identity.label == "test-key"
22  
23  
24  def test_delegate_agent(auths):
25      """identities.delegate_agent() should return a DelegatedAgent with did:key: prefix."""
26      identity = auths.identities.create(label="test-key")
27      agent = auths.identities.delegate_agent(
28          identity.did, name="ci-bot", capabilities=["sign"]
29      )
30      assert isinstance(agent, DelegatedAgent)
31      assert agent.did.startswith("did:key:")
32      assert agent._key_alias == "ci-bot-agent"
33      assert agent.attestation
34  
35  
36  def test_create_agent_identity(auths):
37      """identities.create_agent() should return an AgentIdentity with did:keri: prefix."""
38      agent = auths.identities.create_agent(name="standalone-bot", capabilities=["sign"])
39      assert isinstance(agent, AgentIdentity)
40      assert agent.did.startswith("did:keri:")
41      assert agent._key_alias == "standalone-bot-agent"
42  
43  
44  def test_device_lifecycle(auths):
45      """Full device lifecycle: link -> verify -> revoke."""
46      identity = auths.identities.create(label="test-key")
47  
48      device = auths.devices.link(
49          identity_did=identity.did,
50          capabilities=["sign"],
51          expires_in_days=90,
52      )
53      assert isinstance(device, Device)
54      assert device.did.startswith("did:key:")
55  
56      auths.devices.revoke(
57          device.did, identity_did=identity.did, note="test revocation"
58      )
59  
60  
61  def test_stripe_style_chaining(auths):
62      """The full 'Stripe for identity' flow should work end-to-end."""
63      identity = auths.identities.create(label="laptop")
64      agent = auths.identities.delegate_agent(
65          identity.did, name="deploy-bot", capabilities=["sign", "verify"]
66      )
67      device = auths.devices.link(
68          identity_did=identity.did, capabilities=["sign"]
69      )
70      auths.devices.revoke(device.did, identity_did=identity.did)