[AZ-189] [AZ-190] [AZ-191] [AZ-192] [AZ-193] [AZ-194] [AZ-195] Add e2e blackbox test suite

Made-with: Cursor

_docs/02_document/modules/services_auth_service.md

@@ -0,0 +1,48 @@
+# Module: Azaion.Services.AuthService
+
+## Purpose
+JWT token creation and current-user resolution from HTTP context claims.
+
+## Public Interface
+
+### IAuthService
+| Method | Signature | Description |
+|--------|-----------|-------------|
+| `GetCurrentUser` | `Task<User?> GetCurrentUser()` | Extracts email from JWT claims, returns full User entity |
+| `CreateToken` | `string CreateToken(User user)` | Generates a signed JWT token for the given user |
+
+## Internal Logic
+- **GetCurrentUser**: reads `ClaimTypes.Name` from `HttpContext.User.Claims`, then delegates to `IUserService.GetByEmail`.
+- **CreateToken**: builds a `SecurityTokenDescriptor` with claims (NameIdentifier = user ID, Name = email, Role = role), signs with HMAC-SHA256 using the configured secret, sets expiry from `JwtConfig.TokenLifetimeHours`.
+
+Private method:
+- `GetCurrentUserEmail` — extracts email from claims dictionary.
+
+## Dependencies
+- `IHttpContextAccessor` — for accessing current HTTP context
+- `IOptions<JwtConfig>` — JWT configuration
+- `IUserService` — for `GetByEmail` lookup
+- `System.IdentityModel.Tokens.Jwt`
+- `Microsoft.IdentityModel.Tokens`
+
+## Consumers
+- `Program.cs` `/login` endpoint — calls `CreateToken` after successful validation
+- `Program.cs` `/users/current`, `/resources/get`, `/resources/get-installer`, `/resources/check` — call `GetCurrentUser`
+
+## Data Models
+None.
+
+## Configuration
+Uses `JwtConfig` (Issuer, Audience, Secret, TokenLifetimeHours).
+
+## External Integrations
+None.
+
+## Security
+- Token includes user ID, email, and role as claims
+- Signed with HMAC-SHA256
+- Expiry controlled by `TokenLifetimeHours` config
+- Token validation parameters are configured in `Program.cs` (ValidateIssuer, ValidateAudience, ValidateLifetime, ValidateIssuerSigningKey)
+
+## Tests
+None.