mirror of
https://github.com/azaion/missions.git
synced 2026-06-21 08:01:07 +00:00
Enhance test infrastructure and configuration for JWKS and Docker setup
ci/woodpecker/push/build-arm Pipeline was successful
ci/woodpecker/push/build-arm Pipeline was successful
- Updated Azaion.Missions.csproj to exclude test sources from service compilation, preventing build failures due to test project dependencies. - Modified docker-compose.test.yml to preload the pg_stat_statements extension for testing and adjusted JWT refresh intervals for better test execution timing. - Enhanced Dockerfile to install wget for health checks and ensure proper initialization of the container. - Introduced a test-only endpoint for JWKS refresh to facilitate end-to-end testing without relying on the default refresh intervals. - Updated DTOs in ApiDtos.cs to reflect camelCase naming conventions for consistency with service responses. - Improved test cases to handle JWKS rotation and refresh scenarios effectively, ensuring robust validation of JWT handling. This commit lays the groundwork for more reliable and efficient testing of the Azaion.Missions project.
This commit is contained in:
Oleksandr Bezdieniezhnykh
+30
@@ -77,6 +77,36 @@ app.UseSwaggerUI();
|
||||
app.MapControllers();
|
||||
app.MapGet("/health", () => Results.Ok(new { status = "healthy" }));
|
||||
|
||||
// Test-only JWKS refresh hook. The Microsoft.IdentityModel ConfigurationManager
|
||||
// hard-pins the AutomaticRefreshInterval floor to 5 minutes (static field), so
|
||||
// JWKS-rotation e2e scenarios cannot rely on the proactive refresh path inside
|
||||
// a 15-minute CI window. RequestRefresh() itself is throttled by
|
||||
// RefreshInterval after the first call — two rotation tests running within
|
||||
// 1 second cannot both refresh through the public API. The endpoint sidesteps
|
||||
// the throttle by resetting `_isFirstRefreshRequest` via reflection so each
|
||||
// call behaves like the very first refresh request. This is a TEST-ONLY
|
||||
// affordance — gated on ASPNETCORE_ENVIRONMENT=Test; production never maps
|
||||
// the route. See Helpers/JwksRefreshHelper.cs for the test-side caller.
|
||||
if (app.Environment.IsEnvironment("Test"))
|
||||
{
|
||||
app.MapPost("/test/refresh-jwks", async (
|
||||
Microsoft.IdentityModel.Protocols.IConfigurationManager<Microsoft.IdentityModel.Tokens.JsonWebKeySet> mgr,
|
||||
CancellationToken cancel) =>
|
||||
{
|
||||
var firstField = mgr.GetType().GetField(
|
||||
"_isFirstRefreshRequest",
|
||||
System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);
|
||||
firstField?.SetValue(mgr, true);
|
||||
mgr.RequestRefresh();
|
||||
var jwks = await mgr.GetConfigurationAsync(cancel).ConfigureAwait(false);
|
||||
return Results.Ok(new
|
||||
{
|
||||
refreshed = true,
|
||||
kids = jwks.GetSigningKeys().Select(k => k.KeyId).ToArray(),
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
app.Run();
|
||||
|
||||
static string ConvertPostgresUrl(string url)
|
||||
|
||||
Reference in New Issue
Block a user