azaion/missions
1
0
Fork 0
mirror of https://github.com/azaion/missions.git synced 2026-06-21 06:41:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
24c4561bef0e07660509c2d7933c6ccf90aeef6c
missions/tests/Azaion.Missions.E2E.Tests/Tests/Resilience/JwksRotationNoRestartTests.cs
T
Oleksandr Bezdieniezhnykh 24c4561bef [AZ-581] [AZ-582] [AZ-583] [AZ-584] Sec+Res NFT tests 
Batch 3 of test implementation cycle 1 (existing-code Step 6).

- AZ-581 AuthClaimsTests: NFT-SEC-01..06+04b (foreign-keypair, byte-flip,
  30s skew, iss/aud/perms, multi-value permissions array).
- AZ-582 CrossCutting/ErrorRedaction/JwksRotation/StartupConfig/CorsConfig:
  NFT-SEC-07..13 (alg pin, kid rotation grace window, env fail-fast, CORS
  Production gate).
- AZ-583 CascadeF3/CascadeF4/MigratorRestart: NFT-RES-01..04. CascadeF4
  pins current walk-order divergence with carry_forward AC-4.6.
- AZ-584 ConfigDbStartup/JwksRotationNoRestart/DefaultVehicleRace:
  NFT-RES-05..08. NFT-RES-08 pins current behaviour (unique-index closes
  the race) with carry_forward AC-1.4.

Mock contract: SignBody accepts permissions OR permissions_array (mutually
exclusive). TokenSigner validates kid_override against published keys so
NFT-SEC-11 can assert "mock refuses old kid post-grace".

Helpers added: ForeignKeypair (test-only ECDSA P-256),
MissionsContainerHelper (docker-run wrapper for startup-time scenarios),
DockerLogs.

7 of 22 new tests are Skippable, gated on COMPOSE_RESTART_ENABLED + docker
CLI in the e2e-consumer image (explicit skip reason; no silent pass).

Build green: test csproj + jwks-mock csproj.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-15 08:58:59 +03:00

95 lines
3.7 KiB
C#
Raw Blame History

using System.Diagnostics;
using System.Net;
using System.Net.Http.Headers;
using System.Net.Http.Json;
using System.Text.Json;
using Azaion.Missions.E2E.Fixtures;
using Azaion.Missions.E2E.Helpers;
using Xunit;
namespace Azaion.Missions.E2E.Tests.Resilience;
/// <summary>
/// NFT-RES-07 — operational counterpart of NFT-SEC-11. Verifies that a JWKS
/// rotation propagates through the SUT WITHOUT a process restart. The
/// security-shaped variant lives in <c>Tests/Security/JwksRotationTests.cs</c>;
/// here the assertion focuses on
/// <c>docker inspect --format '{{.State.StartedAt}}' missions-sut</c>
/// returning the SAME ISO-8601 timestamp before and after the rotation flow.
/// Traces: AC-5.7.
/// </summary>
[Collection("JwksRotation")]
[Trait("Category", "Res")]
[Trait("db_access", "seed-or-assert-only")]
public sealed class JwksRotationNoRestartTests : TestBase, IClassFixture<DbResetFixture>
{
[SkippableFact(Timeout = 200_000)]
[Trait("Traces", "AC-5.7")]
[Trait("max_ms", "180000")]
public async Task NFT_RES_07_jwks_rotation_propagates_without_missions_restart()
{
Skip.IfNot(MissionsContainerHelper.Enabled,
"Requires docker CLI access (COMPOSE_RESTART_ENABLED=1) to read StartedAt.");
// Arrange — capture StartedAt before any rotation activity so the
// post-flow comparison is anchored to "before this test started".
DbResetFixture.ResetDatabase(TestEnvironment.DbSideChannel);
Seeds.Apply(Seeds.OneDefaultVehicle.Sql);
var startedAtBefore = MissionsContainerHelper.GetStartedAt("missions-sut");
var t1 = await Tokens.MintDefaultAsync();
var kidV1 = t1.Kid;
using (var resp = await CallVehiclesAsync(t1.Jwt))
await HttpAssertions.AssertStatusAsync(resp, HttpStatusCode.OK);
// Act 1 — rotate; mint a token with the new kid; assert pre-refresh 401.
var kidV2 = await RotateMockAsync();
Assert.NotEqual(kidV1, kidV2);
var t2 = await Tokens.MintDefaultAsync();
Assert.Equal(kidV2, t2.Kid);
using (var resp = await CallVehiclesAsync(t2.Jwt))
await HttpAssertions.AssertStatusAsync(resp, HttpStatusCode.Unauthorized);
// Act 2 — wait for refresh.
var refreshDeadline = DateTime.UtcNow.AddSeconds(90);
var refreshed = false;
while (DateTime.UtcNow < refreshDeadline)
{
using var resp = await CallVehiclesAsync(t2.Jwt);
if (resp.StatusCode == HttpStatusCode.OK)
{
refreshed = true;
break;
}
await Task.Delay(TimeSpan.FromSeconds(3));
}
Assert.True(refreshed,
"JWKS refresh did not propagate to missions within 90s");
// Assert — service did NOT restart.
var startedAtAfter = MissionsContainerHelper.GetStartedAt("missions-sut");
Assert.Equal(startedAtBefore, startedAtAfter);
}
private async Task<HttpResponseMessage> CallVehiclesAsync(string jwt)
{
var req = new HttpRequestMessage(HttpMethod.Get, "/vehicles");
req.Headers.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
return await Missions.SendAsync(req);
}
private static async Task<string> RotateMockAsync()
{
using var http = new HttpClient { Timeout = TimeSpan.FromSeconds(10) };
var rotateUrl = new Uri(new Uri(TestEnvironment.JwksMockBaseUrl), "/rotate-key");
using var resp = await http.PostAsync(rotateUrl, content: null);
resp.EnsureSuccessStatusCode();
var body = await resp.Content.ReadFromJsonAsync<JsonElement>();
return body.GetProperty("kid").GetString()
?? throw new InvalidOperationException("mock /rotate-key returned no kid");
}
}
Reference in New Issue View Git Blame Copy Permalink