azaion/satellite-provider
1
0
Fork 0
mirror of https://github.com/azaion/satellite-provider.git synced 2026-06-21 10:31:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

[AZ-491] Cycle 3 batch 2: consolidate JWT test-mint helpers into TestSupport
ci/woodpecker/push/01-test Pipeline was successful
Details
ci/woodpecker/push/02-build-push Pipeline was successful
Details

Browse Source 
AZ-491 (3 SP): eliminate the cycle-2 duplicate of JWT-minting logic
that existed in both SatelliteProvider.Tests/TestUtilities/
JwtTokenFactory.cs (unit-side) and SatelliteProvider.IntegrationTests/
JwtTestHelpers.cs (integration-side), where the same Expires <
NotBefore bug needed parallel fixes in commits f64d0d7 + 11b7074.

Option A chosen: new SatelliteProvider.TestSupport class library
(no test framework) holds the canonical JwtTokenFactory.Create /
CreateExpired / TamperSignature. Both Tests and IntegrationTests
consume it via ProjectReference; production projects (Api, Common,
DataAccess, Services.*) cannot depend on it. The notBefore-shift
workaround is preserved with an inline regression-prevention comment
back-referencing the cycle-2 fix commits.

SatelliteProvider.IntegrationTests/JwtTestHelpers.cs is stripped to
runner-only concerns: ResolveSecretOrThrow, AttachDefaultAuthorization,
and the DefaultSubject = "integration-tests" constant. Call sites in
Program.cs, JwtIntegrationTests.cs, and UavUploadTests.cs (10 sites)
switched to JwtTokenFactory.* with JwtTestHelpers.DefaultSubject
explicitly passed for the runner subject - behavior parity preserved.

Dockerfile for IntegrationTests gets the new TestSupport csproj
in its pre-restore COPY layer. Api Dockerfile unchanged (TestSupport
is NOT a production dependency).

A new code-review SKILL.md Phase 6 checklist row flags near-identical
helper logic across test projects as a Medium / Maintainability
finding with explicit cycle-2 retro back-reference, so this whole
pattern stops at one occurrence.

module-layout.md adds a TestSupport Shared/Cross-Cutting entry
documenting the production-isolation invariant. tests_unit.md +
tests_integration.md updated to describe the consolidated layout.
sln updated.

Test-suite gate (AC-2 + AC-3) deferred to Step 16 Final Test Run
per implement-skill convention. Per-batch review verdict:
PASS_WITH_WARNINGS with 1 Low (pre-existing 7.0.3 version pin
preserved verbatim from cycle-2 IntegrationTests csproj for parity;
not blocking; deferred bump).

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
2026-05-12 01:32:24 +03:00
parent 9cfd80babe
commit c396740644
19 changed files with 182 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SatelliteProvider.IntegrationTests/JwtIntegrationTests.cs
+5 -4
View File
@@ -1,5 +1,6 @@
using System.Net;
using System.Net.Http.Headers;
using SatelliteProvider.TestSupport;
namespace SatelliteProvider.IntegrationTests;
@@ -44,7 +45,7 @@ public static class JwtIntegrationTests
Console.WriteLine("AZ-487 AC-2: Expired token returns 401");
using var client = new HttpClient { BaseAddress = new Uri(apiUrl), Timeout = TimeSpan.FromMinutes(1) };
var expired = JwtTestHelpers.MintExpiredToken(secret);
var expired = JwtTokenFactory.CreateExpired(secret, JwtTestHelpers.DefaultSubject);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", expired);
var response = await client.GetAsync(ProtectedTilesPath);
@@ -64,8 +65,8 @@ public static class JwtIntegrationTests
Console.WriteLine("AZ-487 AC-3: Tampered signature returns 401");
using var client = new HttpClient { BaseAddress = new Uri(apiUrl), Timeout = TimeSpan.FromMinutes(1) };
var valid = JwtTestHelpers.MintValidToken(secret);
var tampered = JwtTestHelpers.TamperSignature(valid);
var valid = JwtTokenFactory.Create(secret, JwtTestHelpers.DefaultSubject);
var tampered = JwtTokenFactory.TamperSignature(valid);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tampered);
var response = await client.GetAsync(ProtectedRegionPath);
@@ -85,7 +86,7 @@ public static class JwtIntegrationTests
Console.WriteLine("AZ-487 AC-4: Valid token reaches handler unchanged");
using var client = new HttpClient { BaseAddress = new Uri(apiUrl), Timeout = TimeSpan.FromMinutes(2) };
var valid = JwtTestHelpers.MintValidToken(secret);
var valid = JwtTokenFactory.Create(secret, JwtTestHelpers.DefaultSubject);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", valid);
var response = await client.GetAsync(ProtectedTilesPath);