mirror of
https://github.com/azaion/satellite-provider.git
synced 2026-06-21 23:21:13 +00:00
Oleksandr Bezdieniezhnykh
96cd3c4495
Adds Microsoft.AspNetCore.Authentication.JwtBearer 8.0.21 and the SatelliteProvider.Api.Authentication.AddSatelliteJwt extension that validates HS256 tokens against a shared JWT_SECRET (>=32 bytes, fail fast at startup). Every minimal-API endpoint now carries .RequireAuthorization(); the middleware chain is UseExceptionHandler -> UseHttpsRedirection -> UseCors -> UseAuthentication -> UseAuthorization -> endpoints. Swagger UI gets a Bearer security definition so the Authorize button works. Test infrastructure: JwtTokenFactory (unit) and JwtTestHelpers (integration) mint deterministic tokens against the same secret; the integration test runner attaches a default Bearer token to its shared HttpClient so existing tests continue to exercise protected endpoints. JwtIntegrationTests adds AC-1..AC-4 and AC-7 (Swagger advertises Bearer) end-to-end; AuthenticationServiceCollectionExtensionsTests covers AC-5 (missing/empty/short secret fail-fast) plus env-var precedence; JwtTokenFactoryTests covers AC-6 (claims pass through the JwtSecurityTokenHandler.ValidateToken path JwtBearer uses). docker-compose and scripts/run-tests.sh now propagate JWT_SECRET to the api and integration-tests containers, with a >=32-byte guard. .env.example documents the required keys; .env stays gitignored. Code review verdict: PASS_WITH_WARNINGS (2 Low findings surfaced in _docs/03_implementation/reviews/batch_01_cycle2_review.md). Cross-component coordination: gps-denied-onboard and the mission planner UI must attach Bearer tokens before this lands in dev. Co-authored-by: Cursor <cursoragent@cursor.com>
35 lines
819 B
YAML
35 lines
819 B
YAML
services:
|
|
postgres:
|
|
extends:
|
|
file: docker-compose.yml
|
|
service: postgres
|
|
|
|
api:
|
|
extends:
|
|
file: docker-compose.yml
|
|
service: api
|
|
|
|
integration-tests:
|
|
build:
|
|
context: .
|
|
dockerfile: SatelliteProvider.IntegrationTests/Dockerfile
|
|
container_name: satellite-provider-integration-tests
|
|
environment:
|
|
- API_URL=http://api:8080
|
|
- INTEGRATION_TESTS_MODE=${INTEGRATION_TESTS_MODE:-full}
|
|
- DB_CONNECTION_STRING=Host=postgres;Port=5432;Database=satelliteprovider;Username=postgres;Password=postgres
|
|
- JWT_SECRET=${JWT_SECRET}
|
|
volumes:
|
|
- ./ready:/app/ready
|
|
- ./tiles:/app/tiles
|
|
depends_on:
|
|
api:
|
|
condition: service_started
|
|
postgres:
|
|
condition: service_healthy
|
|
restart: "no"
|
|
|
|
volumes:
|
|
postgres_data:
|
|
|