mirror of
https://github.com/azaion/satellite-provider.git
synced 2026-06-21 21:01:14 +00:00
Oleksandr Bezdieniezhnykh
c396740644
AZ-491 (3 SP): eliminate the cycle-2 duplicate of JWT-minting logic that existed in both SatelliteProvider.Tests/TestUtilities/ JwtTokenFactory.cs (unit-side) and SatelliteProvider.IntegrationTests/ JwtTestHelpers.cs (integration-side), where the same Expires < NotBefore bug needed parallel fixes in commitsf64d0d7+11b7074. Option A chosen: new SatelliteProvider.TestSupport class library (no test framework) holds the canonical JwtTokenFactory.Create / CreateExpired / TamperSignature. Both Tests and IntegrationTests consume it via ProjectReference; production projects (Api, Common, DataAccess, Services.*) cannot depend on it. The notBefore-shift workaround is preserved with an inline regression-prevention comment back-referencing the cycle-2 fix commits. SatelliteProvider.IntegrationTests/JwtTestHelpers.cs is stripped to runner-only concerns: ResolveSecretOrThrow, AttachDefaultAuthorization, and the DefaultSubject = "integration-tests" constant. Call sites in Program.cs, JwtIntegrationTests.cs, and UavUploadTests.cs (10 sites) switched to JwtTokenFactory.* with JwtTestHelpers.DefaultSubject explicitly passed for the runner subject - behavior parity preserved. Dockerfile for IntegrationTests gets the new TestSupport csproj in its pre-restore COPY layer. Api Dockerfile unchanged (TestSupport is NOT a production dependency). A new code-review SKILL.md Phase 6 checklist row flags near-identical helper logic across test projects as a Medium / Maintainability finding with explicit cycle-2 retro back-reference, so this whole pattern stops at one occurrence. module-layout.md adds a TestSupport Shared/Cross-Cutting entry documenting the production-isolation invariant. tests_unit.md + tests_integration.md updated to describe the consolidated layout. sln updated. Test-suite gate (AC-2 + AC-3) deferred to Step 16 Final Test Run per implement-skill convention. Per-batch review verdict: PASS_WITH_WARNINGS with 1 Low (pre-existing 7.0.3 version pin preserved verbatim from cycle-2 IntegrationTests csproj for parity; not blocking; deferred bump). Co-authored-by: Cursor <cursoragent@cursor.com>
36 lines
1.2 KiB
C#
36 lines
1.2 KiB
C#
using System.Net.Http.Headers;
|
|
using System.Text;
|
|
|
|
namespace SatelliteProvider.IntegrationTests;
|
|
|
|
public static class JwtTestHelpers
|
|
{
|
|
public const string JwtSecretEnvVar = "JWT_SECRET";
|
|
public const string DefaultSubject = "integration-tests";
|
|
|
|
public static string ResolveSecretOrThrow()
|
|
{
|
|
var secret = Environment.GetEnvironmentVariable(JwtSecretEnvVar);
|
|
if (string.IsNullOrWhiteSpace(secret))
|
|
{
|
|
throw new InvalidOperationException(
|
|
$"{JwtSecretEnvVar} is not set in the integration test environment. " +
|
|
"It must match the JWT_SECRET configured for the API container.");
|
|
}
|
|
|
|
var byteLength = Encoding.UTF8.GetByteCount(secret);
|
|
if (byteLength < 32)
|
|
{
|
|
throw new InvalidOperationException(
|
|
$"{JwtSecretEnvVar} is {byteLength} bytes; the test runner requires at least 32 bytes to match API validation.");
|
|
}
|
|
|
|
return secret;
|
|
}
|
|
|
|
public static void AttachDefaultAuthorization(HttpClient httpClient, string token)
|
|
{
|
|
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
|
|
}
|
|
}
|