sprints work

src/__Libraries/StellaOps.TestKit/Connectors/ConnectorResilienceTestBase.cs

@@ -160,106 +160,3 @@ public abstract class ConnectorResilienceTestBase : IDisposable
         GC.SuppressFinalize(this);
     }
 }
-
-/// <summary>
-/// Base class for connector security tests.
-/// Tests URL allowlist, redirect handling, max payload size, decompression bombs.
-/// </summary>
-public abstract class ConnectorSecurityTestBase : IDisposable
-{
-    protected readonly ConnectorHttpFixture HttpFixture;
-    private bool _disposed;
-
-    protected ConnectorSecurityTestBase()
-    {
-        HttpFixture = new ConnectorHttpFixture();
-    }
-
-    /// <summary>
-    /// Attempts to fetch from URL and returns whether it was allowed.
-    /// </summary>
-    protected abstract Task<bool> IsUrlAllowedAsync(string url, CancellationToken ct = default);
-
-    /// <summary>
-    /// Gets the maximum allowed payload size in bytes.
-    /// </summary>
-    protected abstract long MaxPayloadSizeBytes { get; }
-
-    /// <summary>
-    /// Gets the list of allowed URL patterns/domains.
-    /// </summary>
-    protected abstract IReadOnlyList<string> AllowedUrlPatterns { get; }
-
-    [Fact]
-    public async Task AllowlistedUrl_IsAccepted()
-    {
-        foreach (var pattern in AllowedUrlPatterns)
-        {
-            var url = pattern.Replace("*", "test");
-            HttpFixture.AddJsonResponse(url, "{}");
-            
-            var allowed = await IsUrlAllowedAsync(url);
-            allowed.Should().BeTrue($"URL '{url}' should be allowed");
-        }
-    }
-
-    [Fact]
-    public async Task NonAllowlistedUrl_IsRejected()
-    {
-        var disallowedUrls = new[]
-        {
-            "https://evil.example.com/api",
-            "http://malicious.test/data",
-            "file:///etc/passwd",
-            "data:text/html,<script>alert(1)</script>"
-        };
-
-        foreach (var url in disallowedUrls)
-        {
-            HttpFixture.AddJsonResponse(url, "{}");
-            
-            var allowed = await IsUrlAllowedAsync(url);
-            allowed.Should().BeFalse($"URL '{url}' should be rejected");
-        }
-    }
-
-    [Fact]
-    public async Task OversizedPayload_IsRejected()
-    {
-        // Create payload larger than max
-        var largePayload = new string('x', (int)MaxPayloadSizeBytes + 1000);
-        HttpFixture.AddJsonResponse("https://test.example.com/*", $"{{\"data\":\"{largePayload}\"}}");
-
-        Func<Task> act = async () => await IsUrlAllowedAsync("https://test.example.com/api");
-        
-        // Should either return false or throw
-        // Implementation-specific behavior
-    }
-
-    [Fact]
-    public async Task DecompressionBomb_IsRejected()
-    {
-        // Create a small gzipped payload that expands to large size
-        // This is a simplified test - real decompression bombs are more sophisticated
-        var smallCompressed = "{}"; // In reality, this would be crafted maliciously
-        HttpFixture.AddGzipJsonResponse("https://test.example.com/*", smallCompressed);
-
-        // The connector should detect and reject decompression bombs
-        // Implementation varies by connector
-    }
-
-    [Fact]
-    public async Task HttpsRedirectToHttp_IsRejected()
-    {
-        // Test that HTTPS -> HTTP downgrades are rejected
-        // This requires redirect handling implementation
-    }
-
-    public void Dispose()
-    {
-        if (_disposed) return;
-        HttpFixture.Dispose();
-        _disposed = true;
-        GC.SuppressFinalize(this);
-    }
-}