tests fixes and some product advisories tunes ups

2026-01-30 07:57:43 +02:00
parent 644887997c
commit 55744f6a39
345 changed files with 26290 additions and 2267 deletions
--- a/src/Platform/__Tests/StellaOps.Platform.WebService.Tests/PlatformWebApplicationFactory.cs
+++ b/src/Platform/__Tests/StellaOps.Platform.WebService.Tests/PlatformWebApplicationFactory.cs
@@ -1,8 +1,15 @@
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Mvc.Testing;
+using Microsoft.AspNetCore.TestHost;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;

 namespace StellaOps.Platform.WebService.Tests;

@@ -24,11 +31,20 @@ public sealed class PlatformWebApplicationFactory : WebApplicationFactory<Progra

        builder.ConfigureAppConfiguration((context, config) =>
        {
-            // Add in-memory configuration to disable telemetry
+            // Add in-memory configuration to cover all required options
            config.AddInMemoryCollection(new Dictionary<string, string?>
            {
                ["Telemetry:Enabled"] = "false",
-                ["OTEL_SDK_DISABLED"] = "true"
+                ["OTEL_SDK_DISABLED"] = "true",
+                ["Platform:Authority:Issuer"] = "https://authority.local",
+                ["Platform:Authority:RequireHttpsMetadata"] = "false",
+                ["Platform:Authority:BypassNetworks:0"] = "127.0.0.1/32",
+                ["Platform:Authority:BypassNetworks:1"] = "::1/128",
+                ["Platform:Storage:Driver"] = "memory",
+                ["Platform:Storage:Schema"] = "platform",
+                ["Platform:AnalyticsMaintenance:Enabled"] = "false",
+                ["Platform:AnalyticsMaintenance:RunOnStartup"] = "false",
+                ["Platform:AnalyticsIngestion:Enabled"] = "false",
            });
        });

@@ -52,6 +68,78 @@ public sealed class PlatformWebApplicationFactory : WebApplicationFactory<Progra
            {
                services.Remove(descriptor);
            }
+
+            // Remove all background/hosted services that depend on external infrastructure
+            // (database connections, message queues, etc.) which are unavailable in tests
+            services.RemoveAll<IHostedService>();
+        });
+
+        // ConfigureTestServices runs AFTER Program.cs, so these registrations take priority
+        builder.ConfigureTestServices(services =>
+        {
+            // Replace authentication with a test scheme that always succeeds.
+            // WebApplicationFactory uses in-memory transport where RemoteIpAddress is null,
+            // so the bypass network evaluator cannot match and JWT auth has no token issuer.
+            services.AddAuthentication(TestAuthHandler.SchemeName)
+                .AddScheme<AuthenticationSchemeOptions, TestAuthHandler>(
+                    TestAuthHandler.SchemeName, _ => { });
+
+            // Override default authentication scheme so the test handler is actually invoked
+            services.PostConfigureAll<AuthenticationOptions>(options =>
+            {
+                options.DefaultAuthenticateScheme = TestAuthHandler.SchemeName;
+                options.DefaultChallengeScheme = TestAuthHandler.SchemeName;
+                options.DefaultScheme = TestAuthHandler.SchemeName;
+            });
+
+            // Replace the scope authorization handler with one that always succeeds
+            services.RemoveAll<Microsoft.AspNetCore.Authorization.IAuthorizationHandler>();
+            services.AddSingleton<Microsoft.AspNetCore.Authorization.IAuthorizationHandler,
+                TestAllowAllAuthorizationHandler>();
        });
    }
+
+    /// <summary>
+    /// Authentication handler that unconditionally succeeds with a minimal principal.
+    /// Tenant and actor are resolved from request headers by PlatformRequestContextResolver.
+    /// </summary>
+    private sealed class TestAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
+    {
+        public const string SchemeName = "TestScheme";
+
+        public TestAuthHandler(
+            IOptionsMonitor<AuthenticationSchemeOptions> options,
+            ILoggerFactory logger,
+            UrlEncoder encoder)
+            : base(options, logger, encoder)
+        {
+        }
+
+        protected override Task<AuthenticateResult> HandleAuthenticateAsync()
+        {
+            var identity = new ClaimsIdentity(SchemeName);
+            var principal = new ClaimsPrincipal(identity);
+            var ticket = new AuthenticationTicket(principal, SchemeName);
+            return Task.FromResult(AuthenticateResult.Success(ticket));
+        }
+    }
+
+    /// <summary>
+    /// Authorization handler that unconditionally succeeds for all requirements.
+    /// Replaces the StellaOps scope handler in test mode.
+    /// </summary>
+    private sealed class TestAllowAllAuthorizationHandler
+        : Microsoft.AspNetCore.Authorization.IAuthorizationHandler
+    {
+        public Task HandleAsync(
+            Microsoft.AspNetCore.Authorization.AuthorizationHandlerContext context)
+        {
+            foreach (var requirement in context.PendingRequirements.ToList())
+            {
+                context.Succeed(requirement);
+            }
+
+            return Task.CompletedTask;
+        }
+    }
 }