up
This commit is contained in:
StellaOps Bot
@@ -22,7 +22,7 @@ public sealed class LdapClientProvisioningStoreTests
|
||||
private readonly TestTimeProvider timeProvider = new(new DateTimeOffset(2025, 11, 9, 8, 0, 0, TimeSpan.Zero));
|
||||
|
||||
[Fact]
|
||||
public async Task CreateOrUpdateAsync_WritesToMongoLdapAndAudit()
|
||||
public async Task CreateOrUpdateAsync_WritesToStorageLdapAndAudit()
|
||||
{
|
||||
var clientStore = new TrackingClientStore();
|
||||
var revocationStore = new TrackingRevocationStore();
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
namespace StellaOps.Authority.Storage.Mongo.Documents;
|
||||
namespace StellaOps.Authority.Storage.Documents;
|
||||
|
||||
/// <summary>
|
||||
/// Represents a bootstrap invite document.
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
namespace StellaOps.Authority.Storage.Mongo.Documents;
|
||||
namespace StellaOps.Authority.Storage.Documents;
|
||||
|
||||
/// <summary>
|
||||
/// Result status for token usage recording.
|
||||
|
||||
@@ -4,7 +4,7 @@ using StellaOps.Authority.Storage.InMemory.Initialization;
|
||||
using StellaOps.Authority.Storage.InMemory.Sessions;
|
||||
using StellaOps.Authority.Storage.InMemory.Stores;
|
||||
|
||||
namespace StellaOps.Authority.Storage.Mongo.Extensions;
|
||||
namespace StellaOps.Authority.Storage.Extensions;
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim storage options. In PostgreSQL mode, these are largely unused.
|
||||
@@ -17,16 +17,16 @@ public sealed class AuthorityStorageOptions
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Extension methods for configuring Authority MongoDB compatibility storage services.
|
||||
/// In PostgreSQL mode, this registers in-memory implementations for the Mongo interfaces.
|
||||
/// Extension methods for configuring Authority storage compatibility storage services.
|
||||
/// In PostgreSQL mode, this registers in-memory implementations for the storage interfaces.
|
||||
/// </summary>
|
||||
public static class ServiceCollectionExtensions
|
||||
{
|
||||
/// <summary>
|
||||
/// Adds Authority MongoDB compatibility storage services (in-memory implementations).
|
||||
/// Adds Authority storage compatibility storage services (in-memory implementations).
|
||||
/// For production PostgreSQL storage, use AddAuthorityPostgresStorage from StellaOps.Authority.Storage.Postgres.
|
||||
/// </summary>
|
||||
public static IServiceCollection AddAuthorityMongoStorage(
|
||||
public static IServiceCollection AddAuthorityInMemoryStorage(
|
||||
this IServiceCollection services,
|
||||
Action<AuthorityStorageOptions> configureOptions)
|
||||
{
|
||||
@@ -34,11 +34,11 @@ public static class ServiceCollectionExtensions
|
||||
configureOptions(options);
|
||||
services.AddSingleton(options);
|
||||
|
||||
RegisterMongoCompatServices(services, options);
|
||||
RegisterInMemoryServices(services, options);
|
||||
return services;
|
||||
}
|
||||
|
||||
private static void RegisterMongoCompatServices(IServiceCollection services, AuthorityStorageOptions options)
|
||||
private static void RegisterInMemoryServices(IServiceCollection services, AuthorityStorageOptions options)
|
||||
{
|
||||
// Register the initializer (no-op for Postgres mode)
|
||||
services.AddSingleton<AuthorityStorageInitializer>();
|
||||
|
||||
@@ -1,59 +1,59 @@
|
||||
using MongoDB.Bson;
|
||||
using StellaOps.Storage.Documents;
|
||||
|
||||
namespace MongoDB.Bson.Serialization.Attributes;
|
||||
namespace StellaOps.Storage.Serialization.Attributes;
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim for MongoDB BsonId attribute.
|
||||
/// Compatibility shim for storage Id attribute.
|
||||
/// In PostgreSQL mode, this attribute is ignored but allows code to compile.
|
||||
/// </summary>
|
||||
[AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
|
||||
public class BsonIdAttribute : Attribute
|
||||
public class StorageIdAttribute : Attribute
|
||||
{
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim for MongoDB BsonElement attribute.
|
||||
/// Compatibility shim for storage Element attribute.
|
||||
/// In PostgreSQL mode, this attribute is ignored but allows code to compile.
|
||||
/// </summary>
|
||||
[AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
|
||||
public class BsonElementAttribute : Attribute
|
||||
public class StorageElementAttribute : Attribute
|
||||
{
|
||||
public string ElementName { get; }
|
||||
|
||||
public BsonElementAttribute(string elementName)
|
||||
public StorageElementAttribute(string elementName)
|
||||
{
|
||||
ElementName = elementName;
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim for MongoDB BsonIgnore attribute.
|
||||
/// Compatibility shim for storage Ignore attribute.
|
||||
/// In PostgreSQL mode, this attribute is ignored but allows code to compile.
|
||||
/// </summary>
|
||||
[AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
|
||||
public class BsonIgnoreAttribute : Attribute
|
||||
public class StorageIgnoreAttribute : Attribute
|
||||
{
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim for MongoDB BsonIgnoreIfNull attribute.
|
||||
/// Compatibility shim for storage IgnoreIfNull attribute.
|
||||
/// In PostgreSQL mode, this attribute is ignored but allows code to compile.
|
||||
/// </summary>
|
||||
[AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
|
||||
public class BsonIgnoreIfNullAttribute : Attribute
|
||||
public class StorageIgnoreIfNullAttribute : Attribute
|
||||
{
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim for MongoDB BsonRepresentation attribute.
|
||||
/// Compatibility shim for storage Representation attribute.
|
||||
/// In PostgreSQL mode, this attribute is ignored but allows code to compile.
|
||||
/// </summary>
|
||||
[AttributeUsage(AttributeTargets.Property | AttributeTargets.Field)]
|
||||
public class BsonRepresentationAttribute : Attribute
|
||||
public class StorageRepresentationAttribute : Attribute
|
||||
{
|
||||
public BsonType Representation { get; }
|
||||
public StorageType Representation { get; }
|
||||
|
||||
public BsonRepresentationAttribute(BsonType representation)
|
||||
public StorageRepresentationAttribute(StorageType representation)
|
||||
{
|
||||
Representation = representation;
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
namespace MongoDB.Bson;
|
||||
namespace StellaOps.Storage.Documents;
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim for MongoDB ObjectId.
|
||||
/// Compatibility shim for storage ObjectId.
|
||||
/// In PostgreSQL mode, this wraps a GUID string.
|
||||
/// </summary>
|
||||
public readonly struct ObjectId : IEquatable<ObjectId>, IComparable<ObjectId>
|
||||
@@ -51,9 +51,9 @@ public readonly struct ObjectId : IEquatable<ObjectId>, IComparable<ObjectId>
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim for MongoDB BsonType enum.
|
||||
/// Compatibility shim for storage document type enum.
|
||||
/// </summary>
|
||||
public enum BsonType
|
||||
public enum StorageType
|
||||
{
|
||||
EndOfDocument = 0,
|
||||
Double = 1,
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
namespace StellaOps.Authority.Storage.Mongo.Sessions;
|
||||
namespace StellaOps.Authority.Storage.Sessions;
|
||||
|
||||
/// <summary>
|
||||
/// Compatibility shim for MongoDB session handle. In PostgreSQL mode, this is unused.
|
||||
/// Compatibility shim for database session handle. In PostgreSQL mode, this is unused.
|
||||
/// </summary>
|
||||
public interface IClientSessionHandle : IDisposable
|
||||
{
|
||||
|
||||
@@ -6,8 +6,8 @@
|
||||
<Nullable>enable</Nullable>
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
<TreatWarningsAsErrors>false</TreatWarningsAsErrors>
|
||||
<RootNamespace>StellaOps.Authority.Storage.Mongo</RootNamespace>
|
||||
<Description>MongoDB compatibility shim for Authority storage - provides in-memory implementations for Mongo interfaces while PostgreSQL migration is in progress</Description>
|
||||
<RootNamespace>StellaOps.Authority.Storage.InMemory</RootNamespace>
|
||||
<Description>In-memory storage shim for Authority - provides in-memory implementations for storage interfaces while PostgreSQL migration is in progress</Description>
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
|
||||
@@ -109,7 +109,7 @@ public sealed class AuthorityAdvisoryAiConsentEvaluatorTests
|
||||
Issuer = new Uri("https://authority.test")
|
||||
};
|
||||
|
||||
options.Storage.ConnectionString = "mongodb://localhost:27017/authority";
|
||||
options.Storage.ConnectionString = "Host=localhost;Port=5432;Database=authority";
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
|
||||
|
||||
@@ -107,9 +107,9 @@ public sealed class AuthorityWebApplicationFactory : WebApplicationFactory<Progr
|
||||
services.RemoveAll<IAuthorityRevocationExportStateStore>();
|
||||
services.RemoveAll<IAuthoritySessionAccessor>();
|
||||
|
||||
services.AddAuthorityMongoStorage(options =>
|
||||
services.AddAuthorityInMemoryStorage(options =>
|
||||
{
|
||||
options.ConnectionString = "mongodb://localhost/authority-tests";
|
||||
options.ConnectionString = "Host=localhost;Database=authority-tests";
|
||||
options.DatabaseName = "authority-tests";
|
||||
});
|
||||
});
|
||||
|
||||
@@ -120,7 +120,7 @@ public sealed class AuthorityAckTokenIssuerTests
|
||||
return new StellaOpsAuthorityOptions
|
||||
{
|
||||
Issuer = new Uri("https://authority.test"),
|
||||
Storage = { ConnectionString = "mongodb://localhost/test" },
|
||||
Storage = { ConnectionString = "Host=localhost;Database=test" },
|
||||
Notifications =
|
||||
{
|
||||
AckTokens =
|
||||
|
||||
@@ -81,7 +81,7 @@ public sealed class AuthorityAckTokenKeyManagerTests
|
||||
return new StellaOpsAuthorityOptions
|
||||
{
|
||||
Issuer = new Uri("https://authority.test"),
|
||||
Storage = { ConnectionString = "mongodb://localhost/test" },
|
||||
Storage = { ConnectionString = "Host=localhost;Database=test" },
|
||||
Notifications =
|
||||
{
|
||||
AckTokens =
|
||||
|
||||
@@ -44,7 +44,7 @@ public sealed class AuthorityWebhookAllowlistEvaluatorTests
|
||||
return new StellaOpsAuthorityOptions
|
||||
{
|
||||
Issuer = new Uri("https://authority.test"),
|
||||
Storage = { ConnectionString = "mongodb://localhost/test" },
|
||||
Storage = { ConnectionString = "Host=localhost;Database=test" },
|
||||
Notifications =
|
||||
{
|
||||
Webhooks =
|
||||
|
||||
@@ -550,7 +550,7 @@ public class ClientCredentialsHandlersTests
|
||||
await validateHandler.HandleAsync(validateContext);
|
||||
Assert.False(validateContext.IsRejected);
|
||||
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handleHandler = new HandleClientCredentialsHandler(
|
||||
registry,
|
||||
tokenStore,
|
||||
@@ -2485,7 +2485,7 @@ public class ClientCredentialsHandlersTests
|
||||
await validateHandler.HandleAsync(validateContext);
|
||||
Assert.False(validateContext.IsRejected);
|
||||
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handleHandler = new HandleClientCredentialsHandler(
|
||||
registry,
|
||||
tokenStore,
|
||||
@@ -2691,14 +2691,14 @@ public class ClientCredentialsHandlersTests
|
||||
var handleHandler = new HandleClientCredentialsHandler(
|
||||
registry,
|
||||
tokenStore,
|
||||
new NullMongoSessionAccessor(),
|
||||
new NullSessionAccessor(),
|
||||
rateMetadata,
|
||||
TimeProvider.System,
|
||||
TestInstruments.ActivitySource,
|
||||
NullLogger<HandleClientCredentialsHandler>.Instance);
|
||||
var persistHandler = new PersistTokensHandler(
|
||||
tokenStore,
|
||||
new NullMongoSessionAccessor(),
|
||||
new NullSessionAccessor(),
|
||||
TimeProvider.System,
|
||||
TestInstruments.ActivitySource,
|
||||
NullLogger<PersistTokensHandler>.Instance);
|
||||
@@ -2742,7 +2742,7 @@ public class ClientCredentialsHandlersTests
|
||||
var tokenStore = new TestTokenStore();
|
||||
var persistHandler = new PersistTokensHandler(
|
||||
tokenStore,
|
||||
new NullMongoSessionAccessor(),
|
||||
new NullSessionAccessor(),
|
||||
TimeProvider.System,
|
||||
TestInstruments.ActivitySource,
|
||||
NullLogger<PersistTokensHandler>.Instance);
|
||||
@@ -2799,7 +2799,7 @@ public class ClientCredentialsHandlersTests
|
||||
options.Security.SenderConstraints.Dpop.Nonce.RequiredAudiences.Add("signer");
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost/test";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=test";
|
||||
Assert.Contains("signer", options.Security.SenderConstraints.Dpop.Nonce.RequiredAudiences);
|
||||
|
||||
var clientDocument = CreateClient(
|
||||
@@ -2944,7 +2944,7 @@ public class ClientCredentialsHandlersTests
|
||||
options.Security.SenderConstraints.Mtls.AllowedSanTypes.Clear();
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost/test";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=test";
|
||||
|
||||
var clientDocument = CreateClient(
|
||||
secret: "s3cr3t!",
|
||||
@@ -3009,7 +3009,7 @@ public class ClientCredentialsHandlersTests
|
||||
options.Security.SenderConstraints.Mtls.Enabled = true;
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost/test";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=test";
|
||||
|
||||
var clientDocument = CreateClient(
|
||||
secret: "s3cr3t!",
|
||||
@@ -3151,7 +3151,7 @@ public class ClientCredentialsHandlersTests
|
||||
var descriptor = CreateDescriptor(clientDocument);
|
||||
var registry = CreateRegistry(withClientProvisioning: true, clientDescriptor: descriptor);
|
||||
var tokenStore = new TestTokenStore();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var authSink = new TestAuthEventSink();
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var serviceAccountStore = new TestServiceAccountStore();
|
||||
@@ -3240,7 +3240,7 @@ public class ClientCredentialsHandlersTests
|
||||
|
||||
var registry = CreateRegistry(withClientProvisioning: true, clientDescriptor: CreateDescriptor(clientDocument));
|
||||
var tokenStore = new TestTokenStore();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var authSink = new TestAuthEventSink();
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var serviceAccountStore = new TestServiceAccountStore(serviceAccount);
|
||||
@@ -3323,7 +3323,7 @@ public class ClientCredentialsHandlersTests
|
||||
|
||||
var registry = CreateRegistry(withClientProvisioning: true, clientDescriptor: CreateDescriptor(clientDocument));
|
||||
var tokenStore = new TestTokenStore();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var authSink = new TestAuthEventSink();
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var serviceAccountStore = new TestServiceAccountStore(serviceAccount);
|
||||
@@ -3424,7 +3424,7 @@ public class ClientCredentialsHandlersTests
|
||||
|
||||
var registry = CreateRegistry(withClientProvisioning: true, clientDescriptor: CreateDescriptor(clientDocument));
|
||||
var tokenStore = new TestTokenStore();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var authSink = new TestAuthEventSink();
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var serviceAccountStore = new TestServiceAccountStore(serviceAccount);
|
||||
@@ -3498,7 +3498,7 @@ public class TokenValidationHandlersTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -3548,7 +3548,7 @@ public class TokenValidationHandlersTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -3603,7 +3603,7 @@ public class TokenValidationHandlersTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -3654,7 +3654,7 @@ public class TokenValidationHandlersTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -3704,7 +3704,7 @@ public class TokenValidationHandlersTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -3755,7 +3755,7 @@ public class TokenValidationHandlersTests
|
||||
|
||||
var metadataAccessorSuccess = new TestRateLimiterMetadataAccessor();
|
||||
var auditSinkSuccess = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
new TestTokenStore(),
|
||||
sessionAccessor,
|
||||
@@ -3812,7 +3812,7 @@ public class TokenValidationHandlersTests
|
||||
var registry = CreateRegistry(withClientProvisioning: false, clientDescriptor: null);
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -3886,7 +3886,7 @@ public class TokenValidationHandlersTests
|
||||
clientDocument.ClientId = "agent";
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var registry = CreateRegistry(withClientProvisioning: false, clientDescriptor: null);
|
||||
var sessionAccessorReplay = new NullMongoSessionAccessor();
|
||||
var sessionAccessorReplay = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessorReplay,
|
||||
@@ -3939,7 +3939,7 @@ public class AuthorityClientCertificateValidatorTests
|
||||
options.Security.SenderConstraints.Mtls.AllowedSanTypes.Add("uri");
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost/test";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=test";
|
||||
|
||||
using var rsa = RSA.Create(2048);
|
||||
var request = new CertificateRequest("CN=mtls-client", rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
|
||||
@@ -3977,7 +3977,7 @@ public class AuthorityClientCertificateValidatorTests
|
||||
options.Security.SenderConstraints.Mtls.RotationGrace = TimeSpan.FromMinutes(5);
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost/test";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=test";
|
||||
|
||||
using var rsa = RSA.Create(2048);
|
||||
var request = new CertificateRequest("CN=mtls-client", rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
|
||||
@@ -4017,7 +4017,7 @@ public class AuthorityClientCertificateValidatorTests
|
||||
options.Security.SenderConstraints.Mtls.RequireChainValidation = false;
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost/test";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=test";
|
||||
|
||||
using var rsa = RSA.Create(2048);
|
||||
var request = new CertificateRequest("CN=mtls-client", rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
|
||||
@@ -4055,7 +4055,7 @@ public class AuthorityClientCertificateValidatorTests
|
||||
options.Security.SenderConstraints.Mtls.RequireChainValidation = false;
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost/test";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=test";
|
||||
|
||||
using var rsa = RSA.Create(2048);
|
||||
var request = new CertificateRequest("CN=mtls-client", rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
|
||||
@@ -4475,7 +4475,7 @@ internal sealed class StubCertificateValidator : IAuthorityClientCertificateVali
|
||||
}
|
||||
}
|
||||
|
||||
internal sealed class NullMongoSessionAccessor : IAuthoritySessionAccessor
|
||||
internal sealed class NullSessionAccessor : IAuthoritySessionAccessor
|
||||
{
|
||||
public IClientSessionHandle? CurrentSession => null;
|
||||
|
||||
@@ -4506,7 +4506,7 @@ public class ObservabilityIncidentTokenHandlerTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -4562,7 +4562,7 @@ public class ObservabilityIncidentTokenHandlerTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -4620,7 +4620,7 @@ public class ObservabilityIncidentTokenHandlerTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -4682,7 +4682,7 @@ public class ObservabilityIncidentTokenHandlerTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -4818,7 +4818,7 @@ public class ObservabilityIncidentTokenHandlerTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -4879,7 +4879,7 @@ public class ObservabilityIncidentTokenHandlerTests
|
||||
|
||||
var metadataAccessor = new TestRateLimiterMetadataAccessor();
|
||||
var auditSink = new TestAuthEventSink();
|
||||
var sessionAccessor = new NullMongoSessionAccessor();
|
||||
var sessionAccessor = new NullSessionAccessor();
|
||||
var handler = new ValidateAccessTokenHandler(
|
||||
tokenStore,
|
||||
sessionAccessor,
|
||||
@@ -5166,7 +5166,7 @@ internal static class TestHelpers
|
||||
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost/test";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=test";
|
||||
|
||||
configure?.Invoke(options);
|
||||
return options;
|
||||
|
||||
@@ -780,7 +780,7 @@ public class PasswordGrantHandlersTests
|
||||
};
|
||||
options.Signing.ActiveKeyId = "test-key";
|
||||
options.Signing.KeyPath = "/tmp/test-key.pem";
|
||||
options.Storage.ConnectionString = "mongodb://localhost:27017/authority";
|
||||
options.Storage.ConnectionString = "Host=localhost;Port=5432;Database=authority";
|
||||
|
||||
configure?.Invoke(options);
|
||||
return options;
|
||||
|
||||
@@ -40,7 +40,7 @@ public sealed class VulnPermalinkServiceTests
|
||||
var options = new StellaOpsAuthorityOptions
|
||||
{
|
||||
Issuer = new Uri("https://authority.test"),
|
||||
Storage = { ConnectionString = "mongodb://localhost/test" },
|
||||
Storage = { ConnectionString = "Host=localhost;Database=test" },
|
||||
Signing =
|
||||
{
|
||||
Enabled = true,
|
||||
|
||||
@@ -88,7 +88,7 @@ public class AuthorityRateLimiterIntegrationTests
|
||||
Issuer = new Uri("https://authority.integration.test"),
|
||||
SchemaVersion = 1
|
||||
};
|
||||
options.Storage.ConnectionString = "mongodb://localhost/authority";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=authority";
|
||||
|
||||
configure?.Invoke(options);
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ public class AuthorityRateLimiterTests
|
||||
SchemaVersion = 1
|
||||
};
|
||||
|
||||
options.Storage.ConnectionString = "mongodb://localhost/authority";
|
||||
options.Storage.ConnectionString = "Host=localhost;Database=authority";
|
||||
return options;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -119,7 +119,7 @@ public sealed class AuthorityJwksServiceTests
|
||||
Issuer = new Uri("https://authority.test"),
|
||||
Storage =
|
||||
{
|
||||
ConnectionString = "mongodb://localhost/test"
|
||||
ConnectionString = "Host=localhost;Database=test"
|
||||
},
|
||||
Signing =
|
||||
{
|
||||
|
||||
@@ -34,7 +34,7 @@ public sealed class AuthoritySigningKeyManagerTests
|
||||
var options = new StellaOpsAuthorityOptions
|
||||
{
|
||||
Issuer = new Uri("https://authority.test"),
|
||||
Storage = { ConnectionString = "mongodb://localhost/test" },
|
||||
Storage = { ConnectionString = "Host=localhost;Database=test" },
|
||||
Signing =
|
||||
{
|
||||
Enabled = true,
|
||||
|
||||
@@ -10,7 +10,7 @@ internal static class TestEnvironment
|
||||
OpenSslLegacyShim.EnsureOpenSsl11();
|
||||
|
||||
Environment.SetEnvironmentVariable("STELLAOPS_AUTHORITY_ISSUER", "https://authority.test");
|
||||
Environment.SetEnvironmentVariable("STELLAOPS_AUTHORITY_STORAGE__CONNECTIONSTRING", "mongodb://localhost/authority");
|
||||
Environment.SetEnvironmentVariable("STELLAOPS_AUTHORITY_STORAGE__CONNECTIONSTRING", "Host=localhost;Database=authority");
|
||||
Environment.SetEnvironmentVariable("STELLAOPS_AUTHORITY_SIGNING__ENABLED", "false");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -19,7 +19,7 @@ using Microsoft.Net.Http.Headers;
|
||||
using OpenIddict.Abstractions;
|
||||
using OpenIddict.Server;
|
||||
using OpenIddict.Server.AspNetCore;
|
||||
// MongoDB.Driver removed - using PostgreSQL storage with Mongo compatibility shim
|
||||
// Using PostgreSQL storage with in-memory compatibility shim
|
||||
using Serilog;
|
||||
using Serilog.Events;
|
||||
using StellaOps.Authority;
|
||||
|
||||
@@ -18,7 +18,7 @@
|
||||
<PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.12.0" />
|
||||
<PackageReference Include="Serilog.AspNetCore" Version="8.0.1" />
|
||||
<PackageReference Include="Serilog.Sinks.Console" Version="5.0.1" />
|
||||
<PackageReference Include="StackExchange.Redis" Version="2.8.24" />
|
||||
<PackageReference Include="StackExchange.Redis" Version="2.8.37" />
|
||||
<PackageReference Include="YamlDotNet" Version="13.7.1" />
|
||||
<ProjectReference Include="..\StellaOps.Authority.Plugins.Abstractions\StellaOps.Authority.Plugins.Abstractions.csproj" />
|
||||
<ProjectReference Include="..\StellaOps.Authority.Plugin.Standard\StellaOps.Authority.Plugin.Standard.csproj" />
|
||||
|
||||
@@ -67,7 +67,7 @@ public static class ServiceCollectionExtensions
|
||||
services.AddScoped<ITokenRepository>(sp => sp.GetRequiredService<TokenRepository>());
|
||||
services.AddScoped<IRefreshTokenRepository>(sp => sp.GetRequiredService<RefreshTokenRepository>());
|
||||
|
||||
// Mongo-store equivalents (PostgreSQL-backed)
|
||||
// Additional stores (PostgreSQL-backed)
|
||||
services.AddScoped<BootstrapInviteRepository>();
|
||||
services.AddScoped<ServiceAccountRepository>();
|
||||
services.AddScoped<ClientRepository>();
|
||||
|
||||
Reference in New Issue
Block a user