HYPERFLEET-1303 - feat: add JWT authentication E2E test suite#147
HYPERFLEET-1303 - feat: add JWT authentication E2E test suite#147kuudori wants to merge 1 commit into
Conversation
Add new e2e/auth/ test suite validating JWT authentication enforcement, multi-issuer identity, token renewal, and upgrade path configuration. New files: - e2e/auth/helpers.go: RequestEditorFn helpers (withoutAuth, withBearerToken) and JWT crafting utilities for negative auth tests - e2e/auth/jwt_enforcement.go: Tier0 tests for unauthenticated, invalid signature, expired, and malformed token rejection - e2e/auth/multi_issuer.go: Tier0 tests for audit field population, unconfigured issuer rejection, multi-SA acceptance, adapter identity - e2e/auth/token_renewal.go: Tier1 tests for Sentinel and Adapter token refresh across reconciliation cycles - e2e/auth/upgrade_path.go: Tier0 test validating all 4 JWT upgrade config items in a single end-to-end flow Supporting changes: - pkg/helper/matchers.go: HaveRFC9457Error matcher for RFC 9457 Problem Details validation with mime.ParseMediaType content-type checking - pkg/helper/matchers_test.go: unit tests for HaveRFC9457Error - pkg/labels/labels.go: Auth label for test filtering - e2e/e2e.go: register auth suite via blank import - go.mod/go.sum: add golang-jwt/jwt/v5 dependency
|
Skipping CI for Draft Pull Request. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
Important Review skippedAuto reviews are limited based on label configuration. 🚫 Review skipped — only excluded labels are configured. (2)
Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Central YAML (base), Organization UI (inherited) Review profile: CHILL Plan: Enterprise Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
✨ Simplify code
Comment |
What
Add new
e2e/auth/test suite validating JWT authentication enforcement, multi-issuer identity, token renewal, and upgrade path configuration.Why
HYPERFLEET-1303 requires E2E validation that JWT authentication is correctly enforced across the deployed HyperFleet system - covering unauthenticated rejection, invalid tokens, multi-issuer support, token renewal across reconciliation cycles, and upgrade path configuration.
Changes
New test files (
e2e/auth/)RequestEditorFnhelpers (withoutAuth,withBearerToken) that override the client's default auth header, plus JWT crafting utilities for negative auth testsSupporting changes
HaveRFC9457ErrorGomega matcher for RFC 9457 Problem Details validation with exact media type checking viamime.ParseMediaTypeHaveRFC9457ErrorAuthlabel for test filteringgolang-jwt/jwt/v5dependencyAcceptance Criteria
make checkpasses (vet, lint, unit tests)