CVGreeter/welcome-to-codevalet-as-a-contributor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9b15d5fed0e6a7a11267e78a0df8ed02c56c47b5
welcome-to-codevalet-as-a-c…/tests
History
Nathan Trudeau 9b15d5fed0 Fix ports examples and refs
2026-04-29 09:39:59 -04:00
..
__init__.py
Initial Commit
2026-04-19 17:11:58 -04:00
mock_oidc_server.py
Initial Commit
2026-04-19 17:11:58 -04:00
README.md
Rewrite onboarding prose to a neutral voice
2026-04-26 12:26:19 -04:00
test_doctor.sh
Rewrite onboarding prose to a neutral voice
2026-04-26 12:26:19 -04:00
test_forge_auth_integration.py
Rewrite onboarding prose to a neutral voice
2026-04-26 12:26:19 -04:00
test_forge_auth_integration.sh
Initial Commit
2026-04-19 17:11:58 -04:00
test_forge_auth.py
Handle grant scope mismatches in login
2026-04-27 16:01:36 -04:00
test_git_credential_forge.py
Fix ports examples and refs
2026-04-29 09:39:59 -04:00
test_next_steps.sh
Initial Commit
2026-04-19 17:11:58 -04:00
test_setup_args.sh
Initial Commit
2026-04-19 17:11:58 -04:00

README.md

Tests

Deterministic and hermetic. Integration tests stand up a local mock OIDC/OAuth2 server on an ephemeral port; no traffic to a real Gitea.

just test                                              # full suite
python3 -m unittest discover -t . -s tests -p 'test_*.py' -v
bash tests/test_forge_auth_integration.sh
bash tests/test_setup_args.sh
bash tests/test_doctor.sh

Inventory

  • test_forge_auth.py: scripts/forge_auth.py unit tests: PKCE pair generation, HMAC state signing + CSRF rejection, ForgeAuthConfig.from_env validation (loopback-only redirect, missing port, missing env vars, FORGE_GITEA_USERNAME propagation), build_authorize_url with prompt=login and login_hint, build_gitea_logout_url, AuthFile read/write/merge/has_live_gitea_token, auth_store_path precedence, run_logout, main() dispatcher.

  • test_git_credential_forge.py: scripts/git-credential-forge.py unit tests: credential protocol I/O, host/scheme/port matching, live-token fast-path, pass-through for missing store or non-matching host, expired-token refresh, refresh-failure handling, store/erase no-ops, main() dispatcher.

  • test_forge_auth_integration.py: end-to-end Python integration tests against tests/mock_oidc_server.py: full PKCE flow, gateway-required schema on disk, idempotent re-login, refresh token rotation with server-side revocation, logout preserving gateway-bearer fields.

  • test_forge_auth_integration.sh: shell end-to-end: drives forge_auth.py login against the mock server, installs the credential helper into a sandboxed $HOME, and exercises git credential fill. Covers URL matching, github.com non-leakage, rotated-token pickup, just logout teardown, and the username-mismatch guard (login fails, auth file untouched, Gitea logout URL surfaced, authorise URL carries prompt=login + login_hint).

  • test_setup_args.sh: scripts/setup.sh coverage: argument parsing, --help, --headless wiring to forge_login.sh --no-browser, the --headless + FORGE_SETUP_YES=1 hang guard, live-token reuse, silent-refresh rescue, prompt_choice non-tty stdout isolation.

  • test_doctor.sh: scripts/doctor.sh: miss-path under a sandboxed PATH, asserts every [MISS] line is followed by a fix: line.

  • mock_oidc_server.py: test fixture implementing /.well-known/openid-configuration, /login/oauth/authorize, /login/oauth/access_token, /login/oauth/userinfo. PKCE verification on authorization_code; rotation + revocation on refresh_token.

Adding tests

  • Python: drop test_*.py in this directory, use unittest, stdlib only.
  • Shell: executable, deterministic, non-interactive. Use ephemeral ports via python3 -c 'import socket; ...' and sandbox $HOME with mktemp -d.
Reference in New Issue View Git Blame Copy Permalink