Skip to content

Improve our approach for testing auth (part 2) - basicAuth #9983

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jNullj merged 70 commits into from
Jan 11, 2026
Merged

Improve our approach for testing auth (part 2) - basicAuth #9983

jNullj merged 70 commits into from
Jan 11, 2026

Conversation

@jNullj
Copy link
Member

@jNullj jNullj commented Feb 22, 2024
edited
Loading

This PR is follow-up for #9681 and helps to reach the goal of #9493

This PR will include refactor of all basicAuth services:

Additional changes to authTest:
4d57607 - Add exampleOverride
f156762 - Add authOverride
cd6c65b - Add configOverrid
cf34fae - Split invoke params into path and query
a713669 - Improve error handling, Throw error when service auth key is missing
99a01e1 - Handle case of userKey without passKey
74554d7 - Add option to ignore openApi example in testAuth
8c38355 - Handle auth.defaultToEmptyStringForUser
57163eb - Add support for multiple requests in service

jNullj added 30 commits October 24, 2023 00:08
@jNullj
improve stackexchange auth testing
764582e 
Change auth tests to include all shields of the base class.
The code is formated to be used in more general cases and increases code reuseability.
@jNullj
Merge branch 'master' into feat/9493/improve-auth-testing
2e913a7
@jNullj
Merge branch 'badges:master' into feat/9493/improve-auth-testing
ae1a231
@jNullj
Merge branch 'badges:master' into feat/9493/improve-auth-testing
b2c2a18
@jNullj
Remove dummy auth test
9dd597d 
We already test all existing classes, no need for a dummy
@jNullj
Add getBadgeExampleCall to test-helpers
7bc3cc0 
Add getBadgeExampleCall to extract the first OpenAPI example then reformat it for service invoke function.
@jNullj
Use getBadgeExampleCall in stackexchange-base tests
f6da3af
@jNullj
Fix getBadgeExampleCall Errors
31c3f94
@jNullj
Add testAuth to test-helpers
18ec387 
Add the testAuth function which tests auth of a service (badge) using a provided dummy response.
@jNullj
Refactor stackexchange-base.spec.js to use testAuth from test-helpers
1688e58
@jNullj
Split stackexchange-base.spec into per service test file
609c017
@jNullj
Add all auth methods to testAuth
ffc7800 
Add all auth methods used to testAuth to be generic and used by all services.
Add helper functions to make testAuth more readable
@jNullj
Handle non-default bearer and api headers
3e5c98d
@jNullj
Add discord.spec.js as first attempt for bearer auth
876708f
@jNullj
Merge branch 'badges:master' into feat/9493/improve-auth-testing
1ddd577
@jNullj
Fix basic auth user
c41f60f
@jNullj
Add dynamic authorizedOrigins
f4cc1af
@jNullj
Add header optional argument
b471c5c
@jNullj
Add obs as basicAuth example
7aadc10
@jNullj
Use apiHeaderKey and bearerHeaderKey function params
79dc536 
Use apiHeaderKey & bearerHeaderKey as function params rather then extracting them with regex from function strings.

Those options are now part of an options object param joined with the contentType that replaces header.

header was originaly added for setting content type of the reply, so it makes more sense to directly set the content type
@jNullj
Remove old comment
d1435c2
@jNullj
Allow any pass & user key for QueryStringAuth
a53f716 
Before this commit the QueryStringAuth would only work for the key of stackexchange.
This commit makes the testAuth function generic and allows passing user and pass keys.
@jNullj
Add auth test for PepyDownloads
14d0789
@jNullj
Fix wrong header for jwt login
d22de8a 
Might set wrong header for jwt login request.
This commit fixes that.
@jNullj
Support multiple authOrigins in testAuth
50f4144 
Some services might have more then one authOrigin.
This commit makes sure we test for redundent authOrigins as well as support requests to them if needed.
@jNullj
Add docker-automated auth test
2d310bd
@jNullj
Fix JwtAuth testing by introducing mandatory jwtLoginEndpoint
1b79b4c 
Prior to this change, JwtAuth testing would lead to erros due to the absence of a specified login endpoint,
Nock would be dumplicated for both login and non login hosts and indicate a missing request.

This commit enforces the requirement for a new jwtLoginEndpoint argument when testing JwtAuth.
The argument seperates the endpoint nock scope from the behavior of the request nock.
@jNullj
Merge branch 'badges:master' into feat/9493/improve-auth-testing
419bd01
@jNullj
Fix type test in generateFakeConfig
a2b838c
@jNullj
Merge branch 'badges:master' into feat/9493/improve-auth-testing
2590482
jNullj added 2 commits October 3, 2024 15:19
@jNullj
Update jenkinsCoverage response
73b3e14 
Example changed at 62ed7c3
The new example schema differ from old one
This caused test to fail
Update example response to fit new schema
@jNullj
remove BitbucketPullReuqest tests
1fdf395 
remove for adding these changes in a later PR.
this test adds the authOverride we try to get rid of.
This blocks testAuth development and is planned for a later time.
jNullj added a commit to jNullj/shields-fun-fork that referenced this pull request Oct 3, 2024
@jNullj
Add bitbucket tests with authoverride
99b8f69 
part of Improve our approach for testing auth badges#9493
seperated from PR badges#9983 for work in a later time
@jNullj
Copy link
Member Author

jNullj commented Oct 3, 2024
edited
Loading

I've been working 12-hour days recently, making it hard to complete tasks. With the holidays, I found time to finish this work.

Future PRs will be smaller to avoid bottlenecks.

I've removed Bitbucket as suggested and moved those changes to a separate branch. Although authOverride is currently unused, I've kept it in case we need it for other services until a better solution is found.

@jNullj jNullj marked this pull request as ready for review October 3, 2024 13:49
@jNullj jNullj requested a review from chris48s October 3, 2024 13:50
@PyvesB
Copy link
Member

PyvesB commented Sep 27, 2025

@jNullj shall we try to land this one? If so, could you please update it with latest revision, and I'll give it a look in the coming weeks. Worth noting that I added auth support for Reddit in #10790, and maybe other services were updated as well. This PR may require some additional changes.

Although authOverride is currently unused, I've kept it in case we need it for other services until a better solution is found.

In general, my philosophy is to keep things simple until we really need something. Especially in a world where so few people can dedicate time to the project. But up to you :)

@jNullj
Copy link
Member Author

jNullj commented Sep 28, 2025

I prefer to cut the work into smaller chunks.
Can we stick to existing service tests? I will scan for missing ones and add them in part 3, just to keep these PR more manageable.
I will keep the function until all services are converted in case we need it, but i agree that we should not keep unused code, so once we reach the end of this change i will remove unused functions as well.

@PyvesB
Copy link
Member

PyvesB commented Sep 28, 2025

Works for me. Will give this a proper review in the coming days.

PyvesB
PyvesB reviewed Oct 5, 2025
View reviewed changes
Copy link
Member

@PyvesB PyvesB left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is starting to shape up nicely! Noticed a few minor issues whilst reading through the changes.

jNullj and others added 4 commits January 10, 2026 22:18
@jNullj
fix: fix wrong exception message & check order
ff52dd7
@jNullj @PyvesB
fix typo
308be1e 
Co-authored-by: Pierre-Yves Bigourdan <10694593+PyvesB@users.noreply.github.com>
@jNullj @PyvesB
fix typo cleanup -> clean up
505d636 
Co-authored-by: Pierre-Yves Bigourdan <10694593+PyvesB@users.noreply.github.com>
@jNullj @PyvesB
fix exception error text 'object' -> 'boolean'
ed23542 
Co-authored-by: Pierre-Yves Bigourdan <10694593+PyvesB@users.noreply.github.com>
@jNullj
Copy link
Member Author

jNullj commented Jan 10, 2026

wops, sorry for the ping guys, i will fix that in a bit

@jNullj jNullj force-pushed the feat/9493/improve-auth-testing branch from 506e93b to ed23542 Compare January 10, 2026 20:29
jNullj added 6 commits January 10, 2026 22:29
@jNullj
Merge remote-tracking branch 'origin/master' into feat/9493/improve-a…
576839e 
…uth-testing
@jNullj
fix: return merged authorizedOrigins in getServiceClassAuthOrigin
29d89c9
@jNullj
update JenkinsTests origin
62c37b9 
Was outdated after merging with master.
This commit fixes origin test to openapi example.
@jNullj
fix(docs): docstring origins type
348c1b0
@jNullj
fix typo
33d2524
@jNullj
fix(auth): reduce strictness for JwtAuth test
3987d1d 
Avoid exact body match requirement.
We are only intrested in username and password values to match, not exact one to one object.
@jNullj jNullj requested a review from PyvesB January 10, 2026 21:26
@jNullj
Copy link
Member Author

jNullj commented Jan 10, 2026

Thank you for the review, i fixed all comments, also found some additional things to fix.
Merged master to keep this up to date.

@jNullj jNullj added this pull request to the merge queue Jan 11, 2026
Merged via the queue into badges:master with commit fcfbf89 Jan 11, 2026
19 checks passed
@jNullj jNullj deleted the feat/9493/improve-auth-testing branch January 11, 2026 19:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PyvesB PyvesB PyvesB approved these changes

@chris48s chris48s Awaiting requested review from chris48s

Assignees

No one assigned

Labels

core Server, BaseService, GitHub auth, Shared helpers developer-experience Dev tooling, test framework, and CI javascript [dependabot only] Pull requests that update Javascript packages

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jNullj @chris48s @PyvesB