Skip to content

feat: add authentication integration tests (Phase 2)#87

Merged
joshsmithxrm merged 3 commits intomainfrom
feature/integration-tests-phase2
Jan 2, 2026
Merged

feat: add authentication integration tests (Phase 2)#87
joshsmithxrm merged 3 commits intomainfrom
feature/integration-tests-phase2

Conversation

@joshsmithxrm
Copy link
Copy Markdown
Owner

@joshsmithxrm joshsmithxrm commented Jan 2, 2026

Summary

  • Add live integration tests for credential providers (Client Secret, Certificate, GitHub OIDC)
  • Add infrastructure for GitHub OIDC federated authentication testing
  • Add manual test procedures documentation for interactive auth methods

Changes

New Test Files

  • ClientSecretAuthenticationTests.cs - 6 tests
  • CertificateAuthenticationTests.cs - 7 tests
  • GitHubFederatedAuthenticationTests.cs - 6 tests
  • MANUAL_TESTING.md - Manual procedures for interactive/device code auth

Infrastructure

  • LiveTestConfiguration - GitHub OIDC detection, certificate temp file handling from base64
  • SkipIfNoGitHubOidcAttribute - Skip tests when not in GitHub Actions with OIDC
  • integration-tests.yml - Added id-token: write permission, use vars.* for non-secrets

Test Plan

  • Build passes locally
  • Unit tests pass locally
  • CI unit tests pass
  • CI integration tests pass (requires secrets/variables configured)

Configuration Required

Repository Variables:

  • DATAVERSE_URL
  • PPDS_TEST_APP_ID
  • PPDS_TEST_TENANT_ID

Repository Secrets:

  • PPDS_TEST_CLIENT_SECRET
  • PPDS_TEST_CERT_BASE64
  • PPDS_TEST_CERT_PASSWORD

Azure:

  • Federated credential for GitHub OIDC (entity type: Environment, name: test-dataverse)

Closes #55 (Phase 2)

🤖 Generated with Claude Code

@joshsmithxrm @claude
feat: add authentication integration tests (Phase 2)
8b22bc2 
Add live integration tests for credential providers:
- ClientSecretCredentialProvider tests (6 tests)
- CertificateFileCredentialProvider tests (7 tests)
- GitHubFederatedCredentialProvider tests (6 tests)

Infrastructure improvements:
- LiveTestConfiguration: GitHub OIDC detection, certificate temp file handling
- SkipIfNoGitHubOidcAttribute for OIDC-only tests
- integration-tests.yml: id-token permission for OIDC, vars for non-secrets

Documentation:
- MANUAL_TESTING.md for interactive/device code auth procedures

Closes #55 (Phase 2)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings January 2, 2026 11:08
@gemini-code-assist
Copy link
Copy Markdown

gemini-code-assist bot commented Jan 2, 2026

Summary of Changes

Hello @joshsmithxrm, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the testing capabilities for authentication providers by introducing live integration tests for client secret, certificate, and GitHub OIDC methods. It also includes the necessary infrastructure for GitHub OIDC testing within CI environments and comprehensive documentation for manually testing interactive and device code authentication flows, ensuring robust and verifiable authentication mechanisms.

Highlights

  • Live Integration Tests: Added live integration tests for Client Secret, Certificate, and GitHub OIDC credential providers to ensure robust authentication.
  • GitHub OIDC Infrastructure: Implemented the necessary infrastructure to support GitHub OIDC federated authentication testing within GitHub Actions.
  • Manual Test Documentation: Provided comprehensive documentation for manual testing procedures for interactive browser and device code authentication methods.
Ignored Files
  • Ignored by pattern: .github/workflows/** (1)
    • .github/workflows/integration-tests.yml
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Jan 2, 2026
View reviewed changes
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request is a great addition, providing valuable integration tests for the core authentication providers (Client Secret, Certificate, and GitHub OIDC). The tests are well-structured and cover success cases, property assertions, and error handling. The infrastructure for handling certificates from base64 strings and for skipping tests based on available credentials is also well-implemented. My feedback focuses on improving consistency in the test setup, particularly around resource management (IDisposable) and configuration handling, to make the test suite more robust and maintainable. I've also identified a couple of minor issues, such as a test method that can be simplified and a small bug in a test's verification logic.

Copilot AI reviewed Jan 2, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR implements Phase 2 of the integration testing strategy (issue #55) by adding live authentication tests for three credential providers: Client Secret, Certificate, and GitHub OIDC. The changes include comprehensive test coverage, infrastructure for OIDC detection and certificate handling, documentation for manual testing of interactive methods, and CI workflow updates to enable GitHub OIDC federated authentication.

Key changes:

  • Added live integration tests for Client Secret, Certificate, and GitHub OIDC credential providers with WhoAmI validation
  • Enhanced LiveTestConfiguration with certificate loading, GitHub OIDC detection, and IDisposable pattern for temp file cleanup
  • Updated CI workflow to support GitHub OIDC federated authentication with proper permissions and environment variables

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 9 comments.

Show a summary per file
File Description
tests/PPDS.LiveTests/Infrastructure/LiveTestConfiguration.cs Added IDisposable pattern, certificate path resolution from base64, GitHub OIDC environment variable detection, and helper methods for certificate loading
tests/PPDS.LiveTests/Infrastructure/SkipIfNoCredentialsAttribute.cs Added SkipIfNoGitHubOidcAttribute for conditional test execution based on GitHub Actions OIDC availability
tests/PPDS.LiveTests/Authentication/ClientSecretAuthenticationTests.cs New test file with 6 integration tests validating client secret authentication flow, token expiration, and error handling
tests/PPDS.LiveTests/Authentication/CertificateAuthenticationTests.cs New test file with 7 integration tests for certificate-based authentication including file loading and certificate validation
tests/PPDS.LiveTests/Authentication/GitHubFederatedAuthenticationTests.cs New test file with 6 integration tests for GitHub OIDC federated authentication specific to GitHub Actions environment
tests/PPDS.LiveTests/Authentication/MANUAL_TESTING.md Documentation for manual testing procedures covering interactive browser and device code authentication methods with troubleshooting guidance
src/PPDS.Auth/CHANGELOG.md Updated unreleased section documenting new integration tests and manual testing documentation
.github/workflows/integration-tests.yml Added id-token: write permission for GitHub OIDC and moved non-sensitive configuration to repository variables

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@joshsmithxrm @claude
fix: address bot review findings
83ecacb 
- Remove redundant _config field in CertificateAuthenticationTests, use inherited Configuration
- Change async methods without await to synchronous (SetsIdentityProperty tests)
- Add IDisposable to ClientSecretAuthenticationTests and GitHubFederatedAuthenticationTests
- Add missing GitHubOidcRequestToken check in Configuration_DetectsGitHubOidcEnvironment test
- Add XML doc remarks about caller disposal responsibility for LoadCertificate

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@joshsmithxrm @claude
docs: improve review-bot-comments to handle duplicates
baf71a3 
- Add "Duplicate" verdict for same issues reported by multiple bots
- Add note that ALL comments need replies, including duplicates
- Add reply template for duplicate findings
- Add verification step to confirm all comments addressed

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@joshsmithxrm joshsmithxrm merged commit 1b95a03 into main Jan 2, 2026
5 checks passed
@github-project-automation github-project-automation bot moved this from Todo to Done in PPDS Roadmap Jan 2, 2026
@joshsmithxrm joshsmithxrm deleted the feature/integration-tests-phase2 branch January 2, 2026 19:53
This was referenced Jan 2, 2026
Merged
Closed
@dependabot dependabot bot mentioned this pull request Jan 19, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

PPDS Roadmap
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add comprehensive integration testing infrastructure

2 participants

@joshsmithxrm