phil/Gondulf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(phase-4a): complete Phase 3 implementation and gap analysis

Browse Source 
Merges Phase 4a work including:

Implementation:
- Metadata discovery endpoint (/api/.well-known/oauth-authorization-server)
- h-app microformat parser service
- Enhanced authorization endpoint with client info display
- Configuration management system
- Dependency injection framework

Documentation:
- Comprehensive gap analysis for v1.0.0 compliance
- Phase 4a clarifications on development approach
- Phase 4-5 critical components breakdown

Testing:
- Unit tests for h-app parser (308 lines, comprehensive coverage)
- Unit tests for metadata endpoint (134 lines)
- Unit tests for configuration system (18 lines)
- Integration test updates

All tests passing with high coverage. Ready for Phase 4b security hardening.
This commit is contained in:
Phil Skentelbery
2025-11-20 17:16:11 -07:00
parent 5888e45b8c
commit 115e733604
18 changed files with 5815 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
tests/unit/test_config.py
View File

@@ -16,6 +16,7 @@ class TestConfigLoad:
def test_load_with_valid_secret_key(self, monkeypatch):
"""Test configuration loads successfully with valid SECRET_KEY."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
Config.load()
assert Config.SECRET_KEY == "a" * 32
@@ -28,12 +29,14 @@ class TestConfigLoad:
def test_load_short_secret_key_raises_error(self, monkeypatch):
"""Test that SECRET_KEY shorter than 32 chars raises error."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "short")
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
with pytest.raises(ConfigurationError, match="at least 32 characters"):
Config.load()
def test_load_database_url_default(self, monkeypatch):
"""Test DATABASE_URL defaults to sqlite:///./data/gondulf.db."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.delenv("GONDULF_DATABASE_URL", raising=False)
Config.load()
assert Config.DATABASE_URL == "sqlite:///./data/gondulf.db"
@@ -41,6 +44,7 @@ class TestConfigLoad:
def test_load_database_url_custom(self, monkeypatch):
"""Test DATABASE_URL can be customized."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.setenv("GONDULF_DATABASE_URL", "sqlite:////tmp/test.db")
Config.load()
assert Config.DATABASE_URL == "sqlite:////tmp/test.db"
@@ -48,6 +52,7 @@ class TestConfigLoad:
def test_load_smtp_configuration_defaults(self, monkeypatch):
"""Test SMTP configuration uses sensible defaults."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
for key in [
"GONDULF_SMTP_HOST",
"GONDULF_SMTP_PORT",
@@ -70,6 +75,7 @@ class TestConfigLoad:
def test_load_smtp_configuration_custom(self, monkeypatch):
"""Test SMTP configuration can be customized."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.setenv("GONDULF_SMTP_HOST", "smtp.gmail.com")
monkeypatch.setenv("GONDULF_SMTP_PORT", "465")
monkeypatch.setenv("GONDULF_SMTP_USERNAME", "user@gmail.com")
@@ -89,6 +95,7 @@ class TestConfigLoad:
def test_load_token_expiry_default(self, monkeypatch):
"""Test TOKEN_EXPIRY defaults to 3600 seconds."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.delenv("GONDULF_TOKEN_EXPIRY", raising=False)
Config.load()
assert Config.TOKEN_EXPIRY == 3600
@@ -96,6 +103,7 @@ class TestConfigLoad:
def test_load_code_expiry_default(self, monkeypatch):
"""Test CODE_EXPIRY defaults to 600 seconds."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.delenv("GONDULF_CODE_EXPIRY", raising=False)
Config.load()
assert Config.CODE_EXPIRY == 600
@@ -103,6 +111,7 @@ class TestConfigLoad:
def test_load_token_expiry_custom(self, monkeypatch):
"""Test TOKEN_EXPIRY can be customized."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.setenv("GONDULF_TOKEN_EXPIRY", "7200")
Config.load()
assert Config.TOKEN_EXPIRY == 7200
@@ -110,6 +119,7 @@ class TestConfigLoad:
def test_load_log_level_default_production(self, monkeypatch):
"""Test LOG_LEVEL defaults to INFO in production mode."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.delenv("GONDULF_LOG_LEVEL", raising=False)
monkeypatch.delenv("GONDULF_DEBUG", raising=False)
Config.load()
@@ -119,6 +129,7 @@ class TestConfigLoad:
def test_load_log_level_default_debug(self, monkeypatch):
"""Test LOG_LEVEL defaults to DEBUG when DEBUG=true."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.delenv("GONDULF_LOG_LEVEL", raising=False)
monkeypatch.setenv("GONDULF_DEBUG", "true")
Config.load()
@@ -128,6 +139,7 @@ class TestConfigLoad:
def test_load_log_level_custom(self, monkeypatch):
"""Test LOG_LEVEL can be customized."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.setenv("GONDULF_LOG_LEVEL", "WARNING")
Config.load()
assert Config.LOG_LEVEL == "WARNING"
@@ -135,6 +147,7 @@ class TestConfigLoad:
def test_load_invalid_log_level_raises_error(self, monkeypatch):
"""Test invalid LOG_LEVEL raises ConfigurationError."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
monkeypatch.setenv("GONDULF_LOG_LEVEL", "INVALID")
with pytest.raises(ConfigurationError, match="must be one of"):
Config.load()
@@ -146,12 +159,14 @@ class TestConfigValidate:
def test_validate_valid_configuration(self, monkeypatch):
"""Test validation passes with valid configuration."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
Config.load()
Config.validate() # Should not raise
def test_validate_smtp_port_too_low(self, monkeypatch):
"""Test validation fails when SMTP_PORT < 1."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
Config.load()
Config.SMTP_PORT = 0
with pytest.raises(ConfigurationError, match="must be between 1 and 65535"):
@@ -160,6 +175,7 @@ class TestConfigValidate:
def test_validate_smtp_port_too_high(self, monkeypatch):
"""Test validation fails when SMTP_PORT > 65535."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
Config.load()
Config.SMTP_PORT = 70000
with pytest.raises(ConfigurationError, match="must be between 1 and 65535"):
@@ -168,6 +184,7 @@ class TestConfigValidate:
def test_validate_token_expiry_negative(self, monkeypatch):
"""Test validation fails when TOKEN_EXPIRY < 300."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
Config.load()
Config.TOKEN_EXPIRY = -1
with pytest.raises(ConfigurationError, match="must be at least 300 seconds"):
@@ -176,6 +193,7 @@ class TestConfigValidate:
def test_validate_code_expiry_zero(self, monkeypatch):
"""Test validation fails when CODE_EXPIRY <= 0."""
monkeypatch.setenv("GONDULF_SECRET_KEY", "a" * 32)
monkeypatch.setenv("GONDULF_BASE_URL", "https://auth.example.com")
Config.load()
Config.CODE_EXPIRY = 0
with pytest.raises(ConfigurationError, match="must be positive"):