test(e2e): token-auth sync roundtrip with gateway-minted token#56
Merged
Conversation
Add test_token_auth: mints a user token from the weblite gateway (POST /v2/tokens, authenticated with INTEGRATION_TEST_APIKEY) via the curl CLI, then runs the same sync roundtrip as test_init authenticated with cloudsync_network_set_token instead of the apikey. Uses a fixed, obviously-synthetic userId and a 24h expiry so repeated runs don't leave live credentials behind. Skips when INTEGRATION_TEST_WEBLITE_ADDRESS is not set; CI passes the new secret through env, docker and android legs. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…flict) Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
test_token_authto the e2e suite: the token authentication path (cloudsync_network_set_token) previously had no automated coverage — only the apikey path was tested end-to-end.POST /v2/tokens, authenticated withINTEGRATION_TEST_APIKEYas Bearer) via thecurlCLI, since the test binary is built without networking. It always uses the same obviously-synthetic userId (e2e7e57e-0000-4000-8000-000000000001), a 24hexpiresAtso repeated runs don't leave live credentials behind, and no attributes.cloudsync_network_syncreceives rows.INTEGRATION_TEST_WEBLITE_ADDRESSis not set.integration_network_initis split into a base (address/init) + apikey wrapper so the token test reuses the init logic; existing tests unchanged.main.ymlpassesINTEGRATION_TEST_WEBLITE_ADDRESSthrough the job env, the arm64 docker container, and the Android emulator script. TheINTEGRATION_TEST_WEBLITE_ADDRESSrepo secret must be added for the test to run in CI; until then it reports SKIPPED.Testing
make e2e: Token Auth Test OK on every run. Note: Chunked Capped Receive currently fails on unmodifiedmainas well (pre-existing, unrelated to this branch).🤖 Generated with Claude Code