AgileWebs/thalos-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cbf38ac9f8
thalos-service/tests/Thalos.Service.Application.UnitTests/StartIdentitySessionUseCaseTests.cs
José René White Enciso 96c53d9dab feat(thalos-service): add canonical session flows 
Why: provide service-side canonical login/refresh orchestration for session-based web auth.

What: add session contracts, refresh token codec with provider-agnostic secret boundary, grpc session methods, DI wiring, tests, and docs.

Rule: preserve thalos identity ownership and keep transport adapters at service edge.
2026-03-08 14:48:35 -06:00

50 lines
2.0 KiB
C#
Raw Blame History

using BuildingBlock.Identity.Contracts.Conventions;
using BuildingBlock.Identity.Contracts.Requests;
using BuildingBlock.Identity.Contracts.Responses;
using Thalos.Service.Application.Sessions;
using Thalos.Service.Application.UseCases;
using Thalos.Service.Identity.Abstractions.Contracts;
using IdentityIssueRequest = BuildingBlock.Identity.Contracts.Requests.IssueIdentityTokenRequest;
using IdentityIssueResponse = BuildingBlock.Identity.Contracts.Responses.IssueIdentityTokenResponse;
namespace Thalos.Service.Application.UnitTests;
public class StartIdentitySessionUseCaseTests
{
[Fact]
public async Task HandleAsync_WhenCalled_IssuesTokenAndRefreshToken()
{
var useCase = new StartIdentitySessionUseCase(new FakeIssueUseCase(), new FakeSessionTokenCodec());
var response = await useCase.HandleAsync(new StartIdentitySessionRequest("user-1", "tenant-1", IdentityAuthProvider.InternalJwt));
Assert.Equal("token-abc", response.AccessToken);
Assert.Equal(1800, response.ExpiresInSeconds);
Assert.Equal("user-1", response.SubjectId);
Assert.Equal("tenant-1", response.TenantId);
Assert.Equal("refresh-user-1-tenant-1", response.RefreshToken);
}
private sealed class FakeIssueUseCase : IIssueIdentityTokenUseCase
{
public Task<IdentityIssueResponse> HandleAsync(IdentityIssueRequest request)
{
return Task.FromResult(new IdentityIssueResponse("token-abc", 1800));
}
}
private sealed class FakeSessionTokenCodec : IIdentitySessionTokenCodec
{
public string Encode(IdentitySessionDescriptor descriptor)
{
return $"refresh-{descriptor.SubjectId}-{descriptor.TenantId}";
}
public bool TryDecode(string token, out IdentitySessionDescriptor descriptor)
{
descriptor = new IdentitySessionDescriptor(string.Empty, string.Empty, IdentityAuthProvider.InternalJwt, DateTimeOffset.UtcNow);
return false;
}
}
}
Reference in New Issue View Git Blame Copy Permalink