Skip to content

auth-server: rewrite the 3 disabled integration tests against the current attestation model #320

Description

@bordumb

Context

Three integration tests in auths-auth-server are disabled (commented out in tests/cases/mod.rs) because they assert the pre-refactor model where capabilities lived on the attestation chain (Attestation.role/.capabilities, verify_chain_with_capability, ed25519_pubkey_to_did_key, DeviceDID, WitnessReceipt). That model was removed when the crate was realigned in #317. The test files remain on disk.

Disabled:

  • tests/cases/air_gapped.rs
  • tests/cases/client_registration.rs
  • tests/cases/robustness.rs

Task

Rewrite them against the current attestation/verifier APIs (and the restored capability check — see the capability-gate issue). Per meta_prompt §V, keep the adversarial paths: forged signature rejected, wrong/absent capability rejected, replay rejected.

Acceptance

  • The three modules are re-enabled in tests/cases/mod.rs and pass.
  • helpers.rs::create_test_keypair drops its #[allow(dead_code)] once used again.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions