arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

🧪 test(bdd): admin metadata endpoint security property — no secret leak #52

Merged
arcodange merged 1 commits from feat/activate-jwt-retention-multi-age-scenario into main 2026-05-05 09:56:18 +02:00
Conversation 0 Commits 1 Files Changed 3 +74
arcodange commented 2026-05-05 09:56:03 +02:00
Owner
Copy Link

Activates a @critical scenario asserting the SECURITY property of GET /api/v1/admin/jwt/secrets (PR #51): the metadata endpoint NEVER leaks the secret value. If a future change adds the value to the response, this test fails with 'SECURITY: response leaked the secret value'. 4 new step defs, full BDD green.

Activates a @critical scenario asserting the SECURITY property of GET /api/v1/admin/jwt/secrets (PR #51): the metadata endpoint NEVER leaks the secret value. If a future change adds the value to the response, this test fails with 'SECURITY: response leaked the secret value'. 4 new step defs, full BDD green.
arcodange added 1 commit 2026-05-05 09:56:04 +02:00
🧪 test(bdd): admin metadata endpoint security property — no secret leak 418aaeaf95 
Activates a new @critical @admin-introspection scenario in
features/jwt/jwt_secret_retention.feature that exercises the GET
/api/v1/admin/jwt/secrets endpoint added in PR #51.

The scenario asserts the SECURITY-CRITICAL property: the metadata
endpoint exposes structure (count + per-secret is_primary, age,
fingerprint) WITHOUT leaking secret values. If a future change
accidentally adds the secret value to the response, this test fails
loud:
  SECURITY: response leaked the secret value "test-secret-do-not-leak..."

Specifically, the BDD asserts:
- After adding a secondary secret with a known value, GET returns 200
- The response contains 2 secrets in count
- The response does NOT contain the secret value anywhere
- Every entry has a non-empty SHA-256 fingerprint

4 new step definitions added to pkg/bdd/steps/jwt_retention_steps.go:
- iAddASecondaryJWTSecretNamed (parameterised by secret value)
- iRequestTheJWTSecretsMetadataEndpoint
- theMetadataShouldContainNSecrets
- theMetadataShouldNotContainTheSecretValue (the security check)
- everySecretInTheMetadataShouldHaveASHA256Fingerprint

Tests:
- Scenario passes via @admin-introspection tag filter.
- Full BDD suite (auth/config/greet/health/info/jwt) green.

The pre-existing @todo scenarios (Multiple secrets with different ages,
Cleanup frequency configuration, etc.) remain @todo — they require
arbitrary timestamp setup or manual cleanup triggers that aren't
exposed via API, by design. Documented as future test-infrastructure
work.
arcodange merged commit e9d61a7fb0 into main 2026-05-05 09:56:18 +02:00
arcodange deleted branch feat/activate-jwt-retention-multi-age-scenario 2026-05-05 09:56:18 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
arcodange
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: arcodange/dance-lessons-coach#52
Delete Branch "feat/activate-jwt-retention-multi-age-scenario"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?