Conversation
CLAUDE.md provides project guidance for Claude Code including build commands, architecture overview, and testing patterns. TESTING.md defines the integration test plan: black-box testing via compiled binary, DCQL-based credential queries, mock TIR servers, and coverage of M2M, Frontend v2, and Deeplink flows. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
## Summary - Adds a separate Go module (`integration_test/`) with helper packages for black-box integration testing - Implements identity generation (did:key, did:web), credential creation (JWT-VC, SD-JWT, VP token, DCQL response), mock servers (TIR, did:web), config builder, and process lifecycle management - Includes 14 tests covering all helper functionality ## Test plan - [x] All 14 helper tests pass: `cd integration_test && go test -tags integration -v -count=1 ./...` - [x] Main module tests unaffected: `go test ./...` 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Stefan Wiedemann <wistefan@googlemail.com> Reviewed-on: http://localhost:3000/wistefan/verifier/pulls/14 Reviewed-by: wistefan <wistefan@googlemail.com> Co-authored-by: claude <claude@gitea.com> Co-committed-by: claude <claude@gitea.com>
## Summary - Add 7 parameterized M2M success test cases exercising the VP-token-to-JWT exchange flow - Add did:web TLS server support, JWT inclusion config, SD-JWT _sd_alg, and TIR URL-decoding fix - All tests verify end-to-end: identity generation → mock setup → verifier start → token request → JWT verification ## Test cases | # | Name | Description | |---|------|-------------| | 1 | OneJWTVC_DidKeyIssuer | Single JWT-VC with did:key issuer | | 2 | MultipleJWTVCs_DidKeyIssuer | Two JWT-VCs of different types | | 3 | OneSDJWT_DidKeyIssuer | Single SD-JWT credential | | 4 | MultipleSDJWTs_DidKeyIssuer | Two SD-JWTs of different types | | 5 | JWTVC_DidWebIssuer | JWT-VC with did:web issuer (TLS) | | 6 | JWTVC_CnfHolderBinding | JWT-VC with cnf confirmation | | 7 | JWTVC_ClaimBasedHolderBinding | JWT-VC with claim-based holder | ## Test plan - [x] All 7 M2M success tests pass - [x] Existing helper tests still pass 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Stefan Wiedemann <wistefan@googlemail.com> Reviewed-on: http://localhost:3000/wistefan/verifier/pulls/15 Reviewed-by: wistefan <wistefan@googlemail.com> Co-authored-by: claude <claude@gitea.com> Co-committed-by: claude <claude@gitea.com>
## Summary - Add 6 parameterized failure test cases for the M2M token endpoint - Each test presents invalid/mismatched credentials and asserts HTTP 400 - Test cases: WrongCredentialType, MissingRequiredClaims, UntrustedIssuer, InvalidVPSignature, InvalidCnfBinding, InvalidClaimHolderBinding - Add `CreateVPTokenWithMismatchedSigner` helper for crafting VPs with signature/DID mismatches ## Test plan - [x] All 6 failure tests pass (`TestM2MFailure`) - [x] All 7 success tests still pass (`TestM2MSuccess`) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Stefan Wiedemann <wistefan@googlemail.com> Reviewed-on: http://localhost:3000/wistefan/verifier/pulls/16 Reviewed-by: wistefan <wistefan@googlemail.com> Co-authored-by: claude <claude@gitea.com> Co-committed-by: claude <claude@gitea.com>
## Summary - Add end-to-end tests for the FRONTEND_V2 cross-device authorization flow - `TestFrontendV2ByReference`: full flow using byReference mode (request_uri) - `TestFrontendV2ByValue`: full flow using byValue mode (embedded JWT) - Both tests exercise: authorization → loginQR → openid4vp URL → WebSocket → auth response → code exchange → JWT verification - Adds `gorilla/websocket` dependency for WebSocket client ## Test plan - [x] Both frontend v2 tests pass (byReference + byValue) - [x] All 13 existing tests still pass (7 M2M success + 6 M2M failure) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Stefan Wiedemann <wistefan@googlemail.com> Reviewed-on: http://localhost:3000/wistefan/verifier/pulls/17 Reviewed-by: wistefan <wistefan@googlemail.com> Co-authored-by: claude <claude@gitea.com> Co-committed-by: claude <claude@gitea.com>
## Summary - Add end-to-end tests for the DEEPLINK (same-device) authorization flow - `TestDeeplinkByReference`: full flow using byReference mode via `/api/v1/authorization` - `TestDeeplinkByValue`: full flow using byValue mode via `/api/v1/samedevice` - Both tests exercise: authorization → openid4vp redirect → request object → auth response (302 redirect) → code exchange → JWT verification - Key difference from FRONTEND_V2: uses 302 redirects instead of WebSocket notifications ## Test plan - [x] Both deeplink tests pass (byReference + byValue) - [x] All 15 existing tests still pass (7 M2M success + 6 M2M failure + 2 frontend v2) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Stefan Wiedemann <wistefan@googlemail.com> Reviewed-on: http://localhost:3000/wistefan/verifier/pulls/18 Co-authored-by: claude <claude@gitea.com> Co-committed-by: claude <claude@gitea.com>
## Summary - Add `TestEndpoints` with 8 parameterized sub-tests for endpoint validation - Tests cover: JWKS, OpenID Configuration, Health, token error handling, authorization parameter validation - All sub-tests share a single verifier process for efficiency ## Test plan - [x] All 8 endpoint tests pass - [x] All 17 existing tests still pass (7 M2M success + 6 M2M failure + 2 frontend v2 + 2 deeplink) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Stefan Wiedemann <wistefan@googlemail.com> Reviewed-on: http://localhost:3000/wistefan/verifier/pulls/19 Reviewed-by: wistefan <wistefan@googlemail.com> Co-authored-by: claude <claude@gitea.com> Co-committed-by: claude <claude@gitea.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add integration-test job to .github/workflows/test.yaml that runs the integration test suite in a separate job alongside unit tests - Expand the Testing section in README.md with instructions for running integration tests and a guide for adding new tests Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
wistefan
added
the
patch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.