User authentication and session management for web applications
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

auth: shorten test names, document fuzz suite (merlint E335/E400)

+9 -8
+1
fuzz/fuzz_auth.mli
··· 1 1 val suite : string * Alcobar.test_case list 2 + (** [suite] is the fuzz test suite. *)
+8 -8
test/test_auth.ml
··· 311 311 Alcotest.(check (option string)) "unconfirmed email dropped" None u.email; 312 312 Alcotest.(check bool) "email_verified false" false u.email_verified 313 313 314 - let test_google_userinfo_rejects_missing_sub () = 314 + let test_google_missing_sub () = 315 315 let body = {|{"email":"user@gmail.com","name":"No Sub"}|} in 316 316 match Oauth.parse_userinfo Google body with 317 317 | Ok _ -> Alcotest.fail "should reject missing sub" 318 318 | Error _ -> () 319 319 320 - let test_github_userinfo_with_null_email () = 320 + let test_github_null_email () = 321 321 (* GitHub returns null email when user hasn't set it public *) 322 322 let body = {|{"id":999,"login":"ghost","name":"Ghost"}|} in 323 323 match Oauth.parse_userinfo Github body with ··· 463 463 464 464 (* ── Cookie flags ─────────────────────────────────────────────── *) 465 465 466 - let test_set_cookie_header_http_flags () = 466 + let test_cookie_http_flags () = 467 467 let _name, value = 468 468 Auth.set_cookie_header ~base_url:"http://localhost" "tok123" 469 469 in ··· 479 479 "no Secure for HTTP" false 480 480 (contains value ~substring:"Secure") 481 481 482 - let test_set_cookie_header_https_flags () = 482 + let test_cookie_https_flags () = 483 483 let _name, value = 484 484 Auth.set_cookie_header ~base_url:"https://example.com" "tok456" 485 485 in ··· 561 561 Alcotest.test_case "google userinfo" `Quick test_google_userinfo; 562 562 Alcotest.test_case "gitlab userinfo" `Quick test_gitlab_userinfo; 563 563 Alcotest.test_case "google rejects missing sub" `Quick 564 - test_google_userinfo_rejects_missing_sub; 564 + test_google_missing_sub; 565 565 Alcotest.test_case "github null email" `Quick 566 - test_github_userinfo_with_null_email; 566 + test_github_null_email; 567 567 Alcotest.test_case "custom provider" `Quick test_custom_provider_userinfo; 568 568 Alcotest.test_case "garbage input" `Quick test_userinfo_rejects_garbage; 569 569 (* Token exchange *) ··· 580 580 test_session_has_future_expiry; 581 581 (* Cookie flags *) 582 582 Alcotest.test_case "cookie flags HTTP" `Quick 583 - test_set_cookie_header_http_flags; 583 + test_cookie_http_flags; 584 584 Alcotest.test_case "cookie flags HTTPS" `Quick 585 - test_set_cookie_header_https_flags; 585 + test_cookie_https_flags; 586 586 (* CSRF state *) 587 587 Alcotest.test_case "CSRF sign/verify roundtrip" `Quick 588 588 test_csrf_sign_verify_roundtrip;