dkam/clinch
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases Wiki Activity

Drop redundant MemoryStore internals peek from fa_token creation test

Browse Source 
The refute_match on response.location already proves create_forward_auth_token
did nothing: the cache.write and the URL rewrite are back-to-back with no
branch between them, so the URL lacking fa_token= implies no cache entry
was written. The instance_variable_get(:@data) inspection was both redundant
and coupled to MemoryStore's private layout.

Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
This commit is contained in:
Dan Milne
2026-04-20 20:28:28 +10:00
parent 2d5650e620
commit 5178cf3d81
1 changed files with 0 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/controllers/api/forward_auth_controller_test.rb
View File

@@ -800,12 +800,6 @@ module Api
assert_response 303 assert_response 303
refute_match(/fa_token=/, response.location, "no fa_token for path-only return_to") refute_match(/fa_token=/, response.location, "no fa_token for path-only return_to")
# And no forward_auth_token:* cache entries should have been written.
# MemoryStore exposes @data; we just assert there are no matching keys.
keys = Rails.cache.instance_variable_get(:@data).keys
fa_keys = keys.select { |k| k.to_s.start_with?("forward_auth_token:") }
assert_empty fa_keys, "no fa_token cache entries for path-only return_to"
end end
test "cross-origin return_to produces an fa_token bound to that host" do test "cross-origin return_to produces an fa_token bound to that host" do