feat(auth): ScadaBridge full canonical claims (ZbClaimTypes role/scope) + ZbCookieDefaults, keep cookie name (Task 1.5)

2026-06-02 06:23:15 -04:00
parent afa55981d5
commit a0938f708b
25 changed files with 247 additions and 50 deletions
@@ -57,7 +57,7 @@ public class AuditLogPagePermissionTests : BunitContext

    private static ClaimsPrincipal BuildPrincipal(params string[] roles)
    {
-        var claims = new List<Claim> { new("Username", "tester") };
+        var claims = new List<Claim> { new(JwtTokenService.UsernameClaimType, "tester") };
        claims.AddRange(roles.Select(r => new Claim(JwtTokenService.RoleClaimType, r)));
        return new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
    }
@@ -39,7 +39,7 @@ public class AuditLogPageScaffoldTests : BunitContext

    private static ClaimsPrincipal BuildPrincipal(params string[] roles)
    {
-        var claims = new List<Claim> { new("Username", "tester") };
+        var claims = new List<Claim> { new(JwtTokenService.UsernameClaimType, "tester") };
        claims.AddRange(roles.Select(r => new Claim(JwtTokenService.RoleClaimType, r)));
        return new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
    }
@@ -28,7 +28,7 @@ public class ExecutionTreePageTests : BunitContext

    private static ClaimsPrincipal BuildPrincipal(params string[] roles)
    {
-        var claims = new List<Claim> { new("Username", "tester") };
+        var claims = new List<Claim> { new(JwtTokenService.UsernameClaimType, "tester") };
        claims.AddRange(roles.Select(r => new Claim(JwtTokenService.RoleClaimType, r)));
        return new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
    }
@@ -1,4 +1,5 @@
 using System.Security.Claims;
+using ZB.MOM.WW.ScadaBridge.Security;
 using Akka.Actor;
 using Bunit;
 using Microsoft.AspNetCore.Components.Authorization;
@@ -80,7 +81,7 @@ public class HealthPageTests : BunitContext

        var claims = new[]
        {
-            new Claim("Username", "tester"),
+            new Claim(JwtTokenService.UsernameClaimType, "tester"),
            new Claim(ClaimTypes.Role, "Admin"),
        };
        var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
@@ -68,7 +68,7 @@ public class NotificationKpisPageTests : BunitContext

        var claims = new[]
        {
-            new Claim("Username", "tester"),
+            new Claim(JwtTokenService.UsernameClaimType, "tester"),
            new Claim(ClaimTypes.Role, "Deployment"),
        };
        var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
@@ -1,4 +1,5 @@
 using System.Security.Claims;
+using ZB.MOM.WW.ScadaBridge.Security;
 using Bunit;
 using Microsoft.AspNetCore.Components.Authorization;
 using Microsoft.Extensions.DependencyInjection;
@@ -21,7 +22,7 @@ public class NotificationListsPageTests : BunitContext

        var claims = new[]
        {
-            new Claim("Username", "tester"),
+            new Claim(JwtTokenService.UsernameClaimType, "tester"),
            new Claim(ClaimTypes.Role, "Design"),
        };
        var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
@@ -1,4 +1,5 @@
 using System.Security.Claims;
+using ZB.MOM.WW.ScadaBridge.Security;
 using Akka.Actor;
 using Bunit;
 using Microsoft.AspNetCore.Components.Authorization;
@@ -87,7 +88,7 @@ public class NotificationReportDetailModalTests : BunitContext

        var claims = new[]
        {
-            new Claim("Username", "tester"),
+            new Claim(JwtTokenService.UsernameClaimType, "tester"),
            new Claim(ClaimTypes.Role, "Deployment"),
        };
        var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
@@ -73,7 +73,7 @@ public class NotificationReportPageTests : BunitContext

        var claims = new[]
        {
-            new Claim("Username", "tester"),
+            new Claim(JwtTokenService.UsernameClaimType, "tester"),
            new Claim(ClaimTypes.Role, "Deployment"),
        };
        var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
@@ -1,4 +1,5 @@
 using System.Security.Claims;
+using ZB.MOM.WW.ScadaBridge.Security;
 using Akka.Actor;
 using Bunit;
 using Bunit.TestDoubles;
@@ -171,7 +172,7 @@ public sealed class QueryStringDrillInTests

            var claims = new[]
            {
-                new Claim("Username", "tester"),
+                new Claim(JwtTokenService.UsernameClaimType, "tester"),
                new Claim(ClaimTypes.Role, "Deployment"),
            };
            var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
@@ -88,7 +88,7 @@ public class SiteCallsReportPageTests : BunitContext

        var claims = new[]
        {
-            new Claim("Username", "tester"),
+            new Claim(JwtTokenService.UsernameClaimType, "tester"),
            new Claim(ClaimTypes.Role, "Deployment"),
        };
        var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
@@ -493,7 +493,7 @@ public class SiteCallsReportPageTests : BunitContext
        // Last AuthenticationStateProvider registration wins on resolution.
        var scopedUser = new ClaimsPrincipal(new ClaimsIdentity(new[]
        {
-            new Claim("Username", "scoped"),
+            new Claim(JwtTokenService.UsernameClaimType, "scoped"),
            new Claim(ClaimTypes.Role, "Deployment"),
            new Claim(JwtTokenService.SiteIdClaimType, "1"), // Plant A only
        }, "TestAuth"));
@@ -1,4 +1,5 @@
 using System.Security.Claims;
+using ZB.MOM.WW.ScadaBridge.Security;
 using Bunit;
 using Microsoft.AspNetCore.Components.Authorization;
 using Microsoft.Extensions.DependencyInjection;
@@ -19,7 +20,7 @@ public class SmtpConfigurationPageTests : BunitContext
    {
        var claims = new[]
        {
-            new Claim("Username", "tester"),
+            new Claim(JwtTokenService.UsernameClaimType, "tester"),
            new Claim(ClaimTypes.Role, "Admin"),
        };
        var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));