lmxopcua

dohertj2/lmxopcua

Fork 0

Commit Graph

Author	SHA1	Message	Date
Joseph Doherty	a0aa4a4819	fix(admin): complete Admin-006 — inject IAntiforgery into LogoutAsync for explicit token validation The previous Admin-006 commit added <AntiforgeryToken /> to the logout form and updated the comment on the endpoint, but did not update LogoutAsync to actually call IAntiforgery.ValidateRequestAsync. Blazor's UseAntiforgery() middleware does not automatically validate minimal-API endpoints, so a tokenless POST still succeeded. This commit injects IAntiforgery into the handler, wraps ValidateRequestAsync in a try/catch, and returns 400 on AntiforgeryValidationException. The endpoint keeps .DisableAntiforgery() to prevent the middleware from also trying to read the body (which would cause a double-read). The regression test is updated to log in first (to get an authenticated session) before asserting 400 on a tokenless logout POST. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-22 07:51:11 -04:00
Joseph Doherty	b585429447	fix(admin): resolve Medium code-review finding (Admin-009) Add AdminAuthPipelineTests (WebApplicationFactory + RoleInjectingHandler) to enforce that ConfigViewer is denied CanPublish-gated pages while FleetAdmin is permitted, and that an authenticated FleetAdmin session can reach the homepage. Existing PageAuthorizationTests (anon page rejection) and AuthEndpointsTests (login cookie + hub auth) cover cases (a)-(c); this file adds case (d). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-22 07:33:03 -04:00

Author

SHA1

Message

Date

Joseph Doherty

a0aa4a4819

fix(admin): complete Admin-006 — inject IAntiforgery into LogoutAsync for explicit token validation

The previous Admin-006 commit added <AntiforgeryToken /> to the logout form
and updated the comment on the endpoint, but did not update LogoutAsync to
actually call IAntiforgery.ValidateRequestAsync. Blazor's UseAntiforgery()
middleware does not automatically validate minimal-API endpoints, so a
tokenless POST still succeeded. This commit injects IAntiforgery into the
handler, wraps ValidateRequestAsync in a try/catch, and returns 400 on
AntiforgeryValidationException. The endpoint keeps .DisableAntiforgery() to
prevent the middleware from also trying to read the body (which would cause
a double-read). The regression test is updated to log in first (to get an
authenticated session) before asserting 400 on a tokenless logout POST.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-22 07:51:11 -04:00

Joseph Doherty

b585429447

fix(admin): resolve Medium code-review finding (Admin-009)

Add AdminAuthPipelineTests (WebApplicationFactory + RoleInjectingHandler) to
enforce that ConfigViewer is denied CanPublish-gated pages while FleetAdmin is
permitted, and that an authenticated FleetAdmin session can reach the homepage.
Existing PageAuthorizationTests (anon page rejection) and AuthEndpointsTests
(login cookie + hub auth) cover cases (a)-(c); this file adds case (d).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-22 07:33:03 -04:00

2 Commits