chore(auth): consume ZB.MOM.WW.Auth 0.1.4 — gain API-key expiry enforcement (archreview G-2)

Bump all four ZB.MOM.WW.Auth.* package refs 0.1.2 -> 0.1.4. The shared
ApiKeyVerifier now rejects any key whose ExpiresUtc is in the past;
existing keys have NULL expiry (never expire), so nothing breaks, and the
auth SQLite DB auto-migrates to schema v3 (nullable expires_utc column) on
first boot. Implement the two IApiKeyAdminStore members added in 0.1.3
(SetScopesAsync/SetEnabledAsync) on the test FakeApiKeyAdminStore.

Build green; no new test failures (the macOS worker-pipe IPC failures are
pre-existing/environmental, identical to the pre-bump baseline).
This commit is contained in:
Joseph Doherty
2026-07-09 06:37:10 -04:00
parent 8fb1a814d4
commit 197731ae2d
3 changed files with 27 additions and 6 deletions
@@ -22,8 +22,8 @@
(IntegrationTests-028).
-->
<ItemGroup>
<PackageReference Include="ZB.MOM.WW.Auth.Abstractions" Version="0.1.2" />
<PackageReference Include="ZB.MOM.WW.Auth.Ldap" Version="0.1.2" />
<PackageReference Include="ZB.MOM.WW.Auth.Abstractions" Version="0.1.4" />
<PackageReference Include="ZB.MOM.WW.Auth.Ldap" Version="0.1.4" />
<PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.7" />
<PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="10.0.7" />
</ItemGroup>
@@ -6,10 +6,10 @@
<ItemGroup>
<PackageReference Include="Grpc.AspNetCore" Version="2.76.0" />
<PackageReference Include="ZB.MOM.WW.Auth.Abstractions" Version="0.1.2" />
<PackageReference Include="ZB.MOM.WW.Auth.Ldap" Version="0.1.2" />
<PackageReference Include="ZB.MOM.WW.Auth.ApiKeys" Version="0.1.2" />
<PackageReference Include="ZB.MOM.WW.Auth.AspNetCore" Version="0.1.2" />
<PackageReference Include="ZB.MOM.WW.Auth.Abstractions" Version="0.1.4" />
<PackageReference Include="ZB.MOM.WW.Auth.Ldap" Version="0.1.4" />
<PackageReference Include="ZB.MOM.WW.Auth.ApiKeys" Version="0.1.4" />
<PackageReference Include="ZB.MOM.WW.Auth.AspNetCore" Version="0.1.4" />
<PackageReference Include="ZB.MOM.WW.Audit" Version="0.1.0" />
<PackageReference Include="ZB.MOM.WW.Theme" Version="0.3.1" />
<PackageReference Include="ZB.MOM.WW.Configuration" Version="0.1.0" />
@@ -623,6 +623,27 @@ public sealed class DashboardSnapshotServiceTests
{
return Task.FromResult(false);
}
/// <summary>Does nothing; the fake never changes scopes (added to IApiKeyAdminStore in Auth 0.1.3).</summary>
/// <param name="keyId">Key identifier.</param>
/// <param name="scopes">Replacement scope set.</param>
/// <param name="ct">Cancellation token.</param>
/// <returns><see langword="false"/>, always.</returns>
public Task<bool> SetScopesAsync(string keyId, IReadOnlySet<string> scopes, CancellationToken ct)
{
return Task.FromResult(false);
}
/// <summary>Does nothing; the fake never toggles key state (added to IApiKeyAdminStore in Auth 0.1.3).</summary>
/// <param name="keyId">Key identifier.</param>
/// <param name="enabled">Desired enabled state.</param>
/// <param name="whenUtc">Timestamp for the state change.</param>
/// <param name="ct">Cancellation token.</param>
/// <returns><see langword="false"/>, always.</returns>
public Task<bool> SetEnabledAsync(string keyId, bool enabled, DateTimeOffset whenUtc, CancellationToken ct)
{
return Task.FromResult(false);
}
}
private class CountingApiKeyAdminStore(params ApiKeyListItem[] records) : FakeApiKeyAdminStore