Fix E2E test gaps and add comprehensive E2E + parity test suites

- Fix pull consumer fetch: send original stream subject in HMSG (not inbox) so NATS client distinguishes data messages from control messages - Fix MaxAge expiry: add background timer in StreamManager for periodic pruning - Fix JetStream wire format: Go-compatible anonymous objects with string enums, proper offset-based pagination for stream/consumer list APIs - Add 42 E2E black-box tests (core messaging, auth, TLS, accounts, JetStream) - Add ~1000 parity tests across all subsystems (gaps closure) - Update gap inventory docs to reflect implementation status
2026-03-12 14:09:23 -04:00
parent 79c1ee8776
commit c30e67a69d
226 changed files with 17801 additions and 709 deletions
--- a/tests/NATS.Server.Tests/Monitoring/TlsPeerCertParityTests.cs
+++ b/tests/NATS.Server.Tests/Monitoring/TlsPeerCertParityTests.cs
@@ -0,0 +1,65 @@
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using System.Text.Json;
+using NATS.Server.Monitoring;
+
+namespace NATS.Server.Tests.Monitoring;
+
+public class TlsPeerCertParityTests
+{
+    [Fact]
+    public void TLSPeerCert_serializes_go_shape_fields()
+    {
+        var cert = new TLSPeerCert
+        {
+            Subject = "CN=peer",
+            SubjectPKISha256 = new string('a', 64),
+            CertSha256 = new string('b', 64),
+        };
+
+        var json = JsonSerializer.Serialize(cert);
+
+        json.ShouldContain("\"subject\":\"CN=peer\"");
+        json.ShouldContain("\"subject_pk_sha256\":");
+        json.ShouldContain("\"cert_sha256\":");
+    }
+
+    [Fact]
+    public void TlsPeerCertMapper_produces_subject_and_sha256_values_from_certificate()
+    {
+        using var rsa = RSA.Create(2048);
+        var req = new CertificateRequest("CN=peer", rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
+        using var cert = req.CreateSelfSigned(DateTimeOffset.UtcNow.AddDays(-1), DateTimeOffset.UtcNow.AddDays(1));
+
+        var mapped = TlsPeerCertMapper.FromCertificate(cert);
+
+        mapped.Length.ShouldBe(1);
+        mapped[0].Subject.ShouldContain("CN=peer");
+        mapped[0].SubjectPKISha256.Length.ShouldBe(64);
+        mapped[0].CertSha256.Length.ShouldBe(64);
+    }
+
+    [Fact]
+    public void ConnInfo_json_includes_tls_peer_certs_array()
+    {
+        var info = new ConnInfo
+        {
+            Cid = 1,
+            TlsPeerCertSubject = "CN=peer",
+            TlsPeerCerts =
+            [
+                new TLSPeerCert
+                {
+                    Subject = "CN=peer",
+                    SubjectPKISha256 = new string('c', 64),
+                    CertSha256 = new string('d', 64),
+                },
+            ],
+        };
+
+        var json = JsonSerializer.Serialize(info);
+        json.ShouldContain("\"tls_peer_certs\":[");
+        json.ShouldContain("\"subject_pk_sha256\":");
+        json.ShouldContain("\"cert_sha256\":");
+    }
+}