Trek_CN/server/tests
Julien G. 7798d2a3fd
fix(oidc): normalize id_token iss claim before issuer comparison (#837)
jwt.verify does an exact string match on the issuer. Providers like
Authentik include a trailing slash in the id_token iss claim while the
configured issuer is already normalized (no trailing slash), causing
every login attempt to fail with jwt issuer invalid.

Move the issuer check out of jwt.verify options and apply the same
trailing-slash normalization used in the discovery doc validation.
Also adds OIDC-SVC-033–036 unit tests covering exact match, trailing
slash, wrong issuer, and wrong audience cases.

Closes #834
2026-04-22 22:16:33 +02:00
..
fixtures feat(import): selective GPX/KML element import and performance improvements 2026-04-18 01:28:37 +02:00
helpers feat(notices): add system notice infrastructure 2026-04-16 14:36:33 +02:00
integration test(systemNotices): exclude v3 upgrade notices from login_count-only tests 2026-04-22 21:19:04 +02:00
unit fix(oidc): normalize id_token iss claim before issuer comparison (#837) 2026-04-22 22:16:33 +02:00
websocket test: expand test suite to 87.3% backend coverage 2026-04-06 20:08:30 +02:00
setup.ts Add comprehensive backend test suite (#339) 2026-04-03 13:17:53 +02:00