Skip to content

Commit 1e54d4f

Browse files
authored
fix(rust): satisfy dylint assertion lints in tests (#399)
Signed-off-by: Yordis Prieto <yordis.prieto@gmail.com>
1 parent 7a8624e commit 1e54d4f

73 files changed

Lines changed: 589 additions & 380 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

rsworkspace/crates/a2a-auth-callout/src/account_resolver/tests.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,5 +29,5 @@ fn static_resolver_denies_unknown_account() {
2929
#[test]
3030
fn error_into_auth_callout_error_preserves_message() {
3131
let err: AuthCalloutError = AccountResolverError::Unknown("x".into()).into();
32-
assert!(err.to_string().contains("\"x\""));
32+
assert_eq!(err.to_string(), "requested account \"x\" not allowlisted");
3333
}

rsworkspace/crates/a2a-auth-callout/src/credentials/api_key/tests.rs

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
use super::*;
2+
use crate::error::CredentialError;
23

34
fn make_registry() -> ApiKeyRegistry {
45
ApiKeyRegistry::new(b"test-hmac-secret".to_vec())
@@ -51,15 +52,20 @@ async fn verify_rejects_audience_mismatch() {
5152
let other = AudienceAccount::new("nats-acct-evil");
5253
#[allow(deprecated)]
5354
let err = verifier.verify("my-secret-key", &other).await.unwrap_err();
54-
assert!(matches!(err, AuthCalloutError::CredentialVerification(_)));
55-
assert!(err.to_string().contains("audience mismatch"));
55+
let AuthCalloutError::CredentialVerification(CredentialError::InvalidRequest(msg)) = err else {
56+
panic!("expected audience mismatch InvalidRequest");
57+
};
58+
assert_eq!(
59+
msg,
60+
"API key audience mismatch: requested=\"nats-acct-evil\" registered=\"nats-acct-1\""
61+
);
5662
}
5763

5864
#[test]
5965
fn apikey_rejects_empty() {
6066
let err = ApiKey::new("").unwrap_err();
6167
assert!(matches!(err, ApiKeyError::Empty));
62-
assert!(err.to_string().contains("empty"));
68+
assert_eq!(err.to_string(), "API key must not be empty");
6369
}
6470

6571
#[test]

rsworkspace/crates/a2a-auth-callout/src/credentials/oidc/tests.rs

Lines changed: 21 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -221,7 +221,16 @@ async fn discover_rejects_jwks_uri_outside_issuer_origin() {
221221
let Err(err) = res else {
222222
panic!("expected origin mismatch error");
223223
};
224-
assert!(err.to_string().contains("outside issuer origin"));
224+
let AuthCalloutError::CredentialVerification(CredentialError::InvalidCredentials(msg)) = err else {
225+
panic!("expected jwks_uri origin mismatch");
226+
};
227+
assert_eq!(
228+
msg,
229+
format!(
230+
"OIDC jwks_uri \"https://attacker.example.com/jwks\" is outside issuer origin {:?}",
231+
mock_srv.uri()
232+
)
233+
);
225234
}
226235

227236
#[tokio::test]
@@ -240,7 +249,17 @@ async fn discover_rejects_mismatched_issuer_claim() {
240249
let Err(err) = res else {
241250
panic!("expected issuer mismatch error");
242251
};
243-
assert!(err.to_string().contains("issuer mismatch"));
252+
let AuthCalloutError::CredentialVerification(CredentialError::InvalidCredentials(msg)) = err else {
253+
panic!("expected issuer mismatch");
254+
};
255+
assert_eq!(
256+
msg,
257+
format!(
258+
"OIDC discovery issuer mismatch: configured={:?} discovered={:?}",
259+
mock_srv.uri(),
260+
"https://other.example.com"
261+
)
262+
);
244263
}
245264

246265
#[test]

rsworkspace/crates/a2a-auth-callout/src/denial_reason/tests.rs

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,5 +20,8 @@ fn accepts_category_string() {
2020
#[test]
2121
fn display_renders_both_error_variants() {
2222
assert_eq!(DenialReasonError::Empty.to_string(), "denial reason must be non-empty");
23-
assert!(DenialReasonError::TooLong.to_string().contains("must be at most"));
23+
assert_eq!(
24+
DenialReasonError::TooLong.to_string(),
25+
format!("denial reason must be at most {MAX_LEN} characters")
26+
);
2427
}

rsworkspace/crates/a2a-auth-callout/src/error/tests.rs

Lines changed: 27 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,9 @@ use super::*;
44

55
#[test]
66
fn display_connect() {
7-
assert!(
8-
AuthCalloutError::Connect("refused".into())
9-
.to_string()
10-
.contains("NATS connect failed")
7+
assert_eq!(
8+
AuthCalloutError::Connect("refused".into()).to_string(),
9+
"NATS connect failed: refused"
1110
);
1211
}
1312

@@ -17,14 +16,14 @@ fn display_subscribe() {
1716
let e = AuthCalloutError::Subscribe(async_nats::SubscribeError::new(
1817
async_nats::SubscribeErrorKind::InvalidSubject,
1918
));
20-
assert!(e.to_string().contains("auth callout subject"));
19+
assert_eq!(e.to_string(), "subscribe to auth callout subject failed");
2120
assert!(Error::source(&e).is_some());
2221
}
2322

2423
#[test]
2524
fn display_credential_verification() {
2625
let e = AuthCalloutError::CredentialVerification(CredentialError::InvalidCredentials("bad token".into()));
27-
assert!(e.to_string().contains("credential verification"));
26+
assert_eq!(e.to_string(), "credential verification failed: bad token");
2827
assert!(std::error::Error::source(&e).is_some());
2928
}
3029

@@ -37,20 +36,17 @@ fn display_jwt_variant() {
3736

3837
#[test]
3938
fn display_missing_env_var_unknown_source_and_vault() {
40-
assert!(
41-
AuthCalloutError::MissingEnvVar("X")
42-
.to_string()
43-
.contains("X is not set")
39+
assert_eq!(
40+
AuthCalloutError::MissingEnvVar("X").to_string(),
41+
"required environment variable X is not set"
4442
);
45-
assert!(
46-
AuthCalloutError::UnknownSigningKeySource("foo".into())
47-
.to_string()
48-
.contains("foo")
43+
assert_eq!(
44+
AuthCalloutError::UnknownSigningKeySource("foo".into()).to_string(),
45+
"unknown AUTH_CALLOUT_SIGNING_KEY_SOURCE: foo (expected env, file, or vault)"
4946
);
50-
assert!(
51-
AuthCalloutError::VaultNotConfigured
52-
.to_string()
53-
.contains("not wired yet")
47+
assert_eq!(
48+
AuthCalloutError::VaultNotConfigured.to_string(),
49+
"AUTH_CALLOUT_SIGNING_KEY_SOURCE=vault is not wired yet"
5450
);
5551
}
5652

@@ -60,12 +56,12 @@ fn display_and_source_for_key_load_variants() {
6056
path: std::path::PathBuf::from("/tmp/x"),
6157
source: std::io::Error::new(std::io::ErrorKind::NotFound, "nope"),
6258
};
63-
assert!(io.to_string().contains("/tmp/x"));
59+
assert_eq!(io.to_string(), "failed to read signing key at /tmp/x");
6460
assert!(Error::source(&io).is_some());
6561

6662
let bad: Vec<u8> = vec![0xff, 0xfe];
6763
let utf8 = AuthCalloutError::KeyLoadUtf8(std::str::from_utf8(&bad).unwrap_err());
68-
assert!(utf8.to_string().contains("UTF-8"));
64+
assert_eq!(utf8.to_string(), "signing key file must be UTF-8 NKey seed");
6965
assert!(Error::source(&utf8).is_some());
7066
}
7167

@@ -83,25 +79,22 @@ fn source_for_connect_is_none() {
8379
#[test]
8480
fn display_covers_remaining_variants() {
8581
let de = serde_json::from_str::<String>("x").unwrap_err();
86-
assert!(
87-
AuthCalloutError::Deserialize(de)
88-
.to_string()
89-
.contains("deserialize auth callout request")
82+
assert_eq!(
83+
AuthCalloutError::Deserialize(de).to_string(),
84+
"failed to deserialize auth callout request"
9085
);
9186
let se = serde_json::from_str::<serde_json::Value>("not json").unwrap_err();
92-
assert!(
93-
AuthCalloutError::Serialize(se)
94-
.to_string()
95-
.contains("serialize auth callout response")
87+
assert_eq!(
88+
AuthCalloutError::Serialize(se).to_string(),
89+
"failed to serialize auth callout response"
9690
);
9791
let reply_err = AuthCalloutError::Reply(async_nats::PublishError::new(
9892
async_nats::client::PublishErrorKind::InvalidSubject,
9993
));
100-
assert!(reply_err.to_string().contains("publish auth callout reply"));
101-
assert!(
102-
AuthCalloutError::WireFormat("x".into())
103-
.to_string()
104-
.contains("wire format")
94+
assert_eq!(reply_err.to_string(), "failed to publish auth callout reply");
95+
assert_eq!(
96+
AuthCalloutError::WireFormat("x".into()).to_string(),
97+
"auth callout wire format error: x"
10598
);
106-
assert!(AuthCalloutError::Internal("x".into()).to_string().contains("internal"));
99+
assert_eq!(AuthCalloutError::Internal("x".into()).to_string(), "internal error: x");
107100
}

rsworkspace/crates/a2a-auth-callout/src/jwt/tests.rs

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -69,17 +69,15 @@ fn mint_rejects_wrong_verification_key() {
6969

7070
#[test]
7171
fn caller_id_rejects_dots() {
72-
assert!(CallerId::new("a.b").unwrap_err().to_string().contains("caller_id"));
72+
assert!(matches!(CallerId::new("a.b").unwrap_err(), JwtError::InvalidCallerId));
7373
}
7474

7575
#[test]
7676
fn external_subject_requires_non_empty() {
77-
assert!(
78-
ExternalSubject::new("")
79-
.unwrap_err()
80-
.to_string()
81-
.contains("external subject")
82-
);
77+
assert!(matches!(
78+
ExternalSubject::new("").unwrap_err(),
79+
JwtError::InvalidExternalSubject
80+
));
8381
}
8482

8583
#[test]

rsworkspace/crates/a2a-auth-callout/src/signing_key_source/tests.rs

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,10 @@ fn env_source_current_previous_missing_and_warn_once() {
4545
std::env::remove_var("AUTH_CALLOUT_SIGNING_SECRET");
4646
}
4747
let err = EnvSigningKeySource::from_env().unwrap_err();
48-
assert!(err.to_string().contains("AUTH_CALLOUT_SIGNING_SECRET"));
48+
assert!(matches!(
49+
err,
50+
AuthCalloutError::MissingEnvVar("AUTH_CALLOUT_SIGNING_SECRET")
51+
));
4952
}
5053

5154
#[test]
@@ -70,7 +73,7 @@ fn file_reads_current_and_optional_previous() {
7073
#[test]
7174
fn file_missing_current_errors() {
7275
let err = FileSigningKeySource::new("/no/such/signing-key-path", None::<&str>).unwrap_err();
73-
assert!(err.to_string().contains("failed to read signing key"));
76+
assert!(matches!(err, AuthCalloutError::KeyLoadIo { .. }));
7477
}
7578

7679
#[test]

rsworkspace/crates/a2a-auth-callout/src/wire/server_auth_request_envelope/tests.rs

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -44,9 +44,5 @@ fn rejects_tampered_signature() {
4444
let err = ServerAuthRequestEnvelope::from_bytes(token.into_bytes())
4545
.decode(&server_pub, None, None)
4646
.unwrap_err();
47-
assert!(
48-
err.to_string().contains("decode")
49-
|| err.to_string().contains("verify")
50-
|| err.to_string().contains("signature")
51-
);
47+
assert!(matches!(err, AuthCalloutError::WireFormat(_)));
5248
}

rsworkspace/crates/a2a-bridge/src/error/tests.rs

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,9 @@ use super::*;
44

55
#[test]
66
fn display_mint() {
7-
assert!(
8-
BridgeError::Mint("unavailable".into())
9-
.to_string()
10-
.contains("auth callout mint")
7+
assert_eq!(
8+
BridgeError::Mint("unavailable".into()).to_string(),
9+
"auth callout mint failed: unavailable"
1110
);
1211
}
1312

rsworkspace/crates/a2a-nats-http/src/tests.rs

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -369,7 +369,10 @@ async fn push_set_not_supported_maps_to_correct_error_code() {
369369
#[test]
370370
fn runtime_error_display_shows_env_var_name() {
371371
use crate::runtime::RuntimeError;
372-
assert!(RuntimeError::MissingAgentId.to_string().contains("A2A_AGENT_ID"));
372+
assert_eq!(
373+
RuntimeError::MissingAgentId.to_string(),
374+
"A2A_AGENT_ID environment variable is required"
375+
);
373376
}
374377

375378
#[tokio::test]

0 commit comments

Comments
 (0)