Disable cert validation in tests because the dev cert may not be trusted

halter73 · halter73 · commit 910a979ad540 · 2025-06-30T16:11:25.000-07:00
diff --git a/tests/ModelContextProtocol.AspNetCore.Tests/AuthTests.cs b/tests/ModelContextProtocol.AspNetCore.Tests/AuthTests.cs
@@ -25,6 +25,9 @@ public AuthTests(ITestOutputHelper outputHelper)
     {
         // Let the HandleAuthorizationUrlAsync take a look at the Location header
         SocketsHttpHandler.AllowAutoRedirect = false;
+        // The dev cert may not be installed on the CI, but AddJwtBearer requires an HTTPS backchannel by default.
+        // The easiest workaround is to disable cert validation for testing purposes.
+        SocketsHttpHandler.SslOptions.RemoteCertificateValidationCallback = (_, _, _, _) => true;
 
         var oAuthServerProgram = new TestOAuthServer.Program(XunitLoggerProvider, KestrelInMemoryTransport);
         _oAuthRunTask = oAuthServerProgram.RunServerAsync(cancellationToken: _testCts.Token);

Original file line number	Diff line number	Diff line change
`@@ -25,6 +25,9 @@ public AuthTests(ITestOutputHelper outputHelper)`
`25`	`25`	`{`
`26`	`26`	`// Let the HandleAuthorizationUrlAsync take a look at the Location header`
`27`	`27`	`SocketsHttpHandler.AllowAutoRedirect = false;`
	`28`	`+ // The dev cert may not be installed on the CI, but AddJwtBearer requires an HTTPS backchannel by default.`
	`29`	`+ // The easiest workaround is to disable cert validation for testing purposes.`
	`30`	`+ SocketsHttpHandler.SslOptions.RemoteCertificateValidationCallback = (_, _, _, _) => true;`
`28`	`31`
`29`	`32`	`var oAuthServerProgram = new TestOAuthServer.Program(XunitLoggerProvider, KestrelInMemoryTransport);`
`30`	`33`	`_oAuthRunTask = oAuthServerProgram.RunServerAsync(cancellationToken: _testCts.Token);`