Expand test suite with adapter and DB coverage

[wagnerdevocelot]

Summary

• add sqlite driver dependency
• unit tests for LegacyDBAdapter
• unit tests for LoggingAdapter
• integration test using the legacy DB
• performance benchmarks for token creation

Testing

• go test ./... -v
• go test -bench=. -run=NONE

---

https://chatgpt.com/codex/tasks/task_e_687443f066ac832881de289ac38519fa

[Copilot]

Pull Request Overview

This PR expands test coverage and adds performance benchmarks for the logging and legacy DB adapters.

• Adds unit tests for LegacyDBAdapter client, token, session, and JWT methods
• Adds unit tests for LoggingAdapter metrics and error metrics
• Adds an end-to-end integration test simulating the OAuth2 code flow against the legacy DB
• Introduces benchmarks for token creation on both adapters and adds the SQLite driver dependency

Reviewed Changes

Copilot reviewed 5 out of 6 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
logging_adapter_test.go	Unit tests for LoggingAdapter metrics and error metrics
db_adapter_test.go	Unit tests for LegacyDBAdapter client, token, session, and JWT methods
integration_legacy_db_test.go	Integration test simulating full OAuth2 flow against the legacy DB
benchmark_test.go	Benchmarks for token creation on LoggingAdapter and LegacyDBAdapter
go.mod	Adds github.com/mattn/go-sqlite3 dependency

Comments suppressed due to low confidence (2)

logging_adapter_test.go:192

• [nitpick] TestLoggingAdapterErrorMetrics only verifies the GetClient error metric. Consider adding cases for other methods to ensure all error metrics are incremented as expected.

	fs := newFailingStore(map[string]bool{"GetClient": true})

db_adapter_test.go:40

• [nitpick] The client tests only validate ID and RedirectURIs. Consider adding assertions for other fields like Scopes and Audience to ensure full client data is persisted and retrieved.

	client := &fosite.DefaultClient{ID: "c1", Secret: []byte("secret"), RedirectURIs: []string{"http://localhost"}}

[Copilot]

[nitpick] The failingStore implements many methods with identical error-checking boilerplate. Consider extracting a shared helper or decorator to reduce duplication and improve maintainability.

[Copilot]

Decoding JSON without checking the returned error can mask failures. Consider capturing and validating the error from Decode before using the parsed data.

Suggested change

	json.NewDecoder(resToken.Body).Decode(&tokenResp)
	if err := json.NewDecoder(resToken.Body).Decode(&tokenResp); err != nil {
	t.Fatalf("failed to decode token response: %v", err)
	}

[Copilot]

A direct type assertion on tokenResp["access_token"] will panic if the key is missing or not a string. Use a safe assertion and handle the case where the assertion fails.

Suggested change

	access := tokenResp["access_token"].(string)
	access, ok := tokenResp["access_token"].(string)
	if !ok {
	t.Fatalf("access_token missing or not a string: %v", tokenResp)
	}

[Copilot]

The benchmark for LegacyDBCreateToken inserts into a table that grows without bound, skewing results. Consider truncating the table or resetting the database between iterations to maintain consistent measurements.

Suggested change

	adapter.CreateToken(b.Context(), "access_token", "sig"+strconv.Itoa(i), "c1", req)
	adapter.CreateToken(b.Context(), "access_token", "sig"+strconv.Itoa(i), "c1", req)
	if _, err := db.Exec("DELETE FROM tokens"); err != nil {
	b.Fatal(err)
	}

[Copilot]

[nitpick] Repeated calls to CreateToken on the same LoggingAdapter and InMemoryStore accumulate state across iterations. Consider resetting or recreating the store inside the loop to isolate performance characteristics.

Suggested change

	adapter := NewLoggingAdapter(NewInMemoryStore())
	req := &fosite.Request{}
	b.ResetTimer()
	for i := 0; i < b.N; i++ {
	req := &fosite.Request{}
	b.ResetTimer()
	for i := 0; i < b.N; i++ {
	adapter := NewLoggingAdapter(NewInMemoryStore())