LCORE-740: type hints for authentication tests

[tisnik]

Description

LCORE-740: type hints for authentication tests

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement

Related Tickets & Documents

• Related Issue #LCORE-740

Summary by CodeRabbit

Release Notes

• Tests
  • Updated type annotations in authentication test suite to improve code quality and type safety. These changes enhance test reliability without affecting user-facing functionality.

[coderabbitai]

Walkthrough

Type annotations updated in test fixtures and functions to accurately reflect actual data structures used. Fixture parameters changed from string types to dictionary types for token headers and payloads. Test function parameters updated to use proper type references such as Request objects and JwkConfiguration instead of strings and mismatched configuration types.

Changes

Cohort / File(s)	Summary
JWK token test type corrections tests/unit/authentication/test_jwk_token.py	Updated fixture signatures (valid_token, expired_token, invalid_token, custom_claims_token) to change token_header and token_payload from str to dict[str, Any]. Updated test function signatures (test_no_auth_header, test_no_bearer) to use Request objects instead of strings, and corrected configuration type from JwtConfiguration to JwkConfiguration.
K8s mock response type annotation tests/unit/authentication/test_k8s.py	Added return type annotation -> None to MockK8sResponse.__init__ constructor.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Verify that updated type hints (dict[str, Any] for token structures) match actual fixture implementations
• Confirm Request and JwkConfiguration type corrections align with imported classes and actual usage in tests

Possibly related PRs

• LCORE-740: check type hints for unit tests on CI #758: Introduces mypy type checking in CI for tests/unit, directly enabling and validating the type annotation corrections applied in this PR

Poem

🐰 Type hints now aligned with reality's call,
Dictionaries where strings used to sprawl,
Request objects, configurations true—
The tests now sing in shades of MyPy blue! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: adding type hints to authentication test files.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1a5c345 and f674438.

📒 Files selected for processing (2)

• tests/unit/authentication/test_jwk_token.py (6 hunks)
• tests/unit/authentication/test_k8s.py (1 hunks)

🧰 Additional context used

📓 Path-based instructions (3)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: All modules start with descriptive module-level docstrings explaining purpose
Use logger = logging.getLogger(name) for module logging after import logging
Define type aliases at module level for clarity
All functions require docstrings with brief descriptions
Provide complete type annotations for all function parameters and return types
Use typing_extensions.Self in model validators where appropriate
Use modern union syntax (str | int) and Optional[T] or T | None consistently
Function names use snake_case with descriptive, action-oriented prefixes (get_, validate_, check_)
Avoid in-place parameter modification; return new data structures instead of mutating arguments
Use appropriate logging levels: debug, info, warning, error with clear messages
All classes require descriptive docstrings explaining purpose
Class names use PascalCase with conventional suffixes (Configuration, Error/Exception, Resolver, Interface)
Abstract base classes should use abc.ABC and @AbstractMethod for interfaces
Provide complete type annotations for all class attributes
Follow Google Python docstring style for modules, classes, and functions, including Args, Returns, Raises, Attributes sections as needed

Files:

• tests/unit/authentication/test_k8s.py
• tests/unit/authentication/test_jwk_token.py

tests/{unit,integration}/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/{unit,integration}/**/*.py: Use pytest for all unit and integration tests
Do not use unittest in tests; pytest is the standard

Files:

• tests/unit/authentication/test_k8s.py
• tests/unit/authentication/test_jwk_token.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest-mock to create AsyncMock objects for async interactions in tests
Use the shared auth mock constant: MOCK_AUTH = ("mock_user_id", "mock_username", False, "mock_token") in tests

Files:

• tests/unit/authentication/test_k8s.py
• tests/unit/authentication/test_jwk_token.py

🧠 Learnings (3)

📓 Common learnings

Learnt from: CR
Repo: lightspeed-core/lightspeed-stack PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-18T16:46:33.353Z
Learning: Applies to src/{models/**/*.py,configuration.py} : Use precise type hints in configuration (e.g., Optional[FilePath], PositiveInt, SecretStr)

📚 Learning: 2025-09-18T16:46:33.353Z

Learnt from: CR
Repo: lightspeed-core/lightspeed-stack PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-09-18T16:46:33.353Z
Learning: Applies to tests/**/*.py : Use the shared auth mock constant: MOCK_AUTH = ("mock_user_id", "mock_username", False, "mock_token") in tests

Applied to files:

• tests/unit/authentication/test_k8s.py

📚 Learning: 2025-09-02T11:09:40.404Z

Learnt from: radofuchs
Repo: lightspeed-core/lightspeed-stack PR: 485
File: tests/e2e/features/environment.py:87-95
Timestamp: 2025-09-02T11:09:40.404Z
Learning: In the lightspeed-stack e2e tests, noop authentication tests use the default lightspeed-stack.yaml configuration, while noop-with-token tests use the Authorized tag to trigger a config swap to the specialized noop-with-token configuration file.

Applied to files:

• tests/unit/authentication/test_jwk_token.py

🧬 Code graph analysis (1)

tests/unit/authentication/test_jwk_token.py (1)

src/models/config.py (1)

• JwkConfiguration (403-407)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: build-pr
• GitHub Check: Konflux kflux-prd-rh02 / lightspeed-stack-on-pull-request
• GitHub Check: e2e_tests (ci)
• GitHub Check: e2e_tests (azure)

🔇 Additional comments (5)

tests/unit/authentication/test_k8s.py (1)

73-80: LGTM! Return type annotation added.

The addition of the -> None return type annotation to MockK8sResponse.__init__ improves type completeness and aligns with Python best practices.

tests/unit/authentication/test_jwk_token.py (4)

24-26: LGTM! Fixture type annotations correctly added.

The token_header and token_payload fixtures now have proper type annotations (dict[str, Any]) that accurately reflect the dictionary structures they return. This improves type safety throughout the test suite.

Also applies to: 30-37

---

63-67: LGTM! Token fixture parameter types corrected.

The valid_token, expired_token, and invalid_token fixtures now have accurate parameter type annotations. The token_header and token_payload parameters are correctly typed as dict[str, Any] instead of the previous string types, which aligns with their actual usage.

Also applies to: 211-215, 243-247

---

272-276: LGTM! Test parameter types corrected.

The parameter type annotations in test_no_auth_header and test_no_bearer have been properly updated:

• Request objects are now correctly typed as Request instead of string types
• default_jwk_configuration is correctly typed as JwkConfiguration (not JwtConfiguration), which matches the actual configuration model structure

These corrections improve type safety and IDE support.

Also applies to: 292-296

---

380-384: LGTM! Parameter order improved for consistency.

The custom_claims_token fixture parameters have been reordered to match the pattern used in other similar fixtures (no_user_id_token, no_username_token), placing token_payload before token_header. This improves consistency across the test file while maintaining correct functionality.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}