CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl-labs/aspnet-testing

Integration tests for ASP.NET Core APIs — WebApplicationFactory, xUnit, ConfigureTestServices, FluentAssertions, database isolation

97

1.45x
Quality

96%

Does it follow best practices?

Impact

99%

1.45x

Average score across 5 eval scenarios

SecuritybySnyk

Passed

No known issues

Overview
Quality
Evals
Security
Files

criteria.jsonevals/scenario-3/

{
  "context": "Tests whether the agent correctly implements authentication bypass for integration tests using a TestAuthHandler. Evaluates creation of the handler class, its registration via ConfigureTestServices, and that the authentication scheme is properly wired up to allow testing of protected endpoints.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "TestAuthHandler class",
      "description": "A class named TestAuthHandler (or similar) that extends `AuthenticationHandler<AuthenticationSchemeOptions>` is created",
      "max_score": 12
    },
    {
      "name": "HandleAuthenticateAsync override",
      "description": "The handler overrides `HandleAuthenticateAsync()` and returns `AuthenticateResult.Success(ticket)` with synthetic claims",
      "max_score": 12
    },
    {
      "name": "Claims included in ticket",
      "description": "The AuthenticationTicket includes at least one claim (e.g. ClaimTypes.Name or ClaimTypes.Role) in the ClaimsIdentity",
      "max_score": 10
    },
    {
      "name": "AddAuthentication in ConfigureTestServices",
      "description": "The handler is registered inside `ConfigureTestServices` (not `ConfigureServices`) using `services.AddAuthentication(...).AddScheme<...>()`",
      "max_score": 15
    },
    {
      "name": "Named scheme used",
      "description": "A specific scheme name string is used consistently in both `AddAuthentication(\"SchemeName\")` and `AddScheme<..., Handler>(\"SchemeName\", ...)`",
      "max_score": 10
    },
    {
      "name": "Protected endpoint tested",
      "description": "At least one test method calls a route that requires authentication and asserts a successful (non-401) response",
      "max_score": 12
    },
    {
      "name": "FluentAssertions in auth tests",
      "description": "Auth test assertions use `.Should().Be()` syntax (FluentAssertions), not Assert.Equal or similar",
      "max_score": 9
    },
    {
      "name": "IClassFixture used",
      "description": "The test class implementing auth tests uses `IClassFixture<>` to receive the factory",
      "max_score": 10
    },
    {
      "name": "Async Task [Fact]",
      "description": "Auth test methods are declared `public async Task` and decorated with `[Fact]`",
      "max_score": 10
    }
  ]
}

evals

scenario-3

criteria.json

task.md

tile.json