Skip to content

[test] Add tests for oidc.fetchToken#7986

Merged
lpcox merged 2 commits into
mainfrom
add-tests-oidc-fetch-token-91823a2761a3f46e
Jun 23, 2026
Merged

[test] Add tests for oidc.fetchToken#7986
lpcox merged 2 commits into
mainfrom
add-tests-oidc-fetch-token-91823a2761a3f46e

Conversation

@github-actions

@github-actions github-actions Bot commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

Test Coverage Improvement: oidc.fetchToken

Function Analyzed

  • Package: internal/oidc
  • Function: fetchToken (method on *Provider)
  • Previous Coverage: 93.9%
  • New Coverage: 100.0%
  • Package Total: 97.1% → 100.0%
  • Complexity: High (multiple HTTP interaction branches, 8+ error paths)

Why This Function?

fetchToken was the most complex under-tested function in the codebase. It contains 8 distinct error paths covering URL parsing, HTTP request construction, network I/O, response body reading, JSON parsing, and JWT expiry extraction. Two branches were previously uncovered:

  1. http.NewRequestWithContext error path — triggered when fetchToken receives a nil context, which causes net/http to return "net/http: nil Context".
  2. io.ReadAll body-read error path — triggered when the server sends valid HTTP 200 headers but then closes the TCP connection before delivering the body. The HTTP client returns a successful Do() (status 200 is received) but the subsequent io.ReadAll(resp.Body) fails with io.ErrUnexpectedEOF because Content-Length declared more bytes than were actually sent.

Tests Added

  • TestProvider_NilContext — passes nil as the context to provider.Token(), exercises the "failed to create OIDC token request" error return in fetchToken
  • TestProvider_BodyReadError — uses http.Hijacker to send a 200 response with Content-Length: 1000 then immediately close the connection, exercising the "failed to read OIDC token response" error return

Coverage Report

Before:
  fetchToken   93.9%
  total:       97.1%

After:
  fetchToken   100.0%
  total:       100.0%

Test Execution

=== RUN   TestProvider_NilContext
--- PASS: TestProvider_NilContext (0.00s)
=== RUN   TestProvider_BodyReadError
--- PASS: TestProvider_BodyReadError (0.00s)
PASS
ok  github.com/github/gh-aw-mcpg/internal/oidc

Generated by Test Coverage Improver
Next run will target the next most complex under-tested function

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • proxy.golang.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "proxy.golang.org"

See Network Configuration for more information.

Generated by Test Coverage Improver · 486.3 AIC · ⊞ 7.1K ·

@github-actions
Add tests for oidc.fetchToken covering all error branches
213b24c 
Cover the two previously-untested error paths in fetchToken:
- nil context path: http.NewRequestWithContext returns an error when
  passed a nil context (TestProvider_NilContext)
- body-read error path: io.ReadAll fails when the server closes the
  TCP connection after sending headers but before the body
  (TestProvider_BodyReadError, uses HTTP Hijacker)

fetchToken coverage: 93.9% → 100.0%
oidc package total:  97.1% → 100.0%

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@lpcox lpcox marked this pull request as ready for review June 23, 2026 18:23
Copilot AI review requested due to automatic review settings June 23, 2026 18:23
Copilot AI reviewed Jun 23, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR improves unit test coverage for internal/oidc.Provider.fetchToken, targeting previously uncovered error branches so the internal/oidc package reaches 100% coverage.

Changes:

  • Add a test that passes a nil context to exercise the http.NewRequestWithContext error path.
  • Add a test that hijacks the HTTP connection and closes it after sending headers to force an io.ReadAll body-read failure.
Show a summary per file
File Description
internal/oidc/provider_test.go Adds two new unit tests covering fetchToken error paths (nil context request creation failure; response body read failure).

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 1/1 changed files
  • Comments generated: 1

Comment thread internal/oidc/provider_test.go Outdated
@lpcox
Potential fix for pull request finding
db62b22 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
GitHub Advanced Security started work on behalf of lpcox June 23, 2026 19:58 View session
GitHub Advanced Security finished work on behalf of lpcox June 23, 2026 19:59
@lpcox lpcox merged commit a338479 into main Jun 23, 2026
27 checks passed
@lpcox lpcox deleted the add-tests-oidc-fetch-token-91823a2761a3f46e branch June 23, 2026 21:45
@github-actions github-actions Bot mentioned this pull request Jun 24, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

automation testing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lpcox