< Summary

Information

Class:	AsiBackbone.Core.CapabilityTokens.CapabilityTokenGrant
Assembly:	AsiBackbone.Core
File(s):	/home/runner/work/AsiBackbone/AsiBackbone/src/AsiBackbone.Core/CapabilityTokens/CapabilityTokenGrant.cs

Line coverage

100%

Covered lines:	113
Uncovered lines:	0
Coverable lines:	113
Total lines:	272
Line coverage:	100%

Branch coverage

100%

Covered branches:	28
Total branches:	28
Branch coverage:	100%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
.cctor()	100%	1	1	100%
.ctor(...)	100%	10	10	100%
get_TokenId()	100%	1	1	100%
get_Issuer()	100%	1	1	100%
get_Audience()	100%	1	1	100%
get_Scopes()	100%	1	1	100%
get_IssuedUtc()	100%	1	1	100%
get_NotBeforeUtc()	100%	1	1	100%
get_ExpiresUtc()	100%	1	1	100%
get_SubjectId()	100%	1	1	100%
get_OperationName()	100%	1	1	100%
get_PolicyVersion()	100%	1	1	100%
get_PolicyHash()	100%	1	1	100%
get_AcknowledgmentId()	100%	1	1	100%
get_HandshakeId()	100%	1	1	100%
get_GatewayBinding()	100%	1	1	100%
get_ResourceBinding()	100%	1	1	100%
get_SchemaVersion()	100%	1	1	100%
get_Metadata()	100%	1	1	100%
get_HasAcknowledgmentReference()	100%	1	1	100%
get_HasHandshakeReference()	100%	1	1	100%
get_HasMetadata()	100%	1	1	100%
Create(...)	100%	1	1	100%
NormalizeScopes(...)	100%	2	2	100%
NormalizeMetadata(...)	100%	14	14	100%
NormalizeOptional(...)	100%	2	2	100%

File(s)

/home/runner/work/AsiBackbone/AsiBackbone/src/AsiBackbone.Core/CapabilityTokens/CapabilityTokenGrant.cs

#	Line	Line coverage
	`1`	`using System.Collections.ObjectModel;`
	`2`	`using AsiBackbone.Core.Serialization;`
	`3`
	`4`	`namespace AsiBackbone.Core.CapabilityTokens;`
	`5`
	`6`	`/// <summary>`
	`7`	`/// Represents a provider-neutral, short-lived capability grant for follow-on governed execution.`
	`8`	`/// </summary>`
	`9`	`/// <remarks>`
	`10`	`/// The grant is a metadata model, not a bearer-token format. Hosts decide how this grant is serialized,`
	`11`	`/// transported, protected, and bound to their authentication and authorization systems.`
	`12`	`/// </remarks>`
	`13`	`public sealed class CapabilityTokenGrant`
	`14`	`{`
1	`15`	`private static readonly ReadOnlyCollection<string> EmptyScopes =`
1	`16`	`Array.AsReadOnly(Array.Empty<string>());`
	`17`
1	`18`	`private static readonly IReadOnlyDictionary<string, string> EmptyMetadata =`
1	`19`	`new ReadOnlyDictionary<string, string>(`
1	`20`	`new Dictionary<string, string>(StringComparer.Ordinal));`
	`21`
42	`22`	`private CapabilityTokenGrant(`
42	`23`	`string tokenId,`
42	`24`	`string issuer,`
42	`25`	`string audience,`
42	`26`	`IReadOnlyList<string> scopes,`
42	`27`	`DateTimeOffset issuedUtc,`
42	`28`	`DateTimeOffset? notBeforeUtc,`
42	`29`	`DateTimeOffset expiresUtc,`
42	`30`	`string? subjectId,`
42	`31`	`string? operationName,`
42	`32`	`string? policyVersion,`
42	`33`	`string? policyHash,`
42	`34`	`string? acknowledgmentId,`
42	`35`	`string? handshakeId,`
42	`36`	`string? gatewayBinding,`
42	`37`	`string? resourceBinding,`
42	`38`	`IReadOnlyDictionary<string, string> metadata,`
42	`39`	`string? schemaVersion)`
	`40`	`{`
42	`41`	`ArgumentException.ThrowIfNullOrWhiteSpace(tokenId);`
42	`42`	`ArgumentException.ThrowIfNullOrWhiteSpace(issuer);`
42	`43`	`ArgumentException.ThrowIfNullOrWhiteSpace(audience);`
42	`44`	`ArgumentNullException.ThrowIfNull(scopes);`
	`45`
42	`46`	`if (scopes.Count == 0)`
	`47`	`{`
1	`48`	`throw new ArgumentException("At least one capability scope is required.", nameof(scopes));`
	`49`	`}`
	`50`
41	`51`	`DateTimeOffset normalizedIssuedUtc = issuedUtc.ToUniversalTime();`
41	`52`	`DateTimeOffset? normalizedNotBeforeUtc = notBeforeUtc?.ToUniversalTime();`
41	`53`	`DateTimeOffset normalizedExpiresUtc = expiresUtc.ToUniversalTime();`
	`54`
41	`55`	`if (normalizedNotBeforeUtc.HasValue && normalizedNotBeforeUtc.Value > normalizedExpiresUtc)`
	`56`	`{`
1	`57`	`throw new ArgumentOutOfRangeException(nameof(notBeforeUtc), notBeforeUtc, "Not-before time must be earlier t`
	`58`	`}`
	`59`
40	`60`	`if (normalizedIssuedUtc > normalizedExpiresUtc)`
	`61`	`{`
1	`62`	`throw new ArgumentOutOfRangeException(nameof(expiresUtc), expiresUtc, "Expiration time must be later than or`
	`63`	`}`
	`64`
39	`65`	`TokenId = tokenId.Trim();`
39	`66`	`Issuer = issuer.Trim();`
39	`67`	`Audience = audience.Trim();`
39	`68`	`Scopes = scopes;`
39	`69`	`IssuedUtc = normalizedIssuedUtc;`
39	`70`	`NotBeforeUtc = normalizedNotBeforeUtc;`
39	`71`	`ExpiresUtc = normalizedExpiresUtc;`
39	`72`	`SubjectId = NormalizeOptional(subjectId);`
39	`73`	`OperationName = NormalizeOptional(operationName);`
39	`74`	`PolicyVersion = NormalizeOptional(policyVersion);`
39	`75`	`PolicyHash = NormalizeOptional(policyHash);`
39	`76`	`AcknowledgmentId = NormalizeOptional(acknowledgmentId);`
39	`77`	`HandshakeId = NormalizeOptional(handshakeId);`
39	`78`	`GatewayBinding = NormalizeOptional(gatewayBinding);`
39	`79`	`ResourceBinding = NormalizeOptional(resourceBinding);`
39	`80`	`Metadata = metadata;`
39	`81`	`SchemaVersion = AsiBackboneSchemaVersions.Normalize(schemaVersion);`
39	`82`	`}`
	`83`
	`84`	`/// <summary>`
	`85`	`/// Gets the stable grant identifier used for validation and replay checks.`
	`86`	`/// </summary>`
120	`87`	`public string TokenId { get; }`
	`88`
	`89`	`/// <summary>`
	`90`	`/// Gets the issuer that created the grant.`
	`91`	`/// </summary>`
93	`92`	`public string Issuer { get; }`
	`93`
	`94`	`/// <summary>`
	`95`	`/// Gets the intended audience for the grant.`
	`96`	`/// </summary>`
92	`97`	`public string Audience { get; }`
	`98`
	`99`	`/// <summary>`
	`100`	`/// Gets the least-privilege scopes carried by the grant.`
	`101`	`/// </summary>`
53	`102`	`public IReadOnlyList<string> Scopes { get; }`
	`103`
	`104`	`/// <summary>`
	`105`	`/// Gets the UTC timestamp when the grant was issued.`
	`106`	`/// </summary>`
1	`107`	`public DateTimeOffset IssuedUtc { get; }`
	`108`
	`109`	`/// <summary>`
	`110`	`/// Gets the UTC timestamp before which the grant is not valid.`
	`111`	`/// </summary>`
23	`112`	`public DateTimeOffset? NotBeforeUtc { get; }`
	`113`
	`114`	`/// <summary>`
	`115`	`/// Gets the UTC timestamp when the grant expires.`
	`116`	`/// </summary>`
54	`117`	`public DateTimeOffset ExpiresUtc { get; }`
	`118`
	`119`	`/// <summary>`
	`120`	`/// Gets the host-defined subject identifier, when supplied.`
	`121`	`/// </summary>`
2	`122`	`public string? SubjectId { get; }`
	`123`
	`124`	`/// <summary>`
	`125`	`/// Gets the operation name or action family the grant is intended to authorize.`
	`126`	`/// </summary>`
2	`127`	`public string? OperationName { get; }`
	`128`
	`129`	`/// <summary>`
	`130`	`/// Gets the policy version bound to the grant, when supplied.`
	`131`	`/// </summary>`
55	`132`	`public string? PolicyVersion { get; }`
	`133`
	`134`	`/// <summary>`
	`135`	`/// Gets the policy hash bound to the grant, when supplied.`
	`136`	`/// </summary>`
54	`137`	`public string? PolicyHash { get; }`
	`138`
	`139`	`/// <summary>`
	`140`	`/// Gets the acknowledgment identifier bound to the grant, when supplied.`
	`141`	`/// </summary>`
53	`142`	`public string? AcknowledgmentId { get; }`
	`143`
	`144`	`/// <summary>`
	`145`	`/// Gets the handshake identifier bound to the grant, when supplied.`
	`146`	`/// </summary>`
51	`147`	`public string? HandshakeId { get; }`
	`148`
	`149`	`/// <summary>`
	`150`	`/// Gets the optional gateway binding used to limit execution context.`
	`151`	`/// </summary>`
13	`152`	`public string? GatewayBinding { get; }`
	`153`
	`154`	`/// <summary>`
	`155`	`/// Gets the optional resource binding used to limit the target resource.`
	`156`	`/// </summary>`
48	`157`	`public string? ResourceBinding { get; }`
	`158`
	`159`	`/// <summary>`
	`160`	`/// Gets the canonical schema version for this grant.`
	`161`	`/// </summary>`
33	`162`	`public string SchemaVersion { get; }`
	`163`
	`164`	`/// <summary>`
	`165`	`/// Gets provider-neutral metadata carried with the grant.`
	`166`	`/// </summary>`
6	`167`	`public IReadOnlyDictionary<string, string> Metadata { get; }`
	`168`
	`169`	`/// <summary>`
	`170`	`/// Gets a value indicating whether an acknowledgment reference is present.`
	`171`	`/// </summary>`
3	`172`	`public bool HasAcknowledgmentReference => AcknowledgmentId is not null;`
	`173`
	`174`	`/// <summary>`
	`175`	`/// Gets a value indicating whether a handshake reference is present.`
	`176`	`/// </summary>`
2	`177`	`public bool HasHandshakeReference => HandshakeId is not null;`
	`178`
	`179`	`/// <summary>`
	`180`	`/// Gets a value indicating whether additional metadata is present.`
	`181`	`/// </summary>`
2	`182`	`public bool HasMetadata => Metadata.Count > 0;`
	`183`
	`184`	`/// <summary>`
	`185`	`/// Creates a provider-neutral capability grant.`
	`186`	`/// </summary>`
	`187`	`public static CapabilityTokenGrant Create(`
	`188`	`string tokenId,`
	`189`	`string issuer,`
	`190`	`string audience,`
	`191`	`IEnumerable<string> scopes,`
	`192`	`DateTimeOffset issuedUtc,`
	`193`	`DateTimeOffset expiresUtc,`
	`194`	`DateTimeOffset? notBeforeUtc = null,`
	`195`	`string? subjectId = null,`
	`196`	`string? operationName = null,`
	`197`	`string? policyVersion = null,`
	`198`	`string? policyHash = null,`
	`199`	`string? acknowledgmentId = null,`
	`200`	`string? handshakeId = null,`
	`201`	`string? gatewayBinding = null,`
	`202`	`string? resourceBinding = null,`
	`203`	`IReadOnlyDictionary<string, string>? metadata = null,`
	`204`	`string? schemaVersion = null)`
	`205`	`{`
43	`206`	`return new CapabilityTokenGrant(`
43	`207`	`tokenId,`
43	`208`	`issuer,`
43	`209`	`audience,`
43	`210`	`NormalizeScopes(scopes),`
43	`211`	`issuedUtc,`
43	`212`	`notBeforeUtc,`
43	`213`	`expiresUtc,`
43	`214`	`subjectId,`
43	`215`	`operationName,`
43	`216`	`policyVersion,`
43	`217`	`policyHash,`
43	`218`	`acknowledgmentId,`
43	`219`	`handshakeId,`
43	`220`	`gatewayBinding,`
43	`221`	`resourceBinding,`
43	`222`	`NormalizeMetadata(metadata),`
43	`223`	`schemaVersion);`
	`224`	`}`
	`225`
	`226`	`private static ReadOnlyCollection<string> NormalizeScopes(IEnumerable<string> scopes)`
	`227`	`{`
43	`228`	`ArgumentNullException.ThrowIfNull(scopes);`
	`229`
42	`230`	`string[] normalizedScopes = [.. scopes`
49	`231`	`.Where(scope => !string.IsNullOrWhiteSpace(scope))`
46	`232`	`.Select(scope => scope.Trim())`
42	`233`	`.Distinct(StringComparer.Ordinal)`
49	`234`	`.OrderBy(scope => scope, StringComparer.Ordinal)];`
	`235`
42	`236`	`return normalizedScopes.Length == 0`
42	`237`	`? EmptyScopes`
42	`238`	`: Array.AsReadOnly(normalizedScopes);`
	`239`	`}`
	`240`
	`241`	`private static IReadOnlyDictionary<string, string> NormalizeMetadata(`
	`242`	`IReadOnlyDictionary<string, string>? metadata)`
	`243`	`{`
42	`244`	`if (metadata is null \|\| metadata.Count == 0)`
	`245`	`{`
40	`246`	`return EmptyMetadata;`
	`247`	`}`
	`248`
2	`249`	`Dictionary<string, string> normalizedMetadata = new(StringComparer.Ordinal);`
	`250`
12	`251`	`foreach (KeyValuePair<string, string> item in metadata)`
	`252`	`{`
4	`253`	`if (string.IsNullOrWhiteSpace(item.Key))`
	`254`	`{`
	`255`	`continue;`
	`256`	`}`
	`257`
2	`258`	`normalizedMetadata[item.Key.Trim()] = item.Value?.Trim() ?? string.Empty;`
	`259`	`}`
	`260`
2	`261`	`return normalizedMetadata.Count == 0`
2	`262`	`? EmptyMetadata`
2	`263`	`: new ReadOnlyDictionary<string, string>(normalizedMetadata);`
	`264`	`}`
	`265`
	`266`	`private static string? NormalizeOptional(string? value)`
	`267`	`{`
312	`268`	`return string.IsNullOrWhiteSpace(value)`
312	`269`	`? null`
312	`270`	`: value.Trim();`
	`271`	`}`
	`272`	`}`

< Summary

Metrics

File(s)

/home/runner/work/AsiBackbone/AsiBackbone/src/AsiBackbone.Core/CapabilityTokens/CapabilityTokenGrant.cs

Methods/Properties