Skip to content

Remove username password integration test #5544

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Oct 27, 2025
Merged

Remove username password integration test #5544

merged 7 commits into from
Oct 27, 2025

Conversation

@RyAuld
Copy link
Contributor

@RyAuld RyAuld commented Oct 23, 2025

Summary
Removes username/password integration tests that use the deprecated Resource Owner Password Credentials (ROPC) flow.

Rationale

  • Deprecated API: The username/password authentication flow tested in this file uses ROPC, which is deprecated and not recommended for production use
  • Security Concerns: Deliberate test failures followed by successes may trigger Azure AD's spray attack detection, potentially marking test users as risky and generating security alerts
  • Build Reliability: These tests have been causing intermittent build failures due to authentication timing issues and account lockout policies
  • Impact
  • Improves build stability by removing flaky tests
  • Eliminates potential security alert noise from test authentication patterns
  • No loss of critical functionality testing since ROPC is deprecated
  • Files Changed

❌ Removed: UsernamePasswordIntegrationTests.NetFwk.cs

@RyAuld RyAuld requested a review from a team as a code owner October 23, 2025 18:23
trwalke
trwalke requested changes Oct 23, 2025
View reviewed changes
Copy link
Member

@trwalke trwalke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

verify if CCA scenario is needed.

@RyAuld RyAuld force-pushed the remove-username-password-integration-tests branch from 68fefb0 to d9ce14a Compare October 24, 2025 16:15
@RyAuld RyAuld requested a review from trwalke October 27, 2025 15:53
@RyAuld RyAuld merged commit 054a0a7 into main Oct 27, 2025
11 checks passed
@RyAuld RyAuld deleted the remove-username-password-integration-tests branch October 27, 2025 23:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bgavrilMS bgavrilMS bgavrilMS left review comments

@Avery-Dunn Avery-Dunn Avery-Dunn approved these changes

@trwalke trwalke trwalke approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@RyAuld @bgavrilMS @trwalke @Avery-Dunn