Refactor TestMode to enum, update config and services

EstateManagementUI.BlazorServer/Components/Layout/RoleSwitcher.razor

@@ -5,7 +5,7 @@
 @inject IPermissionService PermissionService
 @inject IPermissionKeyProvider PermissionKeyProvider
 
-@if (isTestMode)
+@if (testMode == TestMode.Full || testMode == TestMode.AuthenticationOnly)
 {
     <div class="relative">
         <button type="button" @onclick="ToggleDropdown" @onclick:stopPropagation 
@@ -56,7 +56,7 @@
 }
 
 @code {
-    private bool isTestMode;
+    private TestMode testMode;
     private string currentRole = "Administrator";
     private bool isDropdownOpen = false;
 
@@ -69,7 +69,11 @@
 
     protected override async Task OnInitializedAsync()
     {
-        isTestMode = Configuration.GetValue<bool>("AppSettings:TestMode", false);
+        //isTestMode = Configuration.GetValue<bool>("AppSettings:TestMode", false);
+        // Check if running in test mode
+        var testModeConfig = Configuration.GetValue<String>("AppSettings:TestMode", "Disabled");
+        // Convert to enum
+        testMode = Enum.Parse<TestMode>(testModeConfig, ignoreCase: true);
 
         // Get the actual current role from authentication
         var actualRole = await PermissionService.GetUserRoleAsync();
@@ -79,7 +83,7 @@
     protected override async Task OnParametersSetAsync()
     {
         // Update current role when parameters change (e.g., after navigation)
-        if (isTestMode)
+        if (testMode == TestMode.AuthenticationOnly || testMode == TestMode.Full)
         {
             var actualRole = await PermissionService.GetUserRoleAsync();
             if (!string.IsNullOrEmpty(actualRole))

EstateManagementUI.BlazorServer/Program.cs

@@ -49,7 +49,7 @@
 
         try
         {
             var certificate = new X509Certificate2(certificateFile, "password");
             Console.WriteLine($"Certificate loaded successfully. Subject: {certificate.Subject}");
             listenOptions.UseHttps(certificate);
         }
@@ -66,7 +66,10 @@
 JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
 
 // Check if running in test mode
-var testMode = builder.Configuration.GetValue<bool>("AppSettings:TestMode", false);
+var testModeConfig = builder.Configuration.GetValue<String>("AppSettings:TestMode", "Disabled");
+// Convert to enum
+var testMode = Enum.Parse<TestMode>(testModeConfig, ignoreCase: true);
+
 Console.WriteLine($"Application running in Test Mode: {testMode}");
 
 // Add services to the container.
@@ -83,7 +86,7 @@
 });
 
 // Configure authentication based on mode
-if (testMode)
+if (testMode == TestMode.AuthenticationOnly || testMode == TestMode.Full)
 {
     // Test mode: Use test authentication handler to bypass OIDC
     builder.Services.AddAuthentication(options =>
@@ -119,7 +122,7 @@
 
         // Use helper method to get adjusted addresses for integration testing
         var (authorityAddress, issuerAddress) = AuthenticationHelpers.GetSecurityServiceAddresses(
             authority, 
             securityServiceLocalPort, 
             securityServicePort);
 
@@ -167,6 +170,7 @@
             NameClaimType = "name",
             RoleClaimType = "role"
         };
+        options.ClaimActions.MapAllExcept("iss", "nbf", "exp", "aud", "nonce", "iat", "c_hash");
 
         // Set MetadataAddress to use the authority address
         options.MetadataAddress = $"{authorityAddress}/.well-known/openid-configuration";
@@ -200,7 +204,7 @@
 Console.WriteLine("Registered Permission services");
 
 // Register MediatR service based on test mode
-if (testMode)
+if (testMode == TestMode.BackedByTestDataStore || testMode == TestMode.Full)
 {
     Console.WriteLine("Registering TestMediatorService with in-memory test data store");
     builder.Services.AddSingleton<ITestDataStore, TestDataStore>();
@@ -236,13 +240,19 @@
     .AddInteractiveServerRenderMode();
 
 // Add login endpoint - behavior depends on test mode
-if (testMode)
+if (testMode == TestMode.AuthenticationOnly || testMode == TestMode.Full)
 {
     app.MapGet("/login", (HttpContext context) =>
     {
         // In test mode, redirect directly to home since authentication is automatic
         return Results.Redirect("/");
     }).AllowAnonymous();
+
+    app.MapGet("/logout", (HttpContext context) =>
+    {
+        // In test mode, just redirect to home
+        return Results.Redirect("/");
+    }).RequireAuthorization();
 }
 else
 {
@@ -260,19 +270,7 @@
             authenticationSchemes: new[] { OpenIdConnectDefaults.AuthenticationScheme }
         );
     }).AllowAnonymous();
-}
 
-// Add logout endpoint - behavior depends on test mode
-if (testMode)
-{
-    app.MapGet("/logout", (HttpContext context) =>
-    {
-        // In test mode, just redirect to home
-        return Results.Redirect("/");
-    }).RequireAuthorization();
-}
-else
-{
     app.MapGet("/logout", async (HttpContext context) =>
     {
         await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);
@@ -282,3 +280,11 @@
 }
 
 app.Run();
+
+
+enum TestMode {
+    Disabled,
+    AuthenticationOnly,
+    BackedByTestDataStore,
+    Full
+}

EstateManagementUI.BlazorServer/appsettings.json

@@ -9,13 +9,13 @@
   "AppSettings": {
     "SecurityServiceLocalPort": null,
     "SecurityServicePort": null,
-    "HttpClientIgnoreCertificateErrors": false,
-    "TestMode": true
+    "HttpClientIgnoreCertificateErrors": false,    
+    "TestMode": "BackedByTestDataStore"
   },
   "Authentication": {
     "Authority": "https://localhost:5001",
-    "ClientId": "estateUIClient",
-    "ClientSecret": "Secret1",
+    "ClientId": "managementUIClient",
+    "ClientSecret": "d192cbc46d834d0da90e8a9d50ded543",
     "CallbackPath": "/signin-oidc",
     "ResponseType": "code id_token",
     "Scopes": [