Add comprehensive test infrastructure and critical service tests

This commit establishes a robust testing foundation and adds comprehensive
tests for critical authentication and authorization services.

Test Infrastructure:
- Created modular test configuration system with BaseTestConfiguration
- Added custom test annotations (@servicetest, @IntegrationTEST, etc.)
- Implemented test data builders for User, Role, and Token entities
- Set up H2 in-memory database for integration testing
- Created mock email service for testing email functionality
- Added OAuth2/OIDC test configuration with mock providers
- Verified all infrastructure with dedicated test suite

Service Tests Added:
- DSUserDetailsService: 18 tests (10 unit + 8 integration)
  - User loading, OAuth2 integration, account states
  - Lazy loading, transactional behavior, edge cases
- AuthorityService: 23 tests (15 unit + 8 integration)
  - Role/privilege to GrantedAuthority conversion
  - Deduplication, null handling, performance tests
  - Configuration-based role hierarchy testing

Test Plan:
- Created TESTPLAN.md documenting overall testing strategy
- Created TESTNEXTTASKS.md with 4-phase improvement plan
- Target: Increase coverage from 27% to 80%+

All tests passing on JDK 17 and 21.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

Author: devondragon

TESTNEXTTASKS.md

@@ -0,0 +1,326 @@
+# Spring User Framework - Comprehensive Test Improvement Plan
+
+## Executive Summary
+This plan addresses the critical need to improve test coverage from the current 27% to 80%+ for the Spring User Framework library. The strategy focuses on systematic implementation of meaningful tests that validate real functionality rather than just mocking behavior.
+
+## Current State Analysis
+- **Overall Coverage**: 27% (Critical Gap)
+- **Service Layer**: Minimal coverage with only UserService partially tested
+- **Controller Layer**: No test coverage
+- **Security Components**: Untested (High Risk)
+- **Event System**: No test coverage
+
+## Test Infrastructure Foundation (Completed)
+```
+[✓] Test Directory Structure
+[✓] BaseTestConfiguration with common beans
+[✓] SecurityTestConfiguration for auth testing  
+[✓] DatabaseTestConfiguration with H2
+[✓] OAuth2TestConfiguration for OAuth2/OIDC
+[✓] Test Data Builders (User, Role, Token)
+[✓] Custom Test Annotations (@ServiceTest, @IntegrationTest)
+[✓] Mock Email Infrastructure
+```
+
+---
+
+## PHASE 1: Critical Security & Authentication Components
+
+### 1. DSUserDetailsService Testing
+**Priority**: CRITICAL - Authentication Foundation
+
+#### Test Cases:
+```
+1. loadUserByUsername() Tests:
+   - Valid email returns DSUserDetails
+   - Non-existent email throws UsernameNotFoundException
+   - Locked account returns user with locked status
+   - Unverified account returns user with disabled status
+   - User with multiple roles loads all authorities
+
+2. OAuth2 Integration Tests:
+   - loadUser() with OAuth2 token creates new user
+   - loadUser() links OAuth2 to existing email
+   - loadUser() updates existing OAuth2 user info
+   - Different providers (Google, GitHub) handled correctly
+
+3. OIDC Integration Tests:
+   - OidcUser creation from ID token
+   - Claims mapping to user attributes
+   - Email verification from OIDC claims
+
+4. Security Context Tests:
+   - Authorities properly mapped
+   - Custom attributes preserved
+   - Session management integration
+```
+
+### 2. AuthorityService Testing
+**Priority**: CRITICAL - Authorization Foundation
+
+#### Test Structure:
+```
+Role Management:
+├── createRole()
+├── updateRole()
+├── deleteRole()
+├── findRoleByName()
+└── getAllRoles()
+
+Authority Assignment:
+├── assignRoleToUser()
+├── removeRoleFromUser()
+├── getUserRoles()
+└── getUsersWithRole()
+
+Authority Checking:
+├── hasRole()
+├── hasAnyRole()
+├── hasAllRoles()
+└── isAdmin()
+```
+
+### 3. AuthController Testing
+**Priority**: HIGH - Entry Point Security
+
+#### Endpoint Tests:
+```
+Authentication Flow:
+├── POST /login
+│   ├── Valid credentials → Success
+│   ├── Invalid credentials → 401
+│   ├── Locked account → 423
+│   └── Unverified account → 403
+├── POST /logout
+│   └── Session invalidation
+└── OAuth2 /oauth2/authorization/{provider}
+    ├── Redirect handling
+    └── Callback processing
+```
+
+### 4. LoginAttemptService Testing
+**Priority**: HIGH - Brute Force Protection
+
+#### Test Scenarios:
+```
+Attempt Tracking:
+├── Failed attempts increment counter
+├── Successful login resets counter
+├── Account locks after max attempts
+└── IP-based tracking for distributed attacks
+```
+
+---
+
+## PHASE 2: User Management Components
+
+### 5. UserService Enhancement
+**Current**: 6 tests passing
+**Target**: Comprehensive coverage
+
+#### Additional Tests Needed:
+```
+User Lifecycle:
+├── createUser() with all validation rules
+├── updateUser() with partial updates
+├── deleteUser() soft delete
+├── findByEmail() edge cases
+├── Password management scenarios
+└── Account state transitions
+```
+
+### 6. RegistrationController Testing
+**Priority**: HIGH - User Onboarding
+
+#### Test Flow:
+```
+Registration Process:
+├── POST /user/registration
+│   ├── Valid registration → User created
+│   ├── Duplicate email → 409
+│   └── Invalid data → 400
+├── GET /user/registration/confirm
+│   ├── Valid token → Account activated
+│   ├── Expired token → Error
+│   └── Invalid token → 404
+└── Password Reset Flow
+    ├── Request reset → Email sent
+    └── Reset with token → Password changed
+```
+
+### 7. UserController Testing
+**Priority**: MEDIUM - User Features
+
+#### Endpoints:
+```
+Profile Management:
+├── GET /user/profile → User data
+├── PUT /user/profile → Update profile
+├── DELETE /user/account → Soft delete
+└── Security validation on all endpoints
+```
+
+### 8. PasswordResetTokenService Testing
+**Priority**: MEDIUM - Account Recovery
+
+#### Token Lifecycle:
+```
+Token Management:
+├── Token generation with entropy
+├── Token validation and expiry
+├── One-time use enforcement
+└── Concurrent token handling
+```
+
+---
+
+## PHASE 3: Communication & Event System
+
+### 9. UserEmailService Testing
+**Priority**: HIGH - User Communication
+
+#### Email Scenarios:
+```
+Email Types:
+├── Registration Confirmation
+│   ├── Correct token in URL
+│   ├── User data in template
+│   └── HTML/Text formats
+├── Password Reset
+│   ├── Secure token handling
+│   └── Expiration notice
+├── Account Status
+│   ├── Account locked notification
+│   ├── Account unlocked notification
+│   └── Welcome after verification
+└── Infrastructure
+    ├── Template rendering
+    ├── Error handling
+    └── Mock mail verification
+```
+
+### 10. Event System Testing
+**Priority**: MEDIUM - Async Processing
+
+#### Event Types:
+```
+Event Publishing:
+├── UserRegistrationEvent
+├── PasswordResetEvent
+├── LoginEvent (success/failure)
+├── AccountLockEvent
+└── Transactional consistency
+```
+
+---
+
+## PHASE 4: Integration & Quality Assurance
+
+### 11. Security Integration Tests
+**Priority**: HIGH - Cross-cutting Concerns
+
+#### Security Scenarios:
+```
+Security Features:
+├── Method-level @PreAuthorize
+├── CSRF protection validation
+├── Session management
+├── Remember-me functionality
+└── Concurrent session control
+```
+
+### 12. Data Validation & Edge Cases
+**Priority**: MEDIUM - Robustness
+
+#### Validation Tests:
+```
+Input Validation:
+├── Bean validation on DTOs
+├── Custom validators
+├── XSS prevention
+├── SQL injection prevention
+└── Edge case handling
+```
+
+---
+
+## Implementation Strategy
+
+### Test Generation Workflow
+```
+For Each Component:
+1. Analyze with zen testgen
+   └── Provide: Interface + Implementation + DTOs
+2. Generate comprehensive tests
+   └── Review and enhance output
+3. Add integration layer
+   └── Test with real dependencies
+4. Verify quality metrics
+   └── Coverage + Meaningful assertions
+```
+
+### Quality Standards Checklist
+```
+[ ] Real implementations over mocks
+[ ] Database tests use @Transactional
+[ ] Clear, specific assertions
+[ ] Edge cases covered
+[ ] Security scenarios included
+[ ] No flaky tests
+[ ] Runs on JDK 17 & 21
+```
+
+### Success Metrics
+```
+Coverage Targets:
+├── Service Layer: 90%+
+├── Controllers: 85%+
+├── Security: 95%+
+└── Overall: 80%+
+
+Execution Standards:
+├── Total runtime < 5 minutes
+├── Zero flaky tests
+└── Deterministic results
+```
+
+---
+
+## Immediate Next Steps
+
+1. **Begin with DSUserDetailsService**
+   - Implement 13 identified test cases
+   - Use zen testgen for comprehensive coverage
+   - Establish patterns for remaining services
+
+2. **Create Test Utilities**
+   - Authentication test helpers
+   - Security context builders
+   - Enhanced OAuth2 mocks
+
+3. **Document Patterns**
+   - Test structure standards
+   - Naming conventions
+   - Assertion patterns
+
+## Progress Tracking
+
+### Phase 1 Progress
+- [x] DSUserDetailsService Tests (Completed - Unit & Integration)
+- [x] AuthorityService Tests (Completed - Unit & Integration)
+- [ ] AuthController Tests
+- [ ] LoginAttemptService Tests
+
+### Phase 2 Progress
+- [ ] UserService Enhancement
+- [ ] RegistrationController Tests
+- [ ] UserController Tests
+- [ ] PasswordResetTokenService Tests
+
+### Phase 3 Progress
+- [ ] UserEmailService Tests
+- [ ] Event System Tests
+
+### Phase 4 Progress
+- [ ] Security Integration Tests
+- [ ] Data Validation Tests