From 2d455987382e78b087a0b572677b6cc234a42c3e Mon Sep 17 00:00:00 2001
From: Peter Steinberger <steipete@gmail.com>
Date: Wed, 6 May 2026 01:45:43 +0100
Subject: [PATCH] test: trim duplicate local auth resolver cases

---
 src/agents/model-auth.test.ts | 78 +++++++++++++++++++----------------
 1 file changed, 42 insertions(+), 36 deletions(-)

diff --git a/src/agents/model-auth.test.ts b/src/agents/model-auth.test.ts
index a6489d7be74..22119367c5c 100644
--- a/src/agents/model-auth.test.ts
+++ b/src/agents/model-auth.test.ts
@@ -124,6 +124,7 @@ vi.mock("../plugins/provider-runtime.js", async () => {
 let applyAuthHeaderOverride: typeof import("./model-auth.js").applyAuthHeaderOverride;
 let applyLocalNoAuthHeaderOverride: typeof import("./model-auth.js").applyLocalNoAuthHeaderOverride;
 let hasUsableCustomProviderApiKey: typeof import("./model-auth.js").hasUsableCustomProviderApiKey;
+let hasSyntheticLocalProviderAuthConfig: typeof import("./model-auth.js").hasSyntheticLocalProviderAuthConfig;
 let requireApiKey: typeof import("./model-auth.js").requireApiKey;
 let resolveApiKeyForProvider: typeof import("./model-auth.js").resolveApiKeyForProvider;
 let resolveAwsSdkEnvVarName: typeof import("./model-auth.js").resolveAwsSdkEnvVarName;
@@ -140,6 +141,7 @@ beforeAll(async () => {
   ({
     applyAuthHeaderOverride,
     applyLocalNoAuthHeaderOverride,
+    hasSyntheticLocalProviderAuthConfig,
     hasUsableCustomProviderApiKey,
     requireApiKey,
     resolveApiKeyForProvider,
@@ -862,6 +864,33 @@ describe("resolveApiKeyForProvider", () => {
 });
 
 describe("resolveApiKeyForProvider – synthetic local auth for custom providers", () => {
+  it("recognizes local baseUrl variants for synthetic auth config", () => {
+    const localBaseUrls = [
+      "http://127.0.0.1:8080/v1",
+      "http://192.168.0.222:11434/v1",
+      "http://localhost:11434/v1",
+      "http://[::1]:8080/v1",
+      "http://0.0.0.0:11434/v1",
+      "http://[::ffff:127.0.0.1]:8080/v1",
+    ];
+
+    for (const baseUrl of localBaseUrls) {
+      expect(
+        hasSyntheticLocalProviderAuthConfig({
+          provider: "custom-local",
+          cfg: {
+            models: {
+              providers: {
+                "custom-local": createCustomProviderConfig(baseUrl),
+              },
+            },
+          },
+        }),
+        baseUrl,
+      ).toBe(true);
+    }
+  });
+
   it("synthesizes a local auth marker for custom providers with a local baseUrl and no apiKey", async () => {
     const auth = await resolveCustomProviderAuth(
       "custom-127-0-0-1-8080",
@@ -873,43 +902,20 @@ describe("resolveApiKeyForProvider – synthetic local auth for custom providers
     expect(auth.source).toContain("synthetic local key");
   });
 
-  it("synthesizes a local auth marker for private LAN custom providers with no apiKey", async () => {
-    const auth = await resolveCustomProviderAuth(
-      "custom-192-168-0-222-11434",
-      "http://192.168.0.222:11434/v1",
-      "qwen3.5:9b",
-      "Qwen 3.5 9B",
-    );
-    expect(auth.apiKey).toBe(CUSTOM_LOCAL_AUTH_MARKER);
-    expect(auth.source).toContain("synthetic local key");
-  });
-
-  it("synthesizes a local auth marker for localhost custom providers", async () => {
-    const auth = await resolveCustomProviderAuth("my-local", "http://localhost:11434/v1");
-    expect(auth.apiKey).toBe(CUSTOM_LOCAL_AUTH_MARKER);
-  });
-
-  it("synthesizes a local auth marker for IPv6 loopback (::1)", async () => {
-    const auth = await resolveCustomProviderAuth("my-ipv6", "http://[::1]:8080/v1");
-    expect(auth.apiKey).toBe(CUSTOM_LOCAL_AUTH_MARKER);
-  });
-
-  it("synthesizes a local auth marker for 0.0.0.0", async () => {
-    const auth = await resolveCustomProviderAuth(
-      "my-wildcard",
-      "http://0.0.0.0:11434/v1",
-      "qwen",
-      "Qwen",
-    );
-    expect(auth.apiKey).toBe(CUSTOM_LOCAL_AUTH_MARKER);
-  });
-
-  it("synthesizes a local auth marker for IPv4-mapped IPv6 (::ffff:127.0.0.1)", async () => {
-    const auth = await resolveCustomProviderAuth("my-mapped", "http://[::ffff:127.0.0.1]:8080/v1");
-    expect(auth.apiKey).toBe(CUSTOM_LOCAL_AUTH_MARKER);
-  });
-
   it("does not synthesize auth for remote custom providers without apiKey", async () => {
+    expect(
+      hasSyntheticLocalProviderAuthConfig({
+        provider: "my-remote",
+        cfg: {
+          models: {
+            providers: {
+              "my-remote": createCustomProviderConfig("https://api.example.com/v1"),
+            },
+          },
+        },
+      }),
+    ).toBe(false);
+
     await expect(
       resolveApiKeyForProvider({
         provider: "my-remote",