vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 15:30:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

test(openai): add docker image auth e2e

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-23 23:12:46 +01:00
parent f523bbfcd1
commit 467fcb1791
9 changed files with 332 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

247
scripts/e2e/openai-image-auth-docker-client.ts Normal file
View File

@@ -0,0 +1,247 @@
import http from "node:http";
import type { AddressInfo } from "node:net";
const DIRECT_IMAGE_BYTES = Buffer.from("docker-direct-image");
const CODEX_IMAGE_BYTES = Buffer.from("docker-codex-image");
const DIRECT_TOKEN = "sk-openclaw-image-auth-e2e";
const CODEX_TOKEN = "docker-codex-oauth-token";
type RequestRecord = {
method?: string;
url?: string;
authorization?: string;
accept?: string;
contentType?: string;
body: string;
};
function assert(condition: unknown, message: string): asserts condition {
if (!condition) {
throw new Error(message);
}
}
function readBody(req: http.IncomingMessage): Promise<string> {
return new Promise((resolve, reject) => {
let body = "";
req.setEncoding("utf8");
req.on("data", (chunk) => {
body += chunk;
});
req.on("end", () => resolve(body));
req.on("error", reject);
});
}
function writeJson(res: http.ServerResponse, status: number, body: unknown): void {
res.writeHead(status, { "content-type": "application/json" });
res.end(JSON.stringify(body));
}
function writeCodexSse(res: http.ServerResponse): void {
const events = [
{
type: "response.output_item.done",
item: {
type: "image_generation_call",
result: CODEX_IMAGE_BYTES.toString("base64"),
revised_prompt: "docker codex revised prompt",
},
},
{
type: "response.completed",
response: {
usage: { input_tokens: 1, output_tokens: 2, total_tokens: 3 },
tool_usage: { image_gen: { total_tokens: 3 } },
},
},
];
res.writeHead(200, { "content-type": "text/event-stream" });
for (const event of events) {
res.write(`data: ${JSON.stringify(event)}\n\n`);
}
res.end("data: [DONE]\n\n");
}
async function startMockServer(records: RequestRecord[]): Promise<{
baseUrl: string;
close: () => Promise<void>;
}> {
const server = http.createServer(async (req, res) => {
try {
const body = await readBody(req);
records.push({
method: req.method,
url: req.url,
authorization: req.headers.authorization,
accept: req.headers.accept,
contentType: req.headers["content-type"],
body,
});
if (req.method === "POST" && req.url === "/v1/images/generations") {
assert(
req.headers.authorization === `Bearer ${DIRECT_TOKEN}`,
`direct image route used wrong auth: ${req.headers.authorization}`,
);
const parsed = JSON.parse(body) as { model?: string; prompt?: string; size?: string };
assert(parsed.model === "gpt-image-2", `direct route model mismatch: ${body}`);
assert(
parsed.prompt === "docker direct image auth",
`direct route prompt mismatch: ${body}`,
);
assert(parsed.size === "1024x1024", `direct route size mismatch: ${body}`);
writeJson(res, 200, {
data: [
{
b64_json: DIRECT_IMAGE_BYTES.toString("base64"),
revised_prompt: "docker direct revised prompt",
},
],
});
return;
}
if (req.method === "POST" && req.url === "/backend-api/codex/responses") {
assert(
req.headers.authorization === `Bearer ${CODEX_TOKEN}`,
`codex image route used wrong auth: ${req.headers.authorization}`,
);
const parsed = JSON.parse(body) as {
tools?: Array<{ type?: string; model?: string; size?: string }>;
input?: Array<{ content?: Array<{ type?: string; text?: string }> }>;
};
assert(
parsed.tools?.[0]?.type === "image_generation" &&
parsed.tools[0].model === "gpt-image-2" &&
parsed.tools[0].size === "1024x1024",
`codex image tool mismatch: ${body}`,
);
assert(
parsed.input?.[0]?.content?.some(
(entry) =>
entry.type === "input_text" && entry.text === "docker codex oauth image auth",
),
`codex prompt missing: ${body}`,
);
writeCodexSse(res);
return;
}
writeJson(res, 404, { error: `unexpected ${req.method} ${req.url}` });
} catch (error) {
writeJson(res, 500, { error: String(error instanceof Error ? error.message : error) });
}
});
await new Promise<void>((resolve) => {
server.listen(0, "127.0.0.1", resolve);
});
const address = server.address() as AddressInfo;
return {
baseUrl: `http://127.0.0.1:${address.port}`,
close: () =>
new Promise<void>((resolve, reject) => {
server.close((error) => (error ? reject(error) : resolve()));
}),
};
}
function createCodexOAuthStore() {
return {
version: 1,
profiles: {
"openai-codex:default": {
type: "oauth",
provider: "openai-codex",
access: CODEX_TOKEN,
refresh: "docker-codex-refresh-token",
expires: Date.now() + 60 * 60 * 1000,
},
},
} as const;
}
async function main() {
assert(
process.env.OPENAI_API_KEY === DIRECT_TOKEN,
"Docker lane must expose the direct OpenAI API key",
);
const records: RequestRecord[] = [];
const mock = await startMockServer(records);
try {
const { buildOpenAIImageGenerationProvider } =
await import("../../dist/extensions/openai/image-generation-provider.js");
const provider = buildOpenAIImageGenerationProvider();
const directResult = await provider.generateImage({
provider: "openai",
model: "gpt-image-2",
prompt: "docker direct image auth",
cfg: {
models: {
providers: {
openai: {
baseUrl: `${mock.baseUrl}/v1`,
request: { allowPrivateNetwork: true },
models: [],
},
},
},
},
});
assert(
directResult.images?.[0]?.buffer?.equals(DIRECT_IMAGE_BYTES),
"direct image route did not return expected bytes",
);
assert(
records.some((entry) => entry.url === "/v1/images/generations"),
"direct image route was not called",
);
records.length = 0;
const codexResult = await provider.generateImage({
provider: "openai",
model: "gpt-image-2",
prompt: "docker codex oauth image auth",
cfg: {
models: {
providers: {
"openai-codex": {
baseUrl: `${mock.baseUrl}/backend-api/codex`,
api: "openai-codex-responses",
request: { allowPrivateNetwork: true },
models: [],
},
},
},
},
authStore: createCodexOAuthStore(),
});
assert(
codexResult.images?.[0]?.buffer?.equals(CODEX_IMAGE_BYTES),
"Codex OAuth image route did not return expected bytes",
);
assert(
records.some((entry) => entry.url === "/backend-api/codex/responses"),
"Codex OAuth image route was not called",
);
assert(
!records.some((entry) => entry.url === "/v1/images/generations"),
"Codex OAuth image route fell back to the direct OpenAI API key",
);
process.stdout.write(
JSON.stringify({
ok: true,
routes: records.map((entry) => entry.url),
directBytes: directResult.images[0]?.buffer.length,
codexBytes: codexResult.images[0]?.buffer.length,
}) + "\n",
);
} finally {
await mock.close();
}
}
await main();

26
scripts/e2e/openai-image-auth-docker.sh Normal file
View File

@@ -0,0 +1,26 @@
#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
source "$ROOT_DIR/scripts/lib/docker-e2e-image.sh"
IMAGE_NAME="$(docker_e2e_resolve_image "openclaw-openai-image-auth-e2e" OPENCLAW_OPENAI_IMAGE_AUTH_E2E_IMAGE)"
SKIP_BUILD="${OPENCLAW_OPENAI_IMAGE_AUTH_E2E_SKIP_BUILD:-0}"
docker_e2e_build_or_reuse "$IMAGE_NAME" openai-image-auth "$ROOT_DIR/scripts/e2e/Dockerfile" "$ROOT_DIR" "" "$SKIP_BUILD"
echo "Running OpenAI image auth Docker E2E..."
run_logged openai-image-auth docker run --rm \
-e "OPENAI_API_KEY=sk-openclaw-image-auth-e2e" \
-e "OPENCLAW_QA_ALLOW_LOCAL_IMAGE_PROVIDER=1" \
-i "$IMAGE_NAME" bash -lc '
set -euo pipefail
export HOME="$(mktemp -d "/tmp/openclaw-openai-image-auth.XXXXXX")"
export OPENCLAW_STATE_DIR="$HOME/.openclaw"
export OPENCLAW_SKIP_CHANNELS=1
export OPENCLAW_SKIP_GMAIL_WATCHER=1
export OPENCLAW_SKIP_CRON=1
export OPENCLAW_SKIP_CANVAS_HOST=1
node --import tsx scripts/e2e/openai-image-auth-docker-client.ts
'