vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-16 13:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

test: tighten external oauth assertions

Browse Source
This commit is contained in:
Peter Steinberger
2026-05-09 18:32:31 +01:00
parent a0262c33d0
commit 8be0c72e97
1 changed files with 35 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/agents/auth-profiles/external-oauth.test.ts
View File

@@ -40,6 +40,17 @@ function createUsableOAuthExpiry(): number {
return Date.now() + 30 * 60 * 1000;
}
function requireRecord(value: unknown, label: string): Record<string, unknown> {
if (!value || typeof value !== "object") {
throw new Error(`expected ${label}`);
}
return value as Record<string, unknown>;
}
function requireProfile(store: AuthProfileStore, profileId: string): Record<string, unknown> {
return requireRecord(store.profiles[profileId], profileId);
}
describe("auth external oauth helpers", () => {
beforeEach(() => {
resolveExternalAuthProfilesWithPluginsMock.mockReset();
@@ -63,11 +74,10 @@ describe("auth external oauth helpers", () => {
const store = overlayExternalOAuthProfiles(createStore());
expect(store.profiles["openai-codex:default"]).toMatchObject({
type: "oauth",
provider: "openai-codex",
access: "access-token",
});
const profile = requireProfile(store, "openai-codex:default");
expect(profile.type).toBe("oauth");
expect(profile.provider).toBe("openai-codex");
expect(profile.access).toBe("access-token");
});
it("passes config and CLI scope through overlay resolution", () => {
@@ -84,12 +94,12 @@ describe("auth external oauth helpers", () => {
externalCliProviderIds: ["openai-codex"],
});
expect(resolveExternalAuthProfilesWithPluginsMock).toHaveBeenCalledWith(
expect.objectContaining({
config: cfg,
context: expect.objectContaining({ config: cfg }),
}),
const resolveParams = requireRecord(
resolveExternalAuthProfilesWithPluginsMock.mock.calls[0]?.[0],
"resolve external auth params",
);
expect(resolveParams.config).toBe(cfg);
expect(requireRecord(resolveParams.context, "resolve context").config).toBe(cfg);
expect(readCodexCliCredentialsCachedMock).toHaveBeenCalledTimes(1);
});
@@ -169,11 +179,10 @@ describe("auth external oauth helpers", () => {
}),
);
expect(overlaid.profiles["openai-codex:default"]).toMatchObject({
access: "stale-store-access-token",
refresh: "stale-store-refresh-token",
accountId: "acct-cli",
});
const profile = requireProfile(overlaid, "openai-codex:default");
expect(profile.access).toBe("stale-store-access-token");
expect(profile.refresh).toBe("stale-store-refresh-token");
expect(profile.accountId).toBe("acct-cli");
});
it("keeps healthy local oauth even when external cli has a fresher token", () => {
@@ -195,10 +204,9 @@ describe("auth external oauth helpers", () => {
}),
);
expect(overlaid.profiles["openai-codex:default"]).toMatchObject({
access: "healthy-local-access-token",
refresh: "healthy-local-refresh-token",
});
const profile = requireProfile(overlaid, "openai-codex:default");
expect(profile.access).toBe("healthy-local-access-token");
expect(profile.refresh).toBe("healthy-local-refresh-token");
});
it("keeps explicit local non-oauth auth over external cli oauth overlays", () => {
@@ -220,11 +228,10 @@ describe("auth external oauth helpers", () => {
}),
);
expect(overlaid.profiles["openai-codex:default"]).toMatchObject({
type: "api_key",
provider: "openai-codex",
key: "sk-local",
});
const profile = requireProfile(overlaid, "openai-codex:default");
expect(profile.type).toBe("api_key");
expect(profile.provider).toBe("openai-codex");
expect(profile.key).toBe("sk-local");
});
it("keeps expired local oauth when external cli belongs to a different account", () => {
@@ -248,10 +255,9 @@ describe("auth external oauth helpers", () => {
}),
);
expect(overlaid.profiles["openai-codex:default"]).toMatchObject({
access: "expired-local-access-token",
refresh: "expired-local-refresh-token",
accountId: "acct-local",
});
const profile = requireProfile(overlaid, "openai-codex:default");
expect(profile.access).toBe("expired-local-access-token");
expect(profile.refresh).toBe("expired-local-refresh-token");
expect(profile.accountId).toBe("acct-local");
});
});