diff --git a/src/agents/auth-profiles/external-oauth.test.ts b/src/agents/auth-profiles/external-oauth.test.ts index a7dd746c6e5..2a772361b33 100644 --- a/src/agents/auth-profiles/external-oauth.test.ts +++ b/src/agents/auth-profiles/external-oauth.test.ts @@ -40,6 +40,17 @@ function createUsableOAuthExpiry(): number { return Date.now() + 30 * 60 * 1000; } +function requireRecord(value: unknown, label: string): Record { + if (!value || typeof value !== "object") { + throw new Error(`expected ${label}`); + } + return value as Record; +} + +function requireProfile(store: AuthProfileStore, profileId: string): Record { + return requireRecord(store.profiles[profileId], profileId); +} + describe("auth external oauth helpers", () => { beforeEach(() => { resolveExternalAuthProfilesWithPluginsMock.mockReset(); @@ -63,11 +74,10 @@ describe("auth external oauth helpers", () => { const store = overlayExternalOAuthProfiles(createStore()); - expect(store.profiles["openai-codex:default"]).toMatchObject({ - type: "oauth", - provider: "openai-codex", - access: "access-token", - }); + const profile = requireProfile(store, "openai-codex:default"); + expect(profile.type).toBe("oauth"); + expect(profile.provider).toBe("openai-codex"); + expect(profile.access).toBe("access-token"); }); it("passes config and CLI scope through overlay resolution", () => { @@ -84,12 +94,12 @@ describe("auth external oauth helpers", () => { externalCliProviderIds: ["openai-codex"], }); - expect(resolveExternalAuthProfilesWithPluginsMock).toHaveBeenCalledWith( - expect.objectContaining({ - config: cfg, - context: expect.objectContaining({ config: cfg }), - }), + const resolveParams = requireRecord( + resolveExternalAuthProfilesWithPluginsMock.mock.calls[0]?.[0], + "resolve external auth params", ); + expect(resolveParams.config).toBe(cfg); + expect(requireRecord(resolveParams.context, "resolve context").config).toBe(cfg); expect(readCodexCliCredentialsCachedMock).toHaveBeenCalledTimes(1); }); @@ -169,11 +179,10 @@ describe("auth external oauth helpers", () => { }), ); - expect(overlaid.profiles["openai-codex:default"]).toMatchObject({ - access: "stale-store-access-token", - refresh: "stale-store-refresh-token", - accountId: "acct-cli", - }); + const profile = requireProfile(overlaid, "openai-codex:default"); + expect(profile.access).toBe("stale-store-access-token"); + expect(profile.refresh).toBe("stale-store-refresh-token"); + expect(profile.accountId).toBe("acct-cli"); }); it("keeps healthy local oauth even when external cli has a fresher token", () => { @@ -195,10 +204,9 @@ describe("auth external oauth helpers", () => { }), ); - expect(overlaid.profiles["openai-codex:default"]).toMatchObject({ - access: "healthy-local-access-token", - refresh: "healthy-local-refresh-token", - }); + const profile = requireProfile(overlaid, "openai-codex:default"); + expect(profile.access).toBe("healthy-local-access-token"); + expect(profile.refresh).toBe("healthy-local-refresh-token"); }); it("keeps explicit local non-oauth auth over external cli oauth overlays", () => { @@ -220,11 +228,10 @@ describe("auth external oauth helpers", () => { }), ); - expect(overlaid.profiles["openai-codex:default"]).toMatchObject({ - type: "api_key", - provider: "openai-codex", - key: "sk-local", - }); + const profile = requireProfile(overlaid, "openai-codex:default"); + expect(profile.type).toBe("api_key"); + expect(profile.provider).toBe("openai-codex"); + expect(profile.key).toBe("sk-local"); }); it("keeps expired local oauth when external cli belongs to a different account", () => { @@ -248,10 +255,9 @@ describe("auth external oauth helpers", () => { }), ); - expect(overlaid.profiles["openai-codex:default"]).toMatchObject({ - access: "expired-local-access-token", - refresh: "expired-local-refresh-token", - accountId: "acct-local", - }); + const profile = requireProfile(overlaid, "openai-codex:default"); + expect(profile.access).toBe("expired-local-access-token"); + expect(profile.refresh).toBe("expired-local-refresh-token"); + expect(profile.accountId).toBe("acct-local"); }); });