vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-12 09:41:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Matrix: trim dead client config exports

Browse Source
This commit is contained in:
Gustavo Madeira Santana
2026-04-09 01:27:35 -04:00
parent cc6654a055
commit b7c28f3e1f
2 changed files with 19 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
extensions/matrix/src/matrix/client.test.ts
View File

@@ -42,8 +42,6 @@ vi.mock("./client/storage.js", async () => {
const {
backfillMatrixAuthDeviceIdAfterStartup,
getMatrixScopedEnvVarNames,
resolveImplicitMatrixAccountId,
resolveMatrixConfig,
resolveMatrixConfigForAccount,
resolveMatrixAuth,
resolveMatrixAuthContext,
@@ -69,11 +67,18 @@ function requireCredentialsReadModule(): typeof import("./credentials-read.js")
return credentialsReadModule;
}
function resolveDefaultMatrixAuthContext(
cfg: CoreConfig,
env: NodeJS.ProcessEnv = {} as NodeJS.ProcessEnv,
) {
return resolveMatrixAuthContext({ cfg, env });
}
beforeEach(() => {
installMatrixTestRuntime();
});
describe("resolveMatrixConfig", () => {
describe("Matrix auth/config live surfaces", () => {
it("prefers config over env", () => {
const cfg = {
channels: {
@@ -94,7 +99,7 @@ describe("resolveMatrixConfig", () => {
MATRIX_PASSWORD: "env-pass",
MATRIX_DEVICE_NAME: "EnvDevice",
} as NodeJS.ProcessEnv;
const resolved = resolveMatrixConfig(cfg, env);
const resolved = resolveDefaultMatrixAuthContext(cfg, env).resolved;
expect(resolved).toEqual({
homeserver: "https://cfg.example.org",
userId: "@cfg:example.org",
@@ -117,7 +122,7 @@ describe("resolveMatrixConfig", () => {
MATRIX_DEVICE_ID: "ENVDEVICE",
MATRIX_DEVICE_NAME: "EnvDevice",
} as NodeJS.ProcessEnv;
const resolved = resolveMatrixConfig(cfg, env);
const resolved = resolveDefaultMatrixAuthContext(cfg, env).resolved;
expect(resolved.homeserver).toBe("https://env.example.org");
expect(resolved.userId).toBe("@env:example.org");
expect(resolved.accessToken).toBe("env-token");
@@ -146,7 +151,7 @@ describe("resolveMatrixConfig", () => {
MATRIX_ACCESS_TOKEN: "env-token",
} as NodeJS.ProcessEnv;
const resolved = resolveMatrixConfig(cfg, env);
const resolved = resolveDefaultMatrixAuthContext(cfg, env).resolved;
expect(resolved.accessToken).toBe("env-token");
});
@@ -169,7 +174,7 @@ describe("resolveMatrixConfig", () => {
MATRIX_PASSWORD: "env-pass",
} as NodeJS.ProcessEnv;
const resolved = resolveMatrixConfig(cfg, env);
const resolved = resolveDefaultMatrixAuthContext(cfg, env).resolved;
expect(resolved.password).toBe("env-pass");
});
@@ -241,7 +246,7 @@ describe("resolveMatrixConfig", () => {
},
} as CoreConfig;
expect(() => resolveMatrixConfig(cfg, {} as NodeJS.ProcessEnv)).toThrow(
expect(() => resolveDefaultMatrixAuthContext(cfg, {} as NodeJS.ProcessEnv)).toThrow(
/channels\.matrix\.accessToken: unresolved SecretRef "env:default:MATRIX_ACCESS_TOKEN"/i,
);
});
@@ -265,7 +270,7 @@ describe("resolveMatrixConfig", () => {
} as CoreConfig;
expect(() =>
resolveMatrixConfig(cfg, {
resolveDefaultMatrixAuthContext(cfg, {
MATRIX_ACCESS_TOKEN: "env-token",
} as NodeJS.ProcessEnv),
).toThrow(/not allowlisted in secrets\.providers\.matrix-env\.allowlist/i);
@@ -289,7 +294,9 @@ describe("resolveMatrixConfig", () => {
},
} as CoreConfig;
expect(resolveMatrixConfig(cfg, {} as NodeJS.ProcessEnv).accessToken).toBeUndefined();
expect(
resolveDefaultMatrixAuthContext(cfg, {} as NodeJS.ProcessEnv).resolved.accessToken,
).toBeUndefined();
});
it("uses account-scoped env vars for non-default accounts before global env", () => {
@@ -368,7 +375,6 @@ describe("resolveMatrixConfig", () => {
},
} as CoreConfig;
expect(resolveImplicitMatrixAccountId(cfg, {} as NodeJS.ProcessEnv)).toBe("default");
expect(resolveMatrixAuthContext({ cfg, env: {} as NodeJS.ProcessEnv }).accountId).toBe(
"default",
);
@@ -392,7 +398,6 @@ describe("resolveMatrixConfig", () => {
},
} as CoreConfig;
expect(resolveImplicitMatrixAccountId(cfg, {} as NodeJS.ProcessEnv)).toBeNull();
expect(() => resolveMatrixAuthContext({ cfg, env: {} as NodeJS.ProcessEnv })).toThrow(
/channels\.matrix\.defaultAccount.*--account <id>/i,
);
@@ -413,7 +418,6 @@ describe("resolveMatrixConfig", () => {
},
} as CoreConfig;
expect(resolveImplicitMatrixAccountId(cfg, {} as NodeJS.ProcessEnv)).toBe("ops");
expect(resolveMatrixAuthContext({ cfg, env: {} as NodeJS.ProcessEnv }).accountId).toBe("ops");
});
@@ -432,7 +436,6 @@ describe("resolveMatrixConfig", () => {
},
} as CoreConfig;
expect(resolveImplicitMatrixAccountId(cfg, {} as NodeJS.ProcessEnv)).toBe("ops");
expect(resolveMatrixAuthContext({ cfg, env: {} as NodeJS.ProcessEnv }).accountId).toBe("ops");
});
@@ -449,7 +452,6 @@ describe("resolveMatrixConfig", () => {
MATRIX_OPS_ACCESS_TOKEN: "ops-token",
} as NodeJS.ProcessEnv;
expect(resolveImplicitMatrixAccountId(cfg, env)).toBeNull();
expect(() => resolveMatrixAuthContext({ cfg, env })).toThrow(
/channels\.matrix\.defaultAccount.*--account <id>/i,
);
@@ -467,7 +469,6 @@ describe("resolveMatrixConfig", () => {
MATRIX_OPS_ACCESS_TOKEN: "ops-token",
} as NodeJS.ProcessEnv;
expect(resolveImplicitMatrixAccountId(cfg, env)).toBe("ops");
expect(resolveMatrixAuthContext({ cfg, env }).accountId).toBe("ops");
});
@@ -487,7 +488,6 @@ describe("resolveMatrixConfig", () => {
},
} as CoreConfig;
expect(resolveImplicitMatrixAccountId(cfg, {} as NodeJS.ProcessEnv)).toBe("ops");
expect(resolveMatrixAuthContext({ cfg, env: {} as NodeJS.ProcessEnv }).accountId).toBe("ops");
});
@@ -504,7 +504,6 @@ describe("resolveMatrixConfig", () => {
MATRIX_OPS_ACCESS_TOKEN: "ops-token",
} as NodeJS.ProcessEnv;
expect(resolveImplicitMatrixAccountId(cfg, env)).toBe("ops");
expect(resolveMatrixAuthContext({ cfg, env }).accountId).toBe("ops");
});
@@ -520,7 +519,6 @@ describe("resolveMatrixConfig", () => {
MATRIX_OPS_USER_ID: "@ops:example.org",
} as NodeJS.ProcessEnv;
expect(resolveImplicitMatrixAccountId(cfg, env)).toBe("ops");
expect(resolveMatrixAuthContext({ cfg, env }).accountId).toBe("ops");
});
@@ -686,7 +684,7 @@ describe("resolveMatrixConfig", () => {
},
} as CoreConfig;
const resolved = resolveMatrixConfig(cfg, {} as NodeJS.ProcessEnv);
const resolved = resolveDefaultMatrixAuthContext(cfg, {} as NodeJS.ProcessEnv).resolved;
expect(resolved.dispatcherPolicy).toEqual({
mode: "explicit-proxy",

50
extensions/matrix/src/matrix/client/config.ts
View File

@@ -589,54 +589,6 @@ export async function resolveValidatedMatrixHomeserverUrl(
return normalized;
}
export function resolveMatrixConfig(
cfg: CoreConfig = getMatrixRuntime().config.loadConfig() as CoreConfig,
env: NodeJS.ProcessEnv = process.env,
): MatrixResolvedConfig {
const matrix = resolveMatrixBaseConfig(cfg);
const suppressInactivePasswordSecretRef = hasConfiguredMatrixAccessTokenSource({
cfg,
env,
accountId: DEFAULT_ACCOUNT_ID,
});
const fieldReadOptions = {
env,
config: cfg,
};
const defaultScopedEnv = resolveScopedMatrixEnvConfig(DEFAULT_ACCOUNT_ID, env);
const globalEnv = resolveGlobalMatrixEnvConfig(env);
const resolvedStrings = resolveMatrixAccountStringValues({
accountId: DEFAULT_ACCOUNT_ID,
scopedEnv: defaultScopedEnv,
channel: {
homeserver: readMatrixBaseConfigField(matrix, "homeserver", fieldReadOptions),
userId: readMatrixBaseConfigField(matrix, "userId", fieldReadOptions),
accessToken: readMatrixBaseConfigField(matrix, "accessToken", fieldReadOptions),
password: readMatrixBaseConfigField(matrix, "password", {
...fieldReadOptions,
suppressSecretRef: suppressInactivePasswordSecretRef,
}),
deviceId: readMatrixBaseConfigField(matrix, "deviceId", fieldReadOptions),
deviceName: readMatrixBaseConfigField(matrix, "deviceName", fieldReadOptions),
},
globalEnv,
});
const initialSyncLimit = clampMatrixInitialSyncLimit(matrix.initialSyncLimit);
const encryption = matrix.encryption ?? false;
const allowPrivateNetwork = isPrivateNetworkOptInEnabled(matrix) ? true : undefined;
return {
homeserver: resolvedStrings.homeserver,
userId: resolvedStrings.userId,
accessToken: resolvedStrings.accessToken || undefined,
password: resolvedStrings.password || undefined,
deviceId: resolvedStrings.deviceId || undefined,
deviceName: resolvedStrings.deviceName || undefined,
initialSyncLimit,
encryption,
...buildMatrixNetworkFields({ allowPrivateNetwork, proxy: matrix.proxy }),
};
}
export function resolveMatrixConfigForAccount(
cfg: CoreConfig,
accountId: string,
@@ -712,7 +664,7 @@ export function resolveMatrixConfigForAccount(
};
}
export function resolveImplicitMatrixAccountId(
function resolveImplicitMatrixAccountId(
cfg: CoreConfig,
env: NodeJS.ProcessEnv = process.env,
): string | null {