vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-08 00:42:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(oauth): cap tls preflight timeout

Browse Source
This commit is contained in:
Peter Steinberger
2026-05-29 15:59:27 -04:00
parent fb8b9e9138
commit f10bad944f
2 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/commands/oauth-tls-preflight.test.ts
View File

@@ -1,4 +1,5 @@
import { beforeEach, describe, expect, it, vi } from "vitest";
import { MAX_TIMER_TIMEOUT_MS } from "../shared/number-coercion.js";
import {
formatOpenAIOAuthTlsPreflightFix,
runOpenAIOAuthTlsPreflight,
@@ -18,6 +19,23 @@ describe("runOpenAIOAuthTlsPreflight", () => {
expect(result).toEqual({ ok: true });
});
it("caps oversized probe timeouts before creating abort signals", async () => {
const timeoutController = new AbortController();
const timeoutSpy = vi.spyOn(AbortSignal, "timeout").mockReturnValue(timeoutController.signal);
const fetchImpl = vi.fn(async (_input: RequestInfo | URL, init?: RequestInit) => {
expect(init?.signal).toBe(timeoutController.signal);
return new Response("", { status: 400 });
}) as unknown as typeof fetch;
const result = await runOpenAIOAuthTlsPreflight({
fetchImpl,
timeoutMs: Number.MAX_SAFE_INTEGER,
});
expect(result).toEqual({ ok: true });
expect(timeoutSpy).toHaveBeenCalledWith(MAX_TIMER_TIMEOUT_MS);
});
it("classifies TLS trust failures from fetch cause code", async () => {
const tlsFetchImpl = vi.fn(async () => {
const cause = new Error("unable to get local issuer certificate") as Error & {

3
src/plugins/provider-openai-codex-oauth-tls.ts
View File

@@ -1,6 +1,7 @@
import path from "node:path";
import { formatCliCommand } from "../cli/command-format.js";
import type { OpenClawConfig } from "../config/types.openclaw.js";
import { resolveTimerTimeoutMs } from "../shared/number-coercion.js";
import { asNullableObjectRecord } from "../shared/record-coerce.js";
import { note } from "../terminal/note.js";
@@ -100,7 +101,7 @@ export async function runOpenAIOAuthTlsPreflight(options?: {
timeoutMs?: number;
fetchImpl?: typeof fetch;
}): Promise<OpenAIOAuthTlsPreflightResult> {
const timeoutMs = options?.timeoutMs ?? 5000;
const timeoutMs = resolveTimerTimeoutMs(options?.timeoutMs, 5000);
const fetchImpl = options?.fetchImpl ?? fetch;
try {
await fetchImpl(OPENAI_AUTH_PROBE_URL, {