github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 07:11:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(gateway): make ws and http auth surfaces explicit

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-21 13:31:58 +01:00
parent 1835dec200
commit 36a0df423d
8 changed files with 119 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/gateway/http-auth-helpers.test.ts
View File

@@ -4,7 +4,7 @@ import type { ResolvedGatewayAuth } from "./auth.js";
import { authorizeGatewayBearerRequestOrReply } from "./http-auth-helpers.js";
vi.mock("./auth.js", () => ({
authorizeGatewayConnect: vi.fn(),
authorizeHttpGatewayConnect: vi.fn(),
}));
vi.mock("./http-common.js", () => ({
@@ -15,7 +15,7 @@ vi.mock("./http-utils.js", () => ({
getBearerToken: vi.fn(),
}));
const { authorizeGatewayConnect } = await import("./auth.js");
const { authorizeHttpGatewayConnect } = await import("./auth.js");
const { sendGatewayAuthFailure } = await import("./http-common.js");
const { getBearerToken } = await import("./http-utils.js");
@@ -26,7 +26,7 @@ describe("authorizeGatewayBearerRequestOrReply", () => {
it("disables tailscale header auth for HTTP bearer checks", async () => {
vi.mocked(getBearerToken).mockReturnValue(undefined);
vi.mocked(authorizeGatewayConnect).mockResolvedValue({
vi.mocked(authorizeHttpGatewayConnect).mockResolvedValue({
ok: false,
reason: "token_missing",
});
@@ -43,9 +43,8 @@ describe("authorizeGatewayBearerRequestOrReply", () => {
});
expect(ok).toBe(false);
expect(vi.mocked(authorizeGatewayConnect)).toHaveBeenCalledWith(
expect(vi.mocked(authorizeHttpGatewayConnect)).toHaveBeenCalledWith(
expect.objectContaining({
allowTailscaleHeaderAuth: false,
connectAuth: null,
}),
);
@@ -54,7 +53,7 @@ describe("authorizeGatewayBearerRequestOrReply", () => {
it("forwards bearer token and returns true on successful auth", async () => {
vi.mocked(getBearerToken).mockReturnValue("abc");
vi.mocked(authorizeGatewayConnect).mockResolvedValue({ ok: true, method: "token" });
vi.mocked(authorizeHttpGatewayConnect).mockResolvedValue({ ok: true, method: "token" });
const ok = await authorizeGatewayBearerRequestOrReply({
req: {} as IncomingMessage,
@@ -68,9 +67,8 @@ describe("authorizeGatewayBearerRequestOrReply", () => {
});
expect(ok).toBe(true);
expect(vi.mocked(authorizeGatewayConnect)).toHaveBeenCalledWith(
expect(vi.mocked(authorizeHttpGatewayConnect)).toHaveBeenCalledWith(
expect.objectContaining({
allowTailscaleHeaderAuth: false,
connectAuth: { token: "abc", password: "abc" },
}),
);