github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 05:49:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(gateway): unify auth credential resolution

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 18:21:20 +01:00
parent ded9a59f78
commit 66529c7aa5
13 changed files with 537 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/gateway/server.auth.test.ts
View File

@@ -957,6 +957,42 @@ describe("gateway server auth/connect", () => {
restoreGatewayToken(prevToken);
});
test("accepts explicit auth.deviceToken when shared token is omitted", async () => {
const { server, ws, port, prevToken } = await startServerWithClient("secret");
const { deviceToken } = await ensurePairedDeviceTokenForCurrentIdentity(ws);
ws.close();
const ws2 = await openWs(port);
const res2 = await connectReq(ws2, {
skipDefaultAuth: true,
deviceToken,
});
expect(res2.ok).toBe(true);
ws2.close();
await server.close();
restoreGatewayToken(prevToken);
});
test("uses explicit auth.deviceToken fallback when shared token is wrong", async () => {
const { server, ws, port, prevToken } = await startServerWithClient("secret");
const { deviceToken } = await ensurePairedDeviceTokenForCurrentIdentity(ws);
ws.close();
const ws2 = await openWs(port);
const res2 = await connectReq(ws2, {
token: "wrong",
deviceToken,
});
expect(res2.ok).toBe(true);
ws2.close();
await server.close();
restoreGatewayToken(prevToken);
});
test("keeps shared-secret lockout separate from device-token auth", async () => {
const { server, port, prevToken, deviceToken } =
await startRateLimitedTokenServerWithPairedDeviceToken();