mirror of
https://github.com/openclaw/openclaw.git
synced 2026-04-19 11:08:37 +00:00
refactor: share gateway probe auth warnings
This commit is contained in:
Peter Steinberger
@@ -5,10 +5,21 @@ import {
|
|||||||
resolveGatewayProbeAuthWithSecretInputs,
|
resolveGatewayProbeAuthWithSecretInputs,
|
||||||
} from "./probe-auth.js";
|
} from "./probe-auth.js";
|
||||||
|
|
||||||
|
function expectUnresolvedProbeTokenWarning(cfg: OpenClawConfig) {
|
||||||
|
const result = resolveGatewayProbeAuthSafe({
|
||||||
|
cfg,
|
||||||
|
mode: "local",
|
||||||
|
env: {} as NodeJS.ProcessEnv,
|
||||||
|
});
|
||||||
|
|
||||||
|
expect(result.auth).toEqual({});
|
||||||
|
expect(result.warning).toContain("gateway.auth.token");
|
||||||
|
expect(result.warning).toContain("unresolved");
|
||||||
|
}
|
||||||
|
|
||||||
describe("resolveGatewayProbeAuthSafe", () => {
|
describe("resolveGatewayProbeAuthSafe", () => {
|
||||||
it.each([
|
it("returns probe auth credentials when available", () => {
|
||||||
{
|
const result = resolveGatewayProbeAuthSafe({
|
||||||
name: "returns probe auth credentials when available",
|
|
||||||
cfg: {
|
cfg: {
|
||||||
gateway: {
|
gateway: {
|
||||||
auth: {
|
auth: {
|
||||||
@@ -16,65 +27,56 @@ describe("resolveGatewayProbeAuthSafe", () => {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
} as OpenClawConfig,
|
} as OpenClawConfig,
|
||||||
mode: "local" as const,
|
mode: "local",
|
||||||
env: {} as NodeJS.ProcessEnv,
|
env: {} as NodeJS.ProcessEnv,
|
||||||
expected: {
|
});
|
||||||
|
|
||||||
|
expect(result).toEqual({
|
||||||
|
auth: {
|
||||||
|
token: "token-value",
|
||||||
|
password: undefined,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns warning and empty auth when token SecretRef is unresolved", () => {
|
||||||
|
expectUnresolvedProbeTokenWarning({
|
||||||
|
gateway: {
|
||||||
auth: {
|
auth: {
|
||||||
token: "token-value",
|
mode: "token",
|
||||||
password: undefined,
|
token: { source: "env", provider: "default", id: "MISSING_GATEWAY_TOKEN" },
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
secrets: {
|
||||||
{
|
providers: {
|
||||||
name: "returns warning and empty auth when a local token SecretRef is unresolved",
|
default: { source: "env" },
|
||||||
cfg: {
|
|
||||||
gateway: {
|
|
||||||
auth: {
|
|
||||||
mode: "token",
|
|
||||||
token: { source: "env", provider: "default", id: "MISSING_GATEWAY_TOKEN" },
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
secrets: {
|
|
||||||
providers: {
|
|
||||||
default: { source: "env" },
|
|
||||||
},
|
|
||||||
},
|
|
||||||
} as OpenClawConfig,
|
|
||||||
mode: "local" as const,
|
|
||||||
env: {} as NodeJS.ProcessEnv,
|
|
||||||
expected: {
|
|
||||||
auth: {},
|
|
||||||
warningIncludes: ["gateway.auth.token", "unresolved"],
|
|
||||||
},
|
},
|
||||||
},
|
} as OpenClawConfig);
|
||||||
{
|
});
|
||||||
name: "does not fall through to remote token when the local SecretRef is unresolved",
|
|
||||||
cfg: {
|
it("does not fall through to remote token when local token SecretRef is unresolved", () => {
|
||||||
gateway: {
|
expectUnresolvedProbeTokenWarning({
|
||||||
mode: "local",
|
gateway: {
|
||||||
auth: {
|
mode: "local",
|
||||||
mode: "token",
|
auth: {
|
||||||
token: { source: "env", provider: "default", id: "MISSING_GATEWAY_TOKEN" },
|
mode: "token",
|
||||||
},
|
token: { source: "env", provider: "default", id: "MISSING_GATEWAY_TOKEN" },
|
||||||
remote: {
|
|
||||||
token: "remote-token",
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
secrets: {
|
remote: {
|
||||||
providers: {
|
token: "remote-token",
|
||||||
default: { source: "env" },
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
} as OpenClawConfig,
|
|
||||||
mode: "local" as const,
|
|
||||||
env: {} as NodeJS.ProcessEnv,
|
|
||||||
expected: {
|
|
||||||
auth: {},
|
|
||||||
warningIncludes: ["gateway.auth.token", "unresolved"],
|
|
||||||
},
|
},
|
||||||
},
|
secrets: {
|
||||||
{
|
providers: {
|
||||||
name: "ignores unresolved local token SecretRefs in remote mode",
|
default: { source: "env" },
|
||||||
|
},
|
||||||
|
},
|
||||||
|
} as OpenClawConfig);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("ignores unresolved local token SecretRef in remote mode when remote-only auth is requested", () => {
|
||||||
|
const result = resolveGatewayProbeAuthSafe({
|
||||||
cfg: {
|
cfg: {
|
||||||
gateway: {
|
gateway: {
|
||||||
mode: "remote",
|
mode: "remote",
|
||||||
@@ -92,22 +94,16 @@ describe("resolveGatewayProbeAuthSafe", () => {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
} as OpenClawConfig,
|
} as OpenClawConfig,
|
||||||
mode: "remote" as const,
|
mode: "remote",
|
||||||
env: {} as NodeJS.ProcessEnv,
|
env: {} as NodeJS.ProcessEnv,
|
||||||
expected: {
|
});
|
||||||
auth: {
|
|
||||||
token: undefined,
|
|
||||||
password: undefined,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
])("$name", ({ cfg, mode, env, expected }) => {
|
|
||||||
const result = resolveGatewayProbeAuthSafe({ cfg, mode, env });
|
|
||||||
|
|
||||||
expect(result.auth).toEqual(expected.auth);
|
expect(result).toEqual({
|
||||||
for (const fragment of expected.warningIncludes ?? []) {
|
auth: {
|
||||||
expect(result.warning).toContain(fragment);
|
token: undefined,
|
||||||
}
|
password: undefined,
|
||||||
|
},
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user