github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 21:58:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(test): extract shared fixture helpers in gateway and outbound tests

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 20:11:22 +00:00
parent 5d90e31807
commit 7eae1933fb
2 changed files with 62 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/gateway/server/ws-connection/auth-context.test.ts
View File

@@ -34,6 +34,24 @@ function createBaseState(overrides?: Partial<ConnectAuthState>): ConnectAuthStat
};
}
async function resolveDeviceTokenDecision(params: {
verifyDeviceToken: ReturnType<typeof vi.fn>;
stateOverrides?: Partial<ConnectAuthState>;
rateLimiter?: AuthRateLimiter;
clientIp?: string;
}) {
return await resolveConnectAuthDecision({
state: createBaseState(params.stateOverrides),
hasDeviceIdentity: true,
deviceId: "dev-1",
role: "operator",
scopes: ["operator.read"],
verifyDeviceToken: params.verifyDeviceToken,
...(params.rateLimiter ? { rateLimiter: params.rateLimiter } : {}),
...(params.clientIp ? { clientIp: params.clientIp } : {}),
});
}
describe("resolveConnectAuthDecision", () => {
it("keeps shared-secret mismatch when fallback device-token check fails", async () => {
const verifyDeviceToken = vi.fn(async () => ({ ok: false }));
@@ -69,15 +87,10 @@ describe("resolveConnectAuthDecision", () => {
it("accepts valid device tokens and marks auth method as device-token", async () => {
const rateLimiter = createRateLimiter();
const verifyDeviceToken = vi.fn(async () => ({ ok: true }));
const decision = await resolveConnectAuthDecision({
state: createBaseState(),
hasDeviceIdentity: true,
deviceId: "dev-1",
role: "operator",
scopes: ["operator.read"],
const decision = await resolveDeviceTokenDecision({
verifyDeviceToken,
rateLimiter: rateLimiter.limiter,
clientIp: "203.0.113.20",
verifyDeviceToken,
});
expect(decision.authOk).toBe(true);
expect(decision.authMethod).toBe("device-token");
@@ -88,15 +101,10 @@ describe("resolveConnectAuthDecision", () => {
it("returns rate-limited auth result without verifying device token", async () => {
const rateLimiter = createRateLimiter({ allowed: false, retryAfterMs: 60_000 });
const verifyDeviceToken = vi.fn(async () => ({ ok: true }));
const decision = await resolveConnectAuthDecision({
state: createBaseState(),
hasDeviceIdentity: true,
deviceId: "dev-1",
role: "operator",
scopes: ["operator.read"],
const decision = await resolveDeviceTokenDecision({
verifyDeviceToken,
rateLimiter: rateLimiter.limiter,
clientIp: "203.0.113.20",
verifyDeviceToken,
});
expect(decision.authOk).toBe(false);
expect(decision.authResult.reason).toBe("rate_limited");