William Valentin
108 lines
3.3 KiB
TypeScript
108 lines
3.3 KiB
TypeScript
import { mkdtempSync, statSync } from 'fs';
|
|
import { tmpdir } from 'os';
|
|
import { join } from 'path';
|
|
import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
|
|
|
|
import { extractAccountId, parseJwtClaims } from './openai.js';
|
|
|
|
function base64UrlEncode(obj: unknown): string {
|
|
return Buffer.from(JSON.stringify(obj)).toString('base64url');
|
|
}
|
|
|
|
function makeJwt(payload: Record<string, unknown>): string {
|
|
const header = base64UrlEncode({ alg: 'none', typ: 'JWT' });
|
|
const body = base64UrlEncode(payload);
|
|
// Signature is ignored by parseJwtClaims.
|
|
return `${header}.${body}.sig`;
|
|
}
|
|
|
|
describe('OpenAI OAuth helpers', () => {
|
|
it('parseJwtClaims returns undefined for non-jwt strings', () => {
|
|
expect(parseJwtClaims('not-a-jwt')).toBeUndefined();
|
|
});
|
|
|
|
it('parseJwtClaims parses base64url payload', () => {
|
|
const token = makeJwt({ chatgpt_account_id: 'acct_123' });
|
|
const claims = parseJwtClaims(token);
|
|
expect(claims?.chatgpt_account_id).toBe('acct_123');
|
|
});
|
|
|
|
it('extractAccountId prefers chatgpt_account_id', () => {
|
|
const tokens = {
|
|
access_token: makeJwt({ chatgpt_account_id: 'acct_a' }),
|
|
refresh_token: 'rt',
|
|
id_token: makeJwt({ chatgpt_account_id: 'acct_b' }),
|
|
};
|
|
expect(extractAccountId(tokens)).toBe('acct_b');
|
|
});
|
|
|
|
it('extractAccountId falls back to organizations[0].id', () => {
|
|
const tokens = {
|
|
access_token: makeJwt({ organizations: [{ id: 'org_1' }] }),
|
|
refresh_token: 'rt',
|
|
};
|
|
expect(extractAccountId(tokens)).toBe('org_1');
|
|
});
|
|
});
|
|
|
|
describe('auth/openai api key storage', () => {
|
|
const originalHome = process.env.HOME;
|
|
const originalEnvKey = process.env.OPENAI_API_KEY;
|
|
|
|
let homeDir: string;
|
|
|
|
beforeEach(() => {
|
|
homeDir = mkdtempSync(join(tmpdir(), 'flynn-auth-openai-'));
|
|
process.env.HOME = homeDir;
|
|
delete process.env.OPENAI_API_KEY;
|
|
vi.resetModules();
|
|
});
|
|
|
|
afterEach(() => {
|
|
process.env.HOME = originalHome;
|
|
if (originalEnvKey) {
|
|
process.env.OPENAI_API_KEY = originalEnvKey;
|
|
} else {
|
|
delete process.env.OPENAI_API_KEY;
|
|
}
|
|
});
|
|
|
|
it('stores, loads, and clears OpenAI API key (preserves OAuth entry)', async () => {
|
|
const mod = await import('./openai.js');
|
|
|
|
expect(mod.loadStoredOpenAIApiKey()).toBeNull();
|
|
expect(mod.loadStoredOpenAIAuth()).toBeNull();
|
|
|
|
mod.storeOpenAIApiKey('sk-test');
|
|
expect(mod.loadStoredOpenAIApiKey()).toBe('sk-test');
|
|
|
|
const authFile = join(homeDir, '.config/flynn/auth.json');
|
|
const mode = statSync(authFile).mode & 0o777;
|
|
expect(mode).toBe(0o600);
|
|
|
|
const oauth = {
|
|
access_token: 'at',
|
|
refresh_token: 'rt',
|
|
expires_at: Date.now() + 60_000,
|
|
created_at: new Date().toISOString(),
|
|
};
|
|
mod.storeOpenAIAuth(oauth);
|
|
|
|
expect(mod.loadStoredOpenAIAuth()?.access_token).toBe('at');
|
|
expect(mod.loadStoredOpenAIApiKey()).toBe('sk-test');
|
|
|
|
mod.clearOpenAIAuth();
|
|
expect(mod.loadStoredOpenAIAuth()).toBeNull();
|
|
expect(mod.loadStoredOpenAIApiKey()).toBe('sk-test');
|
|
|
|
mod.clearOpenAIApiKey();
|
|
expect(mod.loadStoredOpenAIApiKey()).toBeNull();
|
|
});
|
|
|
|
it('getOpenAIApiKey prefers environment variable', async () => {
|
|
process.env.OPENAI_API_KEY = 'sk-env';
|
|
const mod = await import('./openai.js');
|
|
expect(mod.getOpenAIApiKey()).toBe('sk-env');
|
|
});
|
|
});
|