-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest-device-auth.mjs
More file actions
68 lines (57 loc) · 2.49 KB
/
Copy pathtest-device-auth.mjs
File metadata and controls
68 lines (57 loc) · 2.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
// Device-auth polling flow test against a local mock of the backend endpoints.
// Simulates: CLI start -> user authorizes in browser (after 2 polls) -> CLI
// receives token via poll (one-time read).
import http from "node:http"
import { randomBytes } from "node:crypto"
const codes = new Map()
const server = http.createServer((req, res) => {
const url = new URL(req.url, "http://localhost")
res.setHeader("Content-Type", "application/json")
if (req.method === "POST" && url.pathname === "/orbcode/auth/start") {
const devicecode = randomBytes(24).toString("hex")
codes.set(devicecode, { status: "pending", polls: 0 })
res.end(JSON.stringify({ devicecode, expiresIn: 600, interval: 0.05 }))
return
}
if (req.method === "GET" && url.pathname === "/orbcode/auth/poll") {
const entry = codes.get(url.searchParams.get("devicecode"))
if (!entry) return res.end(JSON.stringify({ status: "expired" }))
entry.polls++
// "User clicks Authorize" after the second poll.
if (entry.polls >= 2 && entry.status === "pending") {
entry.status = "authorized"
entry.token = "fake.jwt.token"
}
if (entry.status === "authorized") {
codes.delete(url.searchParams.get("devicecode"))
return res.end(JSON.stringify({ status: "authorized", token: entry.token }))
}
return res.end(JSON.stringify({ status: "pending" }))
}
res.statusCode = 404
res.end("{}")
})
await new Promise((resolve) => server.listen(0, resolve))
process.env.MATTERAI_BACKEND_URL = `http://localhost:${server.address().port}`
process.env.MATTERAI_APP_URL = "http://localhost:9999"
const { startDeviceAuth, pollDeviceAuth, getAuthorizeUrl } = await import("./dist/auth/auth.js")
let failures = 0
const check = (label, ok) => {
console.log(`${ok ? "PASS" : "FAIL"}: ${label}`)
if (!ok) failures++
}
const start = await startDeviceAuth()
check("start returns 48-hex devicecode", /^[a-f0-9]{48}$/.test(start.devicecode))
check(
"authorize URL targets /orbital with devicecode",
getAuthorizeUrl(start.devicecode) ===
`http://localhost:9999/orbital?loginType=orbcode&devicecode=${start.devicecode}`,
)
const first = await pollDeviceAuth(start.devicecode)
check("first poll is pending", first.status === "pending")
const second = await pollDeviceAuth(start.devicecode)
check("second poll returns token", second.status === "authorized" && second.token === "fake.jwt.token")
const third = await pollDeviceAuth(start.devicecode)
check("token is one-time (third poll expired)", third.status === "expired")
server.close()
process.exit(failures ? 1 : 0)