@barndoor-ai/sdk 0.2.0

package/test/exceptions.test.js

@@ -0,0 +1,142 @@
+/**
+ * Tests for exception hierarchy and error handling.
+ */
+
+import {
+  BarndoorError,
+  AuthenticationError,
+  TokenError,
+  TokenExpiredError,
+  TokenValidationError,
+  ConnectionError,
+  HTTPError,
+  ServerNotFoundError,
+  OAuthError,
+  ConfigurationError,
+  TimeoutError,
+} from '../dist/index.esm.js';
+
+describe('Exception Hierarchy', () => {
+  test('exception inheritance is correct', () => {
+    expect(AuthenticationError.prototype).toBeInstanceOf(BarndoorError);
+    expect(TokenError.prototype).toBeInstanceOf(AuthenticationError);
+    expect(TokenExpiredError.prototype).toBeInstanceOf(TokenError);
+    expect(TokenValidationError.prototype).toBeInstanceOf(TokenError);
+    expect(ConnectionError.prototype).toBeInstanceOf(BarndoorError);
+    expect(HTTPError.prototype).toBeInstanceOf(BarndoorError);
+    expect(ServerNotFoundError.prototype).toBeInstanceOf(BarndoorError);
+    expect(OAuthError.prototype).toBeInstanceOf(AuthenticationError);
+    expect(ConfigurationError.prototype).toBeInstanceOf(BarndoorError);
+    expect(TimeoutError.prototype).toBeInstanceOf(BarndoorError);
+  });
+
+  test('BarndoorError is base exception', () => {
+    const error = new BarndoorError('test message');
+    expect(error).toBeInstanceOf(Error);
+    expect(error.name).toBe('BarndoorError');
+    expect(error.message).toBe('test message');
+  });
+
+  test('AuthenticationError stores error code', () => {
+    const error = new AuthenticationError('auth failed', 'AUTH001');
+    expect(error).toBeInstanceOf(BarndoorError);
+    expect(error.errorCode).toBe('AUTH001');
+    expect(error.message).toBe('auth failed');
+  });
+
+  test('TokenError adds help text', () => {
+    const errorWithHelp = new TokenError('token invalid', 'Custom help text');
+    expect(errorWithHelp.message).toBe('token invalid Custom help text');
+    expect(errorWithHelp.helpText).toBe('Custom help text');
+
+    const errorWithoutHelp = new TokenError('token invalid');
+    expect(errorWithoutHelp.message).toBe("token invalid Run 'barndoor-login' to authenticate.");
+    expect(errorWithoutHelp.helpText).toBeNull();
+  });
+
+  test('ConnectionError creates user-friendly messages', () => {
+    const timeoutError = new ConnectionError('https://api.example.com', new Error('timeout'));
+    expect(timeoutError.message).toContain('timed out');
+    expect(timeoutError.url).toBe('https://api.example.com');
+
+    const refusedError = new ConnectionError(
+      'https://api.example.com',
+      new Error('connection refused')
+    );
+    expect(refusedError.message).toContain('Could not connect');
+
+    const dnsError = new ConnectionError(
+      'https://api.example.com',
+      new Error('name resolution failed')
+    );
+    expect(dnsError.message).toContain('Could not resolve hostname');
+
+    const genericError = new ConnectionError('https://api.example.com', new Error('generic error'));
+    expect(genericError.message).toContain('Failed to connect');
+  });
+
+  test('HTTPError creates status-specific messages', () => {
+    const badRequest = new HTTPError(400, 'Bad Request');
+    expect(badRequest.message).toContain('Invalid request');
+    expect(badRequest.statusCode).toBe(400);
+
+    const unauthorized = new HTTPError(401, 'Unauthorized');
+    expect(unauthorized.message).toContain('Authentication failed');
+
+    const forbidden = new HTTPError(403, 'Forbidden');
+    expect(forbidden.message).toContain('Access denied');
+
+    const notFound = new HTTPError(404, 'Not Found');
+    expect(notFound.message).toContain('Resource not found');
+
+    const rateLimit = new HTTPError(429, 'Too Many Requests');
+    expect(rateLimit.message).toContain('Rate limit exceeded');
+
+    const serverError = new HTTPError(500, 'Internal Server Error');
+    expect(serverError.message).toContain('Server error');
+
+    const unknownError = new HTTPError(418, "I'm a teapot");
+    expect(unknownError.message).toContain("I'm a teapot");
+  });
+
+  test('ServerNotFoundError with available servers', () => {
+    const availableServers = ['server1', 'server2', 'server3'];
+    const error = new ServerNotFoundError('missing-server', availableServers);
+
+    expect(error.message).toContain('missing-server');
+    expect(error.message).toContain('server1, server2, server3');
+    expect(error.serverIdentifier).toBe('missing-server');
+    expect(error.availableServers).toEqual(availableServers);
+  });
+
+  test('ServerNotFoundError without available servers', () => {
+    const error = new ServerNotFoundError('missing-server');
+
+    expect(error.message).toContain('missing-server');
+    expect(error.message).toContain('Use listServers()');
+    expect(error.availableServers).toBeNull();
+  });
+});
+
+describe('Error Instantiation', () => {
+  test('all error types can be instantiated', () => {
+    expect(() => new BarndoorError('test')).not.toThrow();
+    expect(() => new AuthenticationError('test')).not.toThrow();
+    expect(() => new TokenError('test')).not.toThrow();
+    expect(() => new TokenExpiredError('test')).not.toThrow();
+    expect(() => new TokenValidationError('test')).not.toThrow();
+    expect(() => new ConnectionError('url', new Error('test'))).not.toThrow();
+    expect(() => new HTTPError(500, 'test')).not.toThrow();
+    expect(() => new ServerNotFoundError('test')).not.toThrow();
+    expect(() => new OAuthError('test')).not.toThrow();
+    expect(() => new ConfigurationError('test')).not.toThrow();
+    expect(() => new TimeoutError('test')).not.toThrow();
+  });
+
+  test('error names are set correctly', () => {
+    expect(new BarndoorError('test').name).toBe('BarndoorError');
+    expect(new AuthenticationError('test').name).toBe('AuthenticationError');
+    expect(new TokenError('test').name).toBe('TokenError');
+    expect(new HTTPError(500, 'test').name).toBe('HTTPError');
+  });
+});

package/test/integration.test.js

@@ -0,0 +1,147 @@
+/**
+ * Integration tests for the Barndoor SDK.
+ *
+ * These tests verify that the main components work together correctly
+ * and that the API is compatible with the Python SDK.
+ */
+
+import {
+  BarndoorSDK,
+  BarndoorError,
+  HTTPError,
+  ConfigurationError,
+  TokenError,
+  ServerSummary,
+  ServerDetail,
+  BarndoorConfig,
+} from '../dist/index.esm.js';
+
+describe('SDK Integration Tests', () => {
+  const validToken =
+    'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';
+
+  test('SDK can be instantiated with valid parameters', () => {
+    const sdk = new BarndoorSDK('https://api.example.com', { token: validToken });
+    expect(sdk).toBeInstanceOf(BarndoorSDK);
+    expect(sdk.base).toBe('https://api.example.com');
+    expect(sdk.token).toBe(validToken);
+  });
+
+  test('SDK throws appropriate errors for invalid parameters', () => {
+    expect(() => new BarndoorSDK('invalid-url', { token: validToken })).toThrow(ConfigurationError);
+
+    expect(() => new BarndoorSDK('https://api.example.com', { token: 'invalid' })).toThrow(
+      TokenError
+    );
+  });
+
+  test('Exception hierarchy is correct', () => {
+    const authError = new HTTPError(401, 'Unauthorized');
+    expect(authError).toBeInstanceOf(BarndoorError);
+    expect(authError.statusCode).toBe(401);
+  });
+
+  test('Models can be created from API data', () => {
+    const serverData = {
+      id: '123e4567-e89b-12d3-a456-426614174000',
+      name: 'Test Server',
+      slug: 'test-server',
+      provider: 'github',
+      connection_status: 'connected',
+    };
+
+    const server = ServerSummary.fromApiResponse(serverData);
+    expect(server).toBeInstanceOf(ServerSummary);
+    expect(server.id).toBe(serverData.id);
+    expect(server.name).toBe(serverData.name);
+
+    const detailData = { ...serverData, url: 'https://api.example.com/mcp' };
+    const detail = ServerDetail.fromApiResponse(detailData);
+    expect(detail).toBeInstanceOf(ServerDetail);
+    expect(detail).toBeInstanceOf(ServerSummary);
+    expect(detail.url).toBe(detailData.url);
+  });
+
+  test('Configuration works with environment variables', () => {
+    const originalEnv = process.env.AUTH_DOMAIN;
+    process.env.AUTH_DOMAIN = 'test.auth0.com';
+
+    const config = new BarndoorConfig();
+    expect(config.authDomain).toBe('test.auth0.com');
+
+    // Restore original environment
+    if (originalEnv) {
+      process.env.AUTH_DOMAIN = originalEnv;
+    } else {
+      delete process.env.AUTH_DOMAIN;
+    }
+  });
+
+  test('Configuration validation works', () => {
+    const config = new BarndoorConfig({ authDomain: '' });
+    expect(() => config.validate()).toThrow(ConfigurationError);
+    expect(() => config.validate()).toThrow('authDomain is required');
+  });
+
+  test('SDK can be closed properly', async () => {
+    const sdk = new BarndoorSDK('https://api.example.com', { token: validToken });
+    await sdk.close();
+    expect(sdk._closed).toBe(true);
+  });
+});
+
+describe('API Compatibility', () => {
+  test('method names match Python SDK (camelCase conversion)', () => {
+    const sdk = new BarndoorSDK('https://api.example.com', {
+      token:
+        'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c',
+    });
+
+    // Check that JavaScript methods exist (Python equivalents in comments)
+    expect(typeof sdk.listServers).toBe('function'); // list_servers
+    expect(typeof sdk.getServer).toBe('function'); // get_server
+    expect(typeof sdk.initiateConnection).toBe('function'); // initiate_connection
+    expect(typeof sdk.getConnectionStatus).toBe('function'); // get_connection_status
+    expect(typeof sdk.disconnectServer).toBe('function'); // disconnect_server
+    expect(typeof sdk.ensureServerConnected).toBe('function'); // ensure_server_connected
+    expect(typeof sdk.validateCachedToken).toBe('function'); // validate_cached_token
+    expect(typeof sdk.close).toBe('function'); // close
+    expect(typeof sdk.aclose).toBe('function'); // aclose
+  });
+
+  test('error messages are user-friendly like Python SDK', () => {
+    const httpError = new HTTPError(404, 'Not Found');
+    expect(httpError.message).toContain('Resource not found');
+    expect(httpError.message).toContain('check the server ID');
+
+    const authError = new HTTPError(401, 'Unauthorized');
+    expect(authError.message).toContain('Authentication failed');
+    expect(authError.message).toContain('check your token');
+  });
+
+  test('model structure matches Python SDK', () => {
+    const serverData = {
+      id: '123e4567-e89b-12d3-a456-426614174000',
+      name: 'Test Server',
+      slug: 'test-server',
+      provider: 'github',
+      connection_status: 'connected',
+    };
+
+    const server = new ServerSummary(serverData);
+
+    // Check that all Python SDK fields are present
+    expect(server).toHaveProperty('id');
+    expect(server).toHaveProperty('name');
+    expect(server).toHaveProperty('slug');
+    expect(server).toHaveProperty('provider');
+    expect(server).toHaveProperty('connection_status');
+
+    // Check field types match expectations
+    expect(typeof server.id).toBe('string');
+    expect(typeof server.name).toBe('string');
+    expect(typeof server.slug).toBe('string');
+    expect(typeof server.connection_status).toBe('string');
+    expect(server.provider === null || typeof server.provider === 'string').toBe(true);
+  });
+});

package/test/models.test.js

@@ -0,0 +1,177 @@
+/**
+ * Tests for data models.
+ */
+
+import { ServerSummary, ServerDetail, AgentToken } from '../dist/index.esm.js';
+
+describe('ServerSummary', () => {
+  const validServerData = {
+    id: '123e4567-e89b-12d3-a456-426614174000',
+    name: 'Test Server',
+    slug: 'test-server',
+    provider: 'github',
+    connection_status: 'connected',
+  };
+
+  test('creates ServerSummary with valid data', () => {
+    const server = new ServerSummary(validServerData);
+
+    expect(server.id).toBe(validServerData.id);
+    expect(server.name).toBe(validServerData.name);
+    expect(server.slug).toBe(validServerData.slug);
+    expect(server.provider).toBe(validServerData.provider);
+    expect(server.connection_status).toBe(validServerData.connection_status);
+  });
+
+  test('handles null provider', () => {
+    const dataWithoutProvider = { ...validServerData };
+    delete dataWithoutProvider.provider;
+
+    const server = new ServerSummary(dataWithoutProvider);
+    expect(server.provider).toBeNull();
+  });
+
+  test('throws error for missing required fields', () => {
+    expect(() => new ServerSummary({})).toThrow('ServerSummary missing required fields');
+
+    expect(
+      () =>
+        new ServerSummary({
+          name: 'Test',
+          slug: 'test',
+          connection_status: 'available',
+        })
+    ).toThrow('ServerSummary missing required fields');
+  });
+
+  test('fromApiResponse creates ServerSummary', () => {
+    const server = ServerSummary.fromApiResponse(validServerData);
+    expect(server).toBeInstanceOf(ServerSummary);
+    expect(server.id).toBe(validServerData.id);
+  });
+});
+
+describe('ServerDetail', () => {
+  const validDetailData = {
+    id: '123e4567-e89b-12d3-a456-426614174000',
+    name: 'Test Server',
+    slug: 'test-server',
+    provider: 'github',
+    connection_status: 'connected',
+    url: 'https://api.example.com/mcp',
+  };
+
+  test('creates ServerDetail with valid data', () => {
+    const server = new ServerDetail(validDetailData);
+
+    expect(server.id).toBe(validDetailData.id);
+    expect(server.name).toBe(validDetailData.name);
+    expect(server.slug).toBe(validDetailData.slug);
+    expect(server.provider).toBe(validDetailData.provider);
+    expect(server.connection_status).toBe(validDetailData.connection_status);
+    expect(server.url).toBe(validDetailData.url);
+  });
+
+  test('extends ServerSummary', () => {
+    const server = new ServerDetail(validDetailData);
+    expect(server).toBeInstanceOf(ServerSummary);
+  });
+
+  test('handles null url', () => {
+    const dataWithoutUrl = { ...validDetailData };
+    delete dataWithoutUrl.url;
+
+    const server = new ServerDetail(dataWithoutUrl);
+    expect(server.url).toBeNull();
+  });
+
+  test('fromApiResponse creates ServerDetail', () => {
+    const server = ServerDetail.fromApiResponse(validDetailData);
+    expect(server).toBeInstanceOf(ServerDetail);
+    expect(server.url).toBe(validDetailData.url);
+  });
+});
+
+describe('AgentToken', () => {
+  const validTokenData = {
+    agent_token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...',
+    expires_in: 3600,
+  };
+
+  test('creates AgentToken with valid data', () => {
+    const token = new AgentToken(validTokenData);
+
+    expect(token.agent_token).toBe(validTokenData.agent_token);
+    expect(token.expires_in).toBe(validTokenData.expires_in);
+  });
+
+  test('throws error for missing agent_token', () => {
+    expect(() => new AgentToken({ expires_in: 3600 })).toThrow(
+      'AgentToken missing required fields'
+    );
+  });
+
+  test('throws error for missing expires_in', () => {
+    expect(() => new AgentToken({ agent_token: 'token' })).toThrow(
+      'AgentToken missing required fields'
+    );
+  });
+
+  test('throws error for invalid expires_in type', () => {
+    expect(
+      () =>
+        new AgentToken({
+          agent_token: 'token',
+          expires_in: 'not-a-number',
+        })
+    ).toThrow('AgentToken missing required fields');
+  });
+
+  test('fromApiResponse creates AgentToken', () => {
+    const token = AgentToken.fromApiResponse(validTokenData);
+    expect(token).toBeInstanceOf(AgentToken);
+    expect(token.agent_token).toBe(validTokenData.agent_token);
+  });
+});
+
+describe('Model Validation', () => {
+  test('models validate required fields strictly', () => {
+    // ServerSummary requires all core fields
+    expect(
+      () =>
+        new ServerSummary({
+          id: 'test-id',
+          name: 'Test',
+          slug: 'test',
+          // missing connection_status
+        })
+    ).toThrow();
+
+    // AgentToken requires both fields
+    expect(
+      () =>
+        new AgentToken({
+          agent_token: 'token',
+          // missing expires_in
+        })
+    ).toThrow();
+  });
+
+  test('models handle optional fields correctly', () => {
+    const serverWithoutProvider = new ServerSummary({
+      id: 'test-id',
+      name: 'Test',
+      slug: 'test',
+      connection_status: 'available',
+    });
+    expect(serverWithoutProvider.provider).toBeNull();
+
+    const detailWithoutUrl = new ServerDetail({
+      id: 'test-id',
+      name: 'Test',
+      slug: 'test',
+      connection_status: 'available',
+    });
+    expect(detailWithoutUrl.url).toBeNull();
+  });
+});

package/test/token-management.test.js

@@ -0,0 +1,81 @@
+/**
+ * Tests for enhanced token management features.
+ *
+ * These tests verify the new JWT verification, token refresh, and file locking
+ * functionality that mirrors the Python SDK's capabilities.
+ */
+
+import { verifyJWTLocal, JWTVerificationResult, TokenManager } from '../dist/index.esm.js';
+
+describe('Enhanced Token Management', () => {
+  describe('JWT Verification', () => {
+    const validToken =
+      'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InRlc3Qta2V5In0.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjk5OTk5OTk5OTksImF1ZCI6Imh0dHBzOi8vYmFybmRvb3IuYWkvIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmJhcm5kb29yLmFpLyJ9.test-signature';
+    const expiredToken =
+      'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InRlc3Qta2V5In0.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE1MTYyMzkwMjIsImF1ZCI6Imh0dHBzOi8vYmFybmRvb3IuYWkvIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmJhcm5kb29yLmFpLyJ9.test-signature';
+
+    test('verifyJWTLocal returns INVALID for malformed tokens', async () => {
+      const result = await verifyJWTLocal(
+        'invalid-token',
+        'auth.barndoor.ai',
+        'https://barndoor.ai/'
+      );
+      expect(result).toBe(JWTVerificationResult.INVALID);
+    });
+
+    test('verifyJWTLocal handles network errors gracefully', async () => {
+      // This will fail to verify due to network/JWKS issues, but should return INVALID not throw
+      const result = await verifyJWTLocal(validToken, 'nonexistent.domain', 'https://barndoor.ai/');
+      expect(result).toBe(JWTVerificationResult.INVALID);
+    }, 10000); // 10 second timeout
+  });
+
+  describe('TokenManager', () => {
+    test('TokenManager can be instantiated', () => {
+      const manager = new TokenManager('https://api.example.com');
+      expect(manager).toBeInstanceOf(TokenManager);
+    });
+
+    test('TokenManager throws error when no token is found', async () => {
+      const manager = new TokenManager('https://api.example.com');
+
+      // This should throw since there's no token stored
+      await expect(manager.getValidToken()).rejects.toThrow();
+    });
+  });
+
+  describe('Token Storage Integration', () => {
+    test('Token storage functions are available', async () => {
+      const { loadUserToken, saveUserToken, clearCachedToken } = await import(
+        '../dist/index.esm.js'
+      );
+
+      expect(typeof loadUserToken).toBe('function');
+      expect(typeof saveUserToken).toBe('function');
+      expect(typeof clearCachedToken).toBe('function');
+    });
+
+    test('validateToken function works with invalid tokens', async () => {
+      const { validateToken } = await import('../dist/index.esm.js');
+
+      const result = await validateToken('invalid-token');
+      expect(result).toEqual({ valid: false });
+    });
+
+    test('setTokenLogger function is available', async () => {
+      const { setTokenLogger } = await import('../dist/index.esm.js');
+
+      expect(typeof setTokenLogger).toBe('function');
+
+      // Test that we can set a custom logger
+      const mockLogger = {
+        debug: () => {},
+        info: () => {},
+        warn: () => {},
+        error: () => {},
+      };
+
+      expect(() => setTokenLogger(mockLogger)).not.toThrow();
+    });
+  });
+});

package/test/token-validation.test.js

@@ -0,0 +1,104 @@
+/**
+ * Tests for token validation fixes from code review.
+ *
+ * These tests verify that the token validation race condition fix works correctly,
+ * ensuring tokens are only validated in appropriate environments and that the
+ * _tokenValidated flag is only set when tokens are actually valid.
+ */
+
+import { BarndoorSDK } from '../dist/index.esm.js';
+
+describe('Token Validation Fixes', () => {
+  describe('Environment-based validation behavior', () => {
+    const validToken =
+      'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';
+    const originalEnv = process.env.BARNDOOR_ENV;
+    const originalFetch = global.fetch;
+
+    afterEach(() => {
+      process.env.BARNDOOR_ENV = originalEnv;
+      global.fetch = originalFetch;
+    });
+
+    test('skips validation in test environment', async () => {
+      process.env.BARNDOOR_ENV = 'test';
+
+      const sdk = new BarndoorSDK('https://api.example.com', { token: validToken });
+
+      // Should not throw since we're in test environment
+      await expect(sdk.ensureValidToken()).resolves.toBeUndefined();
+      expect(sdk._tokenValidated).toBe(true);
+    });
+
+    test('skips validation in ci environment', async () => {
+      process.env.BARNDOOR_ENV = 'ci';
+
+      const sdk = new BarndoorSDK('https://api.example.com', { token: validToken });
+
+      // Should not throw since we're in ci environment
+      await expect(sdk.ensureValidToken()).resolves.toBeUndefined();
+      expect(sdk._tokenValidated).toBe(true);
+    });
+
+    test('validates token in development environment', async () => {
+      process.env.BARNDOOR_ENV = 'development';
+
+      // Mock fetch to simulate token validation failure
+      global.fetch = () =>
+        Promise.resolve({
+          ok: false,
+          status: 401,
+        });
+
+      const sdk = new BarndoorSDK('https://api.example.com', { token: validToken });
+
+      // Should throw since we're in development and token validation fails
+      await expect(sdk.ensureValidToken()).rejects.toThrow('Token validation failed');
+    });
+
+    test('validates token in production environment', async () => {
+      process.env.BARNDOOR_ENV = 'production';
+
+      // Mock fetch to simulate token validation failure
+      global.fetch = () =>
+        Promise.resolve({
+          ok: false,
+          status: 401,
+        });
+
+      const sdk = new BarndoorSDK('https://api.example.com', { token: validToken });
+
+      // Should throw since we're in production and token validation fails
+      await expect(sdk.ensureValidToken()).rejects.toThrow('Token validation failed');
+    });
+
+    test('only sets _tokenValidated to true when token is actually valid', async () => {
+      process.env.BARNDOOR_ENV = 'production';
+
+      // Test 1: Valid token should set _tokenValidated to true
+      global.fetch = () =>
+        Promise.resolve({
+          ok: true,
+          status: 200,
+        });
+
+      const sdk = new BarndoorSDK('https://api.example.com', { token: validToken });
+
+      const isValid = await sdk.validateCachedToken();
+      expect(isValid).toBe(true);
+      expect(sdk._tokenValidated).toBe(true);
+
+      // Test 2: Invalid token should NOT set _tokenValidated to true
+      sdk._tokenValidated = false;
+      global.fetch = () =>
+        Promise.resolve({
+          ok: false,
+          status: 401,
+        });
+
+      const isValidSecond = await sdk.validateCachedToken();
+      expect(isValidSecond).toBe(false);
+      expect(sdk._tokenValidated).toBe(false); // Critical: should remain false for invalid tokens
+    });
+  });
+});