@kya-os/mcp-i-core 1.2.3-canary.6 → 1.3.0

package/src/__tests__/config/provider-runtime-config.test.ts

@@ -0,0 +1,309 @@
+/**
+ * Tests for ProviderRuntimeConfig
+ */
+
+import { describe, it, expect, vi } from 'vitest';
+import type { ProviderRuntimeConfig } from '../../config.js';
+import type {
+  CryptoProvider,
+  ClockProvider,
+  FetchProvider,
+  StorageProvider,
+  NonceCacheProvider,
+  IdentityProvider
+} from '../../providers/base.js';
+
+describe('ProviderRuntimeConfig', () => {
+  // Mock providers for testing
+  const mockCryptoProvider: CryptoProvider = {
+    generateKeyPair: vi.fn(),
+    sign: vi.fn(),
+    verify: vi.fn(),
+    hash: vi.fn(),
+    randomBytes: vi.fn(),
+  };
+
+  const mockClockProvider: ClockProvider = {
+    now: vi.fn(() => Date.now()),
+    timestamp: vi.fn(() => new Date().toISOString()),
+  };
+
+  const mockFetchProvider: FetchProvider = {
+    fetch: vi.fn(),
+  };
+
+  const mockStorageProvider: StorageProvider = {
+    get: vi.fn(),
+    set: vi.fn(),
+    delete: vi.fn(),
+    list: vi.fn(),
+  };
+
+  const mockNonceCacheProvider: NonceCacheProvider = {
+    getNonce: vi.fn(),
+    setNonce: vi.fn(),
+    deleteNonce: vi.fn(),
+  };
+
+  const mockIdentityProvider: IdentityProvider = {
+    getIdentity: vi.fn(),
+    ensureIdentity: vi.fn(),
+  };
+
+  describe('Minimal configuration', () => {
+    it('should accept minimal valid config with all providers', () => {
+      const config: ProviderRuntimeConfig = {
+        environment: 'development',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+      };
+
+      expect(config.environment).toBe('development');
+      expect(config.cryptoProvider).toBeDefined();
+      expect(config.clockProvider).toBeDefined();
+      expect(config.fetchProvider).toBeDefined();
+      expect(config.storageProvider).toBeDefined();
+      expect(config.nonceCacheProvider).toBeDefined();
+      expect(config.identityProvider).toBeDefined();
+    });
+  });
+
+  describe('Configuration with session', () => {
+    it('should accept session configuration', () => {
+      const config: ProviderRuntimeConfig = {
+        environment: 'production',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+        session: {
+          timestampSkewSeconds: 60,
+          ttlMinutes: 15,
+        },
+      };
+
+      expect(config.session?.timestampSkewSeconds).toBe(60);
+      expect(config.session?.ttlMinutes).toBe(15);
+    });
+  });
+
+  describe('Configuration with identity', () => {
+    it('should accept identity configuration', () => {
+      const config: ProviderRuntimeConfig = {
+        environment: 'development',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+        identity: {
+          enabled: true,
+          environment: 'development',
+        },
+      };
+
+      expect(config.identity?.enabled).toBe(true);
+      expect(config.identity?.environment).toBe('development');
+    });
+  });
+
+  describe('Configuration with proofing', () => {
+    it('should accept proofing configuration', () => {
+      const config: ProviderRuntimeConfig = {
+        environment: 'production',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+        proofing: {
+          enabled: true,
+          batchQueue: {
+            destinations: [
+              {
+                type: 'agentshield',
+                apiUrl: 'https://kya.vouched.id',
+                apiKey: 'test-key',
+              },
+            ],
+          },
+        },
+      };
+
+      expect(config.proofing?.enabled).toBe(true);
+      expect(config.proofing?.batchQueue?.destinations).toHaveLength(1);
+    });
+  });
+
+  describe('Configuration with delegation', () => {
+    it('should accept delegation configuration', () => {
+      const config: ProviderRuntimeConfig = {
+        environment: 'production',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+        delegation: {
+          enabled: true,
+          verifier: {
+            type: 'agentshield',
+            apiUrl: 'https://kya.vouched.id',
+            apiKey: 'test-key',
+          },
+        },
+      };
+
+      expect(config.delegation?.enabled).toBe(true);
+      expect(config.delegation?.verifier.type).toBe('agentshield');
+    });
+  });
+
+  describe('Configuration with tool protection', () => {
+    it('should accept tool protection source config', () => {
+      const config: ProviderRuntimeConfig = {
+        environment: 'development',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+        toolProtection: {
+          source: 'inline',
+          inline: {
+            test_tool: {
+              requiresDelegation: true,
+              requiredScopes: ['test:execute'],
+            },
+          },
+        },
+      };
+
+      expect(config.toolProtection?.source).toBe('inline');
+      expect(config.toolProtection?.inline?.test_tool?.requiresDelegation).toBe(true);
+    });
+  });
+
+  describe('Complete configuration', () => {
+    it('should accept complete configuration with all features', () => {
+      const config: ProviderRuntimeConfig = {
+        environment: 'production',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+        session: {
+          timestampSkewSeconds: 120,
+          ttlMinutes: 30,
+        },
+        identity: {
+          enabled: true,
+          environment: 'production',
+        },
+        proofing: {
+          enabled: true,
+          batchQueue: {
+            destinations: [
+              {
+                type: 'agentshield',
+                apiUrl: 'https://kya.vouched.id',
+                apiKey: 'as-key',
+              },
+            ],
+            maxBatchSize: 10,
+            flushIntervalMs: 5000,
+          },
+        },
+        delegation: {
+          enabled: true,
+          verifier: {
+            type: 'agentshield',
+            apiUrl: 'https://kya.vouched.id',
+            apiKey: 'as-key',
+          },
+        },
+        toolProtection: {
+          source: 'agentshield',
+          agentShield: {
+            apiUrl: 'https://kya.vouched.id',
+            apiKey: 'as-key',
+          },
+        },
+        audit: {
+          enabled: true,
+          includeProofHashes: false,
+        },
+        wellKnown: {
+          enabled: true,
+          serviceName: 'Test Service',
+        },
+      };
+
+      expect(config.environment).toBe('production');
+      expect(config.session?.timestampSkewSeconds).toBe(120);
+      expect(config.identity?.enabled).toBe(true);
+      expect(config.proofing?.enabled).toBe(true);
+      expect(config.delegation?.enabled).toBe(true);
+      expect(config.toolProtection?.source).toBe('agentshield');
+      expect(config.audit?.enabled).toBe(true);
+      expect(config.wellKnown?.enabled).toBe(true);
+    });
+  });
+
+  describe('Type composition', () => {
+    it('should extend MCPIBaseConfig', () => {
+      const config: ProviderRuntimeConfig = {
+        environment: 'development',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+        audit: {
+          enabled: true,
+        },
+        wellKnown: {
+          enabled: true,
+        },
+      };
+
+      // MCPIBaseConfig fields should be available
+      expect(config.environment).toBeDefined();
+      expect(config.audit).toBeDefined();
+      expect(config.wellKnown).toBeDefined();
+    });
+
+    it('should require all providers', () => {
+      // This test validates that all providers are required
+      const config: ProviderRuntimeConfig = {
+        environment: 'development',
+        cryptoProvider: mockCryptoProvider,
+        clockProvider: mockClockProvider,
+        fetchProvider: mockFetchProvider,
+        storageProvider: mockStorageProvider,
+        nonceCacheProvider: mockNonceCacheProvider,
+        identityProvider: mockIdentityProvider,
+      };
+
+      expect(config.cryptoProvider).toBeDefined();
+      expect(config.clockProvider).toBeDefined();
+      expect(config.fetchProvider).toBeDefined();
+      expect(config.storageProvider).toBeDefined();
+      expect(config.nonceCacheProvider).toBeDefined();
+      expect(config.identityProvider).toBeDefined();
+    });
+  });
+});