@kya-os/mcp-i-core 1.3.7-canary.0 → 1.3.7-canary.clientinfo.20251126041014

package/src/__tests__/integration/full-flow.test.ts

@@ -0,0 +1,776 @@
+/**
+ * Full Flow Integration Tests
+ *
+ * End-to-end integration tests covering:
+ * - Complete handshake → tool call → proof flow
+ * - Tool protection enforcement
+ * - Delegation flow (intercept → authorize → resume)
+ * - AgentShield integration
+ * - Caching behavior
+ */
+
+import { describe, test, expect, beforeEach, vi, afterEach } from "vitest";
+import { MCPIRuntimeBase } from "../../runtime/base";
+import { ToolProtectionService } from "../../services/tool-protection.service";
+import {
+  InMemoryToolProtectionCache,
+  type ToolProtectionCache,
+} from "../../cache/tool-protection-cache";
+import {
+  MemoryStorageProvider,
+  MemoryNonceCacheProvider,
+  MemoryIdentityProvider,
+} from "../../providers/memory";
+import {
+  createMockProviders,
+  MockCryptoProvider,
+  MockClockProvider,
+  MockFetchProvider,
+} from "../utils/mock-providers";
+import type { ToolProtectionServiceConfig } from "../../types/tool-protection";
+import type { ProviderRuntimeConfig } from "../../config";
+
+// Type declaration for global (polyfilled by Vitest)
+declare const global: typeof globalThis;
+
+// Mock global fetch
+global.fetch = vi.fn();
+
+describe("Full Flow Integration", () => {
+  let runtime: MCPIRuntimeBase;
+  let toolProtectionService: ToolProtectionService;
+  let cache: ToolProtectionCache;
+  let config: ProviderRuntimeConfig;
+  let mockProviders: ReturnType<typeof createMockProviders>;
+  const mockAgentDid =
+    "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK";
+
+  beforeEach(async () => {
+    vi.clearAllMocks();
+    mockProviders = createMockProviders();
+
+    cache = new InMemoryToolProtectionCache();
+    const toolProtectionConfig: ToolProtectionServiceConfig = {
+      apiUrl: "https://kya.vouched.id",
+      apiKey: "test-api-key",
+      projectId: "test-project",
+      cacheTtl: 300000,
+      debug: false,
+    };
+    toolProtectionService = new ToolProtectionService(
+      toolProtectionConfig,
+      cache
+    );
+
+    config = {
+      ...mockProviders,
+      environment: "development",
+      session: {
+        timestampSkewSeconds: 120,
+        ttlMinutes: 30,
+      },
+      audit: {
+        enabled: true,
+        logFunction: vi.fn(),
+        includePayloads: true,
+      },
+      toolProtection: {
+        source: "agentshield",
+        agentShield: {
+          apiUrl: "https://kya.vouched.id",
+          apiKey: "test-api-key",
+        },
+      },
+    };
+
+    runtime = new MCPIRuntimeBase(config);
+    await runtime.initialize();
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+  });
+
+  describe("Complete handshake → tool call → proof flow", () => {
+    test("should complete full authentication and tool execution cycle", async () => {
+      // Step 1: Client initiates handshake
+      const handshakeRequest = {
+        clientDid: "did:key:zclient789",
+        audience: "https://app.example.com",
+      };
+
+      const handshakeResponse = await runtime.handleHandshake(handshakeRequest);
+
+      expect(handshakeResponse.sessionId).toBeDefined();
+      expect(handshakeResponse.agentDid).toMatch(/^did:key:z/);
+      expect(handshakeResponse.signature).toBeDefined();
+      expect(handshakeResponse.capabilities).toContain("identity");
+
+      // Step 2: Get session and issue nonce
+      const session = await runtime.getCurrentSession();
+      expect(session).toBeDefined();
+      expect(session?.clientDid).toBe(handshakeRequest.clientDid);
+      expect(session?.audience).toBe(handshakeRequest.audience);
+
+      const nonce = await runtime.issueNonce(session!.id);
+      session!.nonce = nonce;
+
+      // Step 3: Execute unprotected tool
+      const toolHandler = async (args: any) => {
+        return {
+          message: `Hello ${args.name}!`,
+          timestamp: Date.now(),
+        };
+      };
+
+      const result = await runtime.processToolCall(
+        "greetingTool",
+        { name: "Alice" },
+        toolHandler,
+        session
+      );
+
+      expect(result.message).toBe("Hello Alice!");
+
+      // Step 4: Verify proof was created
+      const proof = runtime.getLastProof();
+      expect(proof).toBeDefined();
+      expect(proof?.nonce).toBe(nonce);
+      expect(proof?.sessionId).toBe(session!.id);
+      expect(proof?.audience).toBe("https://app.example.com");
+    });
+
+    test("should handle multiple tool calls in sequence", async () => {
+      const handshakeResponse = await runtime.handleHandshake({
+        clientDid: "did:key:zclient789",
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      expect(session).toBeDefined();
+
+      const nonce1 = await runtime.issueNonce(session!.id);
+      session!.nonce = nonce1;
+
+      // First tool call
+      const result1 = await runtime.processToolCall(
+        "tool1",
+        { arg: "value1" },
+        async (args) => ({ result: args.arg }),
+        session
+      );
+
+      expect(result1.result).toBe("value1");
+
+      // Second tool call with new nonce
+      const nonce2 = await runtime.issueNonce(session!.id);
+      session!.nonce = nonce2;
+
+      const result2 = await runtime.processToolCall(
+        "tool2",
+        { arg: "value2" },
+        async (args) => ({ result: args.arg }),
+        session
+      );
+
+      expect(result2.result).toBe("value2");
+
+      // Verify both proofs were created
+      const proof = runtime.getLastProof();
+      expect(proof?.nonce).toBe(nonce2);
+    });
+
+    test("should propagate client DID through entire flow", async () => {
+      const clientDid = "did:key:zclient789";
+      const handshakeResponse = await runtime.handleHandshake({
+        clientDid,
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      expect(session?.clientDid).toBe(clientDid);
+
+      const nonce = await runtime.issueNonce(session!.id);
+      session!.nonce = nonce;
+
+      await runtime.processToolCall(
+        "testTool",
+        { test: "data" },
+        async () => ({}),
+        session
+      );
+
+      const proof = runtime.getLastProof();
+      expect(proof).toBeDefined();
+      // Client DID should be in proof metadata
+      expect((proof as any).clientDid || session?.clientDid).toBe(clientDid);
+    });
+  });
+
+  describe("Tool protection enforcement flow", () => {
+    test("should allow unprotected tool calls", async () => {
+      // Mock API response with unprotected tool
+      const apiResponse = {
+        success: true,
+        data: {
+          toolProtections: {
+            search: {
+              requiresDelegation: false,
+              requiredScopes: [],
+            },
+          },
+        },
+        metadata: {},
+      };
+
+      (global.fetch as any).mockResolvedValueOnce({
+        ok: true,
+        json: async () => apiResponse,
+      });
+
+      const handshakeResponse = await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      const nonce = await runtime.issueNonce(session!.id);
+      session!.nonce = nonce;
+
+      // Mock tool protection service
+      const protection = await toolProtectionService.checkToolProtection(
+        "search",
+        mockAgentDid
+      );
+      expect(protection).toBeNull(); // No protection required
+
+      // Tool call should proceed normally
+      const result = await runtime.processToolCall(
+        "search",
+        { query: "test" },
+        async (args) => ({ results: [] }),
+        session
+      );
+
+      expect(result).toBeDefined();
+    });
+
+    test("should intercept protected tool calls without delegation", async () => {
+      // Mock API response with protected tool
+      const apiResponse = {
+        success: true,
+        data: {
+          toolProtections: {
+            checkout: {
+              requiresDelegation: true,
+              requiredScopes: ["cart:write"],
+            },
+          },
+        },
+        metadata: {},
+      };
+
+      (global.fetch as any).mockResolvedValueOnce({
+        ok: true,
+        json: async () => apiResponse,
+      });
+
+      const handshakeResponse = await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      const nonce = await runtime.issueNonce(session!.id);
+      session!.nonce = nonce;
+
+      // Check protection
+      const protection = await toolProtectionService.checkToolProtection(
+        "checkout",
+        mockAgentDid
+      );
+      expect(protection).toBeDefined();
+      expect(protection?.requiresDelegation).toBe(true);
+
+      // Tool call should be intercepted
+      // Note: Actual interception happens in runtime.processToolCall
+      // This test verifies the protection check works correctly
+      expect(protection?.requiredScopes).toContain("cart:write");
+    });
+  });
+
+  describe("Delegation flow (intercept → authorize → resume)", () => {
+    test("should store intercepted call for resumption", async () => {
+      const handshakeResponse = await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      expect(session).toBeDefined();
+
+      // Simulate intercepted call storage
+      const interceptedCall = {
+        toolName: "checkout",
+        args: { cartId: "123" },
+        sessionId: session!.id,
+        timestamp: Date.now(),
+        expiresAt: Date.now() + 3600000, // 1 hour
+      };
+
+      // Verify intercepted call structure
+      expect(interceptedCall.toolName).toBe("checkout");
+      expect(interceptedCall.args.cartId).toBe("123");
+      expect(interceptedCall.sessionId).toBe(session!.id);
+    });
+
+    test("should generate resume token for intercepted calls", async () => {
+      const handshakeResponse = await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+
+      // Generate resume token (simulated)
+      const resumeToken = `resume_${session!.id}_${Date.now()}`;
+
+      expect(resumeToken).toMatch(/^resume_/);
+      expect(resumeToken).toContain(session!.id);
+    });
+
+    test("should build consent URL with resume token", async () => {
+      const handshakeResponse = await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      const resumeToken = `resume_${session!.id}_${Date.now()}`;
+
+      // Build consent URL
+      const consentUrl = `https://kya.vouched.id/consent?resume_token=${resumeToken}&tool=checkout&scopes=cart:write`;
+
+      expect(consentUrl).toContain("resume_token=");
+      expect(consentUrl).toContain("tool=checkout");
+      expect(consentUrl).toContain("scopes=cart:write");
+    });
+  });
+
+  describe("AgentShield integration flow", () => {
+    test("should fetch tool protection config from AgentShield", async () => {
+      const apiResponse = {
+        success: true,
+        data: {
+          toolProtections: {
+            protected_tool: {
+              requiresDelegation: true,
+              requiredScopes: ["scope1"],
+            },
+          },
+        },
+        metadata: {},
+      };
+
+      (global.fetch as any).mockResolvedValueOnce({
+        ok: true,
+        json: async () => apiResponse,
+      });
+
+      const config =
+        await toolProtectionService.getToolProtectionConfig(mockAgentDid);
+
+      expect(config.toolProtections.protected_tool).toBeDefined();
+      expect(config.toolProtections.protected_tool.requiresDelegation).toBe(
+        true
+      );
+      expect(global.fetch).toHaveBeenCalledWith(
+        expect.stringContaining(
+          "/api/v1/bouncer/projects/test-project/tool-protections"
+        ),
+        expect.any(Object)
+      );
+    });
+
+    test("should cache tool protection config", async () => {
+      const apiResponse = {
+        success: true,
+        data: {
+          toolProtections: {
+            tool1: {
+              requiresDelegation: true,
+              requiredScopes: ["scope1"],
+            },
+          },
+        },
+        metadata: {},
+      };
+
+      (global.fetch as any).mockResolvedValueOnce({
+        ok: true,
+        json: async () => apiResponse,
+      });
+
+      // First call - should fetch from API
+      const config1 =
+        await toolProtectionService.getToolProtectionConfig(mockAgentDid);
+
+      // Second call - should use cache
+      const config2 =
+        await toolProtectionService.getToolProtectionConfig(mockAgentDid);
+
+      expect(config1).toEqual(config2);
+      expect(global.fetch).toHaveBeenCalledTimes(1);
+    });
+
+    test("should use fallback config when API fails", async () => {
+      const fallbackConfig = {
+        toolProtections: {
+          fallback_tool: {
+            requiresDelegation: true,
+            requiredScopes: ["fallback"],
+          },
+        },
+      };
+
+      const toolProtectionConfig: ToolProtectionServiceConfig = {
+        apiUrl: "https://kya.vouched.id",
+        apiKey: "test-api-key",
+        projectId: "test-project",
+        cacheTtl: 300000,
+        fallbackConfig,
+        debug: false,
+      };
+
+      const serviceWithFallback = new ToolProtectionService(
+        toolProtectionConfig,
+        cache
+      );
+
+      (global.fetch as any).mockRejectedValueOnce(new Error("Network error"));
+
+      const result =
+        await serviceWithFallback.getToolProtectionConfig(mockAgentDid);
+
+      expect(result).toEqual(fallbackConfig);
+    });
+  });
+
+  describe("Session expiry handling", () => {
+    test("should handle expired sessions correctly", async () => {
+      const clock = mockProviders.clockProvider as MockClockProvider;
+      const currentTime = Date.now();
+      clock.setTime(currentTime);
+
+      await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://app.example.com",
+      });
+
+      let session = await runtime.getCurrentSession();
+      expect(session).toBeDefined();
+
+      // Advance time past expiry (30 minutes + 1 second)
+      clock.setTime(currentTime + 30 * 60 * 1000 + 1000);
+
+      session = await runtime.getCurrentSession();
+      expect(session).toBeNull();
+    });
+
+    test("should reject tool calls with expired session", async () => {
+      const clock = mockProviders.clockProvider as MockClockProvider;
+      const currentTime = Date.now();
+      clock.setTime(currentTime);
+
+      await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      expect(session).toBeDefined();
+
+      // Advance time past expiry
+      clock.setTime(currentTime + 30 * 60 * 1000 + 1000);
+
+      // Session should be expired
+      const expiredSession = await runtime.getCurrentSession();
+      expect(expiredSession).toBeNull();
+    });
+  });
+
+  describe("Error handling in full flow", () => {
+    test("should handle tool protection service errors gracefully", async () => {
+      // Mock API failure
+      (global.fetch as any).mockRejectedValueOnce(new Error("Network error"));
+
+      // Should fail-closed (deny-all) by default
+      const config =
+        await toolProtectionService.getToolProtectionConfig(mockAgentDid);
+
+      expect(config.toolProtections['*']).toBeDefined();
+      expect(config.toolProtections['*']?.requiresDelegation).toBe(true);
+    });
+
+    test("should handle invalid API responses", async () => {
+      (global.fetch as any).mockResolvedValueOnce({
+        ok: true,
+        json: async () => ({
+          success: false,
+          error: "Invalid request",
+        }),
+      });
+
+      await expect(
+        toolProtectionService.getToolProtectionConfig(mockAgentDid)
+      ).rejects.toThrow("API returned success: false");
+    });
+
+    test("should handle network timeouts", async () => {
+      const fallbackConfig = {
+        toolProtections: {
+          tool1: {
+            requiresDelegation: true,
+            requiredScopes: ["scope1"],
+          },
+        },
+      };
+
+      const toolProtectionConfig: ToolProtectionServiceConfig = {
+        apiUrl: "https://kya.vouched.id",
+        apiKey: "test-api-key",
+        projectId: "test-project",
+        cacheTtl: 300000,
+        fallbackConfig,
+        debug: false,
+      };
+
+      const serviceWithFallback = new ToolProtectionService(
+        toolProtectionConfig,
+        cache
+      );
+
+      (global.fetch as any).mockRejectedValueOnce(new Error("Network timeout"));
+
+      const result =
+        await serviceWithFallback.getToolProtectionConfig(mockAgentDid);
+
+      expect(result).toEqual(fallbackConfig);
+    });
+  });
+
+  describe("Cache integration in full flow", () => {
+    test("should share cache across multiple service instances", async () => {
+      const apiResponse = {
+        success: true,
+        data: {
+          toolProtections: {
+            tool1: {
+              requiresDelegation: true,
+              requiredScopes: ["scope1"],
+            },
+          },
+        },
+        metadata: {},
+      };
+
+      (global.fetch as any).mockResolvedValueOnce({
+        ok: true,
+        json: async () => apiResponse,
+      });
+
+      const service1 = new ToolProtectionService(
+        {
+          apiUrl: "https://kya.vouched.id",
+          apiKey: "test-api-key",
+          projectId: "test-project",
+          cacheTtl: 300000,
+        },
+        cache
+      );
+
+      const service2 = new ToolProtectionService(
+        {
+          apiUrl: "https://kya.vouched.id",
+          apiKey: "test-api-key",
+          projectId: "test-project",
+          cacheTtl: 300000,
+        },
+        cache
+      );
+
+      // First service fetches from API
+      await service1.getToolProtectionConfig(mockAgentDid);
+
+      // Second service should use cached value
+      const config2 = await service2.getToolProtectionConfig(mockAgentDid);
+
+      expect(global.fetch).toHaveBeenCalledTimes(1);
+      expect(config2.toolProtections.tool1).toBeDefined();
+    });
+
+    test("should clear cache when needed", async () => {
+      const apiResponse = {
+        success: true,
+        data: {
+          toolProtections: {
+            tool1: {
+              requiresDelegation: true,
+              requiredScopes: ["scope1"],
+            },
+          },
+        },
+        metadata: {},
+      };
+
+      (global.fetch as any).mockResolvedValue({
+        ok: true,
+        json: async () => apiResponse,
+      });
+
+      // Fetch and cache
+      await toolProtectionService.getToolProtectionConfig(mockAgentDid);
+
+      // Clear cache
+      await toolProtectionService.clearCache(mockAgentDid);
+
+      // Next fetch should go to API again
+      await toolProtectionService.getToolProtectionConfig(mockAgentDid);
+
+      expect(global.fetch).toHaveBeenCalledTimes(2);
+    });
+  });
+
+  describe("Real-world e-commerce scenario", () => {
+    test("should handle complete e-commerce flow with tool protection", async () => {
+      // Step 1: Set up tool protection config
+      const apiResponse = {
+        success: true,
+        data: {
+          toolProtections: {
+            search_products: {
+              requiresDelegation: false,
+              requiredScopes: [],
+            },
+            add_to_cart: {
+              requiresDelegation: true,
+              requiredScopes: ["cart:write"],
+            },
+            checkout: {
+              requiresDelegation: true,
+              requiredScopes: ["cart:write", "payment:process"],
+            },
+          },
+        },
+        metadata: {},
+      };
+
+      (global.fetch as any).mockResolvedValueOnce({
+        ok: true,
+        json: async () => apiResponse,
+      });
+
+      // Step 2: Handshake
+      const handshakeResponse = await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://shop.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      expect(session).toBeDefined();
+
+      // Step 3: Unprotected tool call (search)
+      const nonce1 = await runtime.issueNonce(session!.id);
+      session!.nonce = nonce1;
+
+      const searchProtection = await toolProtectionService.checkToolProtection(
+        "search_products",
+        mockAgentDid
+      );
+      expect(searchProtection).toBeNull(); // No protection
+
+      const searchResult = await runtime.processToolCall(
+        "search_products",
+        { query: "laptop" },
+        async () => ({ products: [] }),
+        session
+      );
+
+      expect(searchResult).toBeDefined();
+
+      // Step 4: Check protection for add_to_cart (should require delegation)
+      const nonce2 = await runtime.issueNonce(session!.id);
+      session!.nonce = nonce2;
+
+      const cartProtection = await toolProtectionService.checkToolProtection(
+        "add_to_cart",
+        mockAgentDid
+      );
+
+      expect(cartProtection).toBeDefined();
+      expect(cartProtection?.requiresDelegation).toBe(true);
+      expect(cartProtection?.requiredScopes).toContain("cart:write");
+
+      // Step 5: Verify proof was created for search tool call (not for protection check)
+      const proof = runtime.getLastProof();
+      expect(proof).toBeDefined();
+      expect(proof?.nonce).toBe(nonce1); // Proof from search_products call
+    });
+  });
+
+  describe("Concurrent operations", () => {
+    test("should handle concurrent tool calls", async () => {
+      await runtime.handleHandshake({
+        clientDid: "did:key:zclient",
+        audience: "https://app.example.com",
+      });
+
+      const session = await runtime.getCurrentSession();
+      expect(session).toBeDefined();
+
+      // Issue multiple nonces
+      const nonces = await Promise.all([
+        runtime.issueNonce(session!.id),
+        runtime.issueNonce(session!.id),
+        runtime.issueNonce(session!.id),
+      ]);
+
+      expect(nonces).toHaveLength(3);
+      expect(new Set(nonces).size).toBe(3); // All unique
+    });
+
+    test("should handle concurrent cache operations", async () => {
+      const apiResponse = {
+        success: true,
+        data: {
+          toolProtections: {
+            tool1: {
+              requiresDelegation: true,
+              requiredScopes: ["scope1"],
+            },
+          },
+        },
+        metadata: {},
+      };
+
+      (global.fetch as any).mockResolvedValue({
+        ok: true,
+        json: async () => apiResponse,
+      });
+
+      // Concurrent config fetches
+      const promises = [
+        toolProtectionService.getToolProtectionConfig(mockAgentDid),
+        toolProtectionService.getToolProtectionConfig(mockAgentDid),
+        toolProtectionService.getToolProtectionConfig(mockAgentDid),
+      ];
+
+      const results = await Promise.all(promises);
+
+      // All should return same config
+      results.forEach((result) => {
+        expect(result.toolProtections.tool1).toBeDefined();
+      });
+    });
+  });
+});