@marcusrbrown/infra 0.7.0 → 0.8.1

package/src/commands/cliproxy/shared.test.ts

@@ -0,0 +1,118 @@
+import {describe, expect, mock, test} from 'bun:test'
+import {managementHeaders, parseManagementKeyList, requestJson} from './shared'
+
+describe('managementHeaders', () => {
+  test('sets x-management-key header', () => {
+    const headers = managementHeaders('mgmt-key')
+    expect(headers.get('x-management-key')).toBe('mgmt-key')
+  })
+
+  test('sets content-type to application/json', () => {
+    const headers = managementHeaders('mgmt-key')
+    expect(headers.get('content-type')).toBe('application/json')
+  })
+
+  test('does not set Authorization header', () => {
+    const headers = managementHeaders('mgmt-key')
+    expect(headers.get('authorization')).toBeNull()
+  })
+})
+
+describe('requestJson', () => {
+  test('returns parsed JSON on success', async () => {
+    const payload = {ok: true, value: 42}
+    const mockFetch = mock(() =>
+      Promise.resolve(
+        new Response(JSON.stringify(payload), {
+          status: 200,
+          headers: {'content-type': 'application/json'},
+        }),
+      ),
+    )
+    const original = globalThis.fetch
+    globalThis.fetch = mockFetch as unknown as typeof fetch
+    try {
+      const result = await requestJson('https://example.com/api', {method: 'GET'})
+      expect(result).toEqual(payload)
+    } finally {
+      globalThis.fetch = original
+    }
+  })
+
+  test('throws with HTTP status and body on non-200 response', async () => {
+    const mockFetch = mock(() => Promise.resolve(new Response('Unauthorized', {status: 401})))
+    const original = globalThis.fetch
+    globalThis.fetch = mockFetch as unknown as typeof fetch
+    try {
+      await expect(requestJson('https://example.com/api', {method: 'POST'})).rejects.toThrow(
+        'POST https://example.com/api failed with HTTP 401: Unauthorized',
+      )
+    } finally {
+      globalThis.fetch = original
+    }
+  })
+
+  test('throws on 200 with malformed JSON body so mutating callers fail closed', async () => {
+    const mockFetch = mock(() =>
+      Promise.resolve(
+        new Response('not-json-content', {
+          status: 200,
+          headers: {'content-type': 'text/plain'},
+        }),
+      ),
+    )
+    const original = globalThis.fetch
+    globalThis.fetch = mockFetch as unknown as typeof fetch
+    try {
+      await expect(requestJson('https://example.com/api', {method: 'GET'})).rejects.toThrow(/returned malformed JSON/)
+    } finally {
+      globalThis.fetch = original
+    }
+  })
+
+  test('returns null on 204 No Content', async () => {
+    const mockFetch = mock(() => Promise.resolve(new Response(null, {status: 204})))
+    const original = globalThis.fetch
+    globalThis.fetch = mockFetch as unknown as typeof fetch
+    try {
+      const result = await requestJson('https://example.com/api', {method: 'DELETE'})
+      expect(result).toBeNull()
+    } finally {
+      globalThis.fetch = original
+    }
+  })
+})
+
+describe('parseManagementKeyList', () => {
+  test('accepts top-level string array', () => {
+    expect(parseManagementKeyList(['k1', 'k2'])).toEqual(['k1', 'k2'])
+  })
+
+  test('accepts {api-keys: string[]}', () => {
+    expect(parseManagementKeyList({'api-keys': ['k1']})).toEqual(['k1'])
+  })
+
+  test('accepts {api_keys: string[]}', () => {
+    expect(parseManagementKeyList({api_keys: ['k1']})).toEqual(['k1'])
+  })
+
+  test('throws on null payload so destructive PUTs fail closed', () => {
+    expect(() => parseManagementKeyList(null)).toThrow(/Unexpected management key-list shape/)
+  })
+
+  test('throws on empty object', () => {
+    expect(() => parseManagementKeyList({})).toThrow(/Unexpected management key-list shape/)
+  })
+
+  test('throws on array of non-strings', () => {
+    expect(() => parseManagementKeyList([1, 2, 3])).toThrow(/Unexpected management key-list shape/)
+  })
+
+  test('throws on string scalar', () => {
+    expect(() => parseManagementKeyList('not-an-array')).toThrow(/Unexpected management key-list shape/)
+  })
+
+  test('throws on object with non-array api-keys field', () => {
+    expect(() => parseManagementKeyList({'api-keys': 'k1'})).toThrow(/Unexpected management key-list shape/)
+  })
+})

package/src/commands/cliproxy/shared.ts

@@ -0,0 +1,84 @@
+// Shared HTTP helpers for cliproxy commands.
+
+export const HTTP_TIMEOUT_MS = 10_000
+
+// Permissive parser for /v0/management/api-keys list responses. Returns [] on every
+// unknown shape. Use ONLY for display paths (e.g. `cliproxy keys list`) where
+// empty-on-malformed is acceptable. Mutating callers (createManagementApiKey,
+// deleteManagementApiKey, `cliproxy keys add`) must use parseManagementKeyList
+// below — the permissive default would cause a destructive PUT to replace the
+// entire key list with just the new key.
+export function toStringArray(payload: unknown): string[] {
+  if (Array.isArray(payload)) {
+    return payload.filter((item): item is string => typeof item === 'string')
+  }
+
+  if (payload !== null && typeof payload === 'object') {
+    const obj = payload as Record<string, unknown>
+    const value = obj['api-keys'] ?? obj.api_keys
+    if (Array.isArray(value)) {
+      return value.filter((item): item is string => typeof item === 'string')
+    }
+  }
+
+  return []
+}
+
+// Strict parser for /v0/management/api-keys list responses used by mutating callers.
+// Falls back to throw on any unknown shape — never returns [] on malformed input.
+// Accepts string[], {api-keys: string[]}, or {api_keys: string[]}. Throws on every other shape.
+export function parseManagementKeyList(payload: unknown): string[] {
+  if (Array.isArray(payload)) {
+    if (!payload.every((item): item is string => typeof item === 'string')) {
+      throw new Error(
+        `Unexpected management key-list shape: top-level array contains non-string entries (got ${JSON.stringify(payload).slice(0, 100)})`,
+      )
+    }
+    return payload
+  }
+
+  if (payload !== null && typeof payload === 'object') {
+    const obj = payload as Record<string, unknown>
+    const value = obj['api-keys'] ?? obj.api_keys
+    if (Array.isArray(value) && value.every((item): item is string => typeof item === 'string')) {
+      return value
+    }
+  }
+
+  throw new Error(
+    `Unexpected management key-list shape: expected string[] or {api-keys: string[]} (got ${JSON.stringify(payload).slice(0, 100)})`,
+  )
+}
+
+export function managementHeaders(key: string): Headers {
+  const headers = new Headers()
+  headers.set('x-management-key', key)
+  headers.set('content-type', 'application/json')
+  return headers
+}
+
+export async function requestJson(endpoint: string, init: RequestInit): Promise<unknown> {
+  const response = await fetch(endpoint, {
+    ...init,
+    signal: AbortSignal.timeout(HTTP_TIMEOUT_MS),
+  })
+
+  if (!response.ok) {
+    const body = await response.text()
+    throw new Error(`${init.method ?? 'GET'} ${endpoint} failed with HTTP ${response.status}: ${body}`)
+  }
+
+  // 204 No Content is a valid empty response for some mutations.
+  if (response.status === 204) return null
+
+  // JSON parse failures must surface — permissive parsing here caused a data-loss
+  // class bug (PR #312 Fro Bot review): bad management JSON would silently become
+  // null, then toStringArray(null) → [], then a destructive PUT would replace the
+  // entire key list with just the new key.
+  try {
+    return await response.json()
+  } catch (parseError) {
+    const message = parseError instanceof Error ? parseError.message : String(parseError)
+    throw new Error(`${init.method ?? 'GET'} ${endpoint} returned malformed JSON: ${message}`)
+  }
+}

package/src/commands/cliproxy/status.ts

@@ -4,6 +4,8 @@ import type {StatusSummary} from '../status'
 
 import {z} from 'zod'
 
+import {HTTP_TIMEOUT_MS, managementHeaders} from './shared'
+
 /** Minimal ctx surface consumed by cliproxy status actions. Satisfied by both GokeExecutionContext and CapturedCtx. */
 // ActionCtx imported from lib/action-ctx — single source of truth for action ctx shape
 
@@ -13,7 +15,6 @@ declare const process: {
 }
 
 const DEFAULT_CLIPROXY_URL = 'https://cliproxy.fro.bot'
-const HTTP_TIMEOUT_MS = 10_000
 
 type CheckLevel = 'ok' | 'warning' | 'error'
 
@@ -44,12 +45,6 @@ export function stripTrailingSlash(value: string): string {
   return value.endsWith('/') ? value.slice(0, -1) : value
 }
 
-function managementHeaders(key: string): Headers {
-  const headers = new Headers()
-  headers.set('x-management-key', key)
-  return headers
-}
-
 async function parseJsonResponse(response: Response): Promise<unknown> {
   try {
     return await response.json()