@markwharton/pwa-core 1.2.0 → 1.3.0

package/dist/__tests__/server/auth/token.test.js

@@ -0,0 +1,212 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const token_1 = require("../../../server/auth/token");
+// Reset module state before each test
+(0, vitest_1.beforeEach)(() => {
+    // Re-import to reset module state
+    vitest_1.vi.resetModules();
+});
+(0, vitest_1.describe)('JWT utilities', () => {
+    const validSecret = 'a'.repeat(32); // 32 character secret
+    (0, vitest_1.describe)('initAuth', () => {
+        (0, vitest_1.it)('initializes with valid secret', async () => {
+            const { initAuth, getJwtSecret } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            (0, vitest_1.expect)(getJwtSecret()).toBe(validSecret);
+        });
+        (0, vitest_1.it)('throws if secret is undefined', async () => {
+            const { initAuth } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            (0, vitest_1.expect)(() => initAuth(undefined)).toThrow('JWT_SECRET must be at least 32 characters');
+        });
+        (0, vitest_1.it)('throws if secret is too short', async () => {
+            const { initAuth } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            (0, vitest_1.expect)(() => initAuth('short')).toThrow('JWT_SECRET must be at least 32 characters');
+        });
+        (0, vitest_1.it)('accepts custom minimum length', async () => {
+            const { initAuth, getJwtSecret } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            const shortSecret = 'a'.repeat(16);
+            initAuth(shortSecret, 16);
+            (0, vitest_1.expect)(getJwtSecret()).toBe(shortSecret);
+        });
+        (0, vitest_1.it)('throws if secret shorter than custom minimum', async () => {
+            const { initAuth } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            (0, vitest_1.expect)(() => initAuth('a'.repeat(15), 16)).toThrow('JWT_SECRET must be at least 16 characters');
+        });
+    });
+    (0, vitest_1.describe)('getJwtSecret', () => {
+        (0, vitest_1.it)('throws if not initialized', async () => {
+            const { getJwtSecret } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            (0, vitest_1.expect)(() => getJwtSecret()).toThrow('Auth not initialized. Call initAuth() first.');
+        });
+        (0, vitest_1.it)('returns secret after initialization', async () => {
+            const { initAuth, getJwtSecret } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            (0, vitest_1.expect)(getJwtSecret()).toBe(validSecret);
+        });
+    });
+    (0, vitest_1.describe)('extractToken', () => {
+        (0, vitest_1.it)('extracts token from Bearer header', () => {
+            (0, vitest_1.expect)((0, token_1.extractToken)('Bearer mytoken123')).toBe('mytoken123');
+        });
+        (0, vitest_1.it)('returns null for null header', () => {
+            (0, vitest_1.expect)((0, token_1.extractToken)(null)).toBeNull();
+        });
+        (0, vitest_1.it)('returns null for empty header', () => {
+            (0, vitest_1.expect)((0, token_1.extractToken)('')).toBeNull();
+        });
+        (0, vitest_1.it)('returns null for non-Bearer header', () => {
+            (0, vitest_1.expect)((0, token_1.extractToken)('Basic abc123')).toBeNull();
+        });
+        (0, vitest_1.it)('returns null for malformed Bearer header', () => {
+            (0, vitest_1.expect)((0, token_1.extractToken)('Bearertoken')).toBeNull();
+        });
+        (0, vitest_1.it)('handles token with spaces', () => {
+            (0, vitest_1.expect)((0, token_1.extractToken)('Bearer token with spaces')).toBe('token with spaces');
+        });
+    });
+    (0, vitest_1.describe)('validateToken', () => {
+        (0, vitest_1.it)('returns ok result for valid token', async () => {
+            const { initAuth, validateToken, generateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const payload = { userId: '123' };
+            const token = generateToken(payload);
+            const result = validateToken(token);
+            (0, vitest_1.expect)(result.ok).toBe(true);
+            (0, vitest_1.expect)(result.data?.userId).toBe('123');
+        });
+        (0, vitest_1.it)('returns error for invalid token', async () => {
+            const { initAuth, validateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const result = validateToken('invalid-token');
+            (0, vitest_1.expect)(result.ok).toBe(false);
+            (0, vitest_1.expect)(result.error).toBeDefined();
+        });
+        (0, vitest_1.it)('returns error for expired token', async () => {
+            const { initAuth, validateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const expiredToken = jsonwebtoken_1.default.sign({ userId: '123' }, validSecret, { expiresIn: '-1s' });
+            const result = validateToken(expiredToken);
+            (0, vitest_1.expect)(result.ok).toBe(false);
+            (0, vitest_1.expect)(result.error).toContain('expired');
+        });
+        (0, vitest_1.it)('returns error for token signed with different secret', async () => {
+            const { initAuth, validateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const wrongToken = jsonwebtoken_1.default.sign({ userId: '123' }, 'different-secret-that-is-32-chars');
+            const result = validateToken(wrongToken);
+            (0, vitest_1.expect)(result.ok).toBe(false);
+        });
+        (0, vitest_1.it)('returns error for token with string payload', async () => {
+            const { initAuth, validateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            // jwt.sign with a string payload returns a string from jwt.verify
+            const stringPayloadToken = jsonwebtoken_1.default.sign('not-an-object', validSecret);
+            const result = validateToken(stringPayloadToken);
+            (0, vitest_1.expect)(result.ok).toBe(false);
+            (0, vitest_1.expect)(result.error).toBe('Invalid token payload');
+        });
+        (0, vitest_1.it)('returns default error message for non-Error throw', async () => {
+            const { initAuth, validateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            // Mock jwt.verify to throw a non-Error value
+            const originalVerify = jsonwebtoken_1.default.verify;
+            jsonwebtoken_1.default.verify = () => {
+                throw 'string error';
+            };
+            const result = validateToken('any-token');
+            (0, vitest_1.expect)(result.ok).toBe(false);
+            (0, vitest_1.expect)(result.error).toBe('Token validation failed');
+            // Restore original
+            jsonwebtoken_1.default.verify = originalVerify;
+        });
+    });
+    (0, vitest_1.describe)('generateToken', () => {
+        (0, vitest_1.it)('generates valid JWT', async () => {
+            const { initAuth, generateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const token = generateToken({ userId: '123' });
+            (0, vitest_1.expect)(token).toBeTruthy();
+            (0, vitest_1.expect)(token.split('.')).toHaveLength(3);
+        });
+        (0, vitest_1.it)('includes payload in token', async () => {
+            const { initAuth, generateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const token = generateToken({ userId: '123', role: 'admin' });
+            const decoded = jsonwebtoken_1.default.verify(token, validSecret);
+            (0, vitest_1.expect)(decoded.userId).toBe('123');
+            (0, vitest_1.expect)(decoded.role).toBe('admin');
+        });
+        (0, vitest_1.it)('uses default 7d expiration', async () => {
+            const { initAuth, generateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const token = generateToken({ userId: '123' });
+            const decoded = jsonwebtoken_1.default.verify(token, validSecret);
+            const expiresInSeconds = decoded.exp - decoded.iat;
+            (0, vitest_1.expect)(expiresInSeconds).toBe(7 * 24 * 60 * 60); // 7 days
+        });
+        (0, vitest_1.it)('accepts custom expiration', async () => {
+            const { initAuth, generateToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const token = generateToken({ userId: '123' }, '1h');
+            const decoded = jsonwebtoken_1.default.verify(token, validSecret);
+            const expiresInSeconds = decoded.exp - decoded.iat;
+            (0, vitest_1.expect)(expiresInSeconds).toBe(60 * 60); // 1 hour
+        });
+    });
+    (0, vitest_1.describe)('generateLongLivedToken', () => {
+        (0, vitest_1.it)('generates token with 10-year default expiration', async () => {
+            const { initAuth, generateLongLivedToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const token = generateLongLivedToken({ userId: '123' });
+            const decoded = jsonwebtoken_1.default.verify(token, validSecret);
+            const expiresInDays = (decoded.exp - decoded.iat) / (24 * 60 * 60);
+            (0, vitest_1.expect)(expiresInDays).toBe(3650);
+        });
+        (0, vitest_1.it)('accepts custom expiration in days', async () => {
+            const { initAuth, generateLongLivedToken } = await Promise.resolve().then(() => __importStar(require('../../../server/auth/token')));
+            initAuth(validSecret);
+            const token = generateLongLivedToken({ userId: '123' }, 365);
+            const decoded = jsonwebtoken_1.default.verify(token, validSecret);
+            const expiresInDays = (decoded.exp - decoded.iat) / (24 * 60 * 60);
+            (0, vitest_1.expect)(expiresInDays).toBe(365);
+        });
+    });
+});

package/dist/__tests__/server/http/responses.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/server/http/responses.test.js

@@ -0,0 +1,112 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const responses_1 = require("../../../server/http/responses");
+const status_1 = require("../../../shared/http/status");
+(0, vitest_1.describe)('HTTP response helpers', () => {
+    (0, vitest_1.describe)('badRequestResponse', () => {
+        (0, vitest_1.it)('returns 400 status with error message', () => {
+            const response = (0, responses_1.badRequestResponse)('Invalid input');
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.BAD_REQUEST);
+            (0, vitest_1.expect)(response.jsonBody).toEqual({ error: 'Invalid input' });
+        });
+    });
+    (0, vitest_1.describe)('unauthorizedResponse', () => {
+        (0, vitest_1.it)('returns 401 status with default message', () => {
+            const response = (0, responses_1.unauthorizedResponse)();
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.UNAUTHORIZED);
+            (0, vitest_1.expect)(response.jsonBody).toEqual({ error: 'Unauthorized' });
+        });
+        (0, vitest_1.it)('returns 401 status with custom message', () => {
+            const response = (0, responses_1.unauthorizedResponse)('Token expired');
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.UNAUTHORIZED);
+            (0, vitest_1.expect)(response.jsonBody).toEqual({ error: 'Token expired' });
+        });
+    });
+    (0, vitest_1.describe)('forbiddenResponse', () => {
+        (0, vitest_1.it)('returns 403 status with default message', () => {
+            const response = (0, responses_1.forbiddenResponse)();
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.FORBIDDEN);
+            (0, vitest_1.expect)(response.jsonBody).toEqual({ error: 'Forbidden' });
+        });
+        (0, vitest_1.it)('returns 403 status with custom message', () => {
+            const response = (0, responses_1.forbiddenResponse)('Admin access required');
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.FORBIDDEN);
+            (0, vitest_1.expect)(response.jsonBody).toEqual({ error: 'Admin access required' });
+        });
+    });
+    (0, vitest_1.describe)('notFoundResponse', () => {
+        (0, vitest_1.it)('returns 404 status with resource name', () => {
+            const response = (0, responses_1.notFoundResponse)('User');
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.NOT_FOUND);
+            (0, vitest_1.expect)(response.jsonBody).toEqual({ error: 'User not found' });
+        });
+    });
+    (0, vitest_1.describe)('conflictResponse', () => {
+        (0, vitest_1.it)('returns 409 status with error message', () => {
+            const response = (0, responses_1.conflictResponse)('Resource already exists');
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.CONFLICT);
+            (0, vitest_1.expect)(response.jsonBody).toEqual({ error: 'Resource already exists' });
+        });
+    });
+    (0, vitest_1.describe)('handleFunctionError', () => {
+        (0, vitest_1.it)('logs error and returns 500 response', () => {
+            const mockContext = {
+                error: vitest_1.vi.fn()
+            };
+            const error = new Error('Database connection failed');
+            const response = (0, responses_1.handleFunctionError)(error, mockContext);
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.INTERNAL_ERROR);
+            (0, vitest_1.expect)(response.jsonBody).toEqual({ error: 'Internal server error' });
+            (0, vitest_1.expect)(mockContext.error).toHaveBeenCalledWith('Function error: Database connection failed');
+        });
+        (0, vitest_1.it)('handles non-Error objects', () => {
+            const mockContext = {
+                error: vitest_1.vi.fn()
+            };
+            const response = (0, responses_1.handleFunctionError)('string error', mockContext);
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.INTERNAL_ERROR);
+            (0, vitest_1.expect)(mockContext.error).toHaveBeenCalledWith('Function error: Unknown error');
+        });
+        (0, vitest_1.it)('handles null/undefined errors', () => {
+            const mockContext = {
+                error: vitest_1.vi.fn()
+            };
+            const response = (0, responses_1.handleFunctionError)(null, mockContext);
+            (0, vitest_1.expect)(response.status).toBe(status_1.HTTP_STATUS.INTERNAL_ERROR);
+            (0, vitest_1.expect)(mockContext.error).toHaveBeenCalledWith('Function error: Unknown error');
+        });
+    });
+    (0, vitest_1.describe)('isNotFoundError', () => {
+        (0, vitest_1.it)('returns true for 404 error', () => {
+            const error = Object.assign(new Error('Not found'), { statusCode: 404 });
+            (0, vitest_1.expect)((0, responses_1.isNotFoundError)(error)).toBe(true);
+        });
+        (0, vitest_1.it)('returns false for other status codes', () => {
+            const error = Object.assign(new Error('Conflict'), { statusCode: 409 });
+            (0, vitest_1.expect)((0, responses_1.isNotFoundError)(error)).toBe(false);
+        });
+        (0, vitest_1.it)('returns false for non-Error objects', () => {
+            (0, vitest_1.expect)((0, responses_1.isNotFoundError)({ statusCode: 404 })).toBe(false);
+        });
+        (0, vitest_1.it)('returns false for errors without statusCode', () => {
+            (0, vitest_1.expect)((0, responses_1.isNotFoundError)(new Error('Not found'))).toBe(false);
+        });
+    });
+    (0, vitest_1.describe)('isConflictError', () => {
+        (0, vitest_1.it)('returns true for 409 error', () => {
+            const error = Object.assign(new Error('Conflict'), { statusCode: 409 });
+            (0, vitest_1.expect)((0, responses_1.isConflictError)(error)).toBe(true);
+        });
+        (0, vitest_1.it)('returns false for other status codes', () => {
+            const error = Object.assign(new Error('Not found'), { statusCode: 404 });
+            (0, vitest_1.expect)((0, responses_1.isConflictError)(error)).toBe(false);
+        });
+        (0, vitest_1.it)('returns false for non-Error objects', () => {
+            (0, vitest_1.expect)((0, responses_1.isConflictError)({ statusCode: 409 })).toBe(false);
+        });
+        (0, vitest_1.it)('returns false for errors without statusCode', () => {
+            (0, vitest_1.expect)((0, responses_1.isConflictError)(new Error('Conflict'))).toBe(false);
+        });
+    });
+});

package/dist/__tests__/server/storage/client.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/server/storage/client.test.js

@@ -0,0 +1,173 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+// Create mock functions
+const mockCreateTable = vitest_1.vi.fn();
+const mockFromConnectionString = vitest_1.vi.fn();
+// Mock @azure/data-tables
+vitest_1.vi.mock('@azure/data-tables', () => {
+    class MockTableClient {
+        constructor() {
+            this.createTable = mockCreateTable;
+        }
+    }
+    MockTableClient.fromConnectionString = mockFromConnectionString;
+    return {
+        TableClient: MockTableClient,
+        TableServiceClient: class MockTableServiceClient {
+        }
+    };
+});
+// Mock @azure/identity
+vitest_1.vi.mock('@azure/identity', () => ({
+    DefaultAzureCredential: class MockDefaultAzureCredential {
+    }
+}));
+(0, vitest_1.describe)('Storage client', () => {
+    (0, vitest_1.beforeEach)(() => {
+        vitest_1.vi.resetModules();
+        vitest_1.vi.clearAllMocks();
+        mockCreateTable.mockResolvedValue(undefined);
+        mockFromConnectionString.mockReturnValue({
+            createTable: vitest_1.vi.fn().mockResolvedValue(undefined)
+        });
+        // Reset environment
+        delete process.env.STORAGE_ACCOUNT_NAME;
+        delete process.env.AzureWebJobsStorage;
+    });
+    (0, vitest_1.describe)('initStorage', () => {
+        (0, vitest_1.it)('accepts configuration object', async () => {
+            const { initStorage, useManagedIdentity } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ accountName: 'myaccount' });
+            (0, vitest_1.expect)(useManagedIdentity()).toBe(true);
+        });
+        (0, vitest_1.it)('accepts connection string', async () => {
+            const { initStorage, useManagedIdentity } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ connectionString: 'DefaultEndpointsProtocol=https;AccountName=test' });
+            (0, vitest_1.expect)(useManagedIdentity()).toBe(false);
+        });
+    });
+    (0, vitest_1.describe)('initStorageFromEnv', () => {
+        (0, vitest_1.it)('reads STORAGE_ACCOUNT_NAME', async () => {
+            process.env.STORAGE_ACCOUNT_NAME = 'testaccount';
+            const { initStorageFromEnv, useManagedIdentity } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorageFromEnv();
+            (0, vitest_1.expect)(useManagedIdentity()).toBe(true);
+        });
+        (0, vitest_1.it)('reads AzureWebJobsStorage', async () => {
+            process.env.AzureWebJobsStorage = 'UseDevelopmentStorage=true';
+            const { initStorageFromEnv, useManagedIdentity } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorageFromEnv();
+            (0, vitest_1.expect)(useManagedIdentity()).toBe(false);
+        });
+    });
+    (0, vitest_1.describe)('useManagedIdentity', () => {
+        (0, vitest_1.it)('returns true when accountName is set without development storage', async () => {
+            const { initStorage, useManagedIdentity } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ accountName: 'prodaccount' });
+            (0, vitest_1.expect)(useManagedIdentity()).toBe(true);
+        });
+        (0, vitest_1.it)('returns false when using development storage', async () => {
+            const { initStorage, useManagedIdentity } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({
+                accountName: 'devaccount',
+                connectionString: 'UseDevelopmentStorage=true'
+            });
+            (0, vitest_1.expect)(useManagedIdentity()).toBe(false);
+        });
+        (0, vitest_1.it)('returns false when only connection string is set', async () => {
+            const { initStorage, useManagedIdentity } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ connectionString: 'DefaultEndpointsProtocol=https' });
+            (0, vitest_1.expect)(useManagedIdentity()).toBe(false);
+        });
+    });
+    (0, vitest_1.describe)('getTableClient', () => {
+        (0, vitest_1.it)('throws if storage not configured', async () => {
+            const { getTableClient } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            await (0, vitest_1.expect)(getTableClient('test')).rejects.toThrow('Storage not configured. Set STORAGE_ACCOUNT_NAME or AzureWebJobsStorage.');
+        });
+        (0, vitest_1.it)('creates table client with managed identity', async () => {
+            const { initStorage, getTableClient, clearTableClientCache } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ accountName: 'testaccount' });
+            clearTableClientCache();
+            const client = await getTableClient('mytable');
+            (0, vitest_1.expect)(client).toBeDefined();
+        });
+        (0, vitest_1.it)('creates table client with connection string', async () => {
+            const { initStorage, getTableClient, clearTableClientCache } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ connectionString: 'DefaultEndpointsProtocol=https;AccountName=test' });
+            clearTableClientCache();
+            await getTableClient('mytable');
+            (0, vitest_1.expect)(mockFromConnectionString).toHaveBeenCalledWith('DefaultEndpointsProtocol=https;AccountName=test', 'mytable');
+        });
+        (0, vitest_1.it)('caches table client', async () => {
+            const { initStorage, getTableClient, clearTableClientCache } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ accountName: 'testaccount' });
+            clearTableClientCache();
+            const client1 = await getTableClient('mytable');
+            const client2 = await getTableClient('mytable');
+            (0, vitest_1.expect)(client1).toBe(client2);
+        });
+        (0, vitest_1.it)('handles 409 conflict (table exists)', async () => {
+            mockCreateTable.mockRejectedValue({ statusCode: 409 });
+            const { initStorage, getTableClient, clearTableClientCache } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ accountName: 'testaccount' });
+            clearTableClientCache();
+            // Should not throw
+            const client = await getTableClient('existingtable');
+            (0, vitest_1.expect)(client).toBeDefined();
+        });
+        (0, vitest_1.it)('throws on other errors', async () => {
+            mockCreateTable.mockRejectedValue({ statusCode: 500, message: 'Server error' });
+            const { initStorage, getTableClient, clearTableClientCache } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ accountName: 'testaccount' });
+            clearTableClientCache();
+            await (0, vitest_1.expect)(getTableClient('mytable')).rejects.toMatchObject({ statusCode: 500 });
+        });
+    });
+    (0, vitest_1.describe)('clearTableClientCache', () => {
+        (0, vitest_1.it)('clears cached clients', async () => {
+            const { initStorage, getTableClient, clearTableClientCache } = await Promise.resolve().then(() => __importStar(require('../../../server/storage/client')));
+            initStorage({ accountName: 'testaccount' });
+            clearTableClientCache();
+            await getTableClient('mytable');
+            clearTableClientCache();
+            // After clearing, a new call should create a new client
+            const client2 = await getTableClient('mytable');
+            (0, vitest_1.expect)(client2).toBeDefined();
+        });
+    });
+});

package/dist/__tests__/server/storage/keys.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/server/storage/keys.test.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const keys_1 = require("../../../server/storage/keys");
+(0, vitest_1.describe)('generateRowKey', () => {
+    (0, vitest_1.it)('returns 32-character hex string', () => {
+        const key = (0, keys_1.generateRowKey)('test-identifier');
+        (0, vitest_1.expect)(key).toHaveLength(32);
+        (0, vitest_1.expect)(key).toMatch(/^[a-f0-9]+$/);
+    });
+    (0, vitest_1.it)('produces consistent hash for same input', () => {
+        const key1 = (0, keys_1.generateRowKey)('same-input');
+        const key2 = (0, keys_1.generateRowKey)('same-input');
+        (0, vitest_1.expect)(key1).toBe(key2);
+    });
+    (0, vitest_1.it)('produces different hashes for different inputs', () => {
+        const key1 = (0, keys_1.generateRowKey)('input-1');
+        const key2 = (0, keys_1.generateRowKey)('input-2');
+        (0, vitest_1.expect)(key1).not.toBe(key2);
+    });
+    (0, vitest_1.it)('handles empty string', () => {
+        const key = (0, keys_1.generateRowKey)('');
+        (0, vitest_1.expect)(key).toHaveLength(32);
+        (0, vitest_1.expect)(key).toMatch(/^[a-f0-9]+$/);
+    });
+    (0, vitest_1.it)('handles special characters', () => {
+        const key = (0, keys_1.generateRowKey)('https://example.com/path?query=value&foo=bar');
+        (0, vitest_1.expect)(key).toHaveLength(32);
+        (0, vitest_1.expect)(key).toMatch(/^[a-f0-9]+$/);
+    });
+    (0, vitest_1.it)('handles unicode characters', () => {
+        const key = (0, keys_1.generateRowKey)('日本語テスト');
+        (0, vitest_1.expect)(key).toHaveLength(32);
+        (0, vitest_1.expect)(key).toMatch(/^[a-f0-9]+$/);
+    });
+    (0, vitest_1.it)('handles long strings', () => {
+        const longString = 'x'.repeat(10000);
+        const key = (0, keys_1.generateRowKey)(longString);
+        (0, vitest_1.expect)(key).toHaveLength(32);
+        (0, vitest_1.expect)(key).toMatch(/^[a-f0-9]+$/);
+    });
+    (0, vitest_1.it)('produces URL-safe keys', () => {
+        const key = (0, keys_1.generateRowKey)('some-identifier');
+        // Row keys should not contain these characters
+        (0, vitest_1.expect)(key).not.toMatch(/[\/\\#?\s]/);
+    });
+});

package/dist/__tests__/shared/auth/types.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/shared/auth/types.test.js

@@ -0,0 +1,77 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const types_1 = require("../../../shared/auth/types");
+(0, vitest_1.describe)('Auth type guards', () => {
+    const basePayload = {
+        iat: 1234567890,
+        exp: 1234567890 + 3600
+    };
+    (0, vitest_1.describe)('hasUsername', () => {
+        (0, vitest_1.it)('returns true for payload with username', () => {
+            const payload = { ...basePayload, username: 'testuser' };
+            (0, vitest_1.expect)((0, types_1.hasUsername)(payload)).toBe(true);
+        });
+        (0, vitest_1.it)('returns false for payload without username', () => {
+            (0, vitest_1.expect)((0, types_1.hasUsername)(basePayload)).toBe(false);
+        });
+        (0, vitest_1.it)('returns false for payload with non-string username', () => {
+            const payload = { ...basePayload, username: 123 };
+            (0, vitest_1.expect)((0, types_1.hasUsername)(payload)).toBe(false);
+        });
+        (0, vitest_1.it)('returns false for payload with empty string username', () => {
+            const payload = { ...basePayload, username: '' };
+            (0, vitest_1.expect)((0, types_1.hasUsername)(payload)).toBe(true); // Empty string is still a string
+        });
+    });
+    (0, vitest_1.describe)('hasRole', () => {
+        (0, vitest_1.it)('returns true for payload with role', () => {
+            const payload = {
+                ...basePayload,
+                authenticated: true,
+                tokenType: 'user',
+                role: 'admin'
+            };
+            (0, vitest_1.expect)((0, types_1.hasRole)(payload)).toBe(true);
+        });
+        (0, vitest_1.it)('returns false for payload without role', () => {
+            (0, vitest_1.expect)((0, types_1.hasRole)(basePayload)).toBe(false);
+        });
+        (0, vitest_1.it)('returns true for viewer role', () => {
+            const payload = {
+                ...basePayload,
+                authenticated: true,
+                tokenType: 'user',
+                role: 'viewer'
+            };
+            (0, vitest_1.expect)((0, types_1.hasRole)(payload)).toBe(true);
+        });
+    });
+    (0, vitest_1.describe)('isAdmin', () => {
+        (0, vitest_1.it)('returns true for admin role', () => {
+            const payload = {
+                ...basePayload,
+                authenticated: true,
+                tokenType: 'user',
+                role: 'admin'
+            };
+            (0, vitest_1.expect)((0, types_1.isAdmin)(payload)).toBe(true);
+        });
+        (0, vitest_1.it)('returns false for viewer role', () => {
+            const payload = {
+                ...basePayload,
+                authenticated: true,
+                tokenType: 'user',
+                role: 'viewer'
+            };
+            (0, vitest_1.expect)((0, types_1.isAdmin)(payload)).toBe(false);
+        });
+        (0, vitest_1.it)('returns false for payload without role', () => {
+            (0, vitest_1.expect)((0, types_1.isAdmin)(basePayload)).toBe(false);
+        });
+        (0, vitest_1.it)('returns false for payload with username but no role', () => {
+            const payload = { ...basePayload, username: 'testuser' };
+            (0, vitest_1.expect)((0, types_1.isAdmin)(payload)).toBe(false);
+        });
+    });
+});

package/dist/__tests__/shared/http/status.test.d.ts

@@ -0,0 +1 @@
+export {};