npm - @nextclaw/channel-plugin-feishu - Versions diffs - 0.2.13 → 0.2.15 - Mend

@nextclaw/channel-plugin-feishu 0.2.13 → 0.2.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (120) hide show

package/README.md +3 -1
package/index.ts +65 -0
package/openclaw.plugin.json +3 -7
package/package.json +32 -9
package/skills/feishu-doc/SKILL.md +211 -0
package/skills/feishu-doc/references/block-types.md +103 -0
package/skills/feishu-drive/SKILL.md +97 -0
package/skills/feishu-perm/SKILL.md +119 -0
package/skills/feishu-wiki/SKILL.md +111 -0
package/src/accounts.test.ts +371 -0
package/src/accounts.ts +244 -0
package/src/async.ts +62 -0
package/src/bitable.ts +725 -0
package/src/bot.card-action.test.ts +63 -0
package/src/bot.checkBotMentioned.test.ts +193 -0
package/src/bot.stripBotMention.test.ts +134 -0
package/src/bot.test.ts +2107 -0
package/src/bot.ts +1556 -0
package/src/card-action.ts +79 -0
package/src/channel.test.ts +48 -0
package/src/channel.ts +369 -0
package/src/chat-schema.ts +24 -0
package/src/chat.test.ts +89 -0
package/src/chat.ts +130 -0
package/src/client.test.ts +324 -0
package/src/client.ts +196 -0
package/src/config-schema.test.ts +247 -0
package/src/config-schema.ts +306 -0
package/src/dedup.ts +203 -0
package/src/directory.test.ts +40 -0
package/src/directory.ts +156 -0
package/src/doc-schema.ts +182 -0
package/src/docx-batch-insert.test.ts +90 -0
package/src/docx-batch-insert.ts +187 -0
package/src/docx-color-text.ts +149 -0
package/src/docx-table-ops.ts +298 -0
package/src/docx.account-selection.test.ts +70 -0
package/src/docx.test.ts +445 -0
package/src/docx.ts +1460 -0
package/src/drive-schema.ts +46 -0
package/src/drive.ts +228 -0
package/src/dynamic-agent.ts +131 -0
package/src/external-keys.test.ts +20 -0
package/src/external-keys.ts +19 -0
package/src/feishu-command-handler.ts +59 -0
package/src/media.test.ts +523 -0
package/src/media.ts +484 -0
package/src/mention.ts +133 -0
package/src/monitor.account.ts +562 -0
package/src/monitor.reaction.test.ts +653 -0
package/src/monitor.startup.test.ts +190 -0
package/src/monitor.startup.ts +64 -0
package/src/monitor.state.defaults.test.ts +46 -0
package/src/monitor.state.ts +155 -0
package/src/monitor.test-mocks.ts +45 -0
package/src/monitor.transport.ts +264 -0
package/src/monitor.ts +95 -0
package/src/monitor.webhook-e2e.test.ts +214 -0
package/src/monitor.webhook-security.test.ts +142 -0
package/src/monitor.webhook.test-helpers.ts +98 -0
package/src/nextclaw-sdk/account-id.ts +31 -0
package/src/nextclaw-sdk/compat.ts +8 -0
package/src/nextclaw-sdk/core-channel.ts +296 -0
package/src/nextclaw-sdk/core-pairing.ts +224 -0
package/src/nextclaw-sdk/core.ts +26 -0
package/src/nextclaw-sdk/dedupe.ts +246 -0
package/src/nextclaw-sdk/feishu.ts +77 -0
package/src/nextclaw-sdk/history.ts +127 -0
package/src/nextclaw-sdk/network-body.ts +245 -0
package/src/nextclaw-sdk/network-fetch.ts +129 -0
package/src/nextclaw-sdk/network-webhook.ts +182 -0
package/src/nextclaw-sdk/network.ts +13 -0
package/src/nextclaw-sdk/runtime-store.ts +26 -0
package/src/nextclaw-sdk/secrets-config.ts +109 -0
package/src/nextclaw-sdk/secrets-core.ts +170 -0
package/src/nextclaw-sdk/secrets-prompt.ts +305 -0
package/src/nextclaw-sdk/secrets.ts +18 -0
package/src/nextclaw-sdk/types.ts +300 -0
package/src/onboarding.status.test.ts +25 -0
package/src/onboarding.test.ts +143 -0
package/src/onboarding.ts +489 -0
package/src/outbound.test.ts +356 -0
package/src/outbound.ts +176 -0
package/src/perm-schema.ts +52 -0
package/src/perm.ts +176 -0
package/src/policy.test.ts +154 -0
package/src/policy.ts +123 -0
package/src/post.test.ts +105 -0
package/src/post.ts +274 -0
package/src/probe.test.ts +270 -0
package/src/probe.ts +156 -0
package/src/reactions.ts +153 -0
package/src/reply-dispatcher.test.ts +513 -0
package/src/reply-dispatcher.ts +397 -0
package/src/runtime.ts +6 -0
package/src/secret-input.ts +13 -0
package/src/send-message.ts +71 -0
package/src/send-result.ts +29 -0
package/src/send-target.test.ts +74 -0
package/src/send-target.ts +29 -0
package/src/send.reply-fallback.test.ts +189 -0
package/src/send.test.ts +168 -0
package/src/send.ts +481 -0
package/src/streaming-card.test.ts +54 -0
package/src/streaming-card.ts +374 -0
package/src/targets.test.ts +70 -0
package/src/targets.ts +107 -0
package/src/tool-account-routing.test.ts +129 -0
package/src/tool-account.ts +70 -0
package/src/tool-factory-test-harness.ts +76 -0
package/src/tool-result.test.ts +32 -0
package/src/tool-result.ts +14 -0
package/src/tools-config.test.ts +21 -0
package/src/tools-config.ts +22 -0
package/src/types.ts +103 -0
package/src/typing.test.ts +144 -0
package/src/typing.ts +210 -0
package/src/wiki-schema.ts +55 -0
package/src/wiki.ts +233 -0
package/index.js +0 -27

package/src/monitor.transport.ts ADDED Viewed

@@ -0,0 +1,264 @@
+import * as http from "http";
+import crypto from "node:crypto";
+import * as Lark from "@larksuiteoapi/node-sdk";
+import {
+  applyBasicWebhookRequestGuards,
+  readJsonBodyWithLimit,
+  type RuntimeEnv,
+  installRequestBodyLimitGuard,
+} from "./nextclaw-sdk/feishu.js";
+import { createFeishuWSClient } from "./client.js";
+import {
+  botNames,
+  botOpenIds,
+  FEISHU_WEBHOOK_BODY_TIMEOUT_MS,
+  FEISHU_WEBHOOK_MAX_BODY_BYTES,
+  feishuWebhookRateLimiter,
+  httpServers,
+  recordWebhookStatus,
+  wsClients,
+} from "./monitor.state.js";
+import type { ResolvedFeishuAccount } from "./types.js";
+export type MonitorTransportParams = {
+  account: ResolvedFeishuAccount;
+  accountId: string;
+  runtime?: RuntimeEnv;
+  abortSignal?: AbortSignal;
+  eventDispatcher: Lark.EventDispatcher;
+};
+function isFeishuWebhookPayload(value: unknown): value is Record<string, unknown> {
+  return !!value && typeof value === "object" && !Array.isArray(value);
+}
+function buildFeishuWebhookEnvelope(
+  req: http.IncomingMessage,
+  payload: Record<string, unknown>,
+): Record<string, unknown> {
+  return Object.assign(Object.create({ headers: req.headers }), payload) as Record<string, unknown>;
+}
+function isFeishuWebhookSignatureValid(params: {
+  headers: http.IncomingHttpHeaders;
+  payload: Record<string, unknown>;
+  encryptKey?: string;
+}): boolean {
+  const encryptKey = params.encryptKey?.trim();
+  if (!encryptKey) {
+    return true;
+  }
+  const timestampHeader = params.headers["x-lark-request-timestamp"];
+  const nonceHeader = params.headers["x-lark-request-nonce"];
+  const signatureHeader = params.headers["x-lark-signature"];
+  const timestamp = Array.isArray(timestampHeader) ? timestampHeader[0] : timestampHeader;
+  const nonce = Array.isArray(nonceHeader) ? nonceHeader[0] : nonceHeader;
+  const signature = Array.isArray(signatureHeader) ? signatureHeader[0] : signatureHeader;
+  if (!timestamp || !nonce || !signature) {
+    return false;
+  }
+  const computedSignature = crypto
+    .createHash("sha256")
+    .update(timestamp + nonce + encryptKey + JSON.stringify(params.payload))
+    .digest("hex");
+  return computedSignature === signature;
+}
+function respondText(res: http.ServerResponse, statusCode: number, body: string): void {
+  res.statusCode = statusCode;
+  res.setHeader("Content-Type", "text/plain; charset=utf-8");
+  res.end(body);
+}
+export async function monitorWebSocket({
+  account,
+  accountId,
+  runtime,
+  abortSignal,
+  eventDispatcher,
+}: MonitorTransportParams): Promise<void> {
+  const log = runtime?.log ?? console.log;
+  log(`feishu[${accountId}]: starting WebSocket connection...`);
+  const wsClient = createFeishuWSClient(account);
+  wsClients.set(accountId, wsClient);
+  return new Promise((resolve, reject) => {
+    const cleanup = () => {
+      wsClients.delete(accountId);
+      botOpenIds.delete(accountId);
+      botNames.delete(accountId);
+    };
+    const handleAbort = () => {
+      log(`feishu[${accountId}]: abort signal received, stopping`);
+      cleanup();
+      resolve();
+    };
+    if (abortSignal?.aborted) {
+      cleanup();
+      resolve();
+      return;
+    }
+    abortSignal?.addEventListener("abort", handleAbort, { once: true });
+    try {
+      wsClient.start({ eventDispatcher });
+      log(`feishu[${accountId}]: WebSocket client started`);
+    } catch (err) {
+      cleanup();
+      abortSignal?.removeEventListener("abort", handleAbort);
+      reject(err);
+    }
+  });
+}
+export async function monitorWebhook({
+  account,
+  accountId,
+  runtime,
+  abortSignal,
+  eventDispatcher,
+}: MonitorTransportParams): Promise<void> {
+  const log = runtime?.log ?? console.log;
+  const error = runtime?.error ?? console.error;
+  const port = account.config.webhookPort ?? 3000;
+  const path = account.config.webhookPath ?? "/feishu/events";
+  const host = account.config.webhookHost ?? "127.0.0.1";
+  log(`feishu[${accountId}]: starting Webhook server on ${host}:${port}, path ${path}...`);
+  const server = http.createServer();
+  server.on("request", (req, res) => {
+    res.on("finish", () => {
+      recordWebhookStatus(runtime, accountId, path, res.statusCode);
+    });
+    const rateLimitKey = `${accountId}:${path}:${req.socket.remoteAddress ?? "unknown"}`;
+    if (
+      !applyBasicWebhookRequestGuards({
+        req,
+        res,
+        rateLimiter: feishuWebhookRateLimiter,
+        rateLimitKey,
+        nowMs: Date.now(),
+        requireJsonContentType: true,
+      })
+    ) {
+      return;
+    }
+    const guard = installRequestBodyLimitGuard(req, res, {
+      maxBytes: FEISHU_WEBHOOK_MAX_BODY_BYTES,
+      timeoutMs: FEISHU_WEBHOOK_BODY_TIMEOUT_MS,
+      responseFormat: "text",
+    });
+    if (guard.isTripped()) {
+      return;
+    }
+    void (async () => {
+      try {
+        const bodyResult = await readJsonBodyWithLimit(req, {
+          maxBytes: FEISHU_WEBHOOK_MAX_BODY_BYTES,
+          timeoutMs: FEISHU_WEBHOOK_BODY_TIMEOUT_MS,
+        });
+        if (guard.isTripped() || res.writableEnded) {
+          return;
+        }
+        if (!bodyResult.ok) {
+          if (bodyResult.code === "INVALID_JSON") {
+            respondText(res, 400, "Invalid JSON");
+          }
+          return;
+        }
+        if (!isFeishuWebhookPayload(bodyResult.value)) {
+          respondText(res, 400, "Invalid JSON");
+          return;
+        }
+        // Lark's default adapter drops invalid signatures as an empty 200. Reject here instead.
+        if (
+          !isFeishuWebhookSignatureValid({
+            headers: req.headers,
+            payload: bodyResult.value,
+            encryptKey: account.encryptKey,
+          })
+        ) {
+          respondText(res, 401, "Invalid signature");
+          return;
+        }
+        const { isChallenge, challenge } = Lark.generateChallenge(bodyResult.value, {
+          encryptKey: account.encryptKey ?? "",
+        });
+        if (isChallenge) {
+          res.statusCode = 200;
+          res.setHeader("Content-Type", "application/json; charset=utf-8");
+          res.end(JSON.stringify(challenge));
+          return;
+        }
+        const value = await eventDispatcher.invoke(
+          buildFeishuWebhookEnvelope(req, bodyResult.value),
+          { needCheck: false },
+        );
+        if (!res.headersSent) {
+          res.statusCode = 200;
+          res.setHeader("Content-Type", "application/json; charset=utf-8");
+          res.end(JSON.stringify(value));
+        }
+      } catch (err) {
+        if (!guard.isTripped()) {
+          error(`feishu[${accountId}]: webhook handler error: ${String(err)}`);
+          if (!res.headersSent) {
+            respondText(res, 500, "Internal Server Error");
+          }
+        }
+      } finally {
+        guard.dispose();
+      }
+    })();
+  });
+  httpServers.set(accountId, server);
+  return new Promise((resolve, reject) => {
+    const cleanup = () => {
+      server.close();
+      httpServers.delete(accountId);
+      botOpenIds.delete(accountId);
+      botNames.delete(accountId);
+    };
+    const handleAbort = () => {
+      log(`feishu[${accountId}]: abort signal received, stopping Webhook server`);
+      cleanup();
+      resolve();
+    };
+    if (abortSignal?.aborted) {
+      cleanup();
+      resolve();
+      return;
+    }
+    abortSignal?.addEventListener("abort", handleAbort, { once: true });
+    server.listen(port, host, () => {
+      log(`feishu[${accountId}]: Webhook server listening on ${host}:${port}`);
+    });
+    server.on("error", (err) => {
+      error(`feishu[${accountId}]: Webhook server error: ${err}`);
+      abortSignal?.removeEventListener("abort", handleAbort);
+      reject(err);
+    });
+  });
+}

package/src/monitor.ts ADDED Viewed

@@ -0,0 +1,95 @@
+import type { ClawdbotConfig, RuntimeEnv } from "./nextclaw-sdk/feishu.js";
+import { listEnabledFeishuAccounts, resolveFeishuAccount } from "./accounts.js";
+import {
+  monitorSingleAccount,
+  resolveReactionSyntheticEvent,
+  type FeishuReactionCreatedEvent,
+} from "./monitor.account.js";
+import { fetchBotIdentityForMonitor } from "./monitor.startup.js";
+import {
+  clearFeishuWebhookRateLimitStateForTest,
+  getFeishuWebhookRateLimitStateSizeForTest,
+  isWebhookRateLimitedForTest,
+  stopFeishuMonitorState,
+} from "./monitor.state.js";
+export type MonitorFeishuOpts = {
+  config?: ClawdbotConfig;
+  runtime?: RuntimeEnv;
+  abortSignal?: AbortSignal;
+  accountId?: string;
+};
+export {
+  clearFeishuWebhookRateLimitStateForTest,
+  getFeishuWebhookRateLimitStateSizeForTest,
+  isWebhookRateLimitedForTest,
+  resolveReactionSyntheticEvent,
+};
+export type { FeishuReactionCreatedEvent };
+export async function monitorFeishuProvider(opts: MonitorFeishuOpts = {}): Promise<void> {
+  const cfg = opts.config;
+  if (!cfg) {
+    throw new Error("Config is required for Feishu monitor");
+  }
+  const log = opts.runtime?.log ?? console.log;
+  if (opts.accountId) {
+    const account = resolveFeishuAccount({ cfg, accountId: opts.accountId });
+    if (!account.enabled || !account.configured) {
+      throw new Error(`Feishu account "${opts.accountId}" not configured or disabled`);
+    }
+    return monitorSingleAccount({
+      cfg,
+      account,
+      runtime: opts.runtime,
+      abortSignal: opts.abortSignal,
+    });
+  }
+  const accounts = listEnabledFeishuAccounts(cfg);
+  if (accounts.length === 0) {
+    throw new Error("No enabled Feishu accounts configured");
+  }
+  log(
+    `feishu: starting ${accounts.length} account(s): ${accounts.map((a) => a.accountId).join(", ")}`,
+  );
+  const monitorPromises: Promise<void>[] = [];
+  for (const account of accounts) {
+    if (opts.abortSignal?.aborted) {
+      log("feishu: abort signal received during startup preflight; stopping startup");
+      break;
+    }
+    // Probe sequentially so large multi-account startups do not burst Feishu's bot-info endpoint.
+    const { botOpenId, botName } = await fetchBotIdentityForMonitor(account, {
+      runtime: opts.runtime,
+      abortSignal: opts.abortSignal,
+    });
+    if (opts.abortSignal?.aborted) {
+      log("feishu: abort signal received during startup preflight; stopping startup");
+      break;
+    }
+    monitorPromises.push(
+      monitorSingleAccount({
+        cfg,
+        account,
+        runtime: opts.runtime,
+        abortSignal: opts.abortSignal,
+        botOpenIdSource: { kind: "prefetched", botOpenId, botName },
+      }),
+    );
+  }
+  await Promise.all(monitorPromises);
+}
+export function stopFeishuMonitor(accountId?: string): void {
+  stopFeishuMonitorState(accountId);
+}

package/src/monitor.webhook-e2e.test.ts ADDED Viewed

@@ -0,0 +1,214 @@
+import crypto from "node:crypto";
+import { afterEach, describe, expect, it, vi } from "vitest";
+import { createFeishuRuntimeMockModule } from "./monitor.test-mocks.js";
+import { withRunningWebhookMonitor } from "./monitor.webhook.test-helpers.js";
+const probeFeishuMock = vi.hoisted(() => vi.fn());
+vi.mock("./probe.js", () => ({
+  probeFeishu: probeFeishuMock,
+}));
+vi.mock("./client.js", async () => {
+  const actual = await vi.importActual<typeof import("./client.js")>("./client.js");
+  return {
+    ...actual,
+    createFeishuWSClient: vi.fn(() => ({ start: vi.fn() })),
+  };
+});
+vi.mock("./runtime.js", () => createFeishuRuntimeMockModule());
+import { monitorFeishuProvider, stopFeishuMonitor } from "./monitor.js";
+function signFeishuPayload(params: {
+  encryptKey: string;
+  payload: Record<string, unknown>;
+  timestamp?: string;
+  nonce?: string;
+}): Record<string, string> {
+  const timestamp = params.timestamp ?? "1711111111";
+  const nonce = params.nonce ?? "nonce-test";
+  const signature = crypto
+    .createHash("sha256")
+    .update(timestamp + nonce + params.encryptKey + JSON.stringify(params.payload))
+    .digest("hex");
+  return {
+    "content-type": "application/json",
+    "x-lark-request-timestamp": timestamp,
+    "x-lark-request-nonce": nonce,
+    "x-lark-signature": signature,
+  };
+}
+function encryptFeishuPayload(encryptKey: string, payload: Record<string, unknown>): string {
+  const iv = crypto.randomBytes(16);
+  const key = crypto.createHash("sha256").update(encryptKey).digest();
+  const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
+  const plaintext = Buffer.from(JSON.stringify(payload), "utf8");
+  const encrypted = Buffer.concat([cipher.update(plaintext), cipher.final()]);
+  return Buffer.concat([iv, encrypted]).toString("base64");
+}
+async function postSignedPayload(url: string, payload: Record<string, unknown>) {
+  return await fetch(url, {
+    method: "POST",
+    headers: signFeishuPayload({ encryptKey: "encrypt_key", payload }),
+    body: JSON.stringify(payload),
+  });
+}
+afterEach(() => {
+  stopFeishuMonitor();
+});
+describe("Feishu webhook signed-request e2e", () => {
+  it("rejects invalid signatures with 401 instead of empty 200", async () => {
+    probeFeishuMock.mockResolvedValue({ ok: true, botOpenId: "bot_open_id" });
+    await withRunningWebhookMonitor(
+      {
+        accountId: "invalid-signature",
+        path: "/hook-e2e-invalid-signature",
+        verificationToken: "verify_token",
+        encryptKey: "encrypt_key",
+      },
+      monitorFeishuProvider,
+      async (url) => {
+        const payload = { type: "url_verification", challenge: "challenge-token" };
+        const response = await fetch(url, {
+          method: "POST",
+          headers: {
+            ...signFeishuPayload({ encryptKey: "wrong_key", payload }),
+          },
+          body: JSON.stringify(payload),
+        });
+        expect(response.status).toBe(401);
+        expect(await response.text()).toBe("Invalid signature");
+      },
+    );
+  });
+  it("rejects missing signature headers with 401", async () => {
+    probeFeishuMock.mockResolvedValue({ ok: true, botOpenId: "bot_open_id" });
+    await withRunningWebhookMonitor(
+      {
+        accountId: "missing-signature",
+        path: "/hook-e2e-missing-signature",
+        verificationToken: "verify_token",
+        encryptKey: "encrypt_key",
+      },
+      monitorFeishuProvider,
+      async (url) => {
+        const response = await fetch(url, {
+          method: "POST",
+          headers: { "content-type": "application/json" },
+          body: JSON.stringify({ type: "url_verification", challenge: "challenge-token" }),
+        });
+        expect(response.status).toBe(401);
+        expect(await response.text()).toBe("Invalid signature");
+      },
+    );
+  });
+  it("returns 400 for invalid json before invoking the sdk", async () => {
+    probeFeishuMock.mockResolvedValue({ ok: true, botOpenId: "bot_open_id" });
+    await withRunningWebhookMonitor(
+      {
+        accountId: "invalid-json",
+        path: "/hook-e2e-invalid-json",
+        verificationToken: "verify_token",
+        encryptKey: "encrypt_key",
+      },
+      monitorFeishuProvider,
+      async (url) => {
+        const response = await fetch(url, {
+          method: "POST",
+          headers: { "content-type": "application/json" },
+          body: "{not-json",
+        });
+        expect(response.status).toBe(400);
+        expect(await response.text()).toBe("Invalid JSON");
+      },
+    );
+  });
+  it("accepts signed plaintext url_verification challenges end-to-end", async () => {
+    probeFeishuMock.mockResolvedValue({ ok: true, botOpenId: "bot_open_id" });
+    await withRunningWebhookMonitor(
+      {
+        accountId: "signed-challenge",
+        path: "/hook-e2e-signed-challenge",
+        verificationToken: "verify_token",
+        encryptKey: "encrypt_key",
+      },
+      monitorFeishuProvider,
+      async (url) => {
+        const payload = { type: "url_verification", challenge: "challenge-token" };
+        const response = await postSignedPayload(url, payload);
+        expect(response.status).toBe(200);
+        await expect(response.json()).resolves.toEqual({ challenge: "challenge-token" });
+      },
+    );
+  });
+  it("accepts signed non-challenge events and reaches the dispatcher", async () => {
+    probeFeishuMock.mockResolvedValue({ ok: true, botOpenId: "bot_open_id" });
+    await withRunningWebhookMonitor(
+      {
+        accountId: "signed-dispatch",
+        path: "/hook-e2e-signed-dispatch",
+        verificationToken: "verify_token",
+        encryptKey: "encrypt_key",
+      },
+      monitorFeishuProvider,
+      async (url) => {
+        const payload = {
+          schema: "2.0",
+          header: { event_type: "unknown.event" },
+          event: {},
+        };
+        const response = await postSignedPayload(url, payload);
+        expect(response.status).toBe(200);
+        expect(await response.text()).toContain("no unknown.event event handle");
+      },
+    );
+  });
+  it("accepts signed encrypted url_verification challenges end-to-end", async () => {
+    probeFeishuMock.mockResolvedValue({ ok: true, botOpenId: "bot_open_id" });
+    await withRunningWebhookMonitor(
+      {
+        accountId: "encrypted-challenge",
+        path: "/hook-e2e-encrypted-challenge",
+        verificationToken: "verify_token",
+        encryptKey: "encrypt_key",
+      },
+      monitorFeishuProvider,
+      async (url) => {
+        const payload = {
+          encrypt: encryptFeishuPayload("encrypt_key", {
+            type: "url_verification",
+            challenge: "encrypted-challenge-token",
+          }),
+        };
+        const response = await postSignedPayload(url, payload);
+        expect(response.status).toBe(200);
+        await expect(response.json()).resolves.toEqual({
+          challenge: "encrypted-challenge-token",
+        });
+      },
+    );
+  });
+});