@optimizely-opal/opal-tool-ocp-sdk 1.0.0-beta.3 → 1.0.0-beta.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +114 -0
- package/dist/auth/AuthUtils.d.ts +5 -5
- package/dist/auth/AuthUtils.d.ts.map +1 -1
- package/dist/auth/AuthUtils.js +53 -25
- package/dist/auth/AuthUtils.js.map +1 -1
- package/dist/auth/AuthUtils.test.js +62 -117
- package/dist/auth/AuthUtils.test.js.map +1 -1
- package/dist/function/GlobalToolFunction.d.ts +1 -1
- package/dist/function/GlobalToolFunction.d.ts.map +1 -1
- package/dist/function/GlobalToolFunction.js +17 -4
- package/dist/function/GlobalToolFunction.js.map +1 -1
- package/dist/function/GlobalToolFunction.test.js +54 -8
- package/dist/function/GlobalToolFunction.test.js.map +1 -1
- package/dist/function/ToolFunction.d.ts +1 -1
- package/dist/function/ToolFunction.d.ts.map +1 -1
- package/dist/function/ToolFunction.js +17 -4
- package/dist/function/ToolFunction.js.map +1 -1
- package/dist/function/ToolFunction.test.js +54 -8
- package/dist/function/ToolFunction.test.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/service/Service.d.ts +15 -2
- package/dist/service/Service.d.ts.map +1 -1
- package/dist/service/Service.js +43 -17
- package/dist/service/Service.js.map +1 -1
- package/dist/service/Service.test.js +84 -2
- package/dist/service/Service.test.js.map +1 -1
- package/dist/types/ToolError.d.ts +72 -0
- package/dist/types/ToolError.d.ts.map +1 -0
- package/dist/types/ToolError.js +107 -0
- package/dist/types/ToolError.js.map +1 -0
- package/dist/types/ToolError.test.d.ts +2 -0
- package/dist/types/ToolError.test.d.ts.map +1 -0
- package/dist/types/ToolError.test.js +185 -0
- package/dist/types/ToolError.test.js.map +1 -0
- package/dist/validation/ParameterValidator.d.ts +5 -16
- package/dist/validation/ParameterValidator.d.ts.map +1 -1
- package/dist/validation/ParameterValidator.js +10 -3
- package/dist/validation/ParameterValidator.js.map +1 -1
- package/dist/validation/ParameterValidator.test.js +187 -146
- package/dist/validation/ParameterValidator.test.js.map +1 -1
- package/package.json +1 -1
- package/src/auth/AuthUtils.test.ts +62 -157
- package/src/auth/AuthUtils.ts +66 -32
- package/src/function/GlobalToolFunction.test.ts +54 -8
- package/src/function/GlobalToolFunction.ts +26 -6
- package/src/function/ToolFunction.test.ts +54 -8
- package/src/function/ToolFunction.ts +26 -6
- package/src/index.ts +1 -0
- package/src/service/Service.test.ts +103 -2
- package/src/service/Service.ts +45 -17
- package/src/types/ToolError.test.ts +222 -0
- package/src/types/ToolError.ts +125 -0
- package/src/validation/ParameterValidator.test.ts +188 -158
- package/src/validation/ParameterValidator.ts +17 -20
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
import { getAppContext, logger } from '@zaiusinc/app-sdk';
|
|
3
3
|
import { getTokenVerifier } from './TokenVerifier';
|
|
4
4
|
import { authenticateRegularRequest, authenticateGlobalRequest } from './AuthUtils';
|
|
5
|
+
import { ToolError } from '../types/ToolError';
|
|
5
6
|
|
|
6
7
|
// Mock the dependencies
|
|
7
8
|
jest.mock('./TokenVerifier', () => ({
|
|
@@ -50,31 +51,27 @@ describe('AuthUtils', () => {
|
|
|
50
51
|
});
|
|
51
52
|
|
|
52
53
|
describe('when request is for discovery endpoint', () => {
|
|
53
|
-
it('should
|
|
54
|
+
it('should succeed without authentication', async () => {
|
|
54
55
|
const request = { path: '/discovery' };
|
|
55
56
|
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
expect(result).toBe(true);
|
|
57
|
+
await expect(authenticateRegularRequest(request)).resolves.toBeUndefined();
|
|
59
58
|
expect(mockGetTokenVerifier).not.toHaveBeenCalled();
|
|
60
59
|
expect(mockTokenVerifier.verify).not.toHaveBeenCalled();
|
|
61
60
|
});
|
|
62
61
|
});
|
|
63
62
|
|
|
64
63
|
describe('when request is for ready endpoint', () => {
|
|
65
|
-
it('should
|
|
64
|
+
it('should succeed without authentication', async () => {
|
|
66
65
|
const request = { path: '/ready' };
|
|
67
66
|
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
expect(result).toBe(true);
|
|
67
|
+
await expect(authenticateRegularRequest(request)).resolves.toBeUndefined();
|
|
71
68
|
expect(mockGetTokenVerifier).not.toHaveBeenCalled();
|
|
72
69
|
expect(mockTokenVerifier.verify).not.toHaveBeenCalled();
|
|
73
70
|
});
|
|
74
71
|
});
|
|
75
72
|
|
|
76
73
|
describe('when request has valid authentication', () => {
|
|
77
|
-
it('should
|
|
74
|
+
it('should succeed for valid OptiID token with matching organization', async () => {
|
|
78
75
|
const request = {
|
|
79
76
|
path: '/some-tool',
|
|
80
77
|
bodyJSON: {
|
|
@@ -88,9 +85,7 @@ describe('AuthUtils', () => {
|
|
|
88
85
|
}
|
|
89
86
|
};
|
|
90
87
|
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
expect(result).toBe(true);
|
|
88
|
+
await expect(authenticateRegularRequest(request)).resolves.toBeUndefined();
|
|
94
89
|
expect(mockGetTokenVerifier).toHaveBeenCalled();
|
|
95
90
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-token-123');
|
|
96
91
|
});
|
|
@@ -109,9 +104,7 @@ describe('AuthUtils', () => {
|
|
|
109
104
|
}
|
|
110
105
|
};
|
|
111
106
|
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
expect(result).toBe(true);
|
|
107
|
+
await expect(authenticateRegularRequest(request)).resolves.toBeUndefined();
|
|
115
108
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-token-123');
|
|
116
109
|
});
|
|
117
110
|
|
|
@@ -129,39 +122,31 @@ describe('AuthUtils', () => {
|
|
|
129
122
|
}
|
|
130
123
|
};
|
|
131
124
|
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
expect(result).toBe(true);
|
|
125
|
+
await expect(authenticateRegularRequest(request)).resolves.toBeUndefined();
|
|
135
126
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-token-123');
|
|
136
127
|
});
|
|
137
128
|
});
|
|
138
129
|
|
|
139
130
|
describe('when authentication fails', () => {
|
|
140
|
-
it('should
|
|
131
|
+
it('should throw ToolError when auth data is missing', async () => {
|
|
141
132
|
const request = {
|
|
142
133
|
path: '/some-tool',
|
|
143
134
|
bodyJSON: {}
|
|
144
135
|
};
|
|
145
136
|
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
expect(result).toBe(false);
|
|
149
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
137
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
150
138
|
expect(mockTokenVerifier.verify).not.toHaveBeenCalled();
|
|
151
139
|
});
|
|
152
140
|
|
|
153
|
-
it('should
|
|
141
|
+
it('should throw ToolError when bodyJSON is missing', async () => {
|
|
154
142
|
const request = {
|
|
155
143
|
path: '/some-tool'
|
|
156
144
|
};
|
|
157
145
|
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
expect(result).toBe(false);
|
|
161
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
146
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
162
147
|
});
|
|
163
148
|
|
|
164
|
-
it('should
|
|
149
|
+
it('should throw ToolError when provider is not OptiID', async () => {
|
|
165
150
|
const request = {
|
|
166
151
|
path: '/some-tool',
|
|
167
152
|
bodyJSON: {
|
|
@@ -175,13 +160,10 @@ describe('AuthUtils', () => {
|
|
|
175
160
|
}
|
|
176
161
|
};
|
|
177
162
|
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
expect(result).toBe(false);
|
|
181
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
163
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
182
164
|
});
|
|
183
165
|
|
|
184
|
-
it('should
|
|
166
|
+
it('should throw ToolError when access token is missing', async () => {
|
|
185
167
|
const request = {
|
|
186
168
|
path: '/some-tool',
|
|
187
169
|
bodyJSON: {
|
|
@@ -195,13 +177,10 @@ describe('AuthUtils', () => {
|
|
|
195
177
|
}
|
|
196
178
|
};
|
|
197
179
|
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
expect(result).toBe(false);
|
|
201
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
180
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
202
181
|
});
|
|
203
182
|
|
|
204
|
-
it('should
|
|
183
|
+
it('should throw ToolError when access token is empty string', async () => {
|
|
205
184
|
const request = {
|
|
206
185
|
path: '/some-tool',
|
|
207
186
|
bodyJSON: {
|
|
@@ -215,13 +194,10 @@ describe('AuthUtils', () => {
|
|
|
215
194
|
}
|
|
216
195
|
};
|
|
217
196
|
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
expect(result).toBe(false);
|
|
221
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
197
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
222
198
|
});
|
|
223
199
|
|
|
224
|
-
it('should
|
|
200
|
+
it('should throw ToolError when access token is undefined', async () => {
|
|
225
201
|
const request = {
|
|
226
202
|
path: '/some-tool',
|
|
227
203
|
bodyJSON: {
|
|
@@ -235,15 +211,12 @@ describe('AuthUtils', () => {
|
|
|
235
211
|
}
|
|
236
212
|
};
|
|
237
213
|
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
expect(result).toBe(false);
|
|
241
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
214
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
242
215
|
});
|
|
243
216
|
});
|
|
244
217
|
|
|
245
218
|
describe('when organization validation fails', () => {
|
|
246
|
-
it('should
|
|
219
|
+
it('should throw ToolError when customer_id does not match app organization', async () => {
|
|
247
220
|
const request = {
|
|
248
221
|
path: '/some-tool',
|
|
249
222
|
bodyJSON: {
|
|
@@ -257,16 +230,11 @@ describe('AuthUtils', () => {
|
|
|
257
230
|
}
|
|
258
231
|
};
|
|
259
232
|
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
expect(result).toBe(false);
|
|
263
|
-
expect(logger.error).toHaveBeenCalledWith(
|
|
264
|
-
'Invalid organisation ID: expected test-org-123, received different-org-456'
|
|
265
|
-
);
|
|
233
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
266
234
|
expect(mockTokenVerifier.verify).not.toHaveBeenCalled();
|
|
267
235
|
});
|
|
268
236
|
|
|
269
|
-
it('should
|
|
237
|
+
it('should throw ToolError when customer_id is missing', async () => {
|
|
270
238
|
const request = {
|
|
271
239
|
path: '/some-tool',
|
|
272
240
|
bodyJSON: {
|
|
@@ -280,13 +248,10 @@ describe('AuthUtils', () => {
|
|
|
280
248
|
}
|
|
281
249
|
};
|
|
282
250
|
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
expect(result).toBe(false);
|
|
286
|
-
expect(logger.error).toHaveBeenCalledWith('Organisation ID is required but not provided');
|
|
251
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
287
252
|
});
|
|
288
253
|
|
|
289
|
-
it('should
|
|
254
|
+
it('should throw ToolError when customer_id is empty string', async () => {
|
|
290
255
|
const request = {
|
|
291
256
|
path: '/some-tool',
|
|
292
257
|
bodyJSON: {
|
|
@@ -300,10 +265,7 @@ describe('AuthUtils', () => {
|
|
|
300
265
|
}
|
|
301
266
|
};
|
|
302
267
|
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
expect(result).toBe(false);
|
|
306
|
-
expect(logger.error).toHaveBeenCalledWith('Organisation ID is required but not provided');
|
|
268
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
307
269
|
});
|
|
308
270
|
|
|
309
271
|
it('should handle case when app context has no account', async () => {
|
|
@@ -322,12 +284,7 @@ describe('AuthUtils', () => {
|
|
|
322
284
|
}
|
|
323
285
|
};
|
|
324
286
|
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
expect(result).toBe(false);
|
|
328
|
-
expect(logger.error).toHaveBeenCalledWith(
|
|
329
|
-
'Invalid organisation ID: expected undefined, received some-org-123'
|
|
330
|
-
);
|
|
287
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
331
288
|
});
|
|
332
289
|
|
|
333
290
|
it('should handle case when app context is null', async () => {
|
|
@@ -346,17 +303,12 @@ describe('AuthUtils', () => {
|
|
|
346
303
|
}
|
|
347
304
|
};
|
|
348
305
|
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
expect(result).toBe(false);
|
|
352
|
-
expect(logger.error).toHaveBeenCalledWith(
|
|
353
|
-
'Invalid organisation ID: expected undefined, received some-org-123'
|
|
354
|
-
);
|
|
306
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
355
307
|
});
|
|
356
308
|
});
|
|
357
309
|
|
|
358
310
|
describe('when token validation fails', () => {
|
|
359
|
-
it('should
|
|
311
|
+
it('should throw ToolError when token verifier returns false', async () => {
|
|
360
312
|
mockTokenVerifier.verify.mockResolvedValue(false);
|
|
361
313
|
|
|
362
314
|
const request = {
|
|
@@ -372,13 +324,11 @@ describe('AuthUtils', () => {
|
|
|
372
324
|
}
|
|
373
325
|
};
|
|
374
326
|
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
expect(result).toBe(false);
|
|
327
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
378
328
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('invalid-token');
|
|
379
329
|
});
|
|
380
330
|
|
|
381
|
-
it('should
|
|
331
|
+
it('should throw ToolError when token verification throws an error', async () => {
|
|
382
332
|
const verificationError = new Error('Token verification failed');
|
|
383
333
|
mockTokenVerifier.verify.mockRejectedValue(verificationError);
|
|
384
334
|
|
|
@@ -395,13 +345,10 @@ describe('AuthUtils', () => {
|
|
|
395
345
|
}
|
|
396
346
|
};
|
|
397
347
|
|
|
398
|
-
|
|
399
|
-
|
|
400
|
-
expect(result).toBe(false);
|
|
401
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token validation failed:', verificationError);
|
|
348
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
402
349
|
});
|
|
403
350
|
|
|
404
|
-
it('should
|
|
351
|
+
it('should throw ToolError when getTokenVerifier throws an error', async () => {
|
|
405
352
|
const verifierError = new Error('Failed to get token verifier');
|
|
406
353
|
mockGetTokenVerifier.mockRejectedValue(verifierError);
|
|
407
354
|
|
|
@@ -418,10 +365,7 @@ describe('AuthUtils', () => {
|
|
|
418
365
|
}
|
|
419
366
|
};
|
|
420
367
|
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
expect(result).toBe(false);
|
|
424
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token validation failed:', verifierError);
|
|
368
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
425
369
|
});
|
|
426
370
|
});
|
|
427
371
|
});
|
|
@@ -433,31 +377,27 @@ describe('AuthUtils', () => {
|
|
|
433
377
|
});
|
|
434
378
|
|
|
435
379
|
describe('when request is for discovery endpoint', () => {
|
|
436
|
-
it('should
|
|
380
|
+
it('should succeed without authentication', async () => {
|
|
437
381
|
const request = { path: '/discovery' };
|
|
438
382
|
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
expect(result).toBe(true);
|
|
383
|
+
await expect(authenticateGlobalRequest(request)).resolves.toBeUndefined();
|
|
442
384
|
expect(mockGetTokenVerifier).not.toHaveBeenCalled();
|
|
443
385
|
expect(mockTokenVerifier.verify).not.toHaveBeenCalled();
|
|
444
386
|
});
|
|
445
387
|
});
|
|
446
388
|
|
|
447
389
|
describe('when request is for ready endpoint', () => {
|
|
448
|
-
it('should
|
|
390
|
+
it('should succeed without authentication', async () => {
|
|
449
391
|
const request = { path: '/ready' };
|
|
450
392
|
|
|
451
|
-
|
|
452
|
-
|
|
453
|
-
expect(result).toBe(true);
|
|
393
|
+
await expect(authenticateGlobalRequest(request)).resolves.toBeUndefined();
|
|
454
394
|
expect(mockGetTokenVerifier).not.toHaveBeenCalled();
|
|
455
395
|
expect(mockTokenVerifier.verify).not.toHaveBeenCalled();
|
|
456
396
|
});
|
|
457
397
|
});
|
|
458
398
|
|
|
459
399
|
describe('when request has valid authentication', () => {
|
|
460
|
-
it('should
|
|
400
|
+
it('should succeed for valid OptiID token regardless of organization', async () => {
|
|
461
401
|
const request = {
|
|
462
402
|
path: '/global-tool',
|
|
463
403
|
bodyJSON: {
|
|
@@ -471,9 +411,7 @@ describe('AuthUtils', () => {
|
|
|
471
411
|
}
|
|
472
412
|
};
|
|
473
413
|
|
|
474
|
-
|
|
475
|
-
|
|
476
|
-
expect(result).toBe(true);
|
|
414
|
+
await expect(authenticateGlobalRequest(request)).resolves.toBeUndefined();
|
|
477
415
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-token-123');
|
|
478
416
|
// Should not log organization validation errors for global requests
|
|
479
417
|
expect(logger.error).not.toHaveBeenCalledWith(
|
|
@@ -481,7 +419,7 @@ describe('AuthUtils', () => {
|
|
|
481
419
|
);
|
|
482
420
|
});
|
|
483
421
|
|
|
484
|
-
it('should
|
|
422
|
+
it('should succeed even without customer_id', async () => {
|
|
485
423
|
const request = {
|
|
486
424
|
path: '/global-tool',
|
|
487
425
|
bodyJSON: {
|
|
@@ -495,9 +433,7 @@ describe('AuthUtils', () => {
|
|
|
495
433
|
}
|
|
496
434
|
};
|
|
497
435
|
|
|
498
|
-
|
|
499
|
-
|
|
500
|
-
expect(result).toBe(true);
|
|
436
|
+
await expect(authenticateGlobalRequest(request)).resolves.toBeUndefined();
|
|
501
437
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-token-123');
|
|
502
438
|
});
|
|
503
439
|
|
|
@@ -515,27 +451,22 @@ describe('AuthUtils', () => {
|
|
|
515
451
|
}
|
|
516
452
|
};
|
|
517
453
|
|
|
518
|
-
|
|
519
|
-
|
|
520
|
-
expect(result).toBe(true);
|
|
454
|
+
await expect(authenticateGlobalRequest(request)).resolves.toBeUndefined();
|
|
521
455
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-token-123');
|
|
522
456
|
});
|
|
523
457
|
});
|
|
524
458
|
|
|
525
459
|
describe('when authentication fails', () => {
|
|
526
|
-
it('should
|
|
460
|
+
it('should throw ToolError when auth data is missing', async () => {
|
|
527
461
|
const request = {
|
|
528
462
|
path: '/global-tool',
|
|
529
463
|
bodyJSON: {}
|
|
530
464
|
};
|
|
531
465
|
|
|
532
|
-
|
|
533
|
-
|
|
534
|
-
expect(result).toBe(false);
|
|
535
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
466
|
+
await expect(authenticateGlobalRequest(request)).rejects.toThrow(ToolError);
|
|
536
467
|
});
|
|
537
468
|
|
|
538
|
-
it('should
|
|
469
|
+
it('should throw ToolError when provider is not OptiID', async () => {
|
|
539
470
|
const request = {
|
|
540
471
|
path: '/global-tool',
|
|
541
472
|
bodyJSON: {
|
|
@@ -549,13 +480,10 @@ describe('AuthUtils', () => {
|
|
|
549
480
|
}
|
|
550
481
|
};
|
|
551
482
|
|
|
552
|
-
|
|
553
|
-
|
|
554
|
-
expect(result).toBe(false);
|
|
555
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
483
|
+
await expect(authenticateGlobalRequest(request)).rejects.toThrow(ToolError);
|
|
556
484
|
});
|
|
557
485
|
|
|
558
|
-
it('should
|
|
486
|
+
it('should throw ToolError when access token is missing', async () => {
|
|
559
487
|
const request = {
|
|
560
488
|
path: '/global-tool',
|
|
561
489
|
bodyJSON: {
|
|
@@ -569,13 +497,10 @@ describe('AuthUtils', () => {
|
|
|
569
497
|
}
|
|
570
498
|
};
|
|
571
499
|
|
|
572
|
-
|
|
573
|
-
|
|
574
|
-
expect(result).toBe(false);
|
|
575
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
500
|
+
await expect(authenticateGlobalRequest(request)).rejects.toThrow(ToolError);
|
|
576
501
|
});
|
|
577
502
|
|
|
578
|
-
it('should
|
|
503
|
+
it('should throw ToolError when access token is empty', async () => {
|
|
579
504
|
const request = {
|
|
580
505
|
path: '/global-tool',
|
|
581
506
|
bodyJSON: {
|
|
@@ -589,15 +514,12 @@ describe('AuthUtils', () => {
|
|
|
589
514
|
}
|
|
590
515
|
};
|
|
591
516
|
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
expect(result).toBe(false);
|
|
595
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
517
|
+
await expect(authenticateGlobalRequest(request)).rejects.toThrow(ToolError);
|
|
596
518
|
});
|
|
597
519
|
});
|
|
598
520
|
|
|
599
521
|
describe('when token validation fails', () => {
|
|
600
|
-
it('should
|
|
522
|
+
it('should throw ToolError when token verifier returns false', async () => {
|
|
601
523
|
mockTokenVerifier.verify.mockResolvedValue(false);
|
|
602
524
|
|
|
603
525
|
const request = {
|
|
@@ -613,13 +535,11 @@ describe('AuthUtils', () => {
|
|
|
613
535
|
}
|
|
614
536
|
};
|
|
615
537
|
|
|
616
|
-
|
|
617
|
-
|
|
618
|
-
expect(result).toBe(false);
|
|
538
|
+
await expect(authenticateGlobalRequest(request)).rejects.toThrow(ToolError);
|
|
619
539
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('invalid-token');
|
|
620
540
|
});
|
|
621
541
|
|
|
622
|
-
it('should
|
|
542
|
+
it('should throw ToolError when token verification throws an error', async () => {
|
|
623
543
|
const verificationError = new Error('Global token verification failed');
|
|
624
544
|
mockTokenVerifier.verify.mockRejectedValue(verificationError);
|
|
625
545
|
|
|
@@ -636,10 +556,7 @@ describe('AuthUtils', () => {
|
|
|
636
556
|
}
|
|
637
557
|
};
|
|
638
558
|
|
|
639
|
-
|
|
640
|
-
|
|
641
|
-
expect(result).toBe(false);
|
|
642
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token validation failed:', verificationError);
|
|
559
|
+
await expect(authenticateGlobalRequest(request)).rejects.toThrow(ToolError);
|
|
643
560
|
});
|
|
644
561
|
});
|
|
645
562
|
|
|
@@ -658,9 +575,7 @@ describe('AuthUtils', () => {
|
|
|
658
575
|
}
|
|
659
576
|
};
|
|
660
577
|
|
|
661
|
-
|
|
662
|
-
|
|
663
|
-
expect(result).toBe(true);
|
|
578
|
+
await expect(authenticateGlobalRequest(request)).resolves.toBeUndefined();
|
|
664
579
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-token-123');
|
|
665
580
|
// Should NOT log organization validation errors
|
|
666
581
|
expect(logger.error).not.toHaveBeenCalledWith(
|
|
@@ -687,9 +602,7 @@ describe('AuthUtils', () => {
|
|
|
687
602
|
}
|
|
688
603
|
};
|
|
689
604
|
|
|
690
|
-
|
|
691
|
-
|
|
692
|
-
expect(result).toBe(true);
|
|
605
|
+
await expect(authenticateGlobalRequest(request)).resolves.toBeUndefined();
|
|
693
606
|
expect(mockTokenVerifier.verify).toHaveBeenCalledWith('valid-token-123');
|
|
694
607
|
});
|
|
695
608
|
});
|
|
@@ -702,12 +615,8 @@ describe('AuthUtils', () => {
|
|
|
702
615
|
bodyJSON: null
|
|
703
616
|
};
|
|
704
617
|
|
|
705
|
-
|
|
706
|
-
|
|
707
|
-
|
|
708
|
-
expect(result1).toBe(false);
|
|
709
|
-
expect(result2).toBe(false);
|
|
710
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
618
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
619
|
+
await expect(authenticateGlobalRequest(request)).rejects.toThrow(ToolError);
|
|
711
620
|
});
|
|
712
621
|
|
|
713
622
|
it('should handle malformed auth objects', async () => {
|
|
@@ -718,12 +627,8 @@ describe('AuthUtils', () => {
|
|
|
718
627
|
}
|
|
719
628
|
};
|
|
720
629
|
|
|
721
|
-
|
|
722
|
-
|
|
723
|
-
|
|
724
|
-
expect(result1).toBe(false);
|
|
725
|
-
expect(result2).toBe(false);
|
|
726
|
-
expect(logger.error).toHaveBeenCalledWith('OptiID token is required but not provided');
|
|
630
|
+
await expect(authenticateRegularRequest(request)).rejects.toThrow(ToolError);
|
|
631
|
+
await expect(authenticateGlobalRequest(request)).rejects.toThrow(ToolError);
|
|
727
632
|
});
|
|
728
633
|
});
|
|
729
634
|
});
|