@symbiosis-lab/moss-plugin-matters 1.4.2

package/src/__tests__/credential.test.ts

@@ -0,0 +1,332 @@
+/**
+ * Tests for credential.ts — the single matters-credential owner.
+ *
+ * Covers:
+ *   - authHeaderToken: stored-token-only path (old getAccessToken(false))
+ *   - captureLogin: cookie-capture login path (old getAccessToken(true))
+ *   - prepareWebviewAuth: projects auth.json token into the __access_token cookie
+ *   - beginFreshLogin: clears stored token AND plugin cookies before fresh login
+ */
+import { describe, it, expect, vi, beforeEach } from "vitest";
+
+// ── Mock @symbiosis-lab/moss-api ─────────────────────────────────────────────
+
+const mockSetPluginCookie = vi.fn().mockResolvedValue(undefined);
+const mockClearPluginCookies = vi.fn().mockResolvedValue(undefined);
+const mockReadPluginFile = vi.fn();
+const mockWritePluginFile = vi.fn().mockResolvedValue(undefined);
+const mockPluginFileExists = vi.fn().mockResolvedValue(true);
+const mockGetPluginCookie = vi.fn();
+
+vi.mock("@symbiosis-lab/moss-api", () => ({
+  readPluginFile: (...a: unknown[]) => mockReadPluginFile(...a),
+  writePluginFile: (...a: unknown[]) => mockWritePluginFile(...a),
+  pluginFileExists: (...a: unknown[]) => mockPluginFileExists(...a),
+  getPluginCookie: (...a: unknown[]) => mockGetPluginCookie(...a),
+  setPluginCookie: (...a: unknown[]) => mockSetPluginCookie(...a),
+  clearPluginCookies: (...a: unknown[]) => mockClearPluginCookies(...a),
+}));
+
+import {
+  authHeaderToken,
+  captureLogin,
+  prepareWebviewAuth,
+  beginFreshLogin,
+  clearTokenCache,
+} from "../credential";
+
+// ── Helpers ───────────────────────────────────────────────────────────────────
+
+const FUTURE = Math.floor(Date.now() / 1000) + 90 * 24 * 3600;
+const PAST = Math.floor(Date.now() / 1000) - 24 * 3600;
+
+function fakeJwt(payload: Record<string, unknown>): string {
+  const b64url = (obj: Record<string, unknown>) =>
+    Buffer.from(JSON.stringify(obj)).toString("base64url");
+  return `${b64url({ alg: "HS256", typ: "JWT" })}.${b64url(payload)}.fakesig`;
+}
+
+function mockAuthFile(record: Record<string, unknown> | null) {
+  mockPluginFileExists.mockResolvedValue(record !== null);
+  mockReadPluginFile.mockResolvedValue(JSON.stringify(record ?? {}));
+}
+
+// ── authHeaderToken (old getAccessToken(false)) ───────────────────────────────
+
+describe("authHeaderToken", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    clearTokenCache();
+    // Default: no stored token
+    mockPluginFileExists.mockResolvedValue(false);
+  });
+
+  it("returns token from project storage when auth.json exists", async () => {
+    mockPluginFileExists.mockResolvedValue(true);
+    mockReadPluginFile.mockResolvedValue(JSON.stringify({
+      accessToken: "stored-project-token",
+      savedAt: "2026-01-01T00:00:00Z",
+    }));
+
+    const result = await authHeaderToken();
+
+    expect(result).toBe("stored-project-token");
+    // Should NOT check cookies
+    expect(mockGetPluginCookie).not.toHaveBeenCalled();
+  });
+
+  it("returns null when no stored token", async () => {
+    mockPluginFileExists.mockResolvedValue(false);
+
+    const result = await authHeaderToken();
+
+    expect(result).toBeNull();
+    // Should NOT check cookies
+    expect(mockGetPluginCookie).not.toHaveBeenCalled();
+  });
+
+  it("returns null when auth.json exists but has no accessToken field", async () => {
+    mockPluginFileExists.mockResolvedValue(true);
+    mockReadPluginFile.mockResolvedValue("{}");
+
+    const result = await authHeaderToken();
+
+    expect(result).toBeNull();
+  });
+
+  it("returns null when auth.json contains invalid JSON", async () => {
+    mockPluginFileExists.mockResolvedValue(true);
+    mockReadPluginFile.mockResolvedValue("not-json");
+
+    const result = await authHeaderToken();
+
+    expect(result).toBeNull();
+  });
+
+  it("returns null when storage read throws an error", async () => {
+    mockPluginFileExists.mockRejectedValue(new Error("storage read failed"));
+
+    const result = await authHeaderToken();
+
+    expect(result).toBeNull();
+  });
+
+  it("caches the stored token after first retrieval", async () => {
+    mockPluginFileExists.mockResolvedValue(true);
+    mockReadPluginFile.mockResolvedValue(JSON.stringify({
+      accessToken: "cached-stored-token",
+    }));
+
+    const result1 = await authHeaderToken();
+    expect(result1).toBe("cached-stored-token");
+
+    // Second call should use cache
+    mockPluginFileExists.mockResolvedValue(false); // would return null if not cached
+    const result2 = await authHeaderToken();
+
+    expect(result2).toBe("cached-stored-token");
+    expect(mockReadPluginFile).toHaveBeenCalledTimes(1);
+  });
+
+  it("clearTokenCache allows fresh retrieval from storage", async () => {
+    mockPluginFileExists.mockResolvedValue(true);
+    mockReadPluginFile.mockResolvedValue(JSON.stringify({
+      accessToken: "first-token",
+    }));
+
+    await authHeaderToken();
+    clearTokenCache();
+
+    mockReadPluginFile.mockResolvedValue(JSON.stringify({
+      accessToken: "second-token",
+    }));
+
+    const result = await authHeaderToken();
+
+    expect(result).toBe("second-token");
+    expect(mockReadPluginFile).toHaveBeenCalledTimes(2);
+  });
+
+  it("does NOT check the global cookie (prevents cross-project leak)", async () => {
+    // Simulate: no stored token for this project, but global cookie exists
+    mockPluginFileExists.mockResolvedValue(false);
+    mockGetPluginCookie.mockResolvedValue([
+      { name: "__access_token", value: "leaked-global-token" },
+    ]);
+
+    // authHeaderToken must NOT check cookies
+    const result = await authHeaderToken();
+
+    expect(result).toBeNull();
+    expect(mockGetPluginCookie).not.toHaveBeenCalled();
+  });
+});
+
+// ── captureLogin (old getAccessToken(true)) ───────────────────────────────────
+
+describe("captureLogin", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    clearTokenCache();
+    mockWritePluginFile.mockResolvedValue(undefined);
+    // Default: no stored token
+    mockPluginFileExists.mockResolvedValue(false);
+  });
+
+  it("checks cookies when no stored token", async () => {
+    mockPluginFileExists.mockResolvedValue(false);
+    mockGetPluginCookie.mockResolvedValue([
+      { name: "__access_token", value: "cookie-token" },
+    ]);
+
+    const result = await captureLogin();
+
+    expect(result).toBe("cookie-token");
+    expect(mockGetPluginCookie).toHaveBeenCalled();
+  });
+
+  it("persists cookie token to project storage", async () => {
+    mockPluginFileExists.mockResolvedValue(false);
+    mockGetPluginCookie.mockResolvedValue([
+      { name: "__access_token", value: "cookie-to-store" },
+    ]);
+
+    await captureLogin();
+
+    expect(mockWritePluginFile).toHaveBeenCalledWith(
+      "auth.json",
+      expect.stringContaining("cookie-to-store")
+    );
+  });
+
+  it("returns undefined when getPluginCookie returns null (no context)", async () => {
+    mockPluginFileExists.mockResolvedValue(false);
+    mockGetPluginCookie.mockResolvedValue(null);
+
+    const result = await captureLogin();
+
+    expect(result).toBeUndefined();
+  });
+
+  it("returns null when cookie exists but __access_token is not present", async () => {
+    mockPluginFileExists.mockResolvedValue(false);
+    mockGetPluginCookie.mockResolvedValue([
+      { name: "other_cookie", value: "some_value" },
+    ]);
+
+    const result = await captureLogin();
+
+    expect(result).toBeNull();
+  });
+
+  it("still returns cookie token when auto-persist to storage fails", async () => {
+    mockPluginFileExists.mockResolvedValue(false);
+    mockGetPluginCookie.mockResolvedValue([
+      { name: "__access_token", value: "cookie-despite-storage-fail" },
+    ]);
+    mockWritePluginFile.mockRejectedValue(new Error("storage write failed"));
+
+    const result = await captureLogin();
+
+    expect(result).toBe("cookie-despite-storage-fail");
+  });
+
+  it("prefers stored token over cookie", async () => {
+    mockPluginFileExists.mockResolvedValue(true);
+    mockReadPluginFile.mockResolvedValue(JSON.stringify({
+      accessToken: "stored-token",
+    }));
+
+    const result = await captureLogin();
+
+    expect(result).toBe("stored-token");
+    expect(mockGetPluginCookie).not.toHaveBeenCalled();
+  });
+
+  // Dead-token filter tests (matching session.test.ts coverage)
+  it("rejects an expired-exp cookie: resolves null and does NOT write auth.json", async () => {
+    mockAuthFile(null); // no stored record
+    mockGetPluginCookie.mockResolvedValue([
+      { name: "__access_token", value: fakeJwt({ exp: PAST }) },
+    ]);
+    expect(await captureLogin()).toBeNull();
+    expect(mockWritePluginFile).not.toHaveBeenCalled();
+  });
+
+  it("rejects a cookie identical to the invalidatedAt-stamped record's token", async () => {
+    const revoked = fakeJwt({ exp: FUTURE });
+    mockAuthFile({ accessToken: revoked, invalidatedAt: "2026-06-10T03:00:00.000Z" });
+    mockGetPluginCookie.mockResolvedValue([
+      { name: "__access_token", value: revoked },
+    ]);
+    expect(await captureLogin()).toBeNull();
+    expect(mockWritePluginFile).not.toHaveBeenCalled();
+  });
+
+  it("accepts a fresh future-exp cookie different from the stamped token and persists it", async () => {
+    const revoked = fakeJwt({ exp: FUTURE, id: "old" });
+    const fresh = fakeJwt({ exp: FUTURE, id: "new" });
+    mockAuthFile({ accessToken: revoked, invalidatedAt: "2026-06-10T03:00:00.000Z" });
+    mockGetPluginCookie.mockResolvedValue([
+      { name: "__access_token", value: fresh },
+    ]);
+    expect(await captureLogin()).toBe(fresh);
+    expect(mockWritePluginFile).toHaveBeenCalledWith(
+      "auth.json",
+      expect.stringContaining(fresh)
+    );
+  });
+});
+
+// ── prepareWebviewAuth ────────────────────────────────────────────────────────
+
+describe("prepareWebviewAuth", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    clearTokenCache();
+  });
+
+  it("projects the auth.json token into the __access_token cookie", async () => {
+    mockPluginFileExists.mockResolvedValue(true);
+    mockReadPluginFile.mockResolvedValue(JSON.stringify({ accessToken: "tok-α" }));
+
+    await prepareWebviewAuth();
+
+    expect(mockSetPluginCookie).toHaveBeenCalledWith([{ name: "__access_token", value: "tok-α" }]);
+  });
+
+  it("is a no-op when there is no usable token", async () => {
+    mockPluginFileExists.mockResolvedValue(true);
+    mockReadPluginFile.mockResolvedValue("{}");
+
+    await prepareWebviewAuth();
+
+    expect(mockSetPluginCookie).not.toHaveBeenCalled();
+  });
+
+  it("is a no-op when auth file does not exist", async () => {
+    mockPluginFileExists.mockResolvedValue(false);
+
+    await prepareWebviewAuth();
+
+    expect(mockSetPluginCookie).not.toHaveBeenCalled();
+  });
+});
+
+// ── beginFreshLogin ───────────────────────────────────────────────────────────
+
+describe("beginFreshLogin", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    clearTokenCache();
+  });
+
+  it("clears the stored token AND the cookies", async () => {
+    await beginFreshLogin();
+
+    // clearStoredToken writes "{}" to auth.json
+    expect(mockWritePluginFile).toHaveBeenCalledWith("auth.json", "{}");
+    // clearPluginCookies clears the matters-domain cookies
+    expect(mockClearPluginCookies).toHaveBeenCalled();
+  });
+});

package/src/__tests__/domain.test.ts

@@ -0,0 +1,341 @@
+import { describe, it, expect, beforeEach, afterEach } from "vitest";
+import { setupMockTauri, type MockTauriContext } from "@symbiosis-lab/moss-api/testing";
+import { apiConfig } from "../api";
+
+// We'll import these after creating domain.ts
+import {
+  initializeDomain,
+  getDomain,
+  loginUrl,
+  draftUrl,
+  articleUrl,
+  isMattersUrl,
+  isInternalMattersLink,
+  extractShortHash,
+  resetDomain,
+} from "../domain";
+
+const PLUGIN_NAME = "matters-syndicator";
+
+describe("Domain Module", () => {
+  let ctx: MockTauriContext;
+
+  beforeEach(() => {
+    ctx = setupMockTauri({ pluginName: PLUGIN_NAME });
+    resetDomain(); // Reset to default before each test
+  });
+
+  afterEach(() => {
+    ctx.cleanup();
+    resetDomain();
+  });
+
+  describe("initializeDomain", () => {
+    it("defaults to matters.town when no config", async () => {
+      // No config file → defaults
+      await initializeDomain();
+
+      expect(getDomain()).toBe("matters.town");
+      expect(apiConfig.endpoint).toBe("https://server.matters.town/graphql");
+    });
+
+    it("uses configured domain from config.json", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+
+      await initializeDomain();
+
+      expect(getDomain()).toBe("matters.icu");
+      expect(apiConfig.endpoint).toBe("https://server.matters.icu/graphql");
+    });
+
+    it("updates manifest.json domain when different from config", async () => {
+      // Set up existing manifest with matters.town
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/manifest.json`,
+        JSON.stringify({
+          name: "matters",
+          version: "1.0.0",
+          domain: "matters.town",
+          entry: "main.bundle.js",
+          capabilities: ["process", "syndicate"],
+        })
+      );
+
+      // Set config to matters.icu
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+
+      await initializeDomain();
+
+      // Manifest should be updated
+      const manifestContent = ctx.filesystem.getFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/manifest.json`
+      );
+      expect(manifestContent).toBeDefined();
+      const manifest = JSON.parse(manifestContent!.content);
+      expect(manifest.domain).toBe("matters.icu");
+    });
+
+    it("does not update manifest when domain already matches", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/manifest.json`,
+        JSON.stringify({
+          name: "matters",
+          version: "1.0.0",
+          domain: "matters.icu",
+          entry: "main.bundle.js",
+          capabilities: ["process", "syndicate"],
+        })
+      );
+
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+
+      await initializeDomain();
+
+      // Domain should be set correctly
+      expect(getDomain()).toBe("matters.icu");
+    });
+
+    it("preserves other manifest fields when updating domain", async () => {
+      const originalManifest = {
+        name: "matters",
+        version: "1.0.0",
+        description: "Syndicate to Matters.town",
+        domain: "matters.town",
+        entry: "main.bundle.js",
+        capabilities: ["process", "syndicate"],
+        config: { auto_publish: false },
+      };
+
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/manifest.json`,
+        JSON.stringify(originalManifest)
+      );
+
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+
+      await initializeDomain();
+
+      const manifestContent = ctx.filesystem.getFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/manifest.json`
+      );
+      const manifest = JSON.parse(manifestContent!.content);
+
+      expect(manifest.name).toBe("matters");
+      expect(manifest.version).toBe("1.0.0");
+      expect(manifest.description).toBe("Syndicate to Matters.town");
+      expect(manifest.domain).toBe("matters.icu");
+      expect(manifest.entry).toBe("main.bundle.js");
+      expect(manifest.capabilities).toEqual(["process", "syndicate"]);
+      expect(manifest.config).toEqual({ auto_publish: false });
+    });
+  });
+
+  describe("URL builders", () => {
+    it("loginUrl uses current domain", async () => {
+      await initializeDomain(); // defaults to matters.town
+      expect(loginUrl()).toBe("https://matters.town/login");
+    });
+
+    it("loginUrl uses configured domain", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+      await initializeDomain();
+      expect(loginUrl()).toBe("https://matters.icu/login");
+    });
+
+    it("draftUrl constructs correct URL", async () => {
+      await initializeDomain();
+      expect(draftUrl("draft-123")).toBe(
+        "https://matters.town/me/drafts/draft-123"
+      );
+    });
+
+    it("draftUrl uses configured domain", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+      await initializeDomain();
+      expect(draftUrl("draft-456")).toBe(
+        "https://matters.icu/me/drafts/draft-456"
+      );
+    });
+
+    it("articleUrl constructs correct URL", async () => {
+      await initializeDomain();
+      expect(articleUrl("alice", "my-article", "abc123")).toBe(
+        "https://matters.town/@alice/my-article-abc123"
+      );
+    });
+
+    it("articleUrl uses configured domain", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+      await initializeDomain();
+      expect(articleUrl("bob", "test-post", "xyz789")).toBe(
+        "https://matters.icu/@bob/test-post-xyz789"
+      );
+    });
+  });
+
+  describe("isMattersUrl", () => {
+    it("matches default domain", async () => {
+      await initializeDomain();
+      expect(isMattersUrl("https://matters.town/@alice/post-abc123")).toBe(true);
+      expect(isMattersUrl("https://example.com/article")).toBe(false);
+    });
+
+    it("matches configured domain", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+      await initializeDomain();
+
+      expect(isMattersUrl("https://matters.icu/@alice/post-abc123")).toBe(true);
+      // Should NOT match matters.town when configured to matters.icu
+      expect(isMattersUrl("https://matters.town/@alice/post-abc123")).toBe(
+        false
+      );
+    });
+
+    it("handles edge cases", async () => {
+      await initializeDomain();
+      expect(isMattersUrl("")).toBe(false);
+      expect(isMattersUrl("matters.town")).toBe(true); // contains domain
+    });
+  });
+
+  describe("isInternalMattersLink", () => {
+    it("matches user's own content on default domain", async () => {
+      await initializeDomain();
+      expect(
+        isInternalMattersLink(
+          "https://matters.town/@alice/my-post-abc",
+          "alice"
+        )
+      ).toBe(true);
+      expect(
+        isInternalMattersLink(
+          "https://matters.town/@bob/other-post-abc",
+          "alice"
+        )
+      ).toBe(false);
+    });
+
+    it("matches user's own content on configured domain", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+      await initializeDomain();
+
+      expect(
+        isInternalMattersLink(
+          "https://matters.icu/@alice/my-post-abc",
+          "alice"
+        )
+      ).toBe(true);
+      // Should NOT match matters.town when configured to matters.icu
+      expect(
+        isInternalMattersLink(
+          "https://matters.town/@alice/my-post-abc",
+          "alice"
+        )
+      ).toBe(false);
+    });
+  });
+
+  describe("getDomain", () => {
+    it("returns default before initialization", () => {
+      expect(getDomain()).toBe("matters.town");
+    });
+
+    it("returns configured domain after initialization", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+      await initializeDomain();
+      expect(getDomain()).toBe("matters.icu");
+    });
+  });
+
+  describe("resetDomain", () => {
+    it("resets to default", async () => {
+      ctx.filesystem.setFile(
+        `${ctx.projectPath}/.moss/plugins/${PLUGIN_NAME}/config.json`,
+        JSON.stringify({ domain: "matters.icu" })
+      );
+      await initializeDomain();
+      expect(getDomain()).toBe("matters.icu");
+
+      resetDomain();
+      expect(getDomain()).toBe("matters.town");
+    });
+  });
+});
+
+// ============================================================================
+// extractShortHash — pure URL parsing (no Tauri context needed)
+// ============================================================================
+
+describe("extractShortHash", () => {
+  it("extracts shortHash from standard Matters URL", () => {
+    const url = "https://matters.town/@testuser/test-article-abc123def";
+    expect(extractShortHash(url)).toBe("abc123def");
+  });
+
+  it("extracts shortHash from URL with multiple hyphens in slug", () => {
+    const url = "https://matters.town/@testuser/my-long-article-title-xyz789";
+    expect(extractShortHash(url)).toBe("xyz789");
+  });
+
+  it("extracts shortHash from Chinese article URL", () => {
+    const url = "https://matters.town/@testuser/测试文章-shortHash123";
+    expect(extractShortHash(url)).toBe("shortHash123");
+  });
+
+  it("returns null for invalid URL", () => {
+    expect(extractShortHash("not a url")).toBe(null);
+  });
+
+  it("returns null for URL without path segments", () => {
+    expect(extractShortHash("https://matters.town/")).toBe(null);
+  });
+
+  it("returns null for URL with only slug (no hyphen)", () => {
+    expect(extractShortHash("https://matters.town/@testuser/article")).toBe(null);
+  });
+
+  it("extracts shortHash from /a/ short-link URL", () => {
+    expect(extractShortHash("https://matters.town/a/aj5szksg7ppa")).toBe("aj5szksg7ppa");
+  });
+
+  it("extracts shortHash from /a/ short-link with query and fragment", () => {
+    expect(extractShortHash("https://matters.town/a/aj5szksg7ppa?utm=x#comment")).toBe(
+      "aj5szksg7ppa"
+    );
+  });
+
+  it("returns null for bare /a path with no shortHash", () => {
+    expect(extractShortHash("https://matters.town/a")).toBe(null);
+    expect(extractShortHash("https://matters.town/a/")).toBe(null);
+  });
+});