@unifiedmemory/cli 1.3.0 → 1.3.6

package/tests/mocks/token-storage.mock.js

@@ -0,0 +1,79 @@
+/**
+ * Mock for token-storage.js
+ *
+ * Provides mock implementations of token storage functions
+ * that don't interact with the real filesystem.
+ */
+
+import { vi } from 'vitest';
+import mockAuthData from '../fixtures/mock-auth.json' with { type: 'json' };
+import expiredAuthData from '../fixtures/expired-auth.json' with { type: 'json' };
+
+/**
+ * Creates a mock token storage module with configurable behavior
+ * @param {Object} options - Configuration options
+ * @param {Object|null} options.initialToken - Initial token data to return (use null for no token)
+ * @param {boolean} options.expired - Whether to use expired token fixture
+ * @param {boolean} options.empty - Whether to start with no token
+ * @returns {Object} Mock token storage functions
+ */
+export function createTokenStorageMock(options = {}) {
+  let tokenData;
+
+  if (options.empty) {
+    tokenData = null;
+  } else if (options.expired) {
+    tokenData = { ...expiredAuthData };
+  } else if (options.initialToken !== undefined) {
+    tokenData = options.initialToken;
+  } else {
+    tokenData = { ...mockAuthData };
+  }
+
+  return {
+    saveToken: vi.fn((data) => {
+      tokenData = data;
+    }),
+
+    getToken: vi.fn(() => tokenData),
+
+    clearToken: vi.fn(() => {
+      tokenData = null;
+    }),
+
+    updateSelectedOrg: vi.fn((orgData) => {
+      if (tokenData) {
+        tokenData.selectedOrg = orgData;
+      } else {
+        throw new Error('No token found. Please login first.');
+      }
+    }),
+
+    getSelectedOrg: vi.fn(() => tokenData?.selectedOrg || null),
+
+    // Helper to reset state between tests
+    _reset: (newData = null) => {
+      tokenData = newData ?? { ...mockAuthData };
+    },
+
+    // Helper to get current state for assertions
+    _getState: () => tokenData,
+  };
+}
+
+/**
+ * Creates mock token storage that returns null (no token)
+ */
+export function createEmptyTokenStorageMock() {
+  return createTokenStorageMock({ empty: true });
+}
+
+/**
+ * Creates mock token storage with expired token
+ */
+export function createExpiredTokenStorageMock() {
+  return createTokenStorageMock({ expired: true });
+}
+
+// Export fixtures for direct use in tests
+export { mockAuthData, expiredAuthData };

package/tests/setup.js

@@ -0,0 +1,29 @@
+/**
+ * Vitest Global Test Setup
+ *
+ * This file runs before all tests and sets up the test environment.
+ * It configures mocks and ensures tests don't interact with real auth.
+ */
+
+import { vi, beforeAll, afterAll, afterEach } from 'vitest';
+
+// Ensure we're in test mode
+process.env.NODE_ENV = 'test';
+
+// Mock console.error to reduce noise in tests (optional)
+// Uncomment if you want to suppress console output during tests:
+// vi.spyOn(console, 'error').mockImplementation(() => {});
+// vi.spyOn(console, 'log').mockImplementation(() => {});
+
+beforeAll(() => {
+  // Global setup before all tests
+});
+
+afterEach(() => {
+  // Clean up mocks after each test
+  vi.restoreAllMocks();
+});
+
+afterAll(() => {
+  // Global cleanup after all tests
+});

package/tests/unit/config.test.js

@@ -0,0 +1,165 @@
+/**
+ * Unit tests for lib/config.js
+ *
+ * Tests configuration loading and validation.
+ * Note: The config module loads environment variables at import time,
+ * so we test the validateConfig function and config structure.
+ */
+
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+
+describe('config', () => {
+  // Store original env vars
+  const originalEnv = { ...process.env };
+
+  beforeEach(() => {
+    // Reset modules to get fresh config import
+    vi.resetModules();
+  });
+
+  afterEach(() => {
+    // Restore original environment
+    process.env = { ...originalEnv };
+    vi.resetModules();
+  });
+
+  describe('default configuration', () => {
+    it('should have default values when no environment variables are set', async () => {
+      // Clear relevant env vars
+      delete process.env.CLERK_CLIENT_ID;
+      delete process.env.CLERK_DOMAIN;
+      delete process.env.API_ENDPOINT;
+      delete process.env.REDIRECT_URI;
+      delete process.env.PORT;
+
+      // Fresh import to get defaults
+      const { config } = await import('../../lib/config.js');
+
+      expect(config.clerkClientId).toBe('nULlnomaKB9rRGP2');
+      expect(config.clerkDomain).toBe('clear-caiman-45.clerk.accounts.dev');
+      expect(config.apiEndpoint).toBe('https://rose-asp-main-1c0b114.d2.zuplo.dev');
+      expect(config.redirectUri).toBe('http://localhost:3333/callback');
+      expect(config.port).toBe(3333);
+    });
+
+    it('should have clerkClientSecret as undefined by default', async () => {
+      delete process.env.CLERK_CLIENT_SECRET;
+
+      const { config } = await import('../../lib/config.js');
+
+      expect(config.clerkClientSecret).toBeUndefined();
+    });
+  });
+
+  describe('environment variable overrides', () => {
+    it('should use CLERK_CLIENT_ID from environment', async () => {
+      process.env.CLERK_CLIENT_ID = 'custom_client_id';
+
+      const { config } = await import('../../lib/config.js');
+
+      expect(config.clerkClientId).toBe('custom_client_id');
+    });
+
+    it('should use CLERK_DOMAIN from environment', async () => {
+      process.env.CLERK_DOMAIN = 'custom.clerk.dev';
+
+      const { config } = await import('../../lib/config.js');
+
+      expect(config.clerkDomain).toBe('custom.clerk.dev');
+    });
+
+    it('should use API_ENDPOINT from environment', async () => {
+      process.env.API_ENDPOINT = 'https://custom-api.example.com';
+
+      const { config } = await import('../../lib/config.js');
+
+      expect(config.apiEndpoint).toBe('https://custom-api.example.com');
+    });
+
+    it('should use REDIRECT_URI from environment', async () => {
+      process.env.REDIRECT_URI = 'http://localhost:8080/callback';
+
+      const { config } = await import('../../lib/config.js');
+
+      expect(config.redirectUri).toBe('http://localhost:8080/callback');
+    });
+
+    it('should use PORT from environment and parse as integer', async () => {
+      process.env.PORT = '8080';
+
+      const { config } = await import('../../lib/config.js');
+
+      expect(config.port).toBe(8080);
+      expect(typeof config.port).toBe('number');
+    });
+
+    it('should use CLERK_CLIENT_SECRET from environment', async () => {
+      process.env.CLERK_CLIENT_SECRET = 'secret_key_123';
+
+      const { config } = await import('../../lib/config.js');
+
+      expect(config.clerkClientSecret).toBe('secret_key_123');
+    });
+  });
+
+  describe('validateConfig', () => {
+    it('should return true for valid default configuration', async () => {
+      const { validateConfig } = await import('../../lib/config.js');
+
+      expect(validateConfig()).toBe(true);
+    });
+
+    it('should throw error for invalid API_ENDPOINT URL', async () => {
+      process.env.API_ENDPOINT = 'not-a-valid-url';
+
+      const { validateConfig } = await import('../../lib/config.js');
+
+      expect(() => validateConfig()).toThrow('API_ENDPOINT must be a valid URL');
+    });
+
+    it('should use default when CLERK_DOMAIN is empty (falsy falls back to default)', async () => {
+      process.env.CLERK_DOMAIN = '';
+
+      const { config, validateConfig } = await import('../../lib/config.js');
+
+      // Empty string is falsy, so it falls back to default
+      expect(config.clerkDomain).toBe('clear-caiman-45.clerk.accounts.dev');
+      expect(validateConfig()).toBe(true);
+    });
+
+    it('should throw error when CLERK_DOMAIN is whitespace only', async () => {
+      // Whitespace is truthy, so it will be used instead of default
+      process.env.CLERK_DOMAIN = '   ';
+
+      const { validateConfig } = await import('../../lib/config.js');
+
+      expect(() => validateConfig()).toThrow('CLERK_DOMAIN cannot be empty');
+    });
+
+    it('should use default when CLERK_CLIENT_ID is empty (falsy falls back to default)', async () => {
+      process.env.CLERK_CLIENT_ID = '';
+
+      const { config, validateConfig } = await import('../../lib/config.js');
+
+      // Empty string is falsy, so it falls back to default
+      expect(config.clerkClientId).toBe('nULlnomaKB9rRGP2');
+      expect(validateConfig()).toBe(true);
+    });
+
+    it('should accept valid HTTPS URL for API_ENDPOINT', async () => {
+      process.env.API_ENDPOINT = 'https://api.example.com/v1';
+
+      const { validateConfig } = await import('../../lib/config.js');
+
+      expect(validateConfig()).toBe(true);
+    });
+
+    it('should accept valid HTTP URL for API_ENDPOINT (development)', async () => {
+      process.env.API_ENDPOINT = 'http://localhost:8000';
+
+      const { validateConfig } = await import('../../lib/config.js');
+
+      expect(validateConfig()).toBe(true);
+    });
+  });
+});

package/tests/unit/jwt-utils.test.js

@@ -0,0 +1,217 @@
+/**
+ * Unit tests for lib/jwt-utils.js
+ *
+ * Tests JWT parsing, validation, and expiration checking functions.
+ */
+
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import {
+  parseJWT,
+  isJWTExpired,
+  validateJWTStructure,
+  getTimeUntilExpiration,
+} from '../../lib/jwt-utils.js';
+
+describe('jwt-utils', () => {
+  describe('parseJWT', () => {
+    it('should parse a valid JWT and return the payload', () => {
+      // Create a valid JWT with base64url-encoded payload
+      const payload = { sub: 'user_123', email: 'test@test.com', exp: 9999999999 };
+      const encodedPayload = Buffer.from(JSON.stringify(payload)).toString('base64');
+      const token = `header.${encodedPayload}.signature`;
+
+      const result = parseJWT(token);
+
+      expect(result).toEqual(payload);
+    });
+
+    it('should return null for invalid JWT with wrong number of parts', () => {
+      expect(parseJWT('invalid')).toBeNull();
+      expect(parseJWT('only.two')).toBeNull();
+      expect(parseJWT('too.many.parts.here')).toBeNull();
+    });
+
+    it('should return null for JWT with invalid base64 payload', () => {
+      const token = 'header.!!!invalid-base64!!!.signature';
+
+      const result = parseJWT(token);
+
+      expect(result).toBeNull();
+    });
+
+    it('should return null for JWT with non-JSON payload', () => {
+      const encodedPayload = Buffer.from('not-json').toString('base64');
+      const token = `header.${encodedPayload}.signature`;
+
+      const result = parseJWT(token);
+
+      expect(result).toBeNull();
+    });
+
+    it('should return null for empty string', () => {
+      expect(parseJWT('')).toBeNull();
+    });
+
+    it('should handle JWT with special characters in payload', () => {
+      const payload = { sub: 'user_123', email: 'test+special@test.com', name: 'Test User' };
+      const encodedPayload = Buffer.from(JSON.stringify(payload)).toString('base64');
+      const token = `header.${encodedPayload}.signature`;
+
+      const result = parseJWT(token);
+
+      expect(result).toEqual(payload);
+    });
+  });
+
+  describe('isJWTExpired', () => {
+    beforeEach(() => {
+      // Mock Date.now() for consistent testing
+      vi.useFakeTimers();
+      vi.setSystemTime(new Date('2024-06-15T12:00:00.000Z'));
+    });
+
+    afterEach(() => {
+      vi.useRealTimers();
+    });
+
+    it('should return true for expired token', () => {
+      // Token expired on Jan 1, 2024
+      const decoded = { exp: Math.floor(new Date('2024-01-01T00:00:00.000Z').getTime() / 1000) };
+
+      expect(isJWTExpired(decoded)).toBe(true);
+    });
+
+    it('should return false for valid (non-expired) token', () => {
+      // Token expires on Dec 31, 2024
+      const decoded = { exp: Math.floor(new Date('2024-12-31T00:00:00.000Z').getTime() / 1000) };
+
+      expect(isJWTExpired(decoded)).toBe(false);
+    });
+
+    it('should return true when token has no exp claim', () => {
+      expect(isJWTExpired({})).toBe(true);
+      expect(isJWTExpired({ sub: 'user_123' })).toBe(true);
+    });
+
+    it('should return true for null/undefined decoded value', () => {
+      expect(isJWTExpired(null)).toBe(true);
+      expect(isJWTExpired(undefined)).toBe(true);
+    });
+
+    it('should respect buffer parameter', () => {
+      // Token expires in exactly 5 minutes from now
+      const fiveMinutesFromNow = Math.floor(Date.now() / 1000) + 300;
+      const decoded = { exp: fiveMinutesFromNow };
+
+      // Without buffer, not expired
+      expect(isJWTExpired(decoded, 0)).toBe(false);
+
+      // With 10-minute buffer (600000ms), considered expired
+      expect(isJWTExpired(decoded, 600000)).toBe(true);
+
+      // With 3-minute buffer (180000ms), not expired yet
+      expect(isJWTExpired(decoded, 180000)).toBe(false);
+    });
+
+    it('should handle edge case where exp equals current time', () => {
+      const now = Math.floor(Date.now() / 1000);
+      const decoded = { exp: now };
+
+      // Exactly at expiration time should be considered expired
+      expect(isJWTExpired(decoded)).toBe(true);
+    });
+  });
+
+  describe('validateJWTStructure', () => {
+    it('should return truthy for valid JWT structure with sub and exp', () => {
+      const decoded = { sub: 'user_123', exp: 9999999999 };
+
+      expect(validateJWTStructure(decoded)).toBeTruthy();
+    });
+
+    it('should return falsy when sub is missing', () => {
+      const decoded = { exp: 9999999999, email: 'test@test.com' };
+
+      expect(validateJWTStructure(decoded)).toBeFalsy();
+    });
+
+    it('should return falsy when exp is missing', () => {
+      const decoded = { sub: 'user_123', email: 'test@test.com' };
+
+      expect(validateJWTStructure(decoded)).toBeFalsy();
+    });
+
+    it('should return falsy for null/undefined', () => {
+      expect(validateJWTStructure(null)).toBeFalsy();
+      expect(validateJWTStructure(undefined)).toBeFalsy();
+    });
+
+    it('should return falsy for non-object values', () => {
+      expect(validateJWTStructure('string')).toBeFalsy();
+      expect(validateJWTStructure(123)).toBeFalsy();
+      expect(validateJWTStructure([])).toBeFalsy();
+    });
+
+    it('should return truthy when sub and exp have any truthy value', () => {
+      const decoded = { sub: 'any_value', exp: 1 };
+
+      expect(validateJWTStructure(decoded)).toBeTruthy();
+    });
+
+    it('should return falsy when sub or exp are falsy (0, empty string)', () => {
+      expect(validateJWTStructure({ sub: '', exp: 9999999999 })).toBeFalsy();
+      expect(validateJWTStructure({ sub: 'user_123', exp: 0 })).toBeFalsy();
+    });
+  });
+
+  describe('getTimeUntilExpiration', () => {
+    beforeEach(() => {
+      vi.useFakeTimers();
+      vi.setSystemTime(new Date('2024-06-15T12:00:00.000Z'));
+    });
+
+    afterEach(() => {
+      vi.useRealTimers();
+    });
+
+    it('should return positive milliseconds for future expiration', () => {
+      // Expires 1 hour from now
+      const oneHourFromNow = Math.floor(Date.now() / 1000) + 3600;
+      const decoded = { exp: oneHourFromNow };
+
+      const result = getTimeUntilExpiration(decoded);
+
+      // Should be approximately 1 hour in milliseconds
+      expect(result).toBeCloseTo(3600000, -2); // Allow small variance
+    });
+
+    it('should return negative milliseconds for past expiration', () => {
+      // Expired 1 hour ago
+      const oneHourAgo = Math.floor(Date.now() / 1000) - 3600;
+      const decoded = { exp: oneHourAgo };
+
+      const result = getTimeUntilExpiration(decoded);
+
+      expect(result).toBeCloseTo(-3600000, -2);
+    });
+
+    it('should return -1 when no exp claim exists', () => {
+      expect(getTimeUntilExpiration({})).toBe(-1);
+      expect(getTimeUntilExpiration({ sub: 'user_123' })).toBe(-1);
+    });
+
+    it('should return -1 for null/undefined decoded value', () => {
+      expect(getTimeUntilExpiration(null)).toBe(-1);
+      expect(getTimeUntilExpiration(undefined)).toBe(-1);
+    });
+
+    it('should return approximately 0 when exp equals current time', () => {
+      const now = Math.floor(Date.now() / 1000);
+      const decoded = { exp: now };
+
+      const result = getTimeUntilExpiration(decoded);
+
+      expect(result).toBeCloseTo(0, -2);
+    });
+  });
+});