@uploadista/server 0.0.3

package/dist/auth/service.test.js

@@ -0,0 +1,195 @@
+import { Effect } from "effect";
+import { describe, expect, it } from "vitest";
+import { AuthContextService, AuthContextServiceLive, NoAuthContextServiceLive, } from "./service";
+describe("AuthContextService", () => {
+    describe("AuthContextServiceLive", () => {
+        it("should return userId when auth context is provided", async () => {
+            const authContext = {
+                clientId: "user-123",
+                metadata: { role: "admin" },
+                permissions: ["upload:create", "flow:execute"],
+            };
+            const layer = AuthContextServiceLive(authContext);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getClientId();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toBe("user-123");
+        });
+        it("should return null when auth context is null", async () => {
+            const layer = AuthContextServiceLive(null);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getClientId();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toBeNull();
+        });
+        it("should return metadata when auth context is provided", async () => {
+            const authContext = {
+                clientId: "user-123",
+                metadata: { role: "admin", tier: "premium" },
+                permissions: [],
+            };
+            const layer = AuthContextServiceLive(authContext);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getMetadata();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toEqual({ role: "admin", tier: "premium" });
+        });
+        it("should return empty object when auth context has no metadata", async () => {
+            const authContext = {
+                clientId: "user-123",
+            };
+            const layer = AuthContextServiceLive(authContext);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getMetadata();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toEqual({});
+        });
+        it("should return empty object when auth context is null", async () => {
+            const layer = AuthContextServiceLive(null);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getMetadata();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toEqual({});
+        });
+        it("should return true for existing permission", async () => {
+            const authContext = {
+                clientId: "user-123",
+                permissions: ["upload:create", "flow:execute", "admin:read"],
+            };
+            const layer = AuthContextServiceLive(authContext);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.hasPermission("flow:execute");
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toBe(true);
+        });
+        it("should return false for non-existing permission", async () => {
+            const authContext = {
+                clientId: "user-123",
+                permissions: ["upload:create", "flow:execute"],
+            };
+            const layer = AuthContextServiceLive(authContext);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.hasPermission("admin:write");
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toBe(false);
+        });
+        it("should return false for permission check when no permissions array", async () => {
+            const authContext = {
+                clientId: "user-123",
+            };
+            const layer = AuthContextServiceLive(authContext);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.hasPermission("upload:create");
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toBe(false);
+        });
+        it("should return false for permission check when auth context is null", async () => {
+            const layer = AuthContextServiceLive(null);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.hasPermission("upload:create");
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toBe(false);
+        });
+        it("should return full auth context when provided", async () => {
+            const authContext = {
+                clientId: "user-123",
+                metadata: { role: "admin" },
+                permissions: ["upload:create"],
+            };
+            const layer = AuthContextServiceLive(authContext);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getAuthContext();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toEqual(authContext);
+        });
+        it("should return null auth context when not provided", async () => {
+            const layer = AuthContextServiceLive(null);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getAuthContext();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toBeNull();
+        });
+    });
+    describe("NoAuthContextServiceLive", () => {
+        it("should return null for getUserId", async () => {
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getClientId();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(NoAuthContextServiceLive)));
+            expect(result).toBeNull();
+        });
+        it("should return empty object for getMetadata", async () => {
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getMetadata();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(NoAuthContextServiceLive)));
+            expect(result).toEqual({});
+        });
+        it("should return false for any permission check", async () => {
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                const result1 = yield* service.hasPermission("upload:create");
+                const result2 = yield* service.hasPermission("admin:write");
+                return { result1, result2 };
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(NoAuthContextServiceLive)));
+            expect(result.result1).toBe(false);
+            expect(result.result2).toBe(false);
+        });
+        it("should return null for getAuthContext", async () => {
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                return yield* service.getAuthContext();
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(NoAuthContextServiceLive)));
+            expect(result).toBeNull();
+        });
+    });
+    describe("Effect Layer composition", () => {
+        it("should work in composed effect programs", async () => {
+            const authContext = {
+                clientId: "user-456",
+                metadata: { department: "engineering" },
+                permissions: ["flow:execute"],
+            };
+            const layer = AuthContextServiceLive(authContext);
+            const program = Effect.gen(function* () {
+                const service = yield* AuthContextService;
+                const clientId = yield* service.getClientId();
+                const metadata = yield* service.getMetadata();
+                const hasPermission = yield* service.hasPermission("flow:execute");
+                return { clientId, metadata, hasPermission };
+            });
+            const result = await Effect.runPromise(program.pipe(Effect.provide(layer)));
+            expect(result).toEqual({
+                clientId: "user-456",
+                metadata: { department: "engineering" },
+                hasPermission: true,
+            });
+        });
+    });
+});

package/dist/auth/types.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Authentication context containing user identity and authorization metadata.
+ * This context is extracted from authentication middleware and made available
+ * throughout the upload and flow processing pipeline via Effect Layer.
+ */
+export type AuthContext = {
+    /**
+     * Unique identifier for the authenticated user.
+     * This is typically extracted from JWT claims (sub), session data, or API key metadata.
+     */
+    clientId: string;
+    /**
+     * Optional metadata for authorization and tracking purposes.
+     * Can include rate limits, quotas, permissions, or custom application data.
+     *
+     * @example
+     * ```typescript
+     * {
+     *   permissions: ['upload:create', 'flow:execute'],
+     *   rateLimit: { requests: 1000, period: 3600 },
+     *   quota: { storage: 10737418240, used: 5368709120 }
+     * }
+     * ```
+     */
+    metadata?: Record<string, unknown>;
+    /**
+     * Optional list of permissions granted to the user.
+     * These can be used for fine-grained access control in the future.
+     */
+    permissions?: string[];
+};
+/**
+ * Result type for authentication middleware.
+ * - AuthContext: Successful authentication with user identity
+ * - null: Authentication failed or not authenticated
+ */
+export type AuthResult = AuthContext | null;
+//# sourceMappingURL=types.d.ts.map

package/dist/auth/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,MAAM,WAAW,GAAG;IACxB;;;OAGG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;;;;;;;;;OAYG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEnC;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,UAAU,GAAG,WAAW,GAAG,IAAI,CAAC"}

package/dist/auth/types.js

@@ -0,0 +1 @@
+export {};

package/dist/cache.d.ts

@@ -0,0 +1,87 @@
+import { Context, Effect, Layer } from "effect";
+import type { AuthContext } from "./types";
+/**
+ * Configuration options for the auth cache.
+ */
+export type AuthCacheConfig = {
+    /**
+     * Maximum number of entries in the cache.
+     * When exceeded, oldest entries are removed (LRU eviction).
+     * @default 10000
+     */
+    maxSize?: number;
+    /**
+     * Time-to-live for cache entries in milliseconds.
+     * Entries older than this will be automatically evicted.
+     * @default 3600000 (1 hour)
+     */
+    ttl?: number;
+};
+declare const AuthCacheService_base: Context.TagClass<AuthCacheService, "AuthCacheService", {
+    /**
+     * Store an auth context for a job ID.
+     */
+    readonly set: (jobId: string, authContext: AuthContext) => Effect.Effect<void>;
+    /**
+     * Retrieve a cached auth context by job ID.
+     * Returns null if not found or expired.
+     */
+    readonly get: (jobId: string) => Effect.Effect<AuthContext | null>;
+    /**
+     * Delete a cached auth context by job ID.
+     */
+    readonly delete: (jobId: string) => Effect.Effect<void>;
+    /**
+     * Clear all cached auth contexts.
+     */
+    readonly clear: () => Effect.Effect<void>;
+    /**
+     * Get the current number of cached entries.
+     */
+    readonly size: () => Effect.Effect<number>;
+}>;
+/**
+ * Auth Cache Service
+ *
+ * Provides caching of authentication contexts for upload and flow jobs.
+ * This allows subsequent operations (chunk uploads, flow continuations)
+ * to reuse the auth context from the initial request without re-authenticating.
+ *
+ * @example
+ * ```typescript
+ * import { Effect } from "effect";
+ * import { AuthCacheService } from "@uploadista/server";
+ *
+ * const handler = Effect.gen(function* () {
+ *   const authCache = yield* AuthCacheService;
+ *   const authContext = { userId: "user-123" };
+ *
+ *   // Cache auth for upload
+ *   yield* authCache.set("upload-abc", authContext);
+ *
+ *   // Retrieve cached auth later
+ *   const cached = yield* authCache.get("upload-abc");
+ *   console.log(cached?.userId); // "user-123"
+ *
+ *   // Clear when done
+ *   yield* authCache.delete("upload-abc");
+ * });
+ * ```
+ */
+export declare class AuthCacheService extends AuthCacheService_base {
+}
+/**
+ * Creates an AuthCacheService Layer with in-memory storage.
+ *
+ * @param config - Optional configuration for cache behavior
+ * @returns Effect Layer providing AuthCacheService
+ */
+export declare const AuthCacheServiceLive: (config?: AuthCacheConfig) => Layer.Layer<AuthCacheService>;
+/**
+ * No-op implementation of AuthCacheService.
+ * Does not cache anything - all operations are no-ops.
+ * Used when caching is disabled or not needed.
+ */
+export declare const NoAuthCacheServiceLive: Layer.Layer<AuthCacheService>;
+export {};
+//# sourceMappingURL=cache.d.ts.map

package/dist/cache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.d.ts","sourceRoot":"","sources":["../src/cache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAChD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAE3C;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG;IAC5B;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC;;IAyCE;;OAEG;kBACW,CACZ,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,WAAW,KACrB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;IAExB;;;OAGG;kBACW,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,CAAC,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC;IAElE;;OAEG;qBACc,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;IAEvD;;OAEG;oBACa,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;IAEzC;;OAEG;mBACY,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;;AA1D9C;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,qBAAa,gBAAiB,SAAQ,qBAgCnC;CAAG;AAEN;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB,GAC/B,SAAQ,eAAoB,KAC3B,KAAK,CAAC,KAAK,CAAC,gBAAgB,CAyF9B,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,EAAE,KAAK,CAAC,KAAK,CAAC,gBAAgB,CAO7D,CAAC"}

package/dist/cache.js

@@ -0,0 +1,121 @@
+import { Context, Effect, Layer } from "effect";
+/**
+ * Auth Cache Service
+ *
+ * Provides caching of authentication contexts for upload and flow jobs.
+ * This allows subsequent operations (chunk uploads, flow continuations)
+ * to reuse the auth context from the initial request without re-authenticating.
+ *
+ * @example
+ * ```typescript
+ * import { Effect } from "effect";
+ * import { AuthCacheService } from "@uploadista/server";
+ *
+ * const handler = Effect.gen(function* () {
+ *   const authCache = yield* AuthCacheService;
+ *   const authContext = { userId: "user-123" };
+ *
+ *   // Cache auth for upload
+ *   yield* authCache.set("upload-abc", authContext);
+ *
+ *   // Retrieve cached auth later
+ *   const cached = yield* authCache.get("upload-abc");
+ *   console.log(cached?.userId); // "user-123"
+ *
+ *   // Clear when done
+ *   yield* authCache.delete("upload-abc");
+ * });
+ * ```
+ */
+export class AuthCacheService extends Context.Tag("AuthCacheService")() {
+}
+/**
+ * Creates an AuthCacheService Layer with in-memory storage.
+ *
+ * @param config - Optional configuration for cache behavior
+ * @returns Effect Layer providing AuthCacheService
+ */
+export const AuthCacheServiceLive = (config = {}) => {
+    const maxSize = config.maxSize ?? 10000;
+    const ttl = config.ttl ?? 3600000; // 1 hour default
+    // In-memory cache storage
+    const cache = new Map();
+    /**
+     * Evict expired entries based on TTL.
+     */
+    const evictExpired = () => {
+        const now = Date.now();
+        for (const [jobId, entry] of cache.entries()) {
+            if (now - entry.timestamp > ttl) {
+                cache.delete(jobId);
+            }
+        }
+    };
+    /**
+     * Enforce max size limit using LRU eviction.
+     * Removes oldest entry when cache exceeds max size.
+     */
+    const enforceSizeLimit = () => {
+        if (cache.size <= maxSize)
+            return;
+        // Find and remove oldest entry
+        let oldestKey = null;
+        let oldestTime = Number.POSITIVE_INFINITY;
+        for (const [jobId, entry] of cache.entries()) {
+            if (entry.timestamp < oldestTime) {
+                oldestTime = entry.timestamp;
+                oldestKey = jobId;
+            }
+        }
+        if (oldestKey) {
+            cache.delete(oldestKey);
+        }
+    };
+    return Layer.succeed(AuthCacheService, {
+        set: (jobId, authContext) => Effect.sync(() => {
+            // Evict expired entries periodically
+            if (cache.size % 100 === 0) {
+                evictExpired();
+            }
+            cache.set(jobId, {
+                authContext,
+                timestamp: Date.now(),
+            });
+            // Enforce size limit after adding
+            enforceSizeLimit();
+        }),
+        get: (jobId) => Effect.sync(() => {
+            const entry = cache.get(jobId);
+            if (!entry)
+                return null;
+            // Check if expired
+            const now = Date.now();
+            if (now - entry.timestamp > ttl) {
+                cache.delete(jobId);
+                return null;
+            }
+            return entry.authContext;
+        }),
+        delete: (jobId) => Effect.sync(() => {
+            cache.delete(jobId);
+        }),
+        clear: () => Effect.sync(() => {
+            cache.clear();
+        }),
+        size: () => Effect.sync(() => {
+            return cache.size;
+        }),
+    });
+};
+/**
+ * No-op implementation of AuthCacheService.
+ * Does not cache anything - all operations are no-ops.
+ * Used when caching is disabled or not needed.
+ */
+export const NoAuthCacheServiceLive = Layer.succeed(AuthCacheService, {
+    set: () => Effect.void,
+    get: () => Effect.succeed(null),
+    delete: () => Effect.void,
+    clear: () => Effect.void,
+    size: () => Effect.succeed(0),
+});

package/dist/cache.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=cache.test.d.ts.map

package/dist/cache.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.test.d.ts","sourceRoot":"","sources":["../src/cache.test.ts"],"names":[],"mappings":""}

package/dist/cache.test.js

@@ -0,0 +1,209 @@
+import { Effect } from "effect";
+import { describe, expect, it } from "vitest";
+import { AuthCacheService, AuthCacheServiceLive, NoAuthCacheServiceLive, } from "./cache";
+describe("AuthCacheService", () => {
+    describe("AuthCacheServiceLive", () => {
+        it("should set and get auth context", async () => {
+            const authContext = {
+                clientId: "user-123",
+                metadata: { role: "admin" },
+            };
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                // Set auth context
+                yield* cache.set("job-1", authContext);
+                // Get auth context
+                const retrieved = yield* cache.get("job-1");
+                expect(retrieved).toEqual(authContext);
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive())));
+        });
+        it("should return null for non-existent job ID", async () => {
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                const retrieved = yield* cache.get("non-existent");
+                expect(retrieved).toBeNull();
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive())));
+        });
+        it("should delete cached auth context", async () => {
+            const authContext = {
+                clientId: "user-123",
+            };
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                // Set and verify
+                yield* cache.set("job-1", authContext);
+                const before = yield* cache.get("job-1");
+                expect(before).toEqual(authContext);
+                // Delete
+                yield* cache.delete("job-1");
+                // Verify deleted
+                const after = yield* cache.get("job-1");
+                expect(after).toBeNull();
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive())));
+        });
+        it("should clear all cached auth contexts", async () => {
+            const authContext1 = { clientId: "user-1" };
+            const authContext2 = { clientId: "user-2" };
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                // Set multiple entries
+                yield* cache.set("job-1", authContext1);
+                yield* cache.set("job-2", authContext2);
+                const sizeBefore = yield* cache.size();
+                expect(sizeBefore).toBe(2);
+                // Clear all
+                yield* cache.clear();
+                const sizeAfter = yield* cache.size();
+                expect(sizeAfter).toBe(0);
+                // Verify both deleted
+                const job1 = yield* cache.get("job-1");
+                const job2 = yield* cache.get("job-2");
+                expect(job1).toBeNull();
+                expect(job2).toBeNull();
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive())));
+        });
+        it("should track cache size", async () => {
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                let size = yield* cache.size();
+                expect(size).toBe(0);
+                yield* cache.set("job-1", { clientId: "user-1" });
+                size = yield* cache.size();
+                expect(size).toBe(1);
+                yield* cache.set("job-2", { clientId: "user-2" });
+                size = yield* cache.size();
+                expect(size).toBe(2);
+                yield* cache.delete("job-1");
+                size = yield* cache.size();
+                expect(size).toBe(1);
+                yield* cache.clear();
+                size = yield* cache.size();
+                expect(size).toBe(0);
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive())));
+        });
+        it("should evict expired entries", async () => {
+            // Set very short TTL for testing
+            const shortTtl = 50; // 50ms
+            const authContext = {
+                clientId: "user-123",
+            };
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                // Set auth context
+                yield* cache.set("job-1", authContext);
+                // Verify it's there immediately
+                const immediate = yield* cache.get("job-1");
+                expect(immediate).toEqual(authContext);
+                // Wait for TTL to expire
+                yield* Effect.sleep(100); // Wait 100ms (longer than 50ms TTL)
+                // Should be evicted now
+                const afterExpiry = yield* cache.get("job-1");
+                expect(afterExpiry).toBeNull();
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive({ ttl: shortTtl }))));
+        });
+        it("should enforce max size limit with LRU eviction", async () => {
+            const maxSize = 3;
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                // Add entries up to max size
+                yield* cache.set("job-1", { clientId: "user-1" });
+                yield* Effect.sleep(10); // Small delay to ensure ordering
+                yield* cache.set("job-2", { clientId: "user-2" });
+                yield* Effect.sleep(10);
+                yield* cache.set("job-3", { clientId: "user-3" });
+                let size = yield* cache.size();
+                expect(size).toBe(3);
+                // Add one more - should evict oldest (job-1)
+                yield* Effect.sleep(10);
+                yield* cache.set("job-4", { clientId: "user-4" });
+                size = yield* cache.size();
+                expect(size).toBe(3); // Still at max size
+                // job-1 should be evicted (oldest)
+                const job1 = yield* cache.get("job-1");
+                expect(job1).toBeNull();
+                // Others should still exist
+                const job2 = yield* cache.get("job-2");
+                const job3 = yield* cache.get("job-3");
+                const job4 = yield* cache.get("job-4");
+                expect(job2).toEqual({ clientId: "user-2" });
+                expect(job3).toEqual({ clientId: "user-3" });
+                expect(job4).toEqual({ clientId: "user-4" });
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive({ maxSize }))));
+        });
+        it("should handle multiple auth contexts independently", async () => {
+            const authContext1 = {
+                clientId: "user-1",
+                metadata: { role: "admin" },
+            };
+            const authContext2 = {
+                clientId: "user-2",
+                permissions: ["read", "write"],
+            };
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                yield* cache.set("upload-123", authContext1);
+                yield* cache.set("flow-456", authContext2);
+                const upload = yield* cache.get("upload-123");
+                const flow = yield* cache.get("flow-456");
+                expect(upload).toEqual(authContext1);
+                expect(flow).toEqual(authContext2);
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive())));
+        });
+        it("should update existing entry when setting same job ID", async () => {
+            const authContext1 = { clientId: "user-1" };
+            const authContext2 = { clientId: "user-2" };
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                yield* cache.set("job-1", authContext1);
+                const first = yield* cache.get("job-1");
+                expect(first).toEqual(authContext1);
+                // Update with new auth context
+                yield* cache.set("job-1", authContext2);
+                const second = yield* cache.get("job-1");
+                expect(second).toEqual(authContext2);
+                // Should still be only 1 entry
+                const size = yield* cache.size();
+                expect(size).toBe(1);
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(AuthCacheServiceLive())));
+        });
+    });
+    describe("NoAuthCacheServiceLive", () => {
+        it("should not cache anything", async () => {
+            const authContext = {
+                clientId: "user-123",
+            };
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                // Try to set
+                yield* cache.set("job-1", authContext);
+                // Should always return null
+                const retrieved = yield* cache.get("job-1");
+                expect(retrieved).toBeNull();
+                // Size should always be 0
+                const size = yield* cache.size();
+                expect(size).toBe(0);
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(NoAuthCacheServiceLive)));
+        });
+        it("should handle delete and clear without errors", async () => {
+            const program = Effect.gen(function* () {
+                const cache = yield* AuthCacheService;
+                // These should not throw
+                yield* cache.delete("non-existent");
+                yield* cache.clear();
+                const size = yield* cache.size();
+                expect(size).toBe(0);
+            });
+            await Effect.runPromise(program.pipe(Effect.provide(NoAuthCacheServiceLive)));
+        });
+    });
+});