@vellumai/credential-executor 0.4.55

package/src/__tests__/http-policy.test.ts

@@ -0,0 +1,970 @@
+/**
+ * Tests for HTTP policy evaluation, path-template derivation, and
+ * response filtering.
+ *
+ * Covers:
+ * - Path template derivation: numeric, UUID, hex placeholder replacement,
+ *   query/fragment stripping, trailing slash normalisation.
+ * - URL-to-template matching.
+ * - HTTP policy evaluation: grant matching, forbidden header rejection,
+ *   proposal generation when no grant matches.
+ * - Response filtering: header whitelisting, body clamping, secret scrubbing.
+ * - Audit summary generation: token-free output.
+ */
+
+import { describe, expect, test, beforeEach, afterEach } from "bun:test";
+import { randomUUID } from "node:crypto";
+
+import {
+  derivePathTemplate,
+  deriveAllowedUrlPatterns,
+  urlMatchesTemplate,
+} from "../http/path-template.js";
+import {
+  evaluateHttpPolicy,
+  detectForbiddenHeaders,
+  type HttpPolicyRequest,
+} from "../http/policy.js";
+import {
+  filterHttpResponse,
+  filterResponseHeaders,
+  clampBody,
+  scrubSecrets,
+  type RawHttpResponse,
+} from "../http/response-filter.js";
+import { generateHttpAuditSummary } from "../http/audit.js";
+import { PersistentGrantStore } from "../grants/persistent-store.js";
+import { TemporaryGrantStore } from "../grants/temporary-store.js";
+
+import { mkdirSync, rmSync } from "node:fs";
+import { join } from "node:path";
+import { tmpdir } from "node:os";
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+function makeTmpDir(): string {
+  const dir = join(tmpdir(), `ces-http-policy-test-${randomUUID()}`);
+  mkdirSync(dir, { recursive: true });
+  return dir;
+}
+
+// ---------------------------------------------------------------------------
+// Path template derivation
+// ---------------------------------------------------------------------------
+
+describe("derivePathTemplate", () => {
+  test("preserves literal path segments", () => {
+    const result = derivePathTemplate("https://api.github.com/repos/owner/repo/pulls");
+    expect(result).toBe("https://api.github.com/repos/owner/repo/pulls");
+  });
+
+  test("replaces numeric segments with {:num}", () => {
+    const result = derivePathTemplate("https://api.example.com/users/42/posts/123");
+    expect(result).toBe("https://api.example.com/users/{:num}/posts/{:num}");
+  });
+
+  test("replaces UUID segments with {:uuid}", () => {
+    const uuid = "550e8400-e29b-41d4-a716-446655440000";
+    const result = derivePathTemplate(`https://api.example.com/resources/${uuid}`);
+    expect(result).toBe("https://api.example.com/resources/{:uuid}");
+  });
+
+  test("replaces long hex segments with {:hex}", () => {
+    const hex = "abcdef0123456789abcdef01";
+    const result = derivePathTemplate(`https://api.example.com/commits/${hex}`);
+    expect(result).toBe("https://api.example.com/commits/{:hex}");
+  });
+
+  test("does not replace short hex-like segments", () => {
+    // "cafe" is only 4 chars — should remain literal
+    const result = derivePathTemplate("https://api.example.com/items/cafe");
+    expect(result).toBe("https://api.example.com/items/cafe");
+  });
+
+  test("strips query string", () => {
+    const result = derivePathTemplate("https://api.example.com/search?q=test&page=1");
+    expect(result).toBe("https://api.example.com/search");
+  });
+
+  test("strips fragment", () => {
+    const result = derivePathTemplate("https://api.example.com/docs#section-1");
+    expect(result).toBe("https://api.example.com/docs");
+  });
+
+  test("strips both query and fragment", () => {
+    const result = derivePathTemplate("https://api.example.com/path?q=x#frag");
+    expect(result).toBe("https://api.example.com/path");
+  });
+
+  test("normalises trailing slash", () => {
+    const result = derivePathTemplate("https://api.example.com/repos/");
+    expect(result).toBe("https://api.example.com/repos");
+  });
+
+  test("handles root path", () => {
+    const result = derivePathTemplate("https://api.example.com/");
+    expect(result).toBe("https://api.example.com/");
+  });
+
+  test("preserves port numbers", () => {
+    const result = derivePathTemplate("https://localhost:3000/api/v1/users/42");
+    expect(result).toBe("https://localhost:3000/api/v1/users/{:num}");
+  });
+
+  test("handles http scheme", () => {
+    const result = derivePathTemplate("http://internal.service/data/123");
+    expect(result).toBe("http://internal.service/data/{:num}");
+  });
+
+  test("handles mixed segment types", () => {
+    const uuid = "550e8400-e29b-41d4-a716-446655440000";
+    const hex = "abcdef0123456789abcdef";
+    const result = derivePathTemplate(
+      `https://api.example.com/orgs/acme/repos/${uuid}/commits/${hex}/files/42`,
+    );
+    expect(result).toBe(
+      "https://api.example.com/orgs/acme/repos/{:uuid}/commits/{:hex}/files/{:num}",
+    );
+  });
+
+  test("throws on invalid URL", () => {
+    expect(() => derivePathTemplate("not-a-url")).toThrow();
+  });
+
+  test("never produces wildcard or /* patterns", () => {
+    // Verify that no possible input produces /* or host wildcards
+    const urls = [
+      "https://api.example.com/",
+      "https://api.example.com/a/b/c",
+      "https://api.example.com/users/42",
+    ];
+    for (const url of urls) {
+      const result = derivePathTemplate(url);
+      expect(result).not.toContain("/*");
+      expect(result).not.toContain("*.");
+    }
+  });
+});
+
+describe("deriveAllowedUrlPatterns", () => {
+  test("returns array with single pattern", () => {
+    const result = deriveAllowedUrlPatterns("https://api.example.com/users/42");
+    expect(result).toHaveLength(1);
+    expect(result[0]).toBe("https://api.example.com/users/{:num}");
+  });
+});
+
+// ---------------------------------------------------------------------------
+// URL-to-template matching
+// ---------------------------------------------------------------------------
+
+describe("urlMatchesTemplate", () => {
+  test("matches literal paths exactly", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.github.com/repos/owner/repo",
+        "https://api.github.com/repos/owner/repo",
+      ),
+    ).toBe(true);
+  });
+
+  test("matches {:num} placeholder against numeric segments", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.example.com/users/42",
+        "https://api.example.com/users/{:num}",
+      ),
+    ).toBe(true);
+  });
+
+  test("rejects non-numeric segment against {:num}", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.example.com/users/alice",
+        "https://api.example.com/users/{:num}",
+      ),
+    ).toBe(false);
+  });
+
+  test("matches {:uuid} placeholder against UUID segments", () => {
+    const uuid = "550e8400-e29b-41d4-a716-446655440000";
+    expect(
+      urlMatchesTemplate(
+        `https://api.example.com/resources/${uuid}`,
+        "https://api.example.com/resources/{:uuid}",
+      ),
+    ).toBe(true);
+  });
+
+  test("rejects non-UUID segment against {:uuid}", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.example.com/resources/not-a-uuid",
+        "https://api.example.com/resources/{:uuid}",
+      ),
+    ).toBe(false);
+  });
+
+  test("matches {:hex} placeholder against long hex segments", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.example.com/commits/abcdef0123456789abcdef01",
+        "https://api.example.com/commits/{:hex}",
+      ),
+    ).toBe(true);
+  });
+
+  test("rejects short hex against {:hex}", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.example.com/commits/abcdef",
+        "https://api.example.com/commits/{:hex}",
+      ),
+    ).toBe(false);
+  });
+
+  test("rejects different path lengths", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.example.com/users/42/extra",
+        "https://api.example.com/users/{:num}",
+      ),
+    ).toBe(false);
+  });
+
+  test("rejects different hosts", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://evil.example.com/users/42",
+        "https://api.example.com/users/{:num}",
+      ),
+    ).toBe(false);
+  });
+
+  test("rejects different schemes", () => {
+    expect(
+      urlMatchesTemplate(
+        "http://api.example.com/users/42",
+        "https://api.example.com/users/{:num}",
+      ),
+    ).toBe(false);
+  });
+
+  test("host comparison is case-insensitive", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://API.Example.COM/users/42",
+        "https://api.example.com/users/{:num}",
+      ),
+    ).toBe(true);
+  });
+
+  test("path comparison is case-sensitive for literals", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.example.com/Users/42",
+        "https://api.example.com/users/{:num}",
+      ),
+    ).toBe(false);
+  });
+
+  test("ignores query string in the URL being matched", () => {
+    expect(
+      urlMatchesTemplate(
+        "https://api.example.com/users/42?include=profile",
+        "https://api.example.com/users/{:num}",
+      ),
+    ).toBe(true);
+  });
+
+  test("returns false for invalid URL", () => {
+    expect(urlMatchesTemplate("not-a-url", "https://example.com/")).toBe(false);
+  });
+
+  test("returns false for invalid template", () => {
+    expect(urlMatchesTemplate("https://example.com/", "not-a-url")).toBe(false);
+  });
+});
+
+// ---------------------------------------------------------------------------
+// Forbidden header detection
+// ---------------------------------------------------------------------------
+
+describe("detectForbiddenHeaders", () => {
+  test("detects Authorization header", () => {
+    const result = detectForbiddenHeaders({ Authorization: "Bearer xyz" });
+    expect(result).toContain("Authorization");
+  });
+
+  test("detects Cookie header (case-insensitive)", () => {
+    const result = detectForbiddenHeaders({ cookie: "session=abc" });
+    expect(result).toContain("cookie");
+  });
+
+  test("detects Proxy-Authorization header", () => {
+    const result = detectForbiddenHeaders({
+      "Proxy-Authorization": "Basic abc",
+    });
+    expect(result).toContain("Proxy-Authorization");
+  });
+
+  test("detects X-Api-Key header", () => {
+    const result = detectForbiddenHeaders({ "X-Api-Key": "secret" });
+    expect(result).toContain("X-Api-Key");
+  });
+
+  test("detects X-Auth-Token header", () => {
+    const result = detectForbiddenHeaders({ "X-Auth-Token": "token" });
+    expect(result).toContain("X-Auth-Token");
+  });
+
+  test("returns empty array for safe headers", () => {
+    const result = detectForbiddenHeaders({
+      "Content-Type": "application/json",
+      Accept: "application/json",
+    });
+    expect(result).toEqual([]);
+  });
+
+  test("returns empty array for undefined headers", () => {
+    expect(detectForbiddenHeaders(undefined)).toEqual([]);
+  });
+
+  test("detects multiple forbidden headers", () => {
+    const result = detectForbiddenHeaders({
+      Authorization: "Bearer xyz",
+      Cookie: "session=abc",
+      "Content-Type": "application/json",
+    });
+    expect(result).toHaveLength(2);
+    expect(result).toContain("Authorization");
+    expect(result).toContain("Cookie");
+  });
+});
+
+// ---------------------------------------------------------------------------
+// HTTP policy evaluation
+// ---------------------------------------------------------------------------
+
+describe("evaluateHttpPolicy", () => {
+  let tmpDir: string;
+  let persistentStore: PersistentGrantStore;
+  let temporaryStore: TemporaryGrantStore;
+
+  beforeEach(() => {
+    tmpDir = makeTmpDir();
+    persistentStore = new PersistentGrantStore(tmpDir);
+    persistentStore.init();
+    temporaryStore = new TemporaryGrantStore();
+  });
+
+  test("blocks requests with forbidden auth headers", () => {
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:github/api_key",
+      method: "GET",
+      url: "https://api.github.com/repos/owner/repo",
+      headers: { Authorization: "Bearer smuggled-token" },
+      purpose: "List repos",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(false);
+    if (!result.allowed) {
+      expect(result.reason).toBe("forbidden_headers");
+    }
+  });
+
+  test("allows request with matching persistent grant", () => {
+    persistentStore.add({
+      id: "grant-1",
+      tool: "http",
+      pattern: "GET https://api.github.com/repos/owner/repo",
+      scope: "local_static:github/api_key",
+      createdAt: Date.now(),
+    });
+
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:github/api_key",
+      method: "GET",
+      url: "https://api.github.com/repos/owner/repo",
+      purpose: "List repos",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(true);
+    if (result.allowed) {
+      expect(result.grantId).toBe("grant-1");
+      expect(result.grantSource).toBe("persistent");
+    }
+  });
+
+  test("allows request with explicit grantId", () => {
+    persistentStore.add({
+      id: "explicit-grant",
+      tool: "http",
+      pattern: "POST https://api.example.com/data",
+      scope: "local_static:svc/key",
+      createdAt: Date.now(),
+    });
+
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:svc/key",
+      method: "POST",
+      url: "https://api.example.com/data",
+      purpose: "Post data",
+      grantId: "explicit-grant",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(true);
+    if (result.allowed) {
+      expect(result.grantId).toBe("explicit-grant");
+    }
+  });
+
+  test("matches persistent grant with templated URL patterns", () => {
+    persistentStore.add({
+      id: "templated-grant",
+      tool: "http",
+      pattern: "GET https://api.example.com/users/{:num}/posts",
+      scope: "local_static:svc/key",
+      createdAt: Date.now(),
+    });
+
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:svc/key",
+      method: "GET",
+      url: "https://api.example.com/users/42/posts",
+      purpose: "List posts",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(true);
+    if (result.allowed) {
+      expect(result.grantId).toBe("templated-grant");
+    }
+  });
+
+  test("returns approval_required when no grant matches", () => {
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:github/api_key",
+      method: "GET",
+      url: "https://api.github.com/repos/owner/repo/pulls/42",
+      purpose: "List pull requests",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(false);
+    if (!result.allowed && result.reason === "approval_required") {
+      expect(result.proposal.type).toBe("http");
+      expect(result.proposal.credentialHandle).toBe(
+        "local_static:github/api_key",
+      );
+      expect(result.proposal.method).toBe("GET");
+      // Proposal should have allowedUrlPatterns with templated path
+      expect(result.proposal.allowedUrlPatterns).toBeDefined();
+      expect(result.proposal.allowedUrlPatterns![0]).toBe(
+        "https://api.github.com/repos/owner/repo/pulls/{:num}",
+      );
+    }
+  });
+
+  test("proposal derivation never produces wildcards", () => {
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:svc/key",
+      method: "GET",
+      url: "https://api.example.com/resources/42",
+      purpose: "Get resource",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(false);
+    if (!result.allowed && result.reason === "approval_required") {
+      for (const pattern of result.proposal.allowedUrlPatterns ?? []) {
+        expect(pattern).not.toContain("/*");
+        expect(pattern).not.toContain("*.");
+      }
+    }
+  });
+
+  test("does not match grant with different credential handle", () => {
+    persistentStore.add({
+      id: "wrong-cred-grant",
+      tool: "http",
+      pattern: "GET https://api.example.com/data",
+      scope: "local_static:other/key",
+      createdAt: Date.now(),
+    });
+
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:svc/key",
+      method: "GET",
+      url: "https://api.example.com/data",
+      purpose: "Get data",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(false);
+  });
+
+  test("does not match grant with different HTTP method", () => {
+    persistentStore.add({
+      id: "get-only-grant",
+      tool: "http",
+      pattern: "GET https://api.example.com/data",
+      scope: "local_static:svc/key",
+      createdAt: Date.now(),
+    });
+
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:svc/key",
+      method: "POST",
+      url: "https://api.example.com/data",
+      purpose: "Post data",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(false);
+  });
+
+  test("checks forbidden headers before grants", () => {
+    // Even with a matching grant, forbidden headers should block
+    persistentStore.add({
+      id: "valid-grant",
+      tool: "http",
+      pattern: "GET https://api.example.com/data",
+      scope: "local_static:svc/key",
+      createdAt: Date.now(),
+    });
+
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:svc/key",
+      method: "GET",
+      url: "https://api.example.com/data",
+      headers: { Authorization: "Bearer smuggled" },
+      purpose: "Get data",
+    };
+
+    const result = evaluateHttpPolicy(request, persistentStore, temporaryStore);
+    expect(result.allowed).toBe(false);
+    if (!result.allowed) {
+      expect(result.reason).toBe("forbidden_headers");
+    }
+  });
+
+  // Cleanup
+  afterEach(() => {
+    rmSync(tmpDir, { recursive: true, force: true });
+  });
+});
+
+// ---------------------------------------------------------------------------
+// Response header filtering
+// ---------------------------------------------------------------------------
+
+describe("filterResponseHeaders", () => {
+  test("passes through whitelisted headers", () => {
+    const result = filterResponseHeaders({
+      "Content-Type": "application/json",
+      "X-Request-Id": "abc-123",
+      ETag: '"abc"',
+    });
+
+    expect(result["content-type"]).toBe("application/json");
+    expect(result["x-request-id"]).toBe("abc-123");
+    expect(result["etag"]).toBe('"abc"');
+  });
+
+  test("strips set-cookie header", () => {
+    const result = filterResponseHeaders({
+      "Content-Type": "text/html",
+      "Set-Cookie": "session=secret; HttpOnly",
+    });
+
+    expect(result["content-type"]).toBe("text/html");
+    expect(result["set-cookie"]).toBeUndefined();
+  });
+
+  test("strips www-authenticate header", () => {
+    const result = filterResponseHeaders({
+      "WWW-Authenticate": "Bearer realm=api",
+      "Content-Type": "application/json",
+    });
+
+    expect(result["www-authenticate"]).toBeUndefined();
+  });
+
+  test("strips arbitrary non-whitelisted headers", () => {
+    const result = filterResponseHeaders({
+      "X-Custom-Secret": "secret-value",
+      "Content-Type": "text/plain",
+    });
+
+    expect(result["x-custom-secret"]).toBeUndefined();
+    expect(result["content-type"]).toBe("text/plain");
+  });
+
+  test("lowercases header keys in output", () => {
+    const result = filterResponseHeaders({
+      "Content-Type": "text/html",
+      "Cache-Control": "no-cache",
+    });
+
+    expect(Object.keys(result).every((k) => k === k.toLowerCase())).toBe(true);
+  });
+});
+
+// ---------------------------------------------------------------------------
+// Body clamping
+// ---------------------------------------------------------------------------
+
+describe("clampBody", () => {
+  test("passes through small bodies unchanged", () => {
+    const body = "Hello, world!";
+    const result = clampBody(body);
+
+    expect(result.clampedBody).toBe(body);
+    expect(result.truncated).toBe(false);
+    expect(result.originalBytes).toBe(Buffer.byteLength(body));
+  });
+
+  test("truncates bodies exceeding max size", () => {
+    // Create a body larger than 256KB
+    const body = "x".repeat(300 * 1024);
+    const result = clampBody(body);
+
+    expect(result.truncated).toBe(true);
+    expect(result.originalBytes).toBe(Buffer.byteLength(body));
+    expect(result.clampedBody).toContain("[CES: Response truncated");
+    // The clamped body should be smaller than the original
+    expect(Buffer.byteLength(result.clampedBody)).toBeLessThan(
+      Buffer.byteLength(body),
+    );
+  });
+
+  test("reports original byte size", () => {
+    const body = "a".repeat(100);
+    const result = clampBody(body);
+
+    expect(result.originalBytes).toBe(100);
+  });
+});
+
+// ---------------------------------------------------------------------------
+// Secret scrubbing
+// ---------------------------------------------------------------------------
+
+describe("scrubSecrets", () => {
+  test("replaces exact secret occurrences", () => {
+    const secret = "sk-abc123456789xyz";
+    const body = `Response: {"api_key": "${secret}", "status": "ok"}`;
+    const result = scrubSecrets(body, [secret]);
+
+    expect(result).not.toContain(secret);
+    expect(result).toContain("[CES:REDACTED]");
+  });
+
+  test("replaces multiple occurrences of the same secret", () => {
+    const secret = "ghp_1234567890abcdef";
+    const body = `token: ${secret}, again: ${secret}`;
+    const result = scrubSecrets(body, [secret]);
+
+    expect(result).not.toContain(secret);
+    expect(result.match(/\[CES:REDACTED\]/g)?.length).toBe(2);
+  });
+
+  test("scrubs multiple different secrets", () => {
+    const secret1 = "sk-prod-abcdefgh";
+    const secret2 = "ghp_testtoken123";
+    const body = `key1=${secret1}&key2=${secret2}`;
+    const result = scrubSecrets(body, [secret1, secret2]);
+
+    expect(result).not.toContain(secret1);
+    expect(result).not.toContain(secret2);
+  });
+
+  test("skips short secrets to avoid false positives", () => {
+    const shortSecret = "abc";
+    const body = "abc is a common substring in abcdef";
+    const result = scrubSecrets(body, [shortSecret]);
+
+    // Short secret should not be scrubbed
+    expect(result).toBe(body);
+  });
+
+  test("handles empty secrets array", () => {
+    const body = "no secrets here";
+    const result = scrubSecrets(body, []);
+
+    expect(result).toBe(body);
+  });
+
+  test("handles body with no matching secrets", () => {
+    const body = "clean response body";
+    const result = scrubSecrets(body, ["nonexistent-secret-value"]);
+
+    expect(result).toBe(body);
+  });
+
+  test("handles secrets with regex metacharacters", () => {
+    const secret = "secret+value.with$special(chars)";
+    const body = `Found: ${secret}`;
+    const result = scrubSecrets(body, [secret]);
+
+    expect(result).not.toContain(secret);
+    expect(result).toContain("[CES:REDACTED]");
+  });
+});
+
+// ---------------------------------------------------------------------------
+// Full response filter
+// ---------------------------------------------------------------------------
+
+describe("filterHttpResponse", () => {
+  test("combines header filtering, body clamping, and secret scrubbing", () => {
+    const secret = "sk-live-1234567890abcdef";
+    const raw: RawHttpResponse = {
+      statusCode: 200,
+      headers: {
+        "Content-Type": "application/json",
+        "Set-Cookie": "session=abc; HttpOnly",
+        "X-Request-Id": "req-123",
+      },
+      body: `{"data": "value", "echo": "${secret}"}`,
+    };
+
+    const result = filterHttpResponse(raw, [secret]);
+
+    expect(result.statusCode).toBe(200);
+    expect(result.headers["content-type"]).toBe("application/json");
+    expect(result.headers["x-request-id"]).toBe("req-123");
+    expect(result.headers["set-cookie"]).toBeUndefined();
+    expect(result.body).not.toContain(secret);
+    expect(result.body).toContain("[CES:REDACTED]");
+    expect(result.truncated).toBe(false);
+  });
+
+  test("works with no secrets provided", () => {
+    const raw: RawHttpResponse = {
+      statusCode: 404,
+      headers: { "Content-Type": "text/plain" },
+      body: "Not found",
+    };
+
+    const result = filterHttpResponse(raw);
+
+    expect(result.statusCode).toBe(404);
+    expect(result.body).toBe("Not found");
+    expect(result.truncated).toBe(false);
+  });
+});
+
+// ---------------------------------------------------------------------------
+// Audit summary generation
+// ---------------------------------------------------------------------------
+
+describe("generateHttpAuditSummary", () => {
+  test("produces token-free summary with templated URL", () => {
+    const summary = generateHttpAuditSummary({
+      credentialHandle: "local_static:github/api_key",
+      grantId: "grant-1",
+      sessionId: "sess-1",
+      method: "GET",
+      url: "https://api.github.com/repos/owner/repo/pulls/42",
+      success: true,
+      statusCode: 200,
+    });
+
+    expect(summary.auditId).toBeDefined();
+    expect(summary.grantId).toBe("grant-1");
+    expect(summary.credentialHandle).toBe("local_static:github/api_key");
+    expect(summary.toolName).toBe("http");
+    expect(summary.sessionId).toBe("sess-1");
+    expect(summary.success).toBe(true);
+    expect(summary.timestamp).toBeDefined();
+
+    // Target should use templated path, not raw URL
+    expect(summary.target).toContain("GET");
+    expect(summary.target).toContain("{:num}");
+    expect(summary.target).toContain("-> 200");
+    // Must not contain the raw numeric ID
+    expect(summary.target).not.toContain("/42");
+  });
+
+  test("includes error message on failure", () => {
+    const summary = generateHttpAuditSummary({
+      credentialHandle: "local_static:svc/key",
+      grantId: "grant-2",
+      sessionId: "sess-2",
+      method: "POST",
+      url: "https://api.example.com/data",
+      success: false,
+      errorMessage: "Connection refused",
+    });
+
+    expect(summary.success).toBe(false);
+    expect(summary.errorMessage).toBe("Connection refused");
+  });
+
+  test("handles invalid URL gracefully in target", () => {
+    const summary = generateHttpAuditSummary({
+      credentialHandle: "local_static:svc/key",
+      grantId: "grant-3",
+      sessionId: "sess-3",
+      method: "GET",
+      url: "not-a-valid-url",
+      success: false,
+      errorMessage: "Invalid URL",
+    });
+
+    expect(summary.target).toContain("[invalid-url]");
+  });
+
+  test("omits errorMessage when not provided", () => {
+    const summary = generateHttpAuditSummary({
+      credentialHandle: "local_static:svc/key",
+      grantId: "grant-4",
+      sessionId: "sess-4",
+      method: "GET",
+      url: "https://api.example.com/health",
+      success: true,
+    });
+
+    expect(summary.errorMessage).toBeUndefined();
+  });
+
+  test("audit summary never contains secret values", () => {
+    // Even if someone accidentally passes secret-looking data,
+    // the summary only contains metadata fields
+    const summary = generateHttpAuditSummary({
+      credentialHandle: "local_static:github/api_key",
+      grantId: "grant-5",
+      sessionId: "sess-5",
+      method: "GET",
+      url: "https://api.github.com/user",
+      success: true,
+      statusCode: 200,
+    });
+
+    const serialized = JSON.stringify(summary);
+    // The summary should not contain any field that could hold a raw token
+    expect(serialized).not.toContain("Bearer");
+    expect(serialized).not.toContain("ghp_");
+    expect(serialized).not.toContain("sk-");
+  });
+});
+
+// ---------------------------------------------------------------------------
+// Integration: end-to-end policy → filter → audit
+// ---------------------------------------------------------------------------
+
+describe("end-to-end: policy evaluation → response filter → audit", () => {
+  let tmpDir: string;
+
+  beforeEach(() => {
+    tmpDir = makeTmpDir();
+  });
+
+  afterEach(() => {
+    rmSync(tmpDir, { recursive: true, force: true });
+  });
+
+  test("off-grant request is blocked, returns proposal, never reaches network", () => {
+    const persistentStore = new PersistentGrantStore(tmpDir);
+    persistentStore.init();
+    const temporaryStore = new TemporaryGrantStore();
+
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:stripe/api_key",
+      method: "POST",
+      url: "https://api.stripe.com/v1/charges",
+      purpose: "Create a charge",
+    };
+
+    const policyResult = evaluateHttpPolicy(
+      request,
+      persistentStore,
+      temporaryStore,
+    );
+
+    // Must be blocked
+    expect(policyResult.allowed).toBe(false);
+    if (!policyResult.allowed && policyResult.reason === "approval_required") {
+      expect(policyResult.proposal.type).toBe("http");
+      expect(policyResult.proposal.credentialHandle).toBe(
+        "local_static:stripe/api_key",
+      );
+      // Must have specific URL pattern, not wildcard
+      expect(policyResult.proposal.allowedUrlPatterns).toBeDefined();
+      expect(policyResult.proposal.allowedUrlPatterns!.length).toBeGreaterThan(0);
+      for (const pattern of policyResult.proposal.allowedUrlPatterns!) {
+        expect(pattern).not.toBe("/*");
+        expect(pattern).not.toContain("*");
+      }
+    }
+  });
+
+  test("granted request produces sanitised response and clean audit summary", () => {
+    const persistentStore = new PersistentGrantStore(tmpDir);
+    persistentStore.init();
+    persistentStore.add({
+      id: "stripe-charge-grant",
+      tool: "http",
+      pattern: "GET https://api.stripe.com/v1/charges/{:num}",
+      scope: "local_static:stripe/api_key",
+      createdAt: Date.now(),
+    });
+    const temporaryStore = new TemporaryGrantStore();
+
+    const request: HttpPolicyRequest = {
+      credentialHandle: "local_static:stripe/api_key",
+      method: "GET",
+      url: "https://api.stripe.com/v1/charges/123",
+      purpose: "Get charge details",
+    };
+
+    // Policy allows
+    const policyResult = evaluateHttpPolicy(
+      request,
+      persistentStore,
+      temporaryStore,
+    );
+    expect(policyResult.allowed).toBe(true);
+
+    // Simulate HTTP response filtering
+    const secret = "sk_live_abcdefghijklmnop";
+    const raw: RawHttpResponse = {
+      statusCode: 200,
+      headers: {
+        "Content-Type": "application/json",
+        "Set-Cookie": "stripe_session=xyz",
+      },
+      body: `{"id": "ch_123", "key_echo": "${secret}"}`,
+    };
+
+    const filtered = filterHttpResponse(raw, [secret]);
+    expect(filtered.headers["set-cookie"]).toBeUndefined();
+    expect(filtered.body).not.toContain(secret);
+
+    // Generate audit summary
+    if (policyResult.allowed) {
+      const audit = generateHttpAuditSummary({
+        credentialHandle: request.credentialHandle,
+        grantId: policyResult.grantId,
+        sessionId: "test-session",
+        method: request.method,
+        url: request.url,
+        success: true,
+        statusCode: 200,
+      });
+
+      expect(audit.success).toBe(true);
+      expect(audit.target).toContain("{:num}");
+      expect(audit.target).not.toContain("123");
+      const auditStr = JSON.stringify(audit);
+      expect(auditStr).not.toContain(secret);
+    }
+  });
+});