bingocode 1.0.28 → 1.0.30

package/src/server/__tests__/e2e/full-flow.test.ts

@@ -0,0 +1,357 @@
+/**
+ * E2E Test — 完整流程测试
+ *
+ * 启动真实服务器，模拟 UI 前端的完整操作流程。
+ */
+
+import { describe, it, expect, beforeAll, afterAll } from 'bun:test'
+import * as fs from 'fs/promises'
+import * as path from 'path'
+import * as os from 'os'
+
+let server: ReturnType<typeof Bun.serve>
+let baseUrl: string
+let tmpDir: string
+
+// Use dynamic import to avoid bundling issues
+async function startTestServer() {
+  tmpDir = await fs.mkdtemp(path.join(os.tmpdir(), 'claude-e2e-'))
+  process.env.CLAUDE_CONFIG_DIR = tmpDir
+
+  // Create required directories
+  await fs.mkdir(path.join(tmpDir, 'projects'), { recursive: true })
+
+  const { startServer } = await import('../../index.js')
+  const port = 13456 + Math.floor(Math.random() * 1000)
+  server = startServer(port, '127.0.0.1')
+  baseUrl = `http://127.0.0.1:${port}`
+}
+
+async function api(method: string, path: string, body?: unknown): Promise<{ status: number; data: any }> {
+  const res = await fetch(`${baseUrl}${path}`, {
+    method,
+    headers: { 'Content-Type': 'application/json' },
+    body: body ? JSON.stringify(body) : undefined,
+  })
+  const data = await res.json().catch(() => null)
+  return { status: res.status, data }
+}
+
+describe('E2E: Full Flow', () => {
+  beforeAll(async () => {
+    await startTestServer()
+  })
+
+  afterAll(async () => {
+    server?.stop()
+    await fs.rm(tmpDir, { recursive: true, force: true })
+  })
+
+  // =============================================
+  // 1. Health & Status
+  // =============================================
+
+  it('should return healthy status', async () => {
+    const res = await fetch(`${baseUrl}/health`)
+    const data = await res.json()
+    expect(data.status).toBe('ok')
+  })
+
+  it('should return server status', async () => {
+    const { data } = await api('GET', '/api/status')
+    expect(data.status).toBe('ok')
+    expect(data.version).toBeDefined()
+  })
+
+  it('should return diagnostics', async () => {
+    const { data } = await api('GET', '/api/status/diagnostics')
+    expect(data.platform).toBe('darwin')
+    expect(data.configDir).toBe(tmpDir)
+  })
+
+  // =============================================
+  // 2. Sessions CRUD
+  // =============================================
+
+  let sessionId: string
+
+  it('should start with empty session list', async () => {
+    const { data } = await api('GET', '/api/sessions')
+    expect(data.sessions).toEqual([])
+    expect(data.total).toBe(0)
+  })
+
+  it('should create a new session', async () => {
+    const { status, data } = await api('POST', '/api/sessions', { workDir: tmpDir })
+    expect(status).toBe(201)
+    expect(data.sessionId).toBeDefined()
+    expect(data.sessionId).toMatch(/^[0-9a-f-]{36}$/)
+    sessionId = data.sessionId
+  })
+
+  it('should list the created session', async () => {
+    const { data } = await api('GET', '/api/sessions')
+    expect(data.sessions.length).toBe(1)
+    expect(data.sessions[0].id).toBe(sessionId)
+  })
+
+  it('should get session detail', async () => {
+    const { status, data } = await api('GET', `/api/sessions/${sessionId}`)
+    expect(status).toBe(200)
+    expect(data.id).toBe(sessionId)
+  })
+
+  it('should rename session', async () => {
+    const { status } = await api('PATCH', `/api/sessions/${sessionId}`, { title: 'My Test Session' })
+    expect(status).toBe(200)
+
+    const { data } = await api('GET', `/api/sessions/${sessionId}`)
+    expect(data.title).toBe('My Test Session')
+  })
+
+  it('should get session messages', async () => {
+    const { status, data } = await api('GET', `/api/sessions/${sessionId}/messages`)
+    expect(status).toBe(200)
+    expect(Array.isArray(data.messages)).toBe(true)
+  })
+
+  it('should delete session', async () => {
+    const { status } = await api('DELETE', `/api/sessions/${sessionId}`)
+    expect(status).toBe(200)
+
+    const { data } = await api('GET', '/api/sessions')
+    expect(data.sessions.length).toBe(0)
+  })
+
+  // =============================================
+  // 3. Settings
+  // =============================================
+
+  it('should get empty settings initially', async () => {
+    const { data } = await api('GET', '/api/settings/user')
+    expect(data).toEqual({})
+  })
+
+  it('should update and read user settings', async () => {
+    await api('PUT', '/api/settings/user', { theme: 'dark', model: 'claude-sonnet-4-6' })
+
+    const { data } = await api('GET', '/api/settings/user')
+    expect(data.theme).toBe('dark')
+    expect(data.model).toBe('claude-sonnet-4-6')
+  })
+
+  it('should get and set permission mode', async () => {
+    await api('PUT', '/api/permissions/mode', { mode: 'plan' })
+
+    const { data } = await api('GET', '/api/permissions/mode')
+    expect(data.mode).toBe('plan')
+  })
+
+  it('should reject invalid permission mode', async () => {
+    const { status } = await api('PUT', '/api/permissions/mode', { mode: 'invalid' })
+    expect(status).toBe(400)
+  })
+
+  // =============================================
+  // 4. Models
+  // =============================================
+
+  it('should list available models', async () => {
+    const { data } = await api('GET', '/api/models')
+    expect(data.models.length).toBe(4)
+    expect(data.models[0].name).toBe('Opus 4.7')
+  })
+
+  it('should switch model', async () => {
+    await api('PUT', '/api/models/current', { modelId: 'claude-haiku-4-5' })
+
+    const { data } = await api('GET', '/api/models/current')
+    expect(data.model.id).toBe('claude-haiku-4-5')
+  })
+
+  it('should get and set effort level', async () => {
+    await api('PUT', '/api/effort', { level: 'high' })
+
+    const { data } = await api('GET', '/api/effort')
+    expect(data.level).toBe('high')
+  })
+
+  // =============================================
+  // 5. Scheduled Tasks
+  // =============================================
+
+  let taskId: string
+
+  it('should start with empty task list', async () => {
+    const { data } = await api('GET', '/api/scheduled-tasks')
+    expect(data.tasks).toEqual([])
+  })
+
+  it('should create a scheduled task', async () => {
+    const { status, data } = await api('POST', '/api/scheduled-tasks', {
+      cron: '0 9 * * *',
+      prompt: 'Review commits from last 24h',
+      recurring: true,
+      name: 'daily-review',
+      description: 'Daily code review',
+    })
+    expect(status).toBe(201)
+    expect(data.task.id).toBeDefined()
+    expect(data.task.cron).toBe('0 9 * * *')
+    taskId = data.task.id
+  })
+
+  it('should list the created task', async () => {
+    const { data } = await api('GET', '/api/scheduled-tasks')
+    expect(data.tasks.length).toBe(1)
+    expect(data.tasks[0].id).toBe(taskId)
+  })
+
+  it('should update a task', async () => {
+    const { status, data } = await api('PUT', `/api/scheduled-tasks/${taskId}`, {
+      cron: '0 10 * * 1-5',
+    })
+    expect(status).toBe(200)
+    expect(data.task.cron).toBe('0 10 * * 1-5')
+  })
+
+  it('should delete a task', async () => {
+    const { status } = await api('DELETE', `/api/scheduled-tasks/${taskId}`)
+    expect([200, 204]).toContain(status)
+
+    const { data } = await api('GET', '/api/scheduled-tasks')
+    expect(data.tasks).toEqual([])
+  })
+
+  // =============================================
+  // 6. Search
+  // =============================================
+
+  it('should search workspace', async () => {
+    // Create a test file to search
+    await fs.writeFile(path.join(tmpDir, 'test-search.txt'), 'Hello World\nFoo Bar Baz\n')
+
+    const { status, data } = await api('POST', '/api/search', {
+      query: 'Hello',
+      cwd: tmpDir,
+    })
+    expect(status).toBe(200)
+    expect(data.results.length).toBeGreaterThan(0)
+    expect(data.results[0].text).toContain('Hello')
+  })
+
+  // =============================================
+  // 7. Agents
+  // =============================================
+
+  it('should start with shared active/all agent payload', async () => {
+    const { data } = await api('GET', '/api/agents')
+    expect(Array.isArray(data.activeAgents)).toBe(true)
+    expect(Array.isArray(data.allAgents)).toBe(true)
+    expect(data.activeAgents.length).toBeGreaterThan(0)
+    expect(data.activeAgents.some((agent: any) => agent.source === 'built-in')).toBe(true)
+  })
+
+  it('should create an agent', async () => {
+    const { status } = await api('POST', '/api/agents', {
+      name: 'test-agent',
+      description: 'A test agent',
+      model: 'claude-sonnet-4-6',
+    })
+    expect(status).toBe(201)
+  })
+
+  it('should expose shared active/all agent payload independent of CRUD storage', async () => {
+    const { data } = await api('GET', '/api/agents')
+    expect(Array.isArray(data.activeAgents)).toBe(true)
+    expect(Array.isArray(data.allAgents)).toBe(true)
+    expect(data.activeAgents.length).toBeGreaterThan(0)
+    expect(data.activeAgents.some((agent: any) => agent.source === 'built-in')).toBe(true)
+    expect(data.activeAgents.some((agent: any) => agent.agentType === 'test-agent')).toBe(false)
+  })
+
+  it('should delete an agent', async () => {
+    const { status } = await api('DELETE', '/api/agents/test-agent')
+    expect([200, 204]).toContain(status)
+  })
+
+  // =============================================
+  // 8. WebSocket Chat
+  // =============================================
+
+  it('should connect via WebSocket', async () => {
+    const wsUrl = baseUrl.replace('http://', 'ws://') + '/ws/test-ws-session'
+
+    const messages: any[] = []
+    const ws = new WebSocket(wsUrl)
+
+    await new Promise<void>((resolve, reject) => {
+      ws.onopen = () => {
+        // Should receive connected message
+      }
+      ws.onmessage = (event) => {
+        const msg = JSON.parse(event.data as string)
+        messages.push(msg)
+        if (msg.type === 'connected') {
+          // Send a test message
+          ws.send(JSON.stringify({ type: 'user_message', content: 'Hello' }))
+        }
+        if (msg.type === 'status' && msg.state === 'idle' && messages.length > 2) {
+          ws.close()
+          resolve()
+        }
+      }
+      ws.onerror = reject
+      setTimeout(() => {
+        ws.close()
+        resolve()
+      }, 3000)
+    })
+
+    expect(messages[0].type).toBe('connected')
+    expect(messages[0].sessionId).toBe('test-ws-session')
+  })
+
+  // =============================================
+  // 9. Conversation Status
+  // =============================================
+
+  it('should get chat status', async () => {
+    // Create a session first
+    const { data: created } = await api('POST', '/api/sessions', { workDir: tmpDir })
+
+    const { status, data } = await api('GET', `/api/sessions/${created.sessionId}/chat/status`)
+    expect(status).toBe(200)
+    expect(data.state).toBe('idle')
+
+    // Cleanup
+    await api('DELETE', `/api/sessions/${created.sessionId}`)
+  })
+
+  // =============================================
+  // 10. CORS
+  // =============================================
+
+  it('should handle CORS preflight', async () => {
+    const res = await fetch(`${baseUrl}/api/status`, {
+      method: 'OPTIONS',
+      headers: { 'Origin': 'http://localhost:3000' },
+    })
+    expect(res.status).toBe(204)
+    expect(res.headers.get('Access-Control-Allow-Origin')).toBe('http://localhost:3000')
+  })
+
+  // =============================================
+  // 11. Error Handling
+  // =============================================
+
+  it('should return 404 for unknown API', async () => {
+    const { status } = await api('GET', '/api/nonexistent')
+    expect(status).toBe(404)
+  })
+
+  it('should return 404 for unknown session', async () => {
+    const { status } = await api('GET', '/api/sessions/00000000-0000-0000-0000-000000000000')
+    expect(status).toBe(404)
+  })
+})

package/src/server/__tests__/fixtures/mock-sdk-cli.ts

@@ -0,0 +1,123 @@
+const args = process.argv.slice(2)
+
+function getArg(name: string): string | undefined {
+  const index = args.indexOf(name)
+  return index >= 0 ? args[index + 1] : undefined
+}
+
+function emit(ws: WebSocket, payload: Record<string, unknown>) {
+  ws.send(JSON.stringify(payload) + '\n')
+}
+
+function extractUserText(message: any): string {
+  const content = message?.message?.content
+  if (!Array.isArray(content)) return ''
+  return content
+    .filter((block: any) => block?.type === 'text' && typeof block.text === 'string')
+    .map((block: any) => block.text)
+    .join(' ')
+}
+
+const sdkUrl = getArg('--sdk-url')
+const sessionId = getArg('--session-id') || crypto.randomUUID()
+const initMode = process.env.MOCK_SDK_INIT_MODE || 'on_open'
+let initSent = false
+
+if (!sdkUrl) {
+  console.error('Missing --sdk-url')
+  process.exit(1)
+}
+
+const ws = new WebSocket(sdkUrl)
+
+function sendInit() {
+  if (initSent) return
+  initSent = true
+  emit(ws, {
+    type: 'system',
+    subtype: 'init',
+    model: 'mock-opus',
+    slash_commands: [{ name: 'help', description: 'Show help' }],
+    session_id: sessionId,
+  })
+}
+
+ws.addEventListener('open', () => {
+  if (initMode !== 'on_first_user') {
+    sendInit()
+  }
+})
+
+ws.addEventListener('message', (event) => {
+  const payload = typeof event.data === 'string' ? event.data : String(event.data)
+  const lines = payload.split('\n').map(line => line.trim()).filter(Boolean)
+
+  for (const line of lines) {
+    const parsed = JSON.parse(line)
+
+    if (parsed.type === 'user') {
+      sendInit()
+      const text = extractUserText(parsed)
+      emit(ws, {
+        type: 'stream_event',
+        event: { type: 'message_start' },
+        session_id: sessionId,
+      })
+      emit(ws, {
+        type: 'stream_event',
+        event: {
+          type: 'content_block_start',
+          index: 0,
+          content_block: { type: 'text', text: '' },
+        },
+        session_id: sessionId,
+      })
+      emit(ws, {
+        type: 'stream_event',
+        event: {
+          type: 'content_block_delta',
+          index: 0,
+          delta: { type: 'thinking_delta', thinking: 'Mock thinking...' },
+        },
+        session_id: sessionId,
+      })
+      emit(ws, {
+        type: 'stream_event',
+        event: {
+          type: 'content_block_delta',
+          index: 0,
+          delta: { type: 'text_delta', text: `Echo: ${text}` },
+        },
+        session_id: sessionId,
+      })
+      emit(ws, {
+        type: 'stream_event',
+        event: { type: 'content_block_stop', index: 0 },
+        session_id: sessionId,
+      })
+      emit(ws, {
+        type: 'result',
+        subtype: 'success',
+        is_error: false,
+        result: `Echo: ${text}`,
+        usage: { input_tokens: 3, output_tokens: 2 },
+        session_id: sessionId,
+      })
+    }
+
+    if (parsed.type === 'control_request' && parsed.request?.subtype === 'interrupt') {
+      emit(ws, {
+        type: 'result',
+        subtype: 'success',
+        is_error: false,
+        result: 'Interrupted',
+        usage: { input_tokens: 0, output_tokens: 0 },
+        session_id: sessionId,
+      })
+    }
+  }
+})
+
+ws.addEventListener('close', () => {
+  process.exit(0)
+})

package/src/server/__tests__/haha-oauth-api.test.ts

@@ -0,0 +1,146 @@
+/**
+ * Integration tests for /api/haha-oauth/* endpoints.
+ */
+
+import { describe, test, expect, beforeEach, afterEach } from 'bun:test'
+import * as fs from 'fs/promises'
+import * as path from 'path'
+import * as os from 'os'
+import { handleHahaOAuthApi } from '../api/haha-oauth.js'
+import { hahaOAuthService } from '../services/hahaOAuthService.js'
+
+let tmpDir: string
+let originalConfigDir: string | undefined
+
+async function setup() {
+  tmpDir = await fs.mkdtemp(path.join(os.tmpdir(), 'haha-oauth-api-test-'))
+  originalConfigDir = process.env.CLAUDE_CONFIG_DIR
+  process.env.CLAUDE_CONFIG_DIR = tmpDir
+}
+
+async function teardown() {
+  if (originalConfigDir === undefined) {
+    delete process.env.CLAUDE_CONFIG_DIR
+  } else {
+    process.env.CLAUDE_CONFIG_DIR = originalConfigDir
+  }
+  await fs.rm(tmpDir, { recursive: true, force: true })
+}
+
+function buildReq(
+  method: string,
+  pathname: string,
+  body?: unknown,
+): { req: Request; url: URL; segments: string[] } {
+  const url = new URL(`http://localhost:3456${pathname}`)
+  const req = new Request(url.toString(), {
+    method,
+    headers: body ? { 'Content-Type': 'application/json' } : undefined,
+    body: body ? JSON.stringify(body) : undefined,
+  })
+  const segments = url.pathname.split('/').filter(Boolean)
+  return { req, url, segments }
+}
+
+describe('POST /api/haha-oauth/start', () => {
+  beforeEach(setup)
+  afterEach(teardown)
+
+  test('returns authorize URL with PKCE challenge', async () => {
+    const { req, url, segments } = buildReq('POST', '/api/haha-oauth/start', {
+      serverPort: 54321,
+    })
+    const res = await handleHahaOAuthApi(req, url, segments)
+    expect(res.status).toBe(200)
+    const data = (await res.json()) as { authorizeUrl: string; state: string }
+    expect(data.authorizeUrl).toContain('code_challenge_method=S256')
+    expect(data.authorizeUrl).toContain(
+      encodeURIComponent('http://localhost:54321/callback'),
+    )
+    expect(data.state).toMatch(/^[A-Za-z0-9_-]+$/)
+  })
+
+  test('400 if serverPort missing', async () => {
+    const { req, url, segments } = buildReq('POST', '/api/haha-oauth/start', {})
+    const res = await handleHahaOAuthApi(req, url, segments)
+    expect(res.status).toBe(400)
+    const body = (await res.json()) as { error: string; message?: string }
+    expect(body.error).toBe('BAD_REQUEST')
+  })
+})
+
+describe('GET /api/haha-oauth/status', () => {
+  beforeEach(setup)
+  afterEach(teardown)
+
+  test('returns loggedIn=false when no token file', async () => {
+    const { req, url, segments } = buildReq('GET', '/api/haha-oauth/status')
+    const res = await handleHahaOAuthApi(req, url, segments)
+    expect(res.status).toBe(200)
+    const data = (await res.json()) as { loggedIn: boolean }
+    expect(data.loggedIn).toBe(false)
+  })
+
+  test('returns loggedIn=true + metadata when token saved', async () => {
+    await hahaOAuthService.saveTokens({
+      accessToken: 'sk-ant-oat01-xxx',
+      refreshToken: 'sk-ant-ort01-xxx',
+      expiresAt: Date.now() + 3600_000,
+      scopes: ['user:inference'],
+      subscriptionType: 'max',
+    })
+
+    const { req, url, segments } = buildReq('GET', '/api/haha-oauth/status')
+    const res = await handleHahaOAuthApi(req, url, segments)
+    expect(res.status).toBe(200)
+    const data = (await res.json()) as {
+      loggedIn: boolean
+      subscriptionType: string | null
+      scopes: string[]
+    }
+    expect(data.loggedIn).toBe(true)
+    expect(data.subscriptionType).toBe('max')
+    expect(data.scopes).toEqual(['user:inference'])
+    expect(JSON.stringify(data)).not.toContain('sk-ant-oat01')
+    expect(JSON.stringify(data)).not.toContain('sk-ant-ort01')
+  })
+
+  test('returns loggedIn=false when stored token is expired and refresh fails', async () => {
+    await hahaOAuthService.saveTokens({
+      accessToken: 'expired-token',
+      refreshToken: 'revoked-refresh-token',
+      expiresAt: Date.now() - 1_000,
+      scopes: ['user:inference'],
+      subscriptionType: 'max',
+    })
+    hahaOAuthService.setRefreshFn(async () => {
+      throw new Error('refresh revoked')
+    })
+
+    const { req, url, segments } = buildReq('GET', '/api/haha-oauth/status')
+    const res = await handleHahaOAuthApi(req, url, segments)
+
+    expect(res.status).toBe(200)
+    expect(await res.json()).toEqual({ loggedIn: false })
+  })
+})
+
+describe('DELETE /api/haha-oauth', () => {
+  beforeEach(setup)
+  afterEach(teardown)
+
+  test('clears token file', async () => {
+    await hahaOAuthService.saveTokens({
+      accessToken: 'a',
+      refreshToken: null,
+      expiresAt: null,
+      scopes: [],
+      subscriptionType: null,
+    })
+
+    const { req, url, segments } = buildReq('DELETE', '/api/haha-oauth')
+    const res = await handleHahaOAuthApi(req, url, segments)
+    expect(res.status).toBe(200)
+    expect(await hahaOAuthService.loadTokens()).toBeNull()
+  })
+})