saeeol 1.2.4 → 1.2.7

package/test/mcp/oauth-auto-connect.test.ts

@@ -1,311 +0,0 @@
-import { test, expect, mock, beforeEach } from "bun:test"
-import { Effect } from "effect"
-import { createServer } from "http" 
-
-// Mock UnauthorizedError to match the SDK's class
-class MockUnauthorizedError extends Error {
-  constructor(message?: string) {
-    super(message ?? "Unauthorized")
-    this.name = "UnauthorizedError"
-  }
-}
-
-// Track what options were passed to each transport constructor
-const transportCalls: Array<{
-  type: "streamable" | "sse"
-  url: string
-  options: { authProvider?: unknown }
-}> = []
-
-// Controls whether the mock transport simulates a 401 that triggers the SDK
-// auth flow (which calls provider.state()) or a simple UnauthorizedError.
-let simulateAuthFlow = true
-let connectSucceedsImmediately = false
-
-// Mock the transport constructors to simulate OAuth auto-auth on 401
-void mock.module("@modelcontextprotocol/sdk/client/streamableHttp.js", () => ({
-  StreamableHTTPClientTransport: class MockStreamableHTTP {
-    authProvider:
-      | {
-          state?: () => Promise<string>
-          redirectToAuthorization?: (url: URL) => Promise<void>
-          saveCodeVerifier?: (v: string) => Promise<void>
-        }
-      | undefined
-    constructor(url: URL, options?: { authProvider?: unknown }) {
-      this.authProvider = options?.authProvider as typeof this.authProvider
-      transportCalls.push({
-        type: "streamable",
-        url: url.toString(),
-        options: options ?? {},
-      })
-    }
-    async start() {
-      if (connectSucceedsImmediately) return
-
-      // Simulate what the real SDK transport does on 401:
-      // It calls auth() which eventually calls provider.state(), then
-      // provider.redirectToAuthorization(), then throws UnauthorizedError.
-      if (simulateAuthFlow && this.authProvider) {
-        // The SDK calls provider.state() to get the OAuth state parameter
-        if (this.authProvider.state) {
-          await this.authProvider.state()
-        }
-        // The SDK calls saveCodeVerifier before redirecting
-        if (this.authProvider.saveCodeVerifier) {
-          await this.authProvider.saveCodeVerifier("test-verifier")
-        }
-        // The SDK calls redirectToAuthorization to redirect the user
-        if (this.authProvider.redirectToAuthorization) {
-          await this.authProvider.redirectToAuthorization(new URL("https://auth.example.com/authorize?state=test"))
-        }
-        throw new MockUnauthorizedError()
-      }
-      throw new MockUnauthorizedError()
-    }
-    async finishAuth(_code: string) {}
-  },
-}))
-
-void mock.module("@modelcontextprotocol/sdk/client/sse.js", () => ({
-  SSEClientTransport: class MockSSE {
-    constructor(url: URL, options?: { authProvider?: unknown }) {
-      transportCalls.push({
-        type: "sse",
-        url: url.toString(),
-        options: options ?? {},
-      })
-    }
-    async start() {
-      throw new Error("Mock SSE transport cannot connect")
-    }
-  },
-}))
-
-// Mock the MCP SDK Client
-void mock.module("@modelcontextprotocol/sdk/client/index.js", () => ({
-  Client: class MockClient {
-    async connect(transport: { start: () => Promise<void> }) {
-      await transport.start()
-    }
-
-    setNotificationHandler() {}
-
-    async listTools() {
-      return { tools: [{ name: "test_tool", inputSchema: { type: "object", properties: {} } }] }
-    }
-
-    async close() {}
-  },
-}))
-
-// Mock UnauthorizedError in the auth module so instanceof checks work
-void mock.module("@modelcontextprotocol/sdk/client/auth.js", () => ({
-  UnauthorizedError: MockUnauthorizedError,
-}))
-
-beforeEach(() => {
-  transportCalls.length = 0
-  simulateAuthFlow = true
-  connectSucceedsImmediately = false
-})
-async function occupy(port: number) {
-  const srv = createServer()
-  const bound = await new Promise<boolean>((resolve, reject) => {
-    const fail = (err: Error & { code?: string }) => {
-      srv.off("error", fail)
-      if (err.code === "EADDRINUSE") {
-        resolve(false)
-        return
-      }
-      reject(err)
-    }
-
-    srv.once("error", fail)
-    srv.listen(port, "127.0.0.1", () => {
-      srv.off("error", fail)
-      resolve(true)
-    })
-  })
-
-  return {
-    async [Symbol.asyncDispose]() {
-      if (!bound) return
-      await new Promise<void>((resolve) => srv.close(() => resolve()))
-    },
-  }
-}
-
-// Import modules after mocking
-const { MCP } = await import("../../src/mcp/index")
-const { Instance } = await import("../../src/project/instance")
-const { tmpdir } = await import("../fixture/fixture")
-const { OAUTH_CALLBACK_PORT } = await import("../../src/mcp/oauth-provider") 
-
-test("first connect to OAuth server shows needs_auth instead of failed", async () => {
-  await using tmp = await tmpdir({
-    init: async (dir) => {
-      await Bun.write(
-        `${dir}/saeeol.json`,
-        JSON.stringify({
-          $schema: "https://saeeol.ai/config.json",
-          mcp: {
-            "test-oauth": {
-              type: "remote",
-              url: "https://example.com/mcp",
-            },
-          },
-        }),
-      )
-    },
-  })
-
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const result = await Effect.runPromise(
-        MCP.Service.use((mcp) =>
-          mcp.add("test-oauth", {
-            type: "remote",
-            url: "https://example.com/mcp",
-          }),
-        ).pipe(Effect.provide(MCP.defaultLayer)),
-      )
-
-      const serverStatus = result.status as Record<string, { status: string; error?: string }>
-
-      // The server should be detected as needing auth, NOT as failed.
-      // Before the fix, provider.state() would throw a plain Error
-      // ("No OAuth state saved for MCP server: test-oauth") which was
-      // not caught as UnauthorizedError, causing status to be "failed".
-      expect(serverStatus["test-oauth"]).toBeDefined()
-      expect(serverStatus["test-oauth"].status).toBe("needs_auth")
-    },
-  })
-})
-
-test("state() generates a new state when none is saved", async () => {
-  const { McpOAuthProvider } = await import("../../src/mcp/oauth-provider")
-  const { McpAuth } = await import("../../src/mcp/auth")
-
-  await using tmp = await tmpdir()
-
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const auth = await Effect.runPromise(
-        Effect.gen(function* () {
-          return yield* McpAuth.Service
-        }).pipe(Effect.provide(McpAuth.defaultLayer)),
-      )
-      const provider = new McpOAuthProvider(
-        "test-state-gen",
-        "https://example.com/mcp",
-        {},
-        { onRedirect: async () => {} },
-        auth,
-      )
-
-      const entryBefore = await Effect.runPromise(
-        McpAuth.Service.use((auth) => auth.get("test-state-gen")).pipe(Effect.provide(McpAuth.defaultLayer)),
-      )
-      expect(entryBefore?.oauthState).toBeUndefined()
-
-      // state() should generate and return a new state, not throw
-      const state = await provider.state()
-      expect(typeof state).toBe("string")
-      expect(state.length).toBe(64) // 32 bytes as hex
-
-      // The generated state should be persisted
-      const entryAfter = await Effect.runPromise(
-        McpAuth.Service.use((auth) => auth.get("test-state-gen")).pipe(Effect.provide(McpAuth.defaultLayer)),
-      )
-      expect(entryAfter?.oauthState).toBe(state)
-    },
-  })
-})
-
-test("state() returns existing state when one is saved", async () => {
-  const { McpOAuthProvider } = await import("../../src/mcp/oauth-provider")
-  const { McpAuth } = await import("../../src/mcp/auth")
-
-  await using tmp = await tmpdir()
-
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      const auth = await Effect.runPromise(
-        Effect.gen(function* () {
-          return yield* McpAuth.Service
-        }).pipe(Effect.provide(McpAuth.defaultLayer)),
-      )
-      const provider = new McpOAuthProvider(
-        "test-state-existing",
-        "https://example.com/mcp",
-        {},
-        { onRedirect: async () => {} },
-        auth,
-      )
-
-      // Pre-save a state
-      const existingState = "pre-saved-state-value"
-      await Effect.runPromise(
-        McpAuth.Service.use((auth) => auth.updateOAuthState("test-state-existing", existingState)).pipe(
-          Effect.provide(McpAuth.defaultLayer),
-        ),
-      )
-
-      // state() should return the existing state
-      const state = await provider.state()
-      expect(state).toBe(existingState)
-    },
-  })
-})
-
-test("authenticate() stores a connected client when auth completes without redirect", async () => {
-  await using tmp = await tmpdir({
-    init: async (dir) => {
-      await Bun.write(
-        `${dir}/saeeol.json`,
-        JSON.stringify({
-          $schema: "https://saeeol.ai/config.json",
-          mcp: {
-            "test-oauth-connect": {
-              type: "remote",
-              url: "https://example.com/mcp",
-            },
-          },
-        }),
-      )
-    },
-  })
-  await using port = await occupy(OAUTH_CALLBACK_PORT)
-  void port
-
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      await Effect.runPromise(
-        MCP.Service.use((mcp) =>
-          Effect.gen(function* () {
-            const added = yield* mcp.add("test-oauth-connect", {
-              type: "remote",
-              url: "https://example.com/mcp",
-            })
-            const before = added.status as Record<string, { status: string; error?: string }>
-            expect(before["test-oauth-connect"]?.status).toBe("needs_auth")
-
-            simulateAuthFlow = false
-            connectSucceedsImmediately = true
-
-            const result = yield* mcp.authenticate("test-oauth-connect")
-            expect(result.status).toBe("connected")
-
-            const after = yield* mcp.status()
-            expect(after["test-oauth-connect"]?.status).toBe("connected")
-          }),
-        ).pipe(Effect.provide(MCP.defaultLayer)),
-      )
-    },
-  })
-})

package/test/mcp/oauth-browser.test.ts

@@ -1,276 +0,0 @@
-import { test, expect, mock, beforeEach } from "bun:test"
-import { EventEmitter } from "events"
-import { Effect } from "effect"
-import type { MCP as MCPNS } from "../../src/mcp/index"
-
-// Track open() calls and control failure behavior
-let openShouldFail = false
-let openCalledWith: string | undefined
-
-void mock.module("open", () => ({
-  default: async (url: string) => {
-    openCalledWith = url
-
-    // Return a mock subprocess that emits an error if openShouldFail is true
-    const subprocess = new EventEmitter()
-    if (openShouldFail) {
-      // its listener. The previous setTimeout(10) raced listener attachment
-      // on slow Windows CI; emit() before `.on("error", ...)` was silently
-      // lost and BrowserOpenFailed was never published.
-      const err = new Error("spawn xdg-open ENOENT")
-      const originalOn = subprocess.on.bind(subprocess)
-      subprocess.on = function (event, listener) {
-        const ret = originalOn(event, listener)
-        if (event === "error") queueMicrotask(() => (listener as (e: Error) => void).call(subprocess, err))
-        return ret
-      }
-    }
-    return subprocess
-  },
-}))
-
-// Mock UnauthorizedError
-class MockUnauthorizedError extends Error {
-  constructor() {
-    super("Unauthorized")
-    this.name = "UnauthorizedError"
-  }
-}
-
-// Track what options were passed to each transport constructor
-const transportCalls: Array<{
-  type: "streamable" | "sse"
-  url: string
-  options: { authProvider?: unknown }
-}> = []
-
-// Mock the transport constructors
-void mock.module("@modelcontextprotocol/sdk/client/streamableHttp.js", () => ({
-  StreamableHTTPClientTransport: class MockStreamableHTTP {
-    url: string
-    authProvider: { redirectToAuthorization?: (url: URL) => Promise<void> } | undefined
-    constructor(url: URL, options?: { authProvider?: { redirectToAuthorization?: (url: URL) => Promise<void> } }) {
-      this.url = url.toString()
-      this.authProvider = options?.authProvider
-      transportCalls.push({
-        type: "streamable",
-        url: url.toString(),
-        options: options ?? {},
-      })
-    }
-    async start() {
-      // Simulate OAuth redirect by calling the authProvider's redirectToAuthorization
-      if (this.authProvider?.redirectToAuthorization) {
-        await this.authProvider.redirectToAuthorization(new URL("https://auth.example.com/authorize?client_id=test"))
-      }
-      throw new MockUnauthorizedError()
-    }
-    async finishAuth(_code: string) {
-      // Mock successful auth completion
-    }
-  },
-}))
-
-void mock.module("@modelcontextprotocol/sdk/client/sse.js", () => ({
-  SSEClientTransport: class MockSSE {
-    constructor(url: URL) {
-      transportCalls.push({
-        type: "sse",
-        url: url.toString(),
-        options: {},
-      })
-    }
-    async start() {
-      throw new Error("Mock SSE transport cannot connect")
-    }
-  },
-}))
-
-// Mock the MCP SDK Client to trigger OAuth flow
-void mock.module("@modelcontextprotocol/sdk/client/index.js", () => ({
-  Client: class MockClient {
-    async connect(transport: { start: () => Promise<void> }) {
-      await transport.start()
-    }
-  },
-}))
-// Mock UnauthorizedError in the auth module
-void mock.module("@modelcontextprotocol/sdk/client/auth.js", () => ({
-  UnauthorizedError: MockUnauthorizedError,
-}))
-
-beforeEach(() => {
-  openShouldFail = false
-  openCalledWith = undefined
-  transportCalls.length = 0
-})
-
-async function waitFor(fn: () => boolean, timeout = 5_000) {
-  const deadline = Date.now() + timeout
-  while (!fn() && Date.now() < deadline) {
-    await new Promise((resolve) => setTimeout(resolve, 25))
-  }
-}
-
-// Import modules after mocking
-const { MCP } = await import("../../src/mcp/index")
-const { AppRuntime } = await import("../../src/effect/app-runtime")
-const { Bus } = await import("../../src/bus")
-const { McpOAuthCallback } = await import("../../src/mcp/oauth-callback")
-const { Instance } = await import("../../src/project/instance")
-const { tmpdir } = await import("../fixture/fixture")
-const service = MCP.Service as unknown as Effect.Effect<MCPNS.Interface, never, never>
-
-test("BrowserOpenFailed event is published when open() throws", async () => {
-  await using tmp = await tmpdir({
-    init: async (dir) => {
-      await Bun.write(
-        `${dir}/saeeol.json`,
-        JSON.stringify({
-          $schema: "https://app.saeeol.ai/config.json",
-          mcp: {
-            "test-oauth-server": {
-              type: "remote",
-              url: "https://example.com/mcp",
-            },
-          },
-        }),
-      )
-    },
-  })
-
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      openShouldFail = true
-
-      const events: Array<{ mcpName: string; url: string }> = []
-      const unsubscribe = Bus.subscribe(MCP.BrowserOpenFailed, (evt) => {
-        events.push(evt.properties)
-      }) 
-      // Run authenticate with a timeout to avoid waiting forever for the callback
-      // Attach a handler immediately so callback shutdown rejections
-      // don't show up as unhandled between tests.
-      const authPromise = AppRuntime.runPromise(
-        Effect.gen(function* () {
-          const mcp = yield* service
-          return yield* mcp.authenticate("test-oauth-server")
-        }),
-      ).catch(() => undefined)
-
-      await waitFor(() => events.length > 0) 
-
-      // Stop the callback server and cancel any pending auth
-      await McpOAuthCallback.stop()
-
-      await authPromise
-
-      unsubscribe()
-
-      // Verify the BrowserOpenFailed event was published
-      expect(events.length).toBe(1)
-      expect(events[0].mcpName).toBe("test-oauth-server")
-      expect(events[0].url).toContain("https://")
-    },
-  })
-})
-
-test("BrowserOpenFailed event is NOT published when open() succeeds", async () => {
-  await using tmp = await tmpdir({
-    init: async (dir) => {
-      await Bun.write(
-        `${dir}/saeeol.json`,
-        JSON.stringify({
-          $schema: "https://app.saeeol.ai/config.json",
-          mcp: {
-            "test-oauth-server-2": {
-              type: "remote",
-              url: "https://example.com/mcp",
-            },
-          },
-        }),
-      )
-    },
-  })
-
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      openShouldFail = false 
-
-      const events: Array<{ mcpName: string; url: string }> = []
-      const unsubscribe = Bus.subscribe(MCP.BrowserOpenFailed, (evt) => {
-        events.push(evt.properties)
-      }) 
-      // Run authenticate with a timeout to avoid waiting forever for the callback
-      const authPromise = AppRuntime.runPromise(
-        Effect.gen(function* () {
-          const mcp = yield* service
-          return yield* mcp.authenticate("test-oauth-server-2")
-        }),
-      ).catch(() => undefined)
-
-      await waitFor(() => openCalledWith !== undefined) 
-      await new Promise((resolve) => setTimeout(resolve, 600)) 
-
-      // Stop the callback server and cancel any pending auth
-      await McpOAuthCallback.stop()
-
-      await authPromise
-
-      unsubscribe()
-
-      // Verify NO BrowserOpenFailed event was published
-      expect(events.length).toBe(0)
-      // Verify open() was still called
-      expect(openCalledWith).toBeDefined()
-    },
-  })
-})
-
-test("open() is called with the authorization URL", async () => {
-  await using tmp = await tmpdir({
-    init: async (dir) => {
-      await Bun.write(
-        `${dir}/saeeol.json`,
-        JSON.stringify({
-          $schema: "https://app.saeeol.ai/config.json",
-          mcp: {
-            "test-oauth-server-3": {
-              type: "remote",
-              url: "https://example.com/mcp",
-            },
-          },
-        }),
-      )
-    },
-  })
-
-  await Instance.provide({
-    directory: tmp.path,
-    fn: async () => {
-      openShouldFail = false 
-      openCalledWith = undefined
-      // Run authenticate with a timeout to avoid waiting forever for the callback
-      const authPromise = AppRuntime.runPromise(
-        Effect.gen(function* () {
-          const mcp = yield* service
-          return yield* mcp.authenticate("test-oauth-server-3")
-        }),
-      ).catch(() => undefined)
-
-      await waitFor(() => openCalledWith !== undefined) 
-      await new Promise((resolve) => setTimeout(resolve, 600)) 
-
-      // Stop the callback server and cancel any pending auth
-      await McpOAuthCallback.stop()
-
-      await authPromise
-
-      // Verify open was called with a URL
-      expect(openCalledWith).toBeDefined()
-      expect(typeof openCalledWith).toBe("string")
-      expect(openCalledWith!).toContain("https://")
-    },
-  })
-})

package/test/mcp/oauth-callback.test.ts

@@ -1,34 +0,0 @@
-import { test, expect, describe, afterEach } from "bun:test"
-import { McpOAuthCallback } from "../../src/mcp/oauth-callback"
-import { parseRedirectUri } from "../../src/mcp/oauth-provider"
-
-describe("parseRedirectUri", () => {
-  test("returns defaults when no URI provided", () => {
-    const result = parseRedirectUri()
-    expect(result.port).toBe(19876)
-    expect(result.path).toBe("/mcp/oauth/callback")
-  })
-
-  test("parses port and path from URI", () => {
-    const result = parseRedirectUri("http://127.0.0.1:8080/oauth/callback")
-    expect(result.port).toBe(8080)
-    expect(result.path).toBe("/oauth/callback")
-  })
-
-  test("returns defaults for invalid URI", () => {
-    const result = parseRedirectUri("not-a-valid-url")
-    expect(result.port).toBe(19876)
-    expect(result.path).toBe("/mcp/oauth/callback")
-  })
-})
-
-describe("McpOAuthCallback.ensureRunning", () => {
-  afterEach(async () => {
-    await McpOAuthCallback.stop()
-  })
-
-  test("starts server with custom redirectUri port and path", async () => {
-    await McpOAuthCallback.ensureRunning("http://127.0.0.1:18000/custom/callback")
-    expect(McpOAuthCallback.isRunning()).toBe(true)
-  })
-})

package/test/memory/abort-leak-webfetch.ts

@@ -1,49 +0,0 @@
-import { abortAfterAny } from "../../src/util/abort"
-
-const MB = 1024 * 1024
-const ITERATIONS = 50
-
-const heap = () => {
-  Bun.gc(true)
-  return process.memoryUsage().heapUsed / MB
-}
-
-const server = Bun.serve({
-  port: 0,
-  fetch() {
-    return new Response("hello from local", {
-      headers: {
-        "content-type": "text/plain",
-      },
-    })
-  },
-})
-
-const url = `http://127.0.0.1:${server.port}`
-
-async function run() {
-  const { signal, clearTimeout } = abortAfterAny(30000, new AbortController().signal)
-  try {
-    const response = await fetch(url, { signal })
-    await response.text()
-  } finally {
-    clearTimeout()
-  }
-}
-
-try {
-  await run()
-  Bun.sleepSync(100)
-  const baseline = heap()
-
-  for (let i = 0; i < ITERATIONS; i++) {
-    await run()
-  }
-
-  Bun.sleepSync(100)
-  const after = heap()
-  process.stdout.write(JSON.stringify({ baseline, after, growth: after - baseline }))
-} finally {
-  void server.stop(true)
-  process.exit(0)
-}