mirror of
https://github.com/TencentCloud/TencentDB-Agent-Memory
synced 2026-07-10 12:34:27 +00:00
test(offload): cover auth-profile apiKey resolver
Add unit tests for resolveApiKeyFromAuthProfile covering the four resolution branches: api_key profile returns the plaintext key, oauth/token-only providers return undefined, providers with no profile return undefined, and keyRef-only (no plaintext) profiles are skipped. Also covers the older-host case where the provider-auth SDK subpath is unavailable. To keep the test self-contained (no real OpenClaw install or on-disk auth-profile store), resolveApiKeyFromAuthProfile gains an optional fourth parameter to inject a fake provider-auth SDK loader. Production callers pass three arguments and keep loading the real SDK via require. Signed-off-by: MicroGrey <changyuhang@outlook.com>
This commit is contained in:
@@ -0,0 +1,68 @@
|
|||||||
|
import { describe, it, expect } from "vitest";
|
||||||
|
import { resolveApiKeyFromAuthProfile } from "./auth-profile-key.js";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Build a fake provider-auth SDK whose store contains the given profiles and
|
||||||
|
* whose `listProfilesForProvider` maps a provider name to its profile ids.
|
||||||
|
*/
|
||||||
|
function makeSdk(
|
||||||
|
profiles: Record<string, { type?: string; key?: string; keyRef?: unknown }>,
|
||||||
|
profileIdsByProvider: Record<string, string[]>,
|
||||||
|
) {
|
||||||
|
return {
|
||||||
|
ensureAuthProfileStore: () => ({ profiles }),
|
||||||
|
listProfilesForProvider: (_store: unknown, provider: string) =>
|
||||||
|
profileIdsByProvider[provider] ?? [],
|
||||||
|
resolveOpenClawAgentDir: () => "/fake/agent/dir",
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
const api = { config: { models: { providers: {} } } };
|
||||||
|
|
||||||
|
describe("resolveApiKeyFromAuthProfile", () => {
|
||||||
|
it("returns the plaintext key for an api_key profile bound to the provider", () => {
|
||||||
|
const sdk = makeSdk(
|
||||||
|
{ "xiaomi:default": { type: "api_key", key: "sk-xiaomi-123" } },
|
||||||
|
{ xiaomi: ["xiaomi:default"] },
|
||||||
|
);
|
||||||
|
|
||||||
|
const key = resolveApiKeyFromAuthProfile(api, "xiaomi", undefined, () => sdk);
|
||||||
|
|
||||||
|
expect(key).toBe("sk-xiaomi-123");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns undefined when the provider only has oauth/token profiles", () => {
|
||||||
|
const sdk = makeSdk(
|
||||||
|
{
|
||||||
|
"claude:default": { type: "oauth" },
|
||||||
|
"github:default": { type: "token" },
|
||||||
|
},
|
||||||
|
{ anthropic: ["claude:default"], github: ["github:default"] },
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(resolveApiKeyFromAuthProfile(api, "anthropic", undefined, () => sdk)).toBeUndefined();
|
||||||
|
expect(resolveApiKeyFromAuthProfile(api, "github", undefined, () => sdk)).toBeUndefined();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns undefined when the provider has no profiles at all", () => {
|
||||||
|
const sdk = makeSdk(
|
||||||
|
{ "xiaomi:default": { type: "api_key", key: "sk-xiaomi-123" } },
|
||||||
|
{ xiaomi: ["xiaomi:default"] },
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(resolveApiKeyFromAuthProfile(api, "deepseek", undefined, () => sdk)).toBeUndefined();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("skips api_key profiles that store only a keyRef (no plaintext key)", () => {
|
||||||
|
const sdk = makeSdk(
|
||||||
|
{ "vault:default": { type: "api_key", keyRef: { source: "keychain" } } },
|
||||||
|
{ vault: ["vault:default"] },
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(resolveApiKeyFromAuthProfile(api, "vault", undefined, () => sdk)).toBeUndefined();
|
||||||
|
});
|
||||||
|
|
||||||
|
it("returns undefined when the provider-auth SDK is unavailable (older host)", () => {
|
||||||
|
expect(resolveApiKeyFromAuthProfile(api, "xiaomi", undefined, () => undefined)).toBeUndefined();
|
||||||
|
});
|
||||||
|
});
|
||||||
@@ -49,11 +49,12 @@ export function resolveApiKeyFromAuthProfile(
|
|||||||
api: { config?: unknown },
|
api: { config?: unknown },
|
||||||
providerKey: string,
|
providerKey: string,
|
||||||
logger?: PluginLogger,
|
logger?: PluginLogger,
|
||||||
|
_loadSdkOverride?: () => ProviderAuthSdk | undefined,
|
||||||
): string | undefined {
|
): string | undefined {
|
||||||
try {
|
try {
|
||||||
// Lazily load the SDK subpath so a missing export on older OpenClaw
|
// Lazily load the SDK subpath so a missing export on older OpenClaw
|
||||||
// versions degrades gracefully instead of crashing module load.
|
// versions degrades gracefully instead of crashing module load.
|
||||||
const sdk = loadProviderAuthSdk();
|
const sdk = _loadSdkOverride ? _loadSdkOverride() : loadProviderAuthSdk();
|
||||||
if (!sdk) return undefined;
|
if (!sdk) return undefined;
|
||||||
|
|
||||||
const { ensureAuthProfileStore, listProfilesForProvider, resolveOpenClawAgentDir } = sdk;
|
const { ensureAuthProfileStore, listProfilesForProvider, resolveOpenClawAgentDir } = sdk;
|
||||||
|
|||||||
Reference in New Issue
Block a user