mirror of
https://github.com/anomalyco/opencode.git
synced 2026-05-15 00:52:35 +00:00
102 lines
3.1 KiB
TypeScript
102 lines
3.1 KiB
TypeScript
import { describe, expect } from "bun:test"
|
|
import { ConfigProvider, Effect } from "effect"
|
|
import { Headers } from "effect/unstable/http"
|
|
import { LLM } from "../src"
|
|
import { Auth } from "../src/route/auth"
|
|
import { it } from "./lib/effect"
|
|
|
|
const request = LLM.request({
|
|
id: "req_auth",
|
|
model: LLM.model({ id: "fake-model", provider: "fake", route: "fake", baseURL: "https://fake.local" }),
|
|
prompt: "hello",
|
|
})
|
|
|
|
const input = {
|
|
request,
|
|
method: "POST" as const,
|
|
url: "https://example.test/v1/chat",
|
|
body: "{}",
|
|
headers: Headers.fromInput({ "x-existing": "yes" }),
|
|
}
|
|
|
|
const withEnv = (env: Record<string, string>) => Effect.provide(ConfigProvider.layer(ConfigProvider.fromEnv({ env })))
|
|
|
|
describe("Auth", () => {
|
|
it.effect("renders a config credential as bearer auth", () =>
|
|
Effect.gen(function* () {
|
|
const headers = yield* Auth.config("OPENAI_API_KEY")
|
|
.bearer()
|
|
.apply(input)
|
|
.pipe(withEnv({ OPENAI_API_KEY: "sk-test" }))
|
|
|
|
expect(headers.authorization).toBe("Bearer sk-test")
|
|
expect(headers["x-existing"]).toBe("yes")
|
|
}),
|
|
)
|
|
|
|
it.effect("falls back between credential sources before rendering", () =>
|
|
Effect.gen(function* () {
|
|
const headers = yield* Auth.config("PRIMARY_KEY")
|
|
.orElse(Auth.value("fallback-key"))
|
|
.pipe(Auth.header("x-api-key"))
|
|
.apply(input)
|
|
.pipe(withEnv({}))
|
|
|
|
expect(headers["x-api-key"]).toBe("fallback-key")
|
|
expect(headers["x-existing"]).toBe("yes")
|
|
}),
|
|
)
|
|
|
|
it.effect("composes header auth in sequence", () =>
|
|
Effect.gen(function* () {
|
|
const headers = yield* Auth.headers({ "x-tenant-id": "tenant-1" })
|
|
.andThen(Auth.bearer("gateway-token"))
|
|
.apply(input)
|
|
|
|
expect(headers["x-tenant-id"]).toBe("tenant-1")
|
|
expect(headers.authorization).toBe("Bearer gateway-token")
|
|
expect(headers["x-existing"]).toBe("yes")
|
|
}),
|
|
)
|
|
|
|
it.effect("renders a direct secret as a custom header", () =>
|
|
Effect.gen(function* () {
|
|
const headers = yield* Auth.header("api-key", "direct-key").apply(input)
|
|
|
|
expect(headers["api-key"]).toBe("direct-key")
|
|
expect(headers["x-existing"]).toBe("yes")
|
|
}),
|
|
)
|
|
|
|
it.effect("renders bearer auth into a custom header", () =>
|
|
Effect.gen(function* () {
|
|
const headers = yield* Auth.bearerHeader("cf-aig-authorization", "gateway-token").apply(input)
|
|
|
|
expect(headers["cf-aig-authorization"]).toBe("Bearer gateway-token")
|
|
expect(headers["x-existing"]).toBe("yes")
|
|
}),
|
|
)
|
|
|
|
it.effect("falls back between full auth values", () =>
|
|
Effect.gen(function* () {
|
|
const headers = yield* Auth.config("OPENAI_API_KEY")
|
|
.bearer()
|
|
.orElse(Auth.headers({ authorization: "Bearer supplied" }))
|
|
.apply(input)
|
|
.pipe(withEnv({}))
|
|
|
|
expect(headers.authorization).toBe("Bearer supplied")
|
|
expect(headers["x-existing"]).toBe("yes")
|
|
}),
|
|
)
|
|
|
|
it.effect("can intentionally leave auth untouched", () =>
|
|
Effect.gen(function* () {
|
|
const headers = yield* Auth.none.apply(input)
|
|
|
|
expect(headers.authorization).toBeUndefined()
|
|
expect(headers["x-existing"]).toBe("yes")
|
|
}),
|
|
)
|
|
})
|