mirror of
https://github.com/router-for-me/CLIProxyAPI.git
synced 2026-07-02 13:34:21 +08:00
- Introduced `AuthKind` and `AuthSourceKind` methods for improved credential type and source classification. - Replaced legacy fallback logic with normalized attribute-based handling in `AuthKind`. - Consolidated metadata inspection for both API key and OAuth attributes. - Updated calls to replace direct `AccountInfo` usage with `AuthKind` and `AuthSourceKind`. - Enhanced unit tests to validate explicit and fallback credential resolution scenarios.
126 lines
3.4 KiB
Go
126 lines
3.4 KiB
Go
package auth
|
|
|
|
import "testing"
|
|
|
|
func TestAuthKind(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
auth *Auth
|
|
want string
|
|
}{
|
|
{
|
|
name: "explicit api key attribute",
|
|
auth: &Auth{Attributes: map[string]string{AttributeAuthKind: "api_key"}},
|
|
want: AuthKindAPIKey,
|
|
},
|
|
{
|
|
name: "explicit oauth attribute wins over api key fallback",
|
|
auth: &Auth{Attributes: map[string]string{AttributeAuthKind: "oauth", AttributeAPIKey: "k"}},
|
|
want: AuthKindOAuth,
|
|
},
|
|
{
|
|
name: "explicit oauth metadata",
|
|
auth: &Auth{Metadata: map[string]any{AttributeAuthKind: "oauth"}},
|
|
want: AuthKindOAuth,
|
|
},
|
|
{
|
|
name: "legacy api key attribute",
|
|
auth: &Auth{Attributes: map[string]string{AttributeAPIKey: "k"}},
|
|
want: AuthKindAPIKey,
|
|
},
|
|
{
|
|
name: "legacy oauth metadata",
|
|
auth: &Auth{Metadata: map[string]any{"access_token": "token"}},
|
|
want: AuthKindOAuth,
|
|
},
|
|
{
|
|
name: "unknown metadata shape",
|
|
auth: &Auth{Metadata: map[string]any{"type": "test"}},
|
|
want: "",
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
if got := tt.auth.AuthKind(); got != tt.want {
|
|
t.Fatalf("AuthKind() = %q, want %q", got, tt.want)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestAuthSourceKind(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
auth *Auth
|
|
want string
|
|
}{
|
|
{
|
|
name: "runtime only memory",
|
|
auth: &Auth{Attributes: map[string]string{AttributeRuntimeOnly: "true", AttributeSourceBackend: AuthSourcePostgres}},
|
|
want: AuthSourceMemory,
|
|
},
|
|
{
|
|
name: "backend postgres",
|
|
auth: &Auth{Attributes: map[string]string{AttributeSourceBackend: "postgresql", AttributePath: "/tmp/auth.json"}},
|
|
want: AuthSourcePostgres,
|
|
},
|
|
{
|
|
name: "backend object store",
|
|
auth: &Auth{Attributes: map[string]string{AttributeSourceBackend: "object-store", AttributePath: "/tmp/auth.json"}},
|
|
want: AuthSourceObjectStore,
|
|
},
|
|
{
|
|
name: "config source",
|
|
auth: &Auth{Attributes: map[string]string{AttributeSource: "config:codex[abc]"}},
|
|
want: AuthSourceConfig,
|
|
},
|
|
{
|
|
name: "path source",
|
|
auth: &Auth{Attributes: map[string]string{AttributeSource: "/tmp/auth.json"}},
|
|
want: AuthSourceFile,
|
|
},
|
|
{
|
|
name: "path attribute",
|
|
auth: &Auth{Attributes: map[string]string{AttributePath: "/tmp/auth.json"}},
|
|
want: AuthSourceFile,
|
|
},
|
|
{
|
|
name: "filename fallback",
|
|
auth: &Auth{FileName: "codex.json"},
|
|
want: AuthSourceFile,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
if got := tt.auth.AuthSourceKind(); got != tt.want {
|
|
t.Fatalf("AuthSourceKind() = %q, want %q", got, tt.want)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestAccountInfoUsesAuthKind(t *testing.T) {
|
|
apiKeyAuth := &Auth{Attributes: map[string]string{AttributeAuthKind: "api-key", AttributeAPIKey: "k"}}
|
|
kind, value := apiKeyAuth.AccountInfo()
|
|
if kind != "api_key" || value != "k" {
|
|
t.Fatalf("api key AccountInfo() = %q, %q", kind, value)
|
|
}
|
|
|
|
oauthAuth := &Auth{
|
|
Attributes: map[string]string{AttributeAuthKind: AuthKindOAuth, AttributeAPIKey: "k"},
|
|
Metadata: map[string]any{"email": "user@example.com"},
|
|
}
|
|
kind, value = oauthAuth.AccountInfo()
|
|
if kind != "oauth" || value != "user@example.com" {
|
|
t.Fatalf("oauth AccountInfo() = %q, %q", kind, value)
|
|
}
|
|
|
|
oauthWithoutEmail := &Auth{Metadata: map[string]any{"access_token": "token"}}
|
|
kind, value = oauthWithoutEmail.AccountInfo()
|
|
if kind != "oauth" || value != "" {
|
|
t.Fatalf("oauth without email AccountInfo() = %q, %q", kind, value)
|
|
}
|
|
}
|