mirror of
http://192.168.0.88:13333/lywsvip/openclaw-zero-token.git
synced 2026-05-22 15:21:43 +08:00
571e14a236
Major upgrade from e26988a38 to upstream v2026.3.28 (f9b107928).
Key changes:
- Upstream src/, ui/, extensions/ (89 bundled extensions)
- Zero-token web providers preserved in src/zero-token/
- AskOnce plugin restored and registered as CLI command
- Added missing packages: @anthropic-ai/vertex-sdk, @modelcontextprotocol/sdk
- Fixed tsconfig rootDir, skipLibCheck for plugin-sdk DTS build
- Added askonce to bundled plugin metadata and package.json exports
- Fixed AskOnce CLI command registration (missing commands metadata)
- Restored AskOnce adapter imports (correct 5-level relative paths)
- Removed stale migration artifacts from root directory
77 lines
2.2 KiB
TypeScript
77 lines
2.2 KiB
TypeScript
import { describe, expect, it } from "vitest";
|
|
import type { OpenClawConfig } from "../config/config.js";
|
|
import {
|
|
assertExplicitGatewayAuthModeWhenBothConfigured,
|
|
EXPLICIT_GATEWAY_AUTH_MODE_REQUIRED_ERROR,
|
|
hasAmbiguousGatewayAuthModeConfig,
|
|
} from "./auth-mode-policy.js";
|
|
|
|
describe("gateway auth mode policy", () => {
|
|
it("does not flag config when auth mode is explicit", () => {
|
|
const cfg: OpenClawConfig = {
|
|
gateway: {
|
|
auth: {
|
|
mode: "token",
|
|
token: "token-value",
|
|
password: "password-value", // pragma: allowlist secret
|
|
},
|
|
},
|
|
};
|
|
expect(hasAmbiguousGatewayAuthModeConfig(cfg)).toBe(false);
|
|
});
|
|
|
|
it("does not flag config when only one auth credential is configured", () => {
|
|
const cfg: OpenClawConfig = {
|
|
gateway: {
|
|
auth: {
|
|
token: "token-value",
|
|
},
|
|
},
|
|
};
|
|
expect(hasAmbiguousGatewayAuthModeConfig(cfg)).toBe(false);
|
|
});
|
|
|
|
it("flags config when both token and password are configured and mode is unset", () => {
|
|
const cfg: OpenClawConfig = {
|
|
gateway: {
|
|
auth: {
|
|
token: "token-value",
|
|
password: "password-value", // pragma: allowlist secret
|
|
},
|
|
},
|
|
};
|
|
expect(hasAmbiguousGatewayAuthModeConfig(cfg)).toBe(true);
|
|
});
|
|
|
|
it("flags config when both token/password SecretRefs are configured and mode is unset", () => {
|
|
const cfg: OpenClawConfig = {
|
|
gateway: {
|
|
auth: {
|
|
token: { source: "env", provider: "default", id: "GW_TOKEN" },
|
|
password: { source: "env", provider: "default", id: "GW_PASSWORD" },
|
|
},
|
|
},
|
|
secrets: {
|
|
providers: {
|
|
default: { source: "env" },
|
|
},
|
|
},
|
|
};
|
|
expect(hasAmbiguousGatewayAuthModeConfig(cfg)).toBe(true);
|
|
});
|
|
|
|
it("throws the shared explicit-mode error for ambiguous dual auth config", () => {
|
|
const cfg: OpenClawConfig = {
|
|
gateway: {
|
|
auth: {
|
|
token: "token-value",
|
|
password: "password-value", // pragma: allowlist secret
|
|
},
|
|
},
|
|
};
|
|
expect(() => assertExplicitGatewayAuthModeWhenBothConfigured(cfg)).toThrow(
|
|
EXPLICIT_GATEWAY_AUTH_MODE_REQUIRED_ERROR,
|
|
);
|
|
});
|
|
});
|