mirror of
http://192.168.0.88:13333/lywsvip/openclaw-zero-token.git
synced 2026-05-12 20:15:49 +08:00
571e14a236
Major upgrade from e26988a38 to upstream v2026.3.28 (f9b107928).
Key changes:
- Upstream src/, ui/, extensions/ (89 bundled extensions)
- Zero-token web providers preserved in src/zero-token/
- AskOnce plugin restored and registered as CLI command
- Added missing packages: @anthropic-ai/vertex-sdk, @modelcontextprotocol/sdk
- Fixed tsconfig rootDir, skipLibCheck for plugin-sdk DTS build
- Added askonce to bundled plugin metadata and package.json exports
- Fixed AskOnce CLI command registration (missing commands metadata)
- Restored AskOnce adapter imports (correct 5-level relative paths)
- Removed stale migration artifacts from root directory
150 lines
4.3 KiB
TypeScript
150 lines
4.3 KiB
TypeScript
import { describe, expect, it } from "vitest";
|
|
import type { OpenClawConfig } from "../config/config.js";
|
|
import { withEnvAsync } from "../test-utils/env.js";
|
|
import { resolveNodeHostGatewayCredentials } from "./runner.js";
|
|
|
|
function createRemoteGatewayTokenRefConfig(tokenId: string): OpenClawConfig {
|
|
return {
|
|
secrets: {
|
|
providers: {
|
|
default: { source: "env" },
|
|
},
|
|
},
|
|
gateway: {
|
|
mode: "remote",
|
|
remote: {
|
|
token: { source: "env", provider: "default", id: tokenId },
|
|
},
|
|
},
|
|
} as OpenClawConfig;
|
|
}
|
|
|
|
async function expectNoGatewayCredentials(
|
|
config: OpenClawConfig,
|
|
env: Record<string, string | undefined>,
|
|
) {
|
|
await withEnvAsync(env, async () => {
|
|
const credentials = await resolveNodeHostGatewayCredentials({ config });
|
|
expect(credentials.token).toBeUndefined();
|
|
expect(credentials.password).toBeUndefined();
|
|
});
|
|
}
|
|
|
|
describe("resolveNodeHostGatewayCredentials", () => {
|
|
it("does not inherit gateway.remote token in local mode", async () => {
|
|
const config = {
|
|
gateway: {
|
|
mode: "local",
|
|
remote: { token: "remote-only-token" },
|
|
},
|
|
} as OpenClawConfig;
|
|
|
|
await expectNoGatewayCredentials(config, {
|
|
OPENCLAW_GATEWAY_TOKEN: undefined,
|
|
OPENCLAW_GATEWAY_PASSWORD: undefined,
|
|
});
|
|
});
|
|
|
|
it("ignores unresolved gateway.remote token refs in local mode", async () => {
|
|
const config = {
|
|
secrets: {
|
|
providers: {
|
|
default: { source: "env" },
|
|
},
|
|
},
|
|
gateway: {
|
|
mode: "local",
|
|
remote: {
|
|
token: { source: "env", provider: "default", id: "MISSING_REMOTE_GATEWAY_TOKEN" },
|
|
},
|
|
},
|
|
} as OpenClawConfig;
|
|
|
|
await expectNoGatewayCredentials(config, {
|
|
OPENCLAW_GATEWAY_TOKEN: undefined,
|
|
OPENCLAW_GATEWAY_PASSWORD: undefined,
|
|
MISSING_REMOTE_GATEWAY_TOKEN: undefined,
|
|
});
|
|
});
|
|
|
|
it("resolves remote token SecretRef values", async () => {
|
|
const config = createRemoteGatewayTokenRefConfig("REMOTE_GATEWAY_TOKEN");
|
|
|
|
await withEnvAsync(
|
|
{
|
|
OPENCLAW_GATEWAY_TOKEN: undefined,
|
|
OPENCLAW_GATEWAY_PASSWORD: undefined,
|
|
REMOTE_GATEWAY_TOKEN: "token-from-ref",
|
|
},
|
|
async () => {
|
|
const credentials = await resolveNodeHostGatewayCredentials({ config });
|
|
expect(credentials.token).toBe("token-from-ref");
|
|
},
|
|
);
|
|
});
|
|
|
|
it("prefers OPENCLAW_GATEWAY_TOKEN over configured refs", async () => {
|
|
const config = createRemoteGatewayTokenRefConfig("REMOTE_GATEWAY_TOKEN");
|
|
|
|
await withEnvAsync(
|
|
{
|
|
OPENCLAW_GATEWAY_TOKEN: "token-from-env",
|
|
OPENCLAW_GATEWAY_PASSWORD: undefined,
|
|
REMOTE_GATEWAY_TOKEN: "token-from-ref",
|
|
},
|
|
async () => {
|
|
const credentials = await resolveNodeHostGatewayCredentials({ config });
|
|
expect(credentials.token).toBe("token-from-env");
|
|
},
|
|
);
|
|
});
|
|
|
|
it("throws when a configured remote token ref cannot resolve", async () => {
|
|
const config = createRemoteGatewayTokenRefConfig("MISSING_REMOTE_GATEWAY_TOKEN");
|
|
|
|
await withEnvAsync(
|
|
{
|
|
OPENCLAW_GATEWAY_TOKEN: undefined,
|
|
OPENCLAW_GATEWAY_PASSWORD: undefined,
|
|
MISSING_REMOTE_GATEWAY_TOKEN: undefined,
|
|
},
|
|
async () => {
|
|
await expect(resolveNodeHostGatewayCredentials({ config })).rejects.toThrow(
|
|
"gateway.remote.token",
|
|
);
|
|
},
|
|
);
|
|
});
|
|
|
|
it("does not resolve remote password refs when token auth is already available", async () => {
|
|
const config = {
|
|
secrets: {
|
|
providers: {
|
|
default: { source: "env" },
|
|
},
|
|
},
|
|
gateway: {
|
|
mode: "remote",
|
|
remote: {
|
|
token: { source: "env", provider: "default", id: "REMOTE_GATEWAY_TOKEN" },
|
|
password: { source: "env", provider: "default", id: "MISSING_REMOTE_GATEWAY_PASSWORD" },
|
|
},
|
|
},
|
|
} as OpenClawConfig;
|
|
|
|
await withEnvAsync(
|
|
{
|
|
OPENCLAW_GATEWAY_TOKEN: undefined,
|
|
OPENCLAW_GATEWAY_PASSWORD: undefined,
|
|
REMOTE_GATEWAY_TOKEN: "token-from-ref",
|
|
MISSING_REMOTE_GATEWAY_PASSWORD: undefined,
|
|
},
|
|
async () => {
|
|
const credentials = await resolveNodeHostGatewayCredentials({ config });
|
|
expect(credentials.token).toBe("token-from-ref");
|
|
expect(credentials.password).toBeUndefined();
|
|
},
|
|
);
|
|
});
|
|
});
|