uncle6me-web
3e65e22775
壓測四橫向問題修正(docs 壓測報告):
① 薄殼原則成鐵律:能力長在 API,CLI/MCP/lib 只暴露
- seed 下沉成 API 行為:cypher-executor POST /init/seed(一次灌 API+auth recipe),
種子資料移到 server src/lib/api-recipe-seeds.ts,CLI 改薄殼一次呼叫
- 解除 deployFullyOk 連坐 + init 補 seed auth recipe + update 補 seed/全 KV
- registry SUBMISSIONS_KV 補進 REQUIRED_KV_NAMESPACES(修 20/21)
② MCP 統一帳號來源(單一 remote MCP + .env 切 MCP URL)
- MCP 從 sibling repo 搬進 arcrun/mcp/(remote Worker,route 改 mcp.arcrun.dev)
- config 加 mcp_url 三層解析 + getMcpUrl + DEFAULT_MCP_URL
- 新增 acr mcp-setup:依 config 寫專案 .mcp.json(接案切資料夾自動切 MCP)
- acr --version 改動態讀 package.json(根治漂移)
③ Deploy 一致性
- tests/release.feature + scripts/check-release.sh
- local-deploy.sh:CLI npm publish + auto patch bump + CHANGELOG
- local-deploy.sh bash 3.2 相容修正(mapfile / 空陣列 set -u)
- builtins/pnpm-lock.yaml
④ README self-hosted 同步現況(移除 R2 殘留、加 flag/env、多帳號)
CLI bump → 1.3.0
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
43 lines
1.5 KiB
TypeScript
43 lines
1.5 KiB
TypeScript
import { describe, it, expect, vi } from "vitest";
|
|
|
|
// Unit tests for partner-auth middleware logic
|
|
// Tests the auth extraction and validation behaviour without a live KBDB
|
|
|
|
function extractBearerToken(authHeader: string | undefined): string | null {
|
|
if (!authHeader?.startsWith("Bearer ")) return null;
|
|
return authHeader.slice(7);
|
|
}
|
|
|
|
describe("partner-auth: token extraction", () => {
|
|
it("returns null when Authorization header is missing", () => {
|
|
expect(extractBearerToken(undefined)).toBeNull();
|
|
});
|
|
|
|
it("returns null when header does not start with 'Bearer '", () => {
|
|
expect(extractBearerToken("Basic abc123")).toBeNull();
|
|
expect(extractBearerToken("bearer abc123")).toBeNull();
|
|
expect(extractBearerToken("Token abc123")).toBeNull();
|
|
});
|
|
|
|
it("extracts token from valid Bearer header", () => {
|
|
expect(extractBearerToken("Bearer my-secret-key")).toBe("my-secret-key");
|
|
});
|
|
|
|
it("handles token with special characters", () => {
|
|
expect(extractBearerToken("Bearer abc.def_ghi-123")).toBe("abc.def_ghi-123");
|
|
});
|
|
});
|
|
|
|
describe("partner-auth: KBDB response validation", () => {
|
|
it("rejects when valid is false", () => {
|
|
const info = { valid: false, org_namespace: "org-a" };
|
|
expect(info.valid).toBe(false);
|
|
});
|
|
|
|
it("accepts when valid is true and extracts org_namespace", () => {
|
|
const info = { valid: true, org_namespace: "org-a" };
|
|
expect(info.valid).toBe(true);
|
|
expect(info.org_namespace).toBe("org-a");
|
|
});
|
|
});
|