(stateDir: string)
| 55 | } |
| 56 | |
| 57 | function testPersistenceAndTokenHashing(stateDir: string): void { |
| 58 | const accessToken = "access-token-example"; |
| 59 | const refreshToken = "refresh-token-example"; |
| 60 | const firstStore = new SqliteOAuthStore(stateDir); |
| 61 | const firstClients = new SqliteOAuthClientsStore(firstStore, oauthConfig.allowedRedirectHosts); |
| 62 | const client = firstClients.registerClient({ |
| 63 | redirect_uris: [redirectUri], |
| 64 | client_name: "ChatGPT", |
| 65 | }); |
| 66 | |
| 67 | firstStore.saveTokenPair({ |
| 68 | accessTokenHash: hashToken(accessToken), |
| 69 | accessToken: { |
| 70 | clientId: client.client_id, |
| 71 | scopes: ["devspace"], |
| 72 | expiresAt: Math.floor(Date.now() / 1000) + 3600, |
| 73 | resource: mcpUrl.href, |
| 74 | }, |
| 75 | refreshTokenHash: hashToken(refreshToken), |
| 76 | refreshToken: { |
| 77 | clientId: client.client_id, |
| 78 | scopes: ["devspace"], |
| 79 | expiresAt: Math.floor(Date.now() / 1000) + 2592000, |
| 80 | resource: mcpUrl.href, |
| 81 | }, |
| 82 | }); |
| 83 | firstStore.close(); |
| 84 | |
| 85 | const database = openDatabase(stateDir); |
| 86 | try { |
| 87 | const accessHashes = database.sqlite |
| 88 | .prepare("select token_hash from oauth_access_tokens") |
| 89 | .pluck() |
| 90 | .all() as string[]; |
| 91 | const refreshHashes = database.sqlite |
| 92 | .prepare("select token_hash from oauth_refresh_tokens") |
| 93 | .pluck() |
| 94 | .all() as string[]; |
| 95 | assert.deepEqual(accessHashes, [hashToken(accessToken)]); |
| 96 | assert.deepEqual(refreshHashes, [hashToken(refreshToken)]); |
| 97 | assert.equal(accessHashes.includes(accessToken), false); |
| 98 | assert.equal(refreshHashes.includes(refreshToken), false); |
| 99 | } finally { |
| 100 | database.close(); |
| 101 | } |
| 102 | |
| 103 | const restoredStore = new SqliteOAuthStore(stateDir); |
| 104 | try { |
| 105 | const restoredClient = restoredStore.getClient(client.client_id); |
| 106 | assert.equal(restoredClient?.client_id, client.client_id); |
| 107 | assert.equal(restoredStore.getAccessToken(hashToken(accessToken))?.resource, mcpUrl.href); |
| 108 | assert.equal(restoredStore.getRefreshToken(hashToken(refreshToken))?.clientId, client.client_id); |
| 109 | } finally { |
| 110 | restoredStore.close(); |
| 111 | } |
| 112 | } |
| 113 | |
| 114 | function testExpiredTokenCleanup(stateDir: string): void { |
no test coverage detected