MCPcopy Index your code
hub / github.com/Waishnav/devspace / testPersistenceAndTokenHashing

Function testPersistenceAndTokenHashing

src/oauth-store.test.ts:57–112  ·  view source on GitHub ↗
(stateDir: string)

Source from the content-addressed store, hash-verified

55}
56
57function testPersistenceAndTokenHashing(stateDir: string): void {
58 const accessToken = "access-token-example";
59 const refreshToken = "refresh-token-example";
60 const firstStore = new SqliteOAuthStore(stateDir);
61 const firstClients = new SqliteOAuthClientsStore(firstStore, oauthConfig.allowedRedirectHosts);
62 const client = firstClients.registerClient({
63 redirect_uris: [redirectUri],
64 client_name: "ChatGPT",
65 });
66
67 firstStore.saveTokenPair({
68 accessTokenHash: hashToken(accessToken),
69 accessToken: {
70 clientId: client.client_id,
71 scopes: ["devspace"],
72 expiresAt: Math.floor(Date.now() / 1000) + 3600,
73 resource: mcpUrl.href,
74 },
75 refreshTokenHash: hashToken(refreshToken),
76 refreshToken: {
77 clientId: client.client_id,
78 scopes: ["devspace"],
79 expiresAt: Math.floor(Date.now() / 1000) + 2592000,
80 resource: mcpUrl.href,
81 },
82 });
83 firstStore.close();
84
85 const database = openDatabase(stateDir);
86 try {
87 const accessHashes = database.sqlite
88 .prepare("select token_hash from oauth_access_tokens")
89 .pluck()
90 .all() as string[];
91 const refreshHashes = database.sqlite
92 .prepare("select token_hash from oauth_refresh_tokens")
93 .pluck()
94 .all() as string[];
95 assert.deepEqual(accessHashes, [hashToken(accessToken)]);
96 assert.deepEqual(refreshHashes, [hashToken(refreshToken)]);
97 assert.equal(accessHashes.includes(accessToken), false);
98 assert.equal(refreshHashes.includes(refreshToken), false);
99 } finally {
100 database.close();
101 }
102
103 const restoredStore = new SqliteOAuthStore(stateDir);
104 try {
105 const restoredClient = restoredStore.getClient(client.client_id);
106 assert.equal(restoredClient?.client_id, client.client_id);
107 assert.equal(restoredStore.getAccessToken(hashToken(accessToken))?.resource, mcpUrl.href);
108 assert.equal(restoredStore.getRefreshToken(hashToken(refreshToken))?.clientId, client.client_id);
109 } finally {
110 restoredStore.close();
111 }
112}
113
114function testExpiredTokenCleanup(stateDir: string): void {

Callers 1

Calls 9

registerClientMethod · 0.95
saveTokenPairMethod · 0.95
closeMethod · 0.95
getClientMethod · 0.95
getAccessTokenMethod · 0.95
getRefreshTokenMethod · 0.95
openDatabaseFunction · 0.85
hashTokenFunction · 0.70
closeMethod · 0.65

Tested by

no test coverage detected