kimi-code/packages/server/test/fs-git.e2e.test.ts
Haozhe 60dfb68a2d
feat(server): add bearer-token auth and safe host exposure (#1006)
* test(server): add API surface snapshot guardrail

Boot startServer on port 0 and snapshot the documented v1 route table derived from /openapi.json paths, plus the reachability of doc/meta endpoints (/healthz, /openapi.json, /asyncapi.json, /). Gives later auth/--host phases an intentional diff when routes change. M0 makes no production behavior change.

* test(server): add e2e server harness with token support

Add test/helpers/serverHarness.ts: boot() wraps startServer with an isolated lock + home dir and returns a handle (server, address, baseUrl, wsUrl, token, close) plus authedFetch/authedWs that carry Authorization: Bearer <token> (and the kimi-code.bearer.<token> WS subprotocol). serviceOverrides is the generic DI seam later phases use to inject a fixed-token auth service; IAuthTokenService is not referenced yet. closeAll() tears down every booted server and socket. M0 makes no production behavior change; typecheck-only gate.

* feat(server): add privateFiles 0600 atomic write/read utility

* feat(server): add per-start tokenStore

* feat(server): add env-based bcrypt password hash utility

* feat(server): add IAuthTokenService DI seam

* feat(server): add global onRequest auth hook with bypass + redaction

* fix(server): stop reflecting Host header in /asyncapi.json

* feat(server): add WS bearer subprotocol constant and parser

* feat(server): enforce bearer token auth on WS upgrade

* feat(server): add Host header allowlist middleware

* feat(server): add Origin/CORS middleware

* feat(server): wire Host/Origin checks into HTTP and WS

* feat(server): wire token auth, Host/Origin, and WS auth into start.ts

* fix(server): create lock file with 0600 permissions

* fix(server): suppress debug routes on non-loopback binds

* feat(kimi-code): read server token and send Authorization on CLI calls

* feat(kimi-code): inject server token into /web URL fragment

* feat(server): add bindClassify for loopback/lan/public classification

* feat(kimi-code): register --host flag and pass it through the daemon

* feat(server): require password and TLS opt-out on non-loopback binds

* feat(server): rate-limit repeated auth failures on non-loopback binds

* feat(server): disable shutdown and terminals on public binds by default

* feat(server): add security response headers on non-loopback binds

* test(server): cover LAN/public host-exposure hardening end to end

* docs(server): add deployment security and threat-model guide

* changeset: minor kimi-code for server auth and host exposure

* feat(kimi-web): add server bearer-token auth support

* fix: repair CI for server auth and host exposure

- Replace native @node-rs/bcrypt with pure-JS bcryptjs so the ESM CLI
  bundle and the SEA native bundle both build without native-addon
  require issues (node-rs/bcrypt broke the ESM smoke and the SEA
  check-bundle allowlist).
- Remove dead cleanup references (stopSpinner, authLogoBlinkTimer) in
  apps/kimi-web App.vue that failed vue-tsc.
- Fix lint: drop empty spread fallbacks in the e2e auth-header merge,
  void the intentionally-async WS upgrade listener, add missing
  assertions to satisfy jest/expect-expect, and convert a ternary
  statement to if/else.
- Send the bearer token in the snapshot perf/smoke tests so they pass
  under the new global auth hook.
- Refresh the pnpmDeps hash in flake.nix for the updated lockfile.

* feat(server): persist bearer token and add rotate-token command

- persist the server bearer token in <home>/server.token (0600) and reuse it across restarts instead of per-start server-<pid>.token
- add `kimi server rotate-token` to regenerate the token; the token store reloads on mtime/inode change so rotation applies without restart
- print the token and Vite-style Local/Network URLs in the startup banner
- allow non-loopback binds with bearer-token-only auth (password now optional) and update SECURITY.md
- surface daemon boot failures immediately with the exit reason and log tail instead of waiting for the spawn timeout

* feat(server): print full token URLs and re-print links after rotate

- Drop the ready-panel border so token URLs print in full for copying; keep the Kimi sprite beside the title.
- Re-print Local/Network access links after `server rotate-token` (host/port from the lock).
- Extract shared access-URL helpers into access-urls.ts.
- Unify link and token colors between the banner and rotate-token.

* feat(server): dim URL #token= fragment and de-highlight token

- Render the `#token=…` fragment in a dim gray so the host/port stands out in the banner and rotate-token links.
- De-highlight the standalone token; set it off with surrounding whitespace instead of color.
- Add splitTokenFragment helper.

* refactor(cli): polish server ready banner and rotate-token output

- move version onto the ready banner title line; drop the separate
  Ready:/Version: rows and the startup-time metric
- reorder rotate-token output so the new token sits between the
  invalidation note and the access links
- update server CLI tests for the new layout

* feat(server): warn on reuse and refine ready banner

- Warn when `server run` reuses an already-running daemon (its options are not applied) and show the running server's actual URLs.
- Show a `Network: off  use --host 0.0.0.0 to enable` hint on loopback binds.
- Move the version onto the title line and drop the startup-time metric.

* fix(web): relabel auth dialog to token and cover full page

- Relabel the server auth dialog from "password" to "token"; the server accepts the bearer token, with the password only as a fallback.
- Make the auth dialog overlay fully opaque so it covers the whole page instead of revealing the login page underneath.

* fix: resolve CI failures on web auth PR

- Replace chalk.yellow named color with chalk.hex(darkColors.warning)
  in the server reuse notice to satisfy the chalk named color guard.
- Update pnpmDeps hash in flake.nix to match the regenerated
  pnpm-lock.yaml so the Nix build succeeds.
- Retry rmSync in ws-broadcast e2e teardown to ride out EBUSY /
  ENOTEMPTY races while the server flushes files after close().

* test(server): update API surface snapshot for warnings route

The feat/web-auth branch adds GET /api/v1/sessions/{session_id}/warnings
(packages/server/src/routes/sessions.ts), so the API surface guardrail
snapshot needs to record the new documented v1 route.
2026-06-25 17:57:56 +08:00

584 lines
17 KiB
TypeScript

import { execFileSync } from 'node:child_process';
import {
mkdirSync,
mkdtempSync,
rmSync,
writeFileSync,
} from 'node:fs';
import { tmpdir } from 'node:os';
import { join } from 'node:path';
import { pino } from 'pino';
import { afterEach, beforeEach, describe, expect, it } from 'vitest';
import { IRestGateway, startServer, type RunningServer } from '../src';
import { fixedTokenAuth } from './helpers/serverHarness';
import { parsePorcelain, parseNumstat } from '@moonshot-ai/agent-core';
let tmpDir: string;
let lockPath: string;
let bridgeHome: string;
let workspace: string;
let server: RunningServer | undefined;
beforeEach(() => {
tmpDir = mkdtempSync(join(tmpdir(), 'kimi-server-fs-git-test-'));
lockPath = join(tmpDir, 'lock');
bridgeHome = mkdtempSync(join(tmpdir(), 'kimi-server-fs-git-home-'));
workspace = join(tmpDir, 'workspace');
mkdirSync(workspace, { recursive: true });
});
afterEach(async () => {
try {
await server?.close();
} catch {
}
server = undefined;
rmSync(tmpDir, { recursive: true, force: true });
rmSync(bridgeHome, { recursive: true, force: true });
});
async function bootDaemon(): Promise<RunningServer> {
server = await startServer({
serviceOverrides: [fixedTokenAuth()],
host: '127.0.0.1',
port: 0,
lockPath,
logger: pino({ level: 'silent' }),
coreProcessOptions: { homeDir: bridgeHome },
});
return server;
}
function appOf(r: RunningServer): {
inject: (req: unknown) => Promise<{
statusCode: number;
json: () => unknown;
}>;
} {
const app = r.services.invokeFunction((a) => {
const gw = a.get(IRestGateway);
return gw.app as unknown as {
inject: (req: unknown) => Promise<{
statusCode: number;
json: () => unknown;
}>;
};
});
// Auto-attach the fixed bearer token so the M5.1 auth hook passes. A
// caller-supplied `authorization` header wins, so explicit token tests keep
// working; every other header (Range, content-type, …) is preserved.
return {
inject(req: unknown) {
const q = req as { headers?: Record<string, string | string[] | undefined> };
return app.inject({
...q,
headers: { authorization: 'Bearer test-token', ...q.headers },
});
},
};
}
function envelopeOf<T>(body: unknown): {
code: number;
msg: string;
data: T | null;
request_id: string;
details?: unknown;
} {
return body as {
code: number;
msg: string;
data: T | null;
request_id: string;
details?: unknown;
};
}
async function createSession(r: RunningServer): Promise<string> {
const res = await appOf(r).inject({
method: 'POST',
url: '/api/v1/sessions',
payload: { metadata: { cwd: workspace } },
});
const env = envelopeOf<{ id: string }>(res.json());
if (env.code !== 0 || env.data === null) {
throw new Error(`create session failed: ${JSON.stringify(env)}`);
}
return env.data.id;
}
function git(args: string[]): void {
execFileSync('git', args, {
cwd: workspace,
stdio: 'pipe',
env: {
...process.env,
GIT_AUTHOR_NAME: 'test',
GIT_AUTHOR_EMAIL: 'test@example.com',
GIT_COMMITTER_NAME: 'test',
GIT_COMMITTER_EMAIL: 'test@example.com',
},
});
}
function initRepo(): void {
git(['init', '-b', 'main']);
writeFileSync(join(workspace, 'seed.txt'), 'seed\n');
git(['add', 'seed.txt']);
git(['commit', '-m', 'seed', '--no-gpg-sign']);
}
describe('POST /api/v1/sessions/{sid}/fs:git_status (W11.2)', () => {
it('clean repo: empty entries, branch populated', async () => {
initRepo();
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:git_status`,
payload: {},
});
const env = envelopeOf<{
branch: string;
ahead: number;
behind: number;
entries: Record<string, string>;
additions: number;
deletions: number;
}>(res.json());
expect(env.code).toBe(0);
expect(env.data!.branch).toBe('main');
expect(env.data!.ahead).toBe(0);
expect(env.data!.behind).toBe(0);
expect(Object.keys(env.data!.entries)).toEqual([]);
// Clean tree → no line stats.
expect(env.data!.additions).toBe(0);
expect(env.data!.deletions).toBe(0);
});
it('dirty repo: aggregate additions/deletions vs HEAD', async () => {
initRepo();
// seed.txt: one line "seed\n" → replace with two lines (1 deleted, 2 added).
writeFileSync(join(workspace, 'seed.txt'), 'one\ntwo\n');
// new.txt untracked: `git diff --numstat HEAD` does NOT count untracked
// files, so these 3 lines are intentionally excluded from the totals.
writeFileSync(join(workspace, 'new.txt'), 'a\nb\nc\n');
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:git_status`,
payload: {},
});
const env = envelopeOf<{ additions: number; deletions: number }>(res.json());
expect(env.code).toBe(0);
// Only the tracked seed.txt rewrite counts: 2 added, 1 deleted.
expect(env.data!.additions).toBe(2);
expect(env.data!.deletions).toBe(1);
});
it('paths filter does not scope the line stats (whole-tree totals)', async () => {
initRepo();
writeFileSync(join(workspace, 'seed.txt'), 'changed\n');
// extra.txt is untracked → excluded from `git diff --numstat HEAD`.
writeFileSync(join(workspace, 'extra.txt'), 'x\ny\n');
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:git_status`,
payload: { paths: ['seed.txt'] },
});
const env = envelopeOf<{
entries: Record<string, string>;
additions: number;
deletions: number;
}>(res.json());
expect(env.code).toBe(0);
// entries scoped to seed.txt; the counter reflects the whole tree, but
// untracked extra.txt does not contribute, so only seed.txt's edit counts.
expect(Object.keys(env.data!.entries)).toEqual(['seed.txt']);
expect(env.data!.additions).toBe(1); // seed line replaced
expect(env.data!.deletions).toBe(1); // seed line removed
});
it('dirty repo: modified + untracked + deleted entries', async () => {
initRepo();
writeFileSync(join(workspace, 'seed.txt'), 'changed\n');
writeFileSync(join(workspace, 'new.txt'), 'new\n');
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:git_status`,
payload: {},
});
const env = envelopeOf<{
branch: string;
entries: Record<string, string>;
}>(res.json());
expect(env.code).toBe(0);
expect(env.data!.branch).toBe('main');
expect(env.data!.entries['seed.txt']).toBe('modified');
expect(env.data!.entries['new.txt']).toBe('untracked');
});
it('renamed entry surfaces as `renamed`', async () => {
initRepo();
git(['mv', 'seed.txt', 'renamed.txt']);
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:git_status`,
payload: {},
});
const env = envelopeOf<{ entries: Record<string, string> }>(res.json());
expect(env.code).toBe(0);
const statuses = Object.values(env.data!.entries);
expect(statuses.length).toBeGreaterThan(0);
expect(
statuses.some((s) => s === 'renamed') ||
(env.data!.entries['renamed.txt'] === 'added' &&
env.data!.entries['seed.txt'] === 'deleted'),
).toBe(true);
});
it('paths filter scopes the entries map', async () => {
initRepo();
writeFileSync(join(workspace, 'a.txt'), 'a\n');
writeFileSync(join(workspace, 'b.txt'), 'b\n');
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:git_status`,
payload: { paths: ['a.txt'] },
});
const env = envelopeOf<{ entries: Record<string, string> }>(res.json());
expect(env.code).toBe(0);
expect(env.data!.entries).toEqual({ 'a.txt': 'untracked' });
});
it('non-git workspace → 40908', async () => {
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:git_status`,
payload: {},
});
const env = envelopeOf<null>(res.json());
expect(env.code).toBe(40908);
});
it('path filter that escapes cwd → 41304', async () => {
initRepo();
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:git_status`,
payload: { paths: ['../outside.txt'] },
});
const env = envelopeOf<null>(res.json());
expect(env.code).toBe(41304);
});
it('40401 unknown session', async () => {
const r = await bootDaemon();
const res = await appOf(r).inject({
method: 'POST',
url: '/api/v1/sessions/sess_does_not_exist/fs:git_status',
payload: {},
});
const env = envelopeOf<null>(res.json());
expect(env.code).toBe(40401);
});
});
describe('POST /api/v1/sessions/{sid}/fs:diff', () => {
it('modified file: unified diff with -old/+new lines', async () => {
initRepo();
writeFileSync(join(workspace, 'seed.txt'), 'changed\n');
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: { path: 'seed.txt' },
});
const env = envelopeOf<{ path: string; diff: string; truncated: boolean }>(res.json());
expect(env.code).toBe(0);
expect(env.data!.path).toBe('seed.txt');
expect(env.data!.diff).toContain('-seed');
expect(env.data!.diff).toContain('+changed');
expect(env.data!.truncated).toBe(false);
});
it('untracked file: all-added diff against /dev/null', async () => {
initRepo();
writeFileSync(join(workspace, 'new.txt'), 'brand new\n');
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: { path: 'new.txt' },
});
const env = envelopeOf<{ path: string; diff: string }>(res.json());
expect(env.code).toBe(0);
expect(env.data!.diff).toContain('+brand new');
expect(env.data!.diff).not.toContain('-brand new');
});
it('deleted file: all-removed diff', async () => {
initRepo();
rmSync(join(workspace, 'seed.txt'));
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: { path: 'seed.txt' },
});
const env = envelopeOf<{ diff: string }>(res.json());
expect(env.code).toBe(0);
expect(env.data!.diff).toContain('-seed');
});
it('clean tracked file: empty diff', async () => {
initRepo();
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: { path: 'seed.txt' },
});
const env = envelopeOf<{ diff: string }>(res.json());
expect(env.code).toBe(0);
expect(env.data!.diff).toBe('');
});
it('repo without commits: untracked file still diffs all-added', async () => {
git(['init', '-b', 'main']);
writeFileSync(join(workspace, 'first.txt'), 'first\n');
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: { path: 'first.txt' },
});
const env = envelopeOf<{ diff: string }>(res.json());
expect(env.code).toBe(0);
expect(env.data!.diff).toContain('+first');
});
it('nonexistent path → 40409', async () => {
initRepo();
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: { path: 'no-such-file.txt' },
});
const env = envelopeOf<null>(res.json());
expect(env.code).toBe(40409);
});
it('non-git workspace → 40908', async () => {
writeFileSync(join(workspace, 'plain.txt'), 'plain\n');
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: { path: 'plain.txt' },
});
const env = envelopeOf<null>(res.json());
expect(env.code).toBe(40908);
});
it('path escaping cwd → 41304', async () => {
initRepo();
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: { path: '../outside.txt' },
});
const env = envelopeOf<null>(res.json());
expect(env.code).toBe(41304);
});
it('missing path → 40001 validation', async () => {
initRepo();
const r = await bootDaemon();
const sid = await createSession(r);
const res = await appOf(r).inject({
method: 'POST',
url: `/api/v1/sessions/${sid}/fs:diff`,
payload: {},
});
const env = envelopeOf<null>(res.json());
expect(env.code).toBe(40001);
});
it('40401 unknown session', async () => {
const r = await bootDaemon();
const res = await appOf(r).inject({
method: 'POST',
url: '/api/v1/sessions/sess_does_not_exist/fs:diff',
payload: { path: 'seed.txt' },
});
const env = envelopeOf<null>(res.json());
expect(env.code).toBe(40401);
});
});
describe('parsePorcelain (W11.2)', () => {
it('parses a clean tree', () => {
const out = parsePorcelain('## main\n', undefined);
expect(out.branch).toBe('main');
expect(out.ahead).toBe(0);
expect(out.behind).toBe(0);
expect(out.entries).toEqual({});
});
it('parses ahead/behind on the branch header', () => {
const out = parsePorcelain(
'## feat/web...origin/feat/web [ahead 2, behind 1]\n',
undefined,
);
expect(out.branch).toBe('feat/web');
expect(out.ahead).toBe(2);
expect(out.behind).toBe(1);
});
it('parses HEAD (no branch) as empty', () => {
const out = parsePorcelain('## HEAD (no branch)\n', undefined);
expect(out.branch).toBe('');
});
it('parses No commits yet on main', () => {
const out = parsePorcelain('## No commits yet on main\n', undefined);
expect(out.branch).toBe('main');
});
it('parses untracked (??)', () => {
const out = parsePorcelain('## main\n?? new.txt\n', undefined);
expect(out.entries['new.txt']).toBe('untracked');
});
it('parses ignored (!!)', () => {
const out = parsePorcelain('## main\n!! a.log\n', undefined);
expect(out.entries['a.log']).toBe('ignored');
});
it('collapses M_ / _M / MM → modified', () => {
const out = parsePorcelain(
'## main\nM a.ts\n M b.ts\nMM c.ts\n',
undefined,
);
expect(out.entries['a.ts']).toBe('modified');
expect(out.entries['b.ts']).toBe('modified');
expect(out.entries['c.ts']).toBe('modified');
});
it('collapses A_ → added', () => {
const out = parsePorcelain('## main\nA a.ts\n', undefined);
expect(out.entries['a.ts']).toBe('added');
});
it('collapses D_ / _D → deleted', () => {
const out = parsePorcelain('## main\nD a.ts\n D b.ts\n', undefined);
expect(out.entries['a.ts']).toBe('deleted');
expect(out.entries['b.ts']).toBe('deleted');
});
it('collapses R_ → renamed and uses destination as path', () => {
const out = parsePorcelain(
'## main\nR old.ts -> new.ts\n',
undefined,
);
expect(out.entries['new.ts']).toBe('renamed');
expect(out.entries['old.ts']).toBeUndefined();
});
it('collapses conflict pairs → conflicted', () => {
for (const xy of ['DD', 'AU', 'UD', 'UA', 'DU', 'AA', 'UU']) {
const out = parsePorcelain(`## main\n${xy} a.ts\n`, undefined);
expect(out.entries['a.ts']).toBe('conflicted');
}
});
it('applies the paths filter (entries map shrinks)', () => {
const out = parsePorcelain(
'## main\n?? a.txt\n?? b.txt\n',
new Set(['a.txt']),
);
expect(out.entries).toEqual({ 'a.txt': 'untracked' });
});
it('defaults additions/deletions to 0 (filled in by the service)', () => {
const out = parsePorcelain('## main\n M a.ts\n', undefined);
expect(out.additions).toBe(0);
expect(out.deletions).toBe(0);
});
});
describe('parseNumstat', () => {
it('sums added/deleted counts across files', () => {
const out = parseNumstat('3\t1\ta.ts\n10\t0\tb.ts\n0\t4\tc.ts\n');
expect(out.additions).toBe(13);
expect(out.deletions).toBe(5);
});
it('treats binary files (-\t-) as 0', () => {
const out = parseNumstat('-\t-\timg.png\n2\t1\ta.ts\n');
expect(out.additions).toBe(2);
expect(out.deletions).toBe(1);
});
it('empty output → 0/0', () => {
const out = parseNumstat('');
expect(out.additions).toBe(0);
expect(out.deletions).toBe(0);
});
it('ignores blank trailing lines', () => {
const out = parseNumstat('5\t2\ta.ts\n\n');
expect(out.additions).toBe(5);
expect(out.deletions).toBe(2);
});
});